URL: http://baleyu.com/
Submission: On February 03 via api from US — Scanned from DE

Summary

This website contacted 24 IPs in 5 countries across 44 domains to perform 69 HTTP transactions. The main IP is 206.119.93.78, located in United States and belongs to SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG. The main domain is baleyu.com.
This is the only time baleyu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 206.119.93.78 140224 (SGPL-AS-A...)
8 198.16.37.83 40065 (CNSERVERS)
7 103.235.46.191 55967 (BAIDU Bei...)
1 103.170.15.111 ()
1 103.170.15.95 ()
1 45.61.212.216 ()
1 103.170.15.100 7483 (SKYCLOUD-...)
1 103.170.15.75 ()
1 45.61.212.225 53587 (AZT)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 3.36.126.81 16509 (AMAZON-02)
2 79.133.177.225 24429 (TAOBAO Zh...)
1 23.225.139.251 40065 (CNSERVERS)
1 2600:9000:200... 16509 (AMAZON-02)
1 206.2.168.128 139646 (HKMTC-AS-...)
1 103.170.15.79 ()
1 185.10.104.115 55967 (BAIDU Bei...)
1 121.226.246.3 ()
1 47.75.19.42 ()
3 2a04:4e42:400... 54113 (FASTLY)
1 107.148.202.17 ()
1 2606:4700:303... ()
1 2600:9000:200... 16509 (AMAZON-02)
1 113.1.0.71 ()
69 24
Apex Domain
Subdomains
Transfer
8 hjha2.com
hjha2.com
143 KB
7 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 11440
47 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 359
830 KB
3 baleyu.com
baleyu.com
2 KB
2 douyinpic.com
p3.douyinpic.com — Cisco Umbrella Rank: 28699
954 KB
1 awyyzx.com
kg.awyyzx.com
10 KB
1 u22088.com
u22088.com — Cisco Umbrella Rank: 577645
15 KB
1 sky4k.top
skyimg.sky4k.top
37 KB
1 3p8801.co
3p8801.co
240 KB
1 aliyuncs.com
1888tv.oss-cn-hongkong.aliyuncs.com
yaoji666.oss-cn-hongkong.aliyuncs.com Failed
1 360buyimg.com
kjimg10.360buyimg.com
1 bdstatic.com
pic.rmb.bdstatic.com — Cisco Umbrella Rank: 76686
1 MB
1 66668aaa.com
66668aaa.com
708 KB
1 jnctupian.com
tu.jnctupian.com
575 KB
1 kzeii.com
kzeii.com
553 KB
1 picnewsss.com
pic.picnewsss.com — Cisco Umbrella Rank: 615778
253 KB
1 1151555.com
img.1151555.com
119 B
1 2128a.com
img.2128a.com
119 B
1 imgtp.com
img1.imgtp.com
395 KB
1 3718896ccc.com
3718896ccc.com — Cisco Umbrella Rank: 862625
419 KB
1 223969ufy.com
223969ufy.com
567 KB
1 832793jse.com
832793jse.com
703 KB
1 362728tdg.com
362728tdg.com
1 375772rug.com
375772rug.com
1 MB
1 99996aaa.com
99996aaa.com
0 8499165.com Failed
8499165.com Failed
0 afuyer.com Failed
vs.afuyer.com Failed
0 sljttpkj.net Failed
tu.sljttpkj.net Failed
0 fls003.com Failed
fls003.com Failed
0 tsmgsoce.com Failed
tgqd.tsmgsoce.com Failed
0 ibb.co Failed
i.ibb.co Failed
ibb.co Failed
0 511500044.com Failed
511500044.com Failed
0 2321a.com Failed
img.2321a.com Failed
0 99887aaa.com Failed
99887aaa.com Failed
0 253669vqx.com Failed
253669vqx.com Failed
0 n5267.com Failed
n5267.com Failed
0 kveii.com Failed
kveii.com Failed
0 9366qq.com Failed
9366qq.com Failed
0 1153555.com Failed
img.1153555.com Failed
0 66663aaa.com Failed
66663aaa.com Failed
0 573569djd.com Failed
573569djd.com Failed
0 8499163.com Failed
8499163.com Failed
0 8622a.com Failed
img.8622a.com Failed
0 ezfxpuo.cn Failed
qp.ezfxpuo.cn Failed
69 44
Domain Requested by
8 hjha2.com baleyu.com
hjha2.com
7 hm.baidu.com baleyu.com
hjha2.com
3 cdn.jsdelivr.net hjha2.com
3 baleyu.com baleyu.com
2 p3.douyinpic.com hjha2.com
1 kg.awyyzx.com baleyu.com
1 u22088.com hjha2.com
1 skyimg.sky4k.top hjha2.com
1 3p8801.co hjha2.com
1 1888tv.oss-cn-hongkong.aliyuncs.com hjha2.com
1 kjimg10.360buyimg.com hjha2.com
1 pic.rmb.bdstatic.com hjha2.com
1 66668aaa.com hjha2.com
1 tu.jnctupian.com hjha2.com
1 kzeii.com hjha2.com
1 pic.picnewsss.com hjha2.com
1 img.1151555.com 1 redirects
1 img.2128a.com 1 redirects
1 img1.imgtp.com hjha2.com
1 3718896ccc.com hjha2.com
1 223969ufy.com hjha2.com
1 832793jse.com hjha2.com
1 362728tdg.com hjha2.com
1 375772rug.com hjha2.com
1 99996aaa.com hjha2.com
0 8499165.com Failed hjha2.com
0 ibb.co Failed hjha2.com
0 vs.afuyer.com Failed hjha2.com
0 tu.sljttpkj.net Failed hjha2.com
0 fls003.com Failed hjha2.com
0 yaoji666.oss-cn-hongkong.aliyuncs.com Failed hjha2.com
0 tgqd.tsmgsoce.com Failed hjha2.com
0 i.ibb.co Failed hjha2.com
0 511500044.com Failed hjha2.com
0 img.2321a.com Failed hjha2.com
0 99887aaa.com Failed hjha2.com
0 253669vqx.com Failed hjha2.com
0 n5267.com Failed hjha2.com
0 kveii.com Failed hjha2.com
0 9366qq.com Failed hjha2.com
0 img.1153555.com Failed hjha2.com
0 66663aaa.com Failed hjha2.com
0 573569djd.com Failed hjha2.com
0 8499163.com Failed hjha2.com
0 img.8622a.com Failed hjha2.com
0 qp.ezfxpuo.cn Failed hjha2.com
69 46

This site contains no links.

