q.42v8a.kesowd.com Open in urlscan Pro
2606:4700:3030::ac43:8207 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://q.42v8a.kesowd.com/
Submission: On April 25 via api (April 25th 2024, 9:20:32 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3030::ac43:8207, located in United States and belongs to CLOUDFLARENET, US. The main domain is q.42v8a.kesowd.com.

This is the only time q.42v8a.kesowd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:303... 2606:4700:3030::ac43:8207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	8.134.100.156 8.134.100.156	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	8.134.19.231 8.134.19.231	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	39.99.237.115 39.99.237.115	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	39.99.148.9 39.99.148.9	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
2	39.99.255.82 39.99.255.82	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
14	6

6 2606:4700:3030::ac43:8207 (United States)

ASN13335 (CLOUDFLARENET, US)

q.42v8a.kesowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 8.134.100.156 (Guangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.86wind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.134.19.231 (Guangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.thjunshi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 39.99.237.115 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.jinxun.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 39.99.148.9 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.luyouqiwang.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 39.99.255.82 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

www.qhtv.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	kesowd.com q.42v8a.kesowd.com	106 KB
3	86wind.com www.86wind.com	60 KB
2	qhtv.cn www.qhtv.cn	39 KB
1	luyouqiwang.cn www.luyouqiwang.cn	27 KB
1	jinxun.cc www.jinxun.cc	37 KB
1	thjunshi.com www.thjunshi.com	31 KB
14	6

	Domain	Requested by
6	q.42v8a.kesowd.com	q.42v8a.kesowd.com
3	www.86wind.com	q.42v8a.kesowd.com
2	www.qhtv.cn	q.42v8a.kesowd.com
1	www.luyouqiwang.cn	q.42v8a.kesowd.com
1	www.jinxun.cc	q.42v8a.kesowd.com
1	www.thjunshi.com	q.42v8a.kesowd.com
14	6

This site contains no links.

Subject Issuer	Validity	Valid
www.86wind.com Encryption Everywhere DV TLS CA - G1	`2023-05-19` - `2024-05-19`	a year	crt.sh
www.thjunshi.com Encryption Everywhere DV TLS CA - G1	`2023-07-07` - `2024-07-07`	a year	crt.sh
www.jinxun.cc Encryption Everywhere DV TLS CA - G2	`2023-09-01` - `2024-08-31`	a year	crt.sh
www.luyouqiwang.cn TrustAsia RSA DV TLS CA G2	`2024-02-27` - `2025-02-26`	a year	crt.sh
www.qhtv.cn TrustAsia RSA DV TLS CA G2	`2024-02-01` - `2025-01-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://q.42v8a.kesowd.com/
Frame ID: 6829BE00CACB699B06160E17920F6CB7
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

十有八九网

Page URL History Show full URLs

http://q.42v8a.kesowd.com/ HTTP 307
https://q.42v8a.kesowd.com/ HTTP 307
http://q.42v8a.kesowd.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

57 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

301 kB
Transfer

479 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://q.42v8a.kesowd.com/ HTTP 307
https://q.42v8a.kesowd.com/ HTTP 307
http://q.42v8a.kesowd.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
q.42v8a.kesowd.com/
Redirect Chain

http://q.42v8a.kesowd.com/
https://q.42v8a.kesowd.com/
http://q.42v8a.kesowd.com/

24 KB
8 KB

553ms
553ms

Document
text/html

2606:4700:3030::ac43:8207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://q.42v8a.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:8207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baab309f6b16510894de603b1e4bf97d1c37130cede35889cc9718c23a845daa

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 87a16079af9d046e-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Thu, 25 Apr 2024 21:20:25 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9pLWY3xstyn62Hx0SqznwO07hdaDxSZfIfFonl3udzNIt5dVXUCtzFD0ky6KS9NKu1bkv41ff1wb7xydS9T0yOUS0vG5%2FdxKpSvbCKH2afIHB6XDiBLjBoFu7sEHfnE6Jj2%2B%2FMJxAH6Ejsqg%2BSN4ea8%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

Redirect headers

Location: http://q.42v8a.kesowd.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK autoptimize_ca6ff68ee21f85836d11f9bbcb0b9aac.css
q.42v8a.kesowd.com/template/news/boke015/style/css/ 157 KB
49 KB 508ms
508ms Stylesheet
text/css 2606:4700:3030::ac43:8207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://q.42v8a.kesowd.com/template/news/boke015/style/css/autoptimize_ca6ff68ee21f85836d11f9bbcb0b9aac.css
Requested by: Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:8207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da02f639bec477d2a8d6ffa529851c3203bd7058303585c0027add825441eb8a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://q.42v8a.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Apr 2024 21:20:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Tue, 16 Jul 2019 05:52:32 GMT
Server: cloudflare
ETag: W/"5d2d6620-275c2"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N6Sgk%2Fno1D9Gxeg2SaBgsIuQjHrBjev50Md5cTZ%2FYm37uoauLsjXBgLPfsr5HUBufoeli967%2BuBslCKuLNjoQYnsQeHIjnlQTYkUiHklnhwtWoMgKcmr93ORMZ24isFXP7BeERsrzzfjuBvud9aPxsU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=43200
CF-RAY: 87a1607d2b0e046e-FRA
Expires: Fri, 26 Apr 2024 09:20:25 GMT

GET
H/1.1 200
OK jquery.js Show response
q.42v8a.kesowd.com/template/news/boke015/style/js/ 95 KB
38 KB 532ms
526ms Script
application/javascript 2606:4700:3030::ac43:8207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://q.42v8a.kesowd.com/template/news/boke015/style/js/jquery.js?ver=1.12.4
Requested by: Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:8207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://q.42v8a.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Apr 2024 21:20:25 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Last-Modified: Thu, 30 May 2019 01:11:00 GMT
Server: cloudflare
ETag: W/"5cef2da4-17ba2"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EWfO%2FwaY8u2WxSUwafVjcRW9SJ4StkuuuxTlNpSdC8%2FGKSLOk%2Fm7QvUik5%2Fs%2FEosmEp2qt3BUsWYOxfv4FpyfRi5Xqfpi%2BKfGeaOFlwJNUNEGw4gficV8jW%2FbWTdZI8rQTiSvFzDdKodSgSRXMpl1d4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 87a1607d2da339c2-FRA
Expires: Fri, 26 Apr 2024 09:20:25 GMT

GET
H/1.1 200
OK logo.png
q.42v8a.kesowd.com/template/news/boke015/style/img/ 5 KB
6 KB 332ms
326ms Image
image/png 2606:4700:3030::ac43:8207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://q.42v8a.kesowd.com/template/news/boke015/style/img/logo.png
Requested by: Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:8207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14074326780865ae501869b5618147921eb66865b529526e76e6df6aa7004c42

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://q.42v8a.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Apr 2024 21:20:25 GMT
CF-Cache-Status: MISS
Last-Modified: Wed, 26 Jun 2019 08:35:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: "5d132e3a-14bb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TNSD0hnXGtyG%2Bx4%2BQLAm3v2Pgg6Diqvb9aTVpnEWNItRI1SeAa5jG2Nc%2FJD%2BvQgIurTXGIyQT%2FbxejXBYv2zJckBFHSekTSisqyY3bqxhcfhn14Wsp8mBCN0umX9wjeKImcS01aqE0DKjKXOTu5QMO4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Cache-Control: max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 87a1607d28189250-FRA
alt-svc: h3=":443"; ma=86400
Content-Length: 5307

GET
H2 200 dc2b016444ce91246eafda395faf5dd5878_t.jpg
www.86wind.com/uploadfile/2023/0406/ 18 KB
18 KB 4221ms
3383ms Image
image/jpeg 8.134.100.156
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.86wind.com/uploadfile/2023/0406/dc2b016444ce91246eafda395faf5dd5878_t.jpg

Requested by

Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.134.100.156 Guangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

b26a87f45c98087b3bc19fe75ae9b38840b0792d4ecd9ae41298f5a198147f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://q.42v8a.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 21:20:26 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 06 Apr 2023 12:05:13 GMT
server: nginx
etag: "642eb579-4682"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18050
expires: Sat, 25 May 2024 21:20:26 GMT

GET
H2 200 d3cc2691875bed0140ce8e26089e92c010_t.jpg
www.86wind.com/uploadfile/2023/0918/ 21 KB
21 KB 1875ms
1370ms Image
image/jpeg 8.134.100.156
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.86wind.com/uploadfile/2023/0918/d3cc2691875bed0140ce8e26089e92c010_t.jpg

Requested by

Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.134.100.156 Guangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