Subject Issuer Validity Valid
hjha2.com
R3
2022-11-06 -
2023-02-04
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2022-07-05 -
2023-08-06
a year crt.sh
99996aaa.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-20 -
2023-11-20
a year crt.sh
375772rug.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-26 -
2023-10-26
a year crt.sh
362728tdg.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-26 -
2023-10-26
a year crt.sh
832793jse.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-26 -
2023-10-26
a year crt.sh
223969ufy.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-26 -
2023-10-26
a year crt.sh
3718896ccc.com
Sectigo RSA Domain Validation Secure Server CA
2022-12-24 -
2023-12-24
a year crt.sh
*.imgtp.com
E1
2022-12-31 -
2023-03-31
3 months crt.sh
pic.picnewsss.com
Buypass Class 2 CA 5
2022-12-07 -
2023-06-04
6 months crt.sh
kzeii.com
Amazon RSA 2048 M01
2022-12-19 -
2024-01-18
a year crt.sh
tu.jnctupian.com
R3
2023-01-28 -
2023-04-28
3 months crt.sh
66668aaa.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-20 -
2023-11-20
a year crt.sh
pic.rmb.bdstatic.com
TrustAsia TLS RSA CA
2022-01-21 -
2023-02-21
a year crt.sh
*.jd.com
GlobalSign RSA OV SSL CA 2018
2022-10-18 -
2023-11-19
a year crt.sh
*.oss-cn-hongkong.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3
2023-01-30 -
2024-03-02
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
3p8801.co
Sectigo RSA Domain Validation Secure Server CA
2023-02-01 -
2024-02-01
a year crt.sh
*.sky4k.top
GTS CA 1P5
2023-02-02 -
2023-05-03
3 months crt.sh
u22088.com
Amazon RSA 2048 M01
2023-01-09 -
2024-02-07
a year crt.sh
kg.awyyzx.com
CerSign DV SSL CA
2023-01-09 -
2023-04-09
3 months crt.sh

This page contains 2 frames:

Primary Page: http://baleyu.com/
Frame ID: 7593D53B357844ADFBF9EC42306E2130
Requests: 9 HTTP requests in this frame

Frame: https://hjha2.com:8443/
Frame ID: 6C28FAA01A1A9EC32794F628CDAE9CDB
Requests: 62 HTTP requests in this frame

Screenshot

Page Title

浙江城建联合装饰工程有限公司_杭州装修公司_专注杭州环保装修家装好品牌_城建装饰

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

69
Requests

52 %
HTTPS

21 %
IPv6

44
Domains

46
Subdomains

24
IPs

5
Countries

8764 kB
Transfer

9523 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://img.2128a.com/images/63d363fb60c3f47a6f40b86b.gif HTTP 302
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/94caabdcc6ad43c38ae682f01e39258f
Request Chain 23
  • https://img.1151555.com/images/63d0d940239ee5d2c56a780a.gif HTTP 302
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/910f02d79e4e48f9afa259495c475013

69 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
baleyu.com/
629 B
572 B
Document
General
Full URL
http://baleyu.com/
Protocol
HTTP/1.1
Server
206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
11b507546df8a41877897e0b2995c07b55c047ad56d50f154665d01242973871

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 03 Feb 2023 10:21:35 GMT
Server
openresty
Transfer-Encoding
chunked
Vary
Accept-Encoding
tiaozhuan.js
baleyu.com/
1 KB
996 B
Script
General
Full URL
http://baleyu.com/tiaozhuan.js
Requested by
Host: baleyu.com
URL: http://baleyu.com/
Protocol
HTTP/1.1
Server
206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
1e3737ed1f849f7ff53fbfcf55521b77d8316652cd9591e72f3d22d26296a202