2953ed3cfadc9bf3efeb2bc745e462a3bcbbf03a309a490d31e4b06599487a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://q.42v8a.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 21:20:26 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 18 Sep 2023 06:00:46 GMT
server: nginx
etag: "6507e78e-5377"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21367
expires: Sat, 25 May 2024 21:20:26 GMT

GET
H2 200 a215b14f16f9a4dda3059902eb936a21786_t.jpg
www.thjunshi.com/uploadfile/2023/0520/ 31 KB
31 KB 888ms
170ms Image
image/jpeg 8.134.19.231
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thjunshi.com/uploadfile/2023/0520/a215b14f16f9a4dda3059902eb936a21786_t.jpg

Requested by

Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.134.19.231 Guangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

8855428e1f18c58b87f01236896ef89c865ef48eca829f8ddd66d3756b0f5723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://q.42v8a.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 21:20:26 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 20 May 2023 13:29:57 GMT
server: nginx
etag: "6468cb55-7ca4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 31908
expires: Sat, 25 May 2024 21:20:26 GMT

GET
H2 200 20210901071259351.jpg
www.jinxun.cc/uploadfile/2021/0901/ 37 KB
37 KB 1152ms
154ms Image
image/jpeg 39.99.237.115
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jinxun.cc/uploadfile/2021/0901/20210901071259351.jpg

Requested by

Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

39.99.237.115 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

6c438f453c3f71b4535f018cf23174828f84f6259575a1e6a9eb47cfcd88ebcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://q.42v8a.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 21:20:26 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 01 Sep 2021 11:12:59 GMT
server: nginx
etag: "612f603b-927f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 37503
expires: Sat, 25 May 2024 21:20:26 GMT

GET
H2 200 0b7fdb60458c31b535331b28e270aca5340_t.jpg
www.86wind.com/uploadfile/2023/0408/ 21 KB
21 KB 3534ms
3382ms Image
image/jpeg 8.134.100.156
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.86wind.com/uploadfile/2023/0408/0b7fdb60458c31b535331b28e270aca5340_t.jpg

Requested by

Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.134.100.156 Guangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

a9942cc58333d02a06306cb6a403ad6bd893e1d57952e2e473669d7d74e10cf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://q.42v8a.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 21:20:26 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Apr 2023 16:01:54 GMT
server: nginx
etag: "64303e72-52bc"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21180
expires: Sat, 25 May 2024 21:20:26 GMT

GET
H2 200 d4fd8eace8264b786c6379074e10ea99150_t.jpg
www.luyouqiwang.cn/uploadfile/2022/0528/ 27 KB
27 KB 1167ms
169ms Image
image/jpeg 39.99.148.9
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.luyouqiwang.cn/uploadfile/2022/0528/d4fd8eace8264b786c6379074e10ea99150_t.jpg

Requested by

Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

39.99.148.9 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

c9322fab0492a57547c4b042b8bf027742ff29f1f86762b91d0fd51d63b4c07c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://q.42v8a.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 21:20:26 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 28 May 2022 03:02:27 GMT
server: nginx
etag: "629190c3-6b50"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27472
expires: Sat, 25 May 2024 21:20:26 GMT

GET
H2 200 cc0a968acea2cb15956fd8dafa1b516c566_t.jpg
www.qhtv.cn/uploadfile/2023/0816/ 18 KB
19 KB 1376ms
378ms Image
image/jpeg 39.99.255.82
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.qhtv.cn/uploadfile/2023/0816/cc0a968acea2cb15956fd8dafa1b516c566_t.jpg

Requested by

Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

39.99.255.82 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

41d9ddcfa5df8dc61d4fc2e215e34f243754549f15b8b9f244b13fe1710f0c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://q.42v8a.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 21:20:26 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 07:36:05 GMT
server: nginx
etag: "64dc7c65-491e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 18718
expires: Sat, 25 May 2024 21:20:26 GMT

GET
H2 200 53cb3bdbc0d9b7f31ef6954c485e40b6712_t.jpg
www.qhtv.cn/uploadfile/2023/0816/ 21 KB
21 KB 1430ms
432ms Image
image/jpeg 39.99.255.82
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.qhtv.cn/uploadfile/2023/0816/53cb3bdbc0d9b7f31ef6954c485e40b6712_t.jpg

Requested by

Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

39.99.255.82 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

6c44675ca220d58d213bb5fc6fd68bf53add52213a1a2668c93712e9fba9beda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: http://q.42v8a.kesowd.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 25 Apr 2024 21:20:26 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 16 Aug 2023 08:01:10 GMT
server: nginx
etag: "64dc8246-5223"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21027
expires: Sat, 25 May 2024 21:20:26 GMT

GET
H/1.1 404
Not Found autoptimize_b8dc4cbbf751779fffa66dd03ddbe033.js
q.42v8a.kesowd.com/style/js/ 0
0 399ms
398ms Script
text/html 2606:4700:3030::ac43:8207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://q.42v8a.kesowd.com/style/js/autoptimize_b8dc4cbbf751779fffa66dd03ddbe033.js
Requested by: Host: q.42v8a.kesowd.com
URL: http://q.42v8a.kesowd.com/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:8207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://q.42v8a.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Apr 2024 21:20:26 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5AxNLUcR3zZxywHtghOstFRkbbItuK4oTEECx1XpF8JjUNRXXhkLGeBrAE%2FbhE%2FVHTRaD7oCe1TY0lBSHoiHjGONOjY%2BSyBVDVnQw%2FmqD8ubrcRl7WLJKqd6Yf4szbCTwby6W8esAxYwHm0TeFtuKQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 87a160816eea046e-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK favicon.ico
q.42v8a.kesowd.com/ 5 KB
6 KB 337ms
336ms Other
image/x-icon 2606:4700:3030::ac43:8207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://q.42v8a.kesowd.com/favicon.ico
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:8207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2de73d44a795601eaf9e0929408a25c3f72694699c4a845c45ee0d12030b9112

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: http://q.42v8a.kesowd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Thu, 25 Apr 2024 21:20:29 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Fri, 16 Feb 2024 02:59:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
ETag: W/"65cecf7a-13a1"
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDSWG9McedzOqyIaMvuDmZGdC7piKnBxSPtj8hdA7WCJncES2QzSoIteXMYrLH%2BVhVt5201C5swHoDFwksrqBcxXx%2F4gdS4yRJZjenvqFP9uA%2Bls4Zya8vufRMMeqTzQkhCXlYkN37bhKFPXUEsnqJQ%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/x-icon
Vary: Accept-Encoding
Cache-Control: max-age=14400
Connection: keep-alive
CF-RAY: 87a160989e86046e-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://q.42v8a.kesowd.com/style/js/autoptimize_b8dc4cbbf751779fffa66dd03ddbe033.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

q.42v8a.kesowd.com
www.86wind.com
www.jinxun.cc
www.luyouqiwang.cn
www.qhtv.cn
www.thjunshi.com
2606:4700:3030::ac43:8207
39.99.148.9
39.99.237.115
39.99.255.82
8.134.100.156
8.134.19.231
14074326780865ae501869b5618147921eb66865b529526e76e6df6aa7004c42
2953ed3cfadc9bf3efeb2bc745e462a3bcbbf03a309a490d31e4b06599487a51
2de73d44a795601eaf9e0929408a25c3f72694699c4a845c45ee0d12030b9112
41d9ddcfa5df8dc61d4fc2e215e34f243754549f15b8b9f244b13fe1710f0c4f
6c438f453c3f71b4535f018cf23174828f84f6259575a1e6a9eb47cfcd88ebcb
6c44675ca220d58d213bb5fc6fd68bf53add52213a1a2668c93712e9fba9beda
8855428e1f18c58b87f01236896ef89c865ef48eca829f8ddd66d3756b0f5723
a9942cc58333d02a06306cb6a403ad6bd893e1d57952e2e473669d7d74e10cf0
b26a87f45c98087b3bc19fe75ae9b38840b0792d4ecd9ae41298f5a198147f27
baab309f6b16510894de603b1e4bf97d1c37130cede35889cc9718c23a845daa
c9322fab0492a57547c4b042b8bf027742ff29f1f86762b91d0fd51d63b4c07c
da02f639bec477d2a8d6ffa529851c3203bd7058303585c0027add825441eb8a
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723

q.42v8a.kesowd.com Open in urlscan Pro 2606:4700:3030::ac43:8207 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

14 Requests

57 %HTTPS

17 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

301 kBTransfer

479 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

q.42v8a.kesowd.com Open in urlscan Pro
2606:4700:