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://baleyu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 10:21:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 06 Nov 2022 07:30:00 GMT
Server
openresty
ETag
W/"63676278-578"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=180
Connection
close
Expires
Fri, 03 Feb 2023 10:24:35 GMT
tongji.js
baleyu.com/
759 B
628 B
Script
General
Full URL
http://baleyu.com/tongji.js
Requested by
Host: baleyu.com
URL: http://baleyu.com/
Protocol
HTTP/1.1
Server
206.119.93.78 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
388939644e37c8b5ec54fa6cb31cbdd3a02b1430a69c972e7b298c86a1b2dec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://baleyu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 10:21:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jul 2022 16:35:10 GMT
Server
openresty
ETag
W/"62e2babe-2f7"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=180
Connection
close
Expires
Fri, 03 Feb 2023 10:24:35 GMT
/
hjha2.com/ Frame 6C28
95 KB
18 KB
Document
General
Full URL
https://hjha2.com:8443/
Requested by
Host: baleyu.com
URL: http://baleyu.com/tiaozhuan.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
337c56b9139ebcaa29972f14db2d4e7b2a066d96eb80380c46cb3245f4abf1b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://baleyu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 03 Feb 2023 10:21:37 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?f1d4fa7fc77845e82d7014194503e307
Requested by
Host: baleyu.com
URL: http://baleyu.com/tongji.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
3b66c0c66164cf01ad19f4b77ea5b720bd9b3d52ca4c16938105f4c3288bf94f
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://baleyu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 10:21:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
59410a6a2525d4fbcdc73382e170d605
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11254
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?2c826b7af1bbdd4b55533c61259bdc81
Requested by
Host: baleyu.com
URL: http://baleyu.com/tongji.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
9e8b5d215635ad74e28a47c5565b94a290a3ecc44120d6f9790b2ca61aeb08f9
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://baleyu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 10:21:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
269e26db4b2f3cdd65b5a822a1deb561
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11254
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?0479a3a671cc30fd27d45970393ba3c8
Requested by
Host: baleyu.com
URL: http://baleyu.com/tongji.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
7a7ee9bbe05e7f364e9b98702b20956ab3ed8da1a67ea59157a96d3394b6ca7b
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://baleyu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 10:21:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
a8e80f8f891207a2d822ea66089ef35e
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11255
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=329454609&si=2c826b7af1bbdd4b55533c61259bdc81&v=1.3.0&lv=1&sn=17422&r=0&ww=1600&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0
Requested by
Host: baleyu.com
URL: http://baleyu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://baleyu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 10:21:37 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1056841117&si=f1d4fa7fc77845e82d7014194503e307&v=1.3.0&lv=1&sn=17422&r=0&ww=1600&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0
Requested by
Host: baleyu.com
URL: http://baleyu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://baleyu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 10:21:37 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=105240052&si=0479a3a671cc30fd27d45970393ba3c8&v=1.3.0&lv=1&sn=17423&r=0&ww=1600&u=http%3A%2F%2Fbaleyu.com%2F&tt=%E6%B5%99%E6%B1%9F%E5%9F%8E%E5%BB%BA%E8%81%94%E5%90%88%E8%A3%85%E9%A5%B0%E5%B7%A5%E7%A8%8B%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8_%E6%9D%AD%E5%B7%9E%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8_%E4%B8%93%E6%B3%A8%E6%9D%AD%E5%B7%9E%E7%8E%AF%E4%BF%9D%E8%A3%85%E4%BF%AE%E5%AE%B6%E8%A3%85%E5%A5%BD%E5%93%81%E7%89%8C_%E5%9F%8E%E5%BB%BA%E8%A3%85%E9%A5%B0
Requested by
Host: baleyu.com
URL: http://baleyu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://baleyu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 10:21:37 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
jquery.min.js
hjha2.com/template/kuli04/js/ Frame 6C28
95 KB
37 KB
Script
General
Full URL
https://hjha2.com:8443/template/kuli04/js/jquery.min.js
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:21:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 14 May 2022 13:14:00 GMT
server
nginx
etag
W/"627fab18-17b8b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 03 Feb 2023 22:21:37 GMT
swiper.min.js
hjha2.com/template/kuli04/js/ Frame 6C28
94 KB
27 KB
Script
General
Full URL
https://hjha2.com:8443/template/kuli04/js/swiper.min.js
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:21:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 14 May 2022 13:14:02 GMT
server
nginx
etag
W/"627fab1a-178a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 03 Feb 2023 22:21:37 GMT
bootstrap.min.js
hjha2.com/template/kuli04/js/ Frame 6C28
39 KB
13 KB
Script
General
Full URL
https://hjha2.com:8443/template/kuli04/js/bootstrap.min.js
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:21:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 14 May 2022 13:13:58 GMT
server
nginx
etag
W/"627fab16-9b00"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 03 Feb 2023 22:21:37 GMT
jquery.lazyload.min.js
hjha2.com/template/kuli04/js/ Frame 6C28
3 KB
2 KB
Script
General
Full URL
https://hjha2.com:8443/template/kuli04/js/jquery.lazyload.min.js
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:21:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 14 May 2022 13:14:00 GMT
server
nginx
etag
W/"627fab18-d35"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 03 Feb 2023 22:21:37 GMT
style.css
hjha2.com/template/kuli04/css/ Frame 6C28
32 KB
11 KB
Stylesheet
General
Full URL
https://hjha2.com:8443/template/kuli04/css/style.css?v=5
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
22a525fd9b99500b6824d69a8dbb6e44684f0846fe85291b3d99c08e7c1ea71f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:21:37 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 31 Jul 2022 11:38:05 GMT
server
nginx
etag
W/"62e6699d-7ef3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 03 Feb 2023 22:21:37 GMT
logo.jpg
hjha2.com/template/kuli04/images/ Frame 6C28
34 KB
35 KB
Image
General
Full URL
https://hjha2.com:8443/template/kuli04/images/logo.jpg
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
fa529241dddbd17e0dd7b8ee301efa587826b81ed5b4b6223f1ee6e236e44442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:21:38 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 15 May 2022 05:53:44 GMT
server
nginx
etag
"62809568-89f0"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
35312
expires
Sun, 05 Mar 2023 10:21:38 GMT
2ffa649e5259458c8a91a61f7fb59951.gif
99996aaa.com/ Frame 6C28
64 KB
0
Image
General
Full URL
https://99996aaa.com/2ffa649e5259458c8a91a61f7fb59951.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.111 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 07:04:11 GMT
Last-Modified
Fri, 23 Dec 2022 06:29:53 GMT
Server
nginx
ETag
"63a54ae1-8cf85"
X-Cache
HIT from yd11_13-cdn-g01-la2-41
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
577413
2955f1d87c77457da4e7362ec1f4451f.gif
375772rug.com/ Frame 6C28
1 MB
1 MB
Image
General
Full URL
https://375772rug.com/2955f1d87c77457da4e7362ec1f4451f.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.95 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
93f61a1a835dd1c3203ac05d024fc907d5bd541d3f458d014ced06fafce93e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 30 Dec 2022 07:08:09 GMT
Last-Modified
Fri, 30 Dec 2022 07:01:59 GMT
Server
nginx
ETag
"63ae8ce7-104685"
X-Cache
HIT from yd11_13-cdn-g01-la2-25
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
1066629
85494c07f7f4492eb9a9034529342f06.gif
362728tdg.com/ Frame 6C28
80 KB
0
Image
General
Full URL
https://362728tdg.com/85494c07f7f4492eb9a9034529342f06.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.216 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 11 Jan 2023 15:50:36 GMT
Last-Modified
Sat, 07 Jan 2023 08:32:15 GMT
Server
nginx
ETag
"63b92e0f-a582e"
X-Cache
HIT from cloud-us3-cdnb-16
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
677934
623201c2748b46fcbfa7f024cb3e1338.gif
832793jse.com/ Frame 6C28
703 KB
703 KB
Image
General
Full URL
https://832793jse.com/623201c2748b46fcbfa7f024cb3e1338.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.100 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
nginx /
Resource Hash
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 27 Jan 2023 08:11:55 GMT
Last-Modified
Fri, 28 Oct 2022 11:57:57 GMT
Server
nginx
ETag
"635bc3c5-afb81"
X-Cache
HIT from yd11_13-cdn-g01-la2-30
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
719745
d8b3075b7c4f4280a5a682a16cdae177..gif
223969ufy.com/ Frame 6C28
567 KB
567 KB
Image
General
Full URL
https://223969ufy.com/d8b3075b7c4f4280a5a682a16cdae177..gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.75 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5083c6eec3b0beac9b5b0f287a69e8169efbb469c19b9083c12b2ed239936e6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 07 Nov 2022 11:19:26 GMT
Last-Modified
Mon, 07 Nov 2022 09:08:29 GMT
Server
nginx
ETag
"6368cb0d-8db38"
X-Cache
HIT from yd11_13-cdn-g01-la2-05
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
580408
c76b6b83f68449898dbeba8d3afeeb17.gif
3718896ccc.com/ Frame 6C28
419 KB
419 KB
Image
General
Full URL
https://3718896ccc.com/c76b6b83f68449898dbeba8d3afeeb17.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.225 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
cf47ae179a9a0a1a8d7f149af54bc698aca7eca03a0b2436eb929eb908637738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 01 Feb 2023 10:18:25 GMT
Last-Modified
Mon, 16 Jan 2023 07:15:19 GMT
Server
nginx
ETag
"63c4f987-68aab"
X-Cache
HIT from cloud-us3-cdnb-25
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
428715
b1e1hDcd.gif
img1.imgtp.com/2023/01/25/ Frame 6C28
394 KB
395 KB
Image
General
Full URL
https://img1.imgtp.com/2023/01/25/b1e1hDcd.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4383e05cc1177379b1ffef38ebb67f29a32b261037fa1cda02b09fb66bfbf93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:21:38 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
667918
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
403029
last-modified
Wed, 25 Jan 2023 07:05:37 GMT
server
cloudflare
etag
"63d0d4c1-62655"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAT5VQiYfHV5hQEQxaNxNzwDS6FnmOW3FepnWCXcOkhYbZOPXvvZ2LVT71y5EfkrBmn7SIY25QQxhw9TXuUwPyrI%2FsClSI8pWq2AUY7bby2IgqCp4IC%2BmhwF0lLu8S9nGcP5kPvbMlXq8QU7Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
793a70db39832bc2-FRA
expires
Sat, 25 Feb 2023 16:49:40 GMT
94caabdcc6ad43c38ae682f01e39258f
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 6C28
Redirect Chain
  • https://img.2128a.com/images/63d363fb60c3f47a6f40b86b.gif
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/94caabdcc6ad43c38ae682f01e39258f
389 KB
391 KB
Image
General
Full URL
https://p3.douyinpic.com/obj/tos-cn-i-dy/94caabdcc6ad43c38ae682f01e39258f
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine / ImageX
Resource Hash
57cd9a9aef42e1f36ca0d9cf8c98f4200850f17d87468ee42b4edd62d33993b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 06:08:55 GMT
via
n204-098-222, cache21.l2de2[0,0,206-0,H], cache17.l2de2[1,0], cache17.l2de2[1,0], cache1.de3[0,0,200-0,H], cache4.de3[1,0]
x-response-lb
image
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
age
619964
nw-session-id
20230127134117AB78E5190EAC3C63E3752tqjd02dy
x-powered-by
ImageX
x-swift-cachetime
31521723
x-cache
HIT TCP_MEM_HIT dirn:13:563223320
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache;desc=HIT,edge;dur=1
x-swift-savetime
Fri, 27 Jan 2023 10:06:53 GMT
x-length
398571
content-length
398571
last-modified
Fri, 27 Jan 2023 05:41:17 GMT
server
Tengine
x-tt-logid
20230127134117AB78E5190EAC3C63E375
x-response-date
Fri, 27 Jan 2023 13:41:17 GMT
ali-swift-global-savetime
1674799736
content-type
image/gif
access-control-allow-origin
*
nw-session-trace
2023-01-27T13:41:17.111102935+08:00 53
cache-control
max-age=31536000
x-request-ip
fdbd:dc01:27:155::141
x-response-cinfo
185.213.155.169
imagex-fmt
gif2gif
x-response-cache
edge_hit
timing-allow-origin
*, *
x-tt-trace-host
0148762ecd17e0c55df307edd4f53d1ceb92000a099db705f70460a764c29b3aef9c1bdc116c8fb59cedc782073bfd43a6d9ff179a6bd11e41e0f19d500951d8d5ec51f5a5f91fc9eefd37f634b766041beb60a0898c399c88b35f52b26effcaba
eagleid
4f85b19816754197009713699e

Redirect headers

location
https://p3.douyinpic.com/obj/tos-cn-i-dy/94caabdcc6ad43c38ae682f01e39258f
cache-control
max-age=3600
referrer-policy
no-referrer
910f02d79e4e48f9afa259495c475013
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 6C28
Redirect Chain
  • https://img.1151555.com/images/63d0d940239ee5d2c56a780a.gif
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/910f02d79e4e48f9afa259495c475013
563 KB
564 KB
Image
General
Full URL
https://p3.douyinpic.com/obj/tos-cn-i-dy/910f02d79e4e48f9afa259495c475013
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine / ImageX
Resource Hash
8e9bf4aa9dbc3e4e29d032b9ef868ae7a9fc5b600244a331fa17db943307246f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 00:33:40 GMT
via
n204-100-084, cache20.l2de2[161,161,206-0,M], cache14.l2de2[162,0], cache14.l2de2[162,0], cache11.de3[0,0,200-0,H], cache4.de3[3,0]
x-response-lb
image
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
age
35280
nw-session-id
20230203072444F56281030D4992D3B944rgbcd01dy
x-powered-by
ImageX
x-swift-cachetime
31536000
x-cache
HIT TCP_MEM_HIT dirn:13:432743447 mlen:0
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache;desc=HIT,edge;dur=3
x-swift-savetime
Fri, 03 Feb 2023 00:33:40 GMT
x-length
576127
content-length
576127
last-modified
Thu, 02 Feb 2023 23:24:44 GMT
server
Tengine
x-tt-logid
20230203072444F56281030D4992D3B944
x-response-date
Fri, 03 Feb 2023 07:24:44 GMT
ali-swift-global-savetime
1675384420
content-type
image/gif
access-control-allow-origin
*
nw-session-trace
2023-02-03T07:24:44.446823354+08:00 26
cache-control
max-age=31536000
x-request-ip
fdbd:dc01:27:135::145
x-response-cinfo
185.213.155.169
imagex-fmt
gif2gif
x-response-cache
edge_hit
timing-allow-origin
*, *
x-tt-trace-host
018ad3c200b4114772fc53d95661eab103bc5f9a0013cf37a8172aee629133aa89b8552eca2b1381f62d067c079df2714adafe895e3ef9e7b9a2ed4347a9ba7ca4f9f8807006e888731e868c9ad4e3d0d4e52b5d335a3a2398cbf5e3e8deb99483
eagleid
4f85b19816754197009713700e

Redirect headers

location
https://p3.douyinpic.com/obj/tos-cn-i-dy/910f02d79e4e48f9afa259495c475013
cache-control
max-age=3600
referrer-policy
no-referrer
960-80.gif
pic.picnewsss.com/tu-2022290039/ Frame 6C28
253 KB
253 KB
Image
General
Full URL
https://pic.picnewsss.com/tu-2022290039/960-80.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
23.225.139.251 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
d50a65463007d6325ab96a1f13e2de8790ec27ac055ee11150d948ef270b943f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 09:46:04 GMT
last-modified
Fri, 03 Feb 2023 10:02:54 GMT
server
nginx
etag
"1675418574"
x-cache
HIT, policy, memory
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
258601
expires
Sun, 05 Mar 2023 09:46:04 GMT
8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
kzeii.com/ Frame 6C28
552 KB
553 KB
Image
General
Full URL
https://kzeii.com/8d62ac139591ff0c5f17d4c5f1ff3cf6.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:8c00:10:6ea1:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 05:25:32 GMT
via
1.1 aba148aded8f2a574ac37012d8a4aeee.cloudfront.net (CloudFront)
last-modified
Mon, 19 Dec 2022 09:06:43 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
17768
etag
"6a2c609ad0c46bb1b8d9cd39eacde625"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
565615
x-amz-cf-id
pY7e7OzG4p34OWGeY2Vb2rkXvF-Gry3ZIsjiHegc2NqxGHpBz4VNfw==
jnc60.gif
tu.jnctupian.com/jnc/ Frame 6C28
574 KB
575 KB
Image
General
Full URL
https://tu.jnctupian.com/jnc/jnc60.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
206.2.168.128 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx/onex /
Resource Hash
0b2450e440026a2abc0c6637dab790a67468754eaa0e0a3d5a90c00c3811abe5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

X-One-Cache
HIT
Date
Fri, 03 Feb 2023 10:21:39 GMT
Last-Modified
Sat, 28 Jan 2023 11:43:48 GMT
Server
nginx/onex
ETag
"63d50a74-8f9b0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
588208
Expires
Fri, 03 Mar 2023 08:22:17 GMT
761b92b8d7ce4182ab054a1f89b6063f.gif
66668aaa.com/ Frame 6C28
708 KB
708 KB
Image
General
Full URL
https://66668aaa.com/761b92b8d7ce4182ab054a1f89b6063f.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.79 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c677f7601d68004a5c0af802407899ba001333fd3c69e8993a8a757a8521b20d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 03 Jan 2023 19:53:17 GMT
Last-Modified
Tue, 15 Nov 2022 04:33:24 GMT
Server
nginx
ETag
"63731694-b0f85"
X-Cache
HIT from yd11_13-cdn-g01-la2-09
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
724869
5f356028e5e94176f56a75568e49ae20.gif
pic.rmb.bdstatic.com/bjh/ Frame 6C28
1 MB
1 MB
Image
General
Full URL
https://pic.rmb.bdstatic.com/bjh/5f356028e5e94176f56a75568e49ae20.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.10.104.115 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

ohc-file-size
1296026
date
Fri, 03 Feb 2023 10:21:40 GMT
content-md5
XzVgKOXpQXb1anVWjkmuIA==
age
715022
x-cache-status
HIT
x-bce-storage-class
STANDARD
content-length
1296026
ohc-cache-hit
fra01-sys-jomo6.fra01.baidu.com [2], fra01-sys-jomo8.fra01.baidu.com [2], zhuzuncache62 [3], suzix207 [3]
last-modified
Sun, 01 May 2022 03:41:02 GMT
server
JSP3/2.0.14
etag
"5f356028e5e94176f56a75568e49ae20"
x-bce-request-id
f2b33ae6-db81-4f70-9150-c6452b74a3f4
content-type
image/gif
x-bce-debug-id
qoHJbuYLCrwt6BohAJHKhB1la/dLtPckbQZCDsLdCYj3ffbVUHMGsmUK6fqoM0iXz1HI2DGQutkKVrhCRx8zZA==
ohc-global-saved-time
Thu, 26 Jan 2023 03:44:37 GMT
accept-ranges
bytes
timing-allow-origin
*
x-bce-content-crc32
619664397
expires
Sun, 29 Jan 2023 03:44:38 GMT
810ef977e1cd11c0.gif
kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/ Frame 6C28
271 KB
0
Image
General
Full URL
https://kjimg10.360buyimg.com/ott/jfs/t1/222610/4/20743/688878/6380d41fEdd27fc60/810ef977e1cd11c0.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
121.226.246.3 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:21:42 GMT
via
http/1.1 ORI-CLOUD-HUZ-MIX-23 (jcs [cHs f ]), http/1.1 SQ-CT-1-MIX-11 (jcs [cRs f ])
last-modified
Fri, 25 Nov 2022 14:41:35 GMT
server
nginx
age
161256
x-trace
200-1675258446091-0-0-1-25-25;200;200-1675322097415-0-0-0-8-8;200-1675419702007-0-0-0-1-1
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=15552000
timing-allow-origin
*
content-length
688878
expires
Mon, 31 Jul 2023 13:34:06 GMT
c45dd20fdac2727b.gif
kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/ Frame 6C28
0
0

960X80.gif
1888tv.oss-cn-hongkong.aliyuncs.com/guangao1888/ Frame 6C28
35 KB
0
Image
General
Full URL
https://1888tv.oss-cn-hongkong.aliyuncs.com/guangao1888/960X80.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.75.19.42 -, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Fri, 03 Feb 2023 10:21:42 GMT
x-oss-request-id
63DCE036D0409B3831C55A45
Last-Modified
Wed, 11 Jan 2023 12:58:46 GMT
Server
AliyunOSS
Content-MD5
f8fE6ZRipqdBXJr+xKNKWQ==
ETag
"7FC7C4E99462A6A7415C9AFEC4A34A59"
Content-Type
image/gif
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
16572579535862094134
Content-Length
92896
x-oss-server-time
2
960X80.gif
qp.ezfxpuo.cn/ Frame 6C28
0
0

10151.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 6C28
607 KB
608 KB
Image
General
Full URL
https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/10151.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
75ba290f4a2dc25f7cad04db45ec4633f8cdbf33c36f1b0e49ccfae0ebe4547f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 03 Feb 2023 10:21:40 GMT
x-content-type-options
nosniff
age
19498
x-jsd-version
main
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
621536
x-served-by
cache-fra-eddf8230123-FRA, cache-hhn-etou8220055-HHN
x-jsd-version-type
branch
etag
W/"97be0-yyA4T82wjwMBSXVhjlvX3mBDGe8"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
960-80.gif
3p8801.co/xx/ Frame 6C28
240 KB
240 KB
Image
General
Full URL
https://3p8801.co/xx/960-80.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.148.202.17 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ed59427c64a4afd50b701a80dbfc0d8c5ed28d2502b9e883879c45549c0d26dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:21:41 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 02 Jan 2023 08:23:25 GMT
server
nginx
etag
"63b2947d-3bf80"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
245632
expires
Sun, 05 Mar 2023 10:21:41 GMT
960x80-1.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 6C28
44 KB
44 KB
Image
General
Full URL
https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/960x80-1.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b15f6b63346bdc77fe89b9d5192428516d42f3c22b80ba44c12d509b971976ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 03 Feb 2023 10:21:40 GMT
x-content-type-options
nosniff
age
20586
x-jsd-version
main
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
44758
x-served-by
cache-fra-eddf8230059-FRA, cache-hhn-etou8220055-HHN
x-jsd-version-type
branch
etag
W/"aed6-hF5K1ES+D5PhI177qGfqnIaQYP0"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
960x80.gif
cdn.jsdelivr.net/gh/kkkll22/img@main/head/ Frame 6C28
178 KB
178 KB
Image
General
Full URL
https://cdn.jsdelivr.net/gh/kkkll22/img@main/head/960x80.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b373dcb0598f1ed8d191cc80eddadc6740f7acfdc9d6904df7eb3151920017c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 03 Feb 2023 10:21:40 GMT
x-content-type-options
nosniff
age
19498
x-jsd-version
main
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
182413
x-served-by
cache-fra-eddf8230115-FRA, cache-hhn-etou8220055-HHN
x-jsd-version-type
branch
etag
W/"2c88d-iHJwx6wJOEqfCDMhqtFnWhvAPto"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
63d365f860c3f47a6f40b86d.gif
img.8622a.com/images/ Frame 6C28
0
0

960x160.gif
8499163.com/8499/ Frame 6C28
0
0

loading.svg
hjha2.com/template/kuli04/images/ Frame 6C28
506 B
662 B
Image
General
Full URL
https://hjha2.com:8443/template/kuli04/images/loading.svg
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.16.37.83 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:21:38 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 08 Nov 2021 09:18:25 GMT
server
nginx
etag
"6188eb61-1fa"
content-type
image/svg+xml
accept-ranges
bytes
content-length
506
ef0924d4ebfa9547d665d.jpg
skyimg.sky4k.top//file/ Frame 6C28
36 KB
37 KB
Image
General
Full URL
https://skyimg.sky4k.top//file/ef0924d4ebfa9547d665d.jpg
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb41 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f0f6a902b82f15d60af94fa401d0b3fd5ea5a30f53e9f78f7fe42bbc69b53f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 10:21:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
313847
etag
W/"079c8b6a9bf5f74167a34e88ce48e44b5f7a3463"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNjW4efD45uIGyuw9YcD3OnrsqpMEcTcrgkxAwY6EcAHB522qQHjHEJeJiABsss%2BDu7gdNZELyf9iVTwwdZvrSOCyyUk%2BCMM72%2FUpqfBuWpIvvR%2BJtOsjT9A2d21HBoW7HWrbfyZeWJ3VN6WbgDF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
cf-ray
793a70f0ef572bc9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 01 Mar 2023 05:54:14 GMT
06bc2769a3cc4268b5c43cf6eeb7ee95.gif
573569djd.com/ Frame 6C28
0
0

c0ba90b97aaff0d0.gif
kjimg10.360buyimg.com/ott/jfs/t1/91201/17/34468/130902/6380d288Ebab53dae/ Frame 6C28
0
0

777d2af1e8a74ca3aa77500ba390d2b8.gif
66663aaa.com/ Frame 6C28
0
0

638dee7409ca91e0020145cf.giff
img.1153555.com/images/ Frame 6C28
0
0

18a826d2c1854a968a41d3ed4a8b3040.gif
9366qq.com/ Frame 6C28
0
0

f67b410855efed07dc1783436baaa5f7.gif
kveii.com/ Frame 6C28
0
0

app0921.jpg
cdn.jsdelivr.net/gh/kkkll22/img@main/index/ Frame 6C28
0
0

bf42ce11ec6d463089ce9700d48fda78.gif
n5267.com/ Frame 6C28
0
0

aab3399958e94de783e501d0a88d0e64.png
253669vqx.com/ Frame 6C28
0
0

ea0205dd2b044b828f59e1e34d305c5e.gif
253669vqx.com/ Frame 6C28
0
0

ccc593dbd14e435090d641cfcfd54d7c.gif
99887aaa.com/ Frame 6C28
0
0

63d3646760c3f47a6f40b86c.gif
img.2321a.com/images/ Frame 6C28
0
0

100-100.gif
511500044.com/uploads/2023/01/ Frame 6C28
0
0

300.gif
i.ibb.co/BzS1Fs3/ Frame 6C28
0
0

120X120.gif
qp.ezfxpuo.cn/ Frame 6C28
0
0

hy.gif
tgqd.tsmgsoce.com/imgf/ Frame 6C28
0
0

666.gif
yaoji666.oss-cn-hongkong.aliyuncs.com/gg/ Frame 6C28
0
0

9e035e37d26610003bfb7c743f35ffc2.jpg
fls003.com/upload/uploads-images/default/other/2022-08-10/ Frame 6C28
0
0

200-200.png
tu.sljttpkj.net/3569tu/ Frame 6C28
0
0

mdsq.jpg
vs.afuyer.com/ Frame 6C28
0
0

xj51tng
ibb.co/ Frame 6C28
0
0

120-120.gif
pic.picnewsss.com/tu-2022290039/ Frame 6C28
0
0

truncated
/ Frame 6C28
254 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
84bfbebcdad0296b623216802be82672.gif
u22088.com/ Frame 6C28
15 KB
15 KB
Image
General
Full URL
https://u22088.com/84bfbebcdad0296b623216802be82672.gif
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:b600:14:9a36:9680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
869e12cacf70ec0ced9208a285ca779e2371a411df8e7b9d788da32344912e04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 05:14:17 GMT
via
1.1 ffa0d2acb6ab662531e95cf2a187fa40.cloudfront.net (CloudFront)
last-modified
Sat, 17 Dec 2022 11:45:02 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
1573643
etag
"45937719da73b701bd554f3996019dff"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
15158
x-amz-cf-id
eJ_IAgFMOVlvgBB9_WDKtJnjzH0VOAMc2oO9fqJ_4wsv_PM8iQFWJQ==
150x150.gif
8499165.com/8499/ Frame 6C28
0
0

hm.js
hm.baidu.com/ Frame 6C28
29 KB
11 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?41537b718b08fa02fbaf62417f6eff43
Requested by
Host: hjha2.com
URL: https://hjha2.com:8443/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
4c36c0c1d99968d26d2e27426a7aa0f6a1b5ff4779469318a0d9d85599154ccc
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 10:21:38 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
c7ae44f9184b28f88591dc4f1b5c14aa
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11254
2070
kg.awyyzx.com/sc/ Frame 6C28
9 KB
10 KB
Script
General
Full URL
https://kg.awyyzx.com/sc/2070?n=onkqtlbq
Requested by
Host: baleyu.com
URL: http://baleyu.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
113.1.0.71 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 / PHP/5.6.31
Resource Hash
0c58a5c115bd73425bcef9a274983387faf6b98f728031cbd166656e9a65a748

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hjha2.com:8443/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
max-age=1800
Date
Fri, 03 Feb 2023 07:48:39 GMT
X-Cache-Lookup
Cache Hit, Hit From Inner Cluster
Server
nginx/1.18.0
Age
1800
X-Powered-By
PHP/5.6.31
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=1800
X-NWS-LOG-UUID
5131728547592919210
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9689
truncated
/ Frame 6C28
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e

Request headers

Referer
Origin
https://hjha2.com:8443
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
hm.gif
hm.baidu.com/ Frame 6C28
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kjimg10.360buyimg.com
URL
https://kjimg10.360buyimg.com/ott/jfs/t1/120993/16/33030/1021535/6380d2dbE2ee6e05e/c45dd20fdac2727b.gif
Domain
qp.ezfxpuo.cn
URL
https://qp.ezfxpuo.cn/960X80.gif
Domain
img.8622a.com
URL
https://img.8622a.com/images/63d365f860c3f47a6f40b86d.gif
Domain
8499163.com
URL
https://8499163.com/8499/960x160.gif
Domain
573569djd.com
URL
https://573569djd.com/06bc2769a3cc4268b5c43cf6eeb7ee95.gif
Domain
kjimg10.360buyimg.com
URL
https://kjimg10.360buyimg.com/ott/jfs/t1/91201/17/34468/130902/6380d288Ebab53dae/c0ba90b97aaff0d0.gif
Domain
66663aaa.com
URL
https://66663aaa.com/777d2af1e8a74ca3aa77500ba390d2b8.gif
Domain
img.1153555.com
URL
https://img.1153555.com/images/638dee7409ca91e0020145cf.giff
Domain
9366qq.com
URL
https://9366qq.com/18a826d2c1854a968a41d3ed4a8b3040.gif
Domain
kveii.com
URL
https://kveii.com/f67b410855efed07dc1783436baaa5f7.gif
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/gh/kkkll22/img@main/index/app0921.jpg
Domain
n5267.com
URL
https://n5267.com/bf42ce11ec6d463089ce9700d48fda78.gif
Domain
253669vqx.com
URL
https://253669vqx.com/aab3399958e94de783e501d0a88d0e64.png
Domain
253669vqx.com
URL
https://253669vqx.com/ea0205dd2b044b828f59e1e34d305c5e.gif
Domain
99887aaa.com
URL
https://99887aaa.com/ccc593dbd14e435090d641cfcfd54d7c.gif
Domain
img.2321a.com
URL
https://img.2321a.com/images/63d3646760c3f47a6f40b86c.gif
Domain
511500044.com
URL
https://511500044.com/uploads/2023/01/100-100.gif?_t=1673959608
Domain
i.ibb.co
URL
https://i.ibb.co/BzS1Fs3/300.gif
Domain
qp.ezfxpuo.cn
URL
https://qp.ezfxpuo.cn/120X120.gif
Domain
tgqd.tsmgsoce.com
URL
https://tgqd.tsmgsoce.com/imgf/hy.gif
Domain
yaoji666.oss-cn-hongkong.aliyuncs.com
URL
https://yaoji666.oss-cn-hongkong.aliyuncs.com/gg/666.gif
Domain
fls003.com
URL
https://fls003.com/upload/uploads-images/default/other/2022-08-10/9e035e37d26610003bfb7c743f35ffc2.jpg?_v=20220701
Domain
tu.sljttpkj.net
URL
https://tu.sljttpkj.net/3569tu/200-200.png
Domain
vs.afuyer.com
URL
https://vs.afuyer.com/mdsq.jpg
Domain
ibb.co
URL
https://ibb.co/xj51tng
Domain
pic.picnewsss.com
URL
https://pic.picnewsss.com/tu-2022290039/120-120.gif
Domain
8499165.com
URL
https://8499165.com/8499/150x150.gif
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=475554165&si=41537b718b08fa02fbaf62417f6eff43&su=http%3A%2F%2Fbaleyu.com%2F&v=1.3.0&lv=1&sn=17424&r=0&ww=1600&u=https%3A%2F%2Fhjha2.com%3A8443%2F&tt=%E9%BB%84%E9%87%91%E6%B5%B7%E5%B2%B8

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| _hmt boolean| _bdhm_loaded_2c826b7af1bbdd4b55533c61259bdc81 object| mini_tangram_log_rmesu7 boolean| _bdhm_loaded_f1d4fa7fc77845e82d7014194503e307 object| mini_tangram_log_i40lyw boolean| _bdhm_loaded_0479a3a671cc30fd27d45970393ba3c8 object| mini_tangram_log_h7beuq

7 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: E1B9ECF2367A62CB
.baleyu.com/ Name: Hm_lvt_2c826b7af1bbdd4b55533c61259bdc81
Value: 1675419697
.baleyu.com/ Name: Hm_lpvt_2c826b7af1bbdd4b55533c61259bdc81
Value: 1675419697
.baleyu.com/ Name: Hm_lvt_f1d4fa7fc77845e82d7014194503e307
Value: 1675419697
.baleyu.com/ Name: Hm_lpvt_f1d4fa7fc77845e82d7014194503e307
Value: 1675419697
.baleyu.com/ Name: Hm_lvt_0479a3a671cc30fd27d45970393ba3c8
Value: 1675419698
.baleyu.com/ Name: Hm_lpvt_0479a3a671cc30fd27d45970393ba3c8
Value: 1675419698

2 Console Messages

Source Level URL
Text
security warning URL: https://hjha2.com:8443/
Message:
Mixed Content: The page at 'https://hjha2.com:8443/' was loaded over HTTPS, but requested an insecure element 'http://511500044.com/uploads/2023/01/100-100.gif?_t=1673959608'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://hjha2.com:8443/(Line 1328)
Message:
Mixed Content: The page at 'https://hjha2.com:8443/' was loaded over HTTPS, but requested an insecure element 'http://511500044.com/uploads/2023/01/100-100.gif?_t=1673959608'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1888tv.oss-cn-hongkong.aliyuncs.com
223969ufy.com
253669vqx.com
362728tdg.com
3718896ccc.com
375772rug.com
3p8801.co
511500044.com
573569djd.com
66663aaa.com
66668aaa.com
832793jse.com
8499163.com
8499165.com
9366qq.com
99887aaa.com
99996aaa.com
baleyu.com
cdn.jsdelivr.net
fls003.com
hjha2.com
hm.baidu.com
i.ibb.co
ibb.co
img.1151555.com
img.1153555.com
img.2128a.com
img.2321a.com
img.8622a.com
img1.imgtp.com
kg.awyyzx.com
kjimg10.360buyimg.com
kveii.com
kzeii.com
n5267.com
p3.douyinpic.com
pic.picnewsss.com
pic.rmb.bdstatic.com
qp.ezfxpuo.cn
skyimg.sky4k.top
tgqd.tsmgsoce.com
tu.jnctupian.com
tu.sljttpkj.net
u22088.com
vs.afuyer.com
yaoji666.oss-cn-hongkong.aliyuncs.com
253669vqx.com
511500044.com
573569djd.com
66663aaa.com
8499163.com
8499165.com
9366qq.com
99887aaa.com
cdn.jsdelivr.net
fls003.com
hm.baidu.com
i.ibb.co
ibb.co
img.1153555.com
img.2321a.com
img.8622a.com
kjimg10.360buyimg.com
kveii.com
n5267.com
pic.picnewsss.com
qp.ezfxpuo.cn
tgqd.tsmgsoce.com
tu.sljttpkj.net
vs.afuyer.com
yaoji666.oss-cn-hongkong.aliyuncs.com
103.170.15.100
103.170.15.111
103.170.15.75
103.170.15.79
103.170.15.95
103.235.46.191
107.148.202.17
113.1.0.71
121.226.246.3
185.10.104.115
198.16.37.83
206.119.93.78
206.2.168.128
23.225.139.251
2600:9000:200a:8c00:10:6ea1:f8c0:93a1
2600:9000:200a:b600:14:9a36:9680:93a1
2606:4700:3038::6815:e9bd
2606:4700:3038::6815:eb41
2a04:4e42:400::485
3.36.126.81
45.61.212.216
45.61.212.225
47.75.19.42
79.133.177.225
0b2450e440026a2abc0c6637dab790a67468754eaa0e0a3d5a90c00c3811abe5
0c58a5c115bd73425bcef9a274983387faf6b98f728031cbd166656e9a65a748
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
11b507546df8a41877897e0b2995c07b55c047ad56d50f154665d01242973871
18543a39e003823862ca88f74a899b953e82fc6f1771682b37d0b435d40644cc
1e3737ed1f849f7ff53fbfcf55521b77d8316652cd9591e72f3d22d26296a202
22a525fd9b99500b6824d69a8dbb6e44684f0846fe85291b3d99c08e7c1ea71f
337c56b9139ebcaa29972f14db2d4e7b2a066d96eb80380c46cb3245f4abf1b7
388939644e37c8b5ec54fa6cb31cbdd3a02b1430a69c972e7b298c86a1b2dec0
3b66c0c66164cf01ad19f4b77ea5b720bd9b3d52ca4c16938105f4c3288bf94f
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
4c36c0c1d99968d26d2e27426a7aa0f6a1b5ff4779469318a0d9d85599154ccc
5083c6eec3b0beac9b5b0f287a69e8169efbb469c19b9083c12b2ed239936e6f
57cd9a9aef42e1f36ca0d9cf8c98f4200850f17d87468ee42b4edd62d33993b8
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
75ba290f4a2dc25f7cad04db45ec4633f8cdbf33c36f1b0e49ccfae0ebe4547f
7a7ee9bbe05e7f364e9b98702b20956ab3ed8da1a67ea59157a96d3394b6ca7b
869e12cacf70ec0ced9208a285ca779e2371a411df8e7b9d788da32344912e04
8e9bf4aa9dbc3e4e29d032b9ef868ae7a9fc5b600244a331fa17db943307246f
8eb8f61188f2555f5f7f0a934ebbae9e9ab703a3dc0b23191bdc7c147eb12140
93f61a1a835dd1c3203ac05d024fc907d5bd541d3f458d014ced06fafce93e53
9e8b5d215635ad74e28a47c5565b94a290a3ecc44120d6f9790b2ca61aeb08f9
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
b15f6b63346bdc77fe89b9d5192428516d42f3c22b80ba44c12d509b971976ad
b373dcb0598f1ed8d191cc80eddadc6740f7acfdc9d6904df7eb3151920017c7
c677f7601d68004a5c0af802407899ba001333fd3c69e8993a8a757a8521b20d
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf47ae179a9a0a1a8d7f149af54bc698aca7eca03a0b2436eb929eb908637738
d50a65463007d6325ab96a1f13e2de8790ec27ac055ee11150d948ef270b943f
e4383e05cc1177379b1ffef38ebb67f29a32b261037fa1cda02b09fb66bfbf93
ed59427c64a4afd50b701a80dbfc0d8c5ed28d2502b9e883879c45549c0d26dd
f0f6a902b82f15d60af94fa401d0b3fd5ea5a30f53e9f78f7fe42bbc69b53f6b
f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e
fa529241dddbd17e0dd7b8ee301efa587826b81ed5b4b6223f1ee6e236e44442
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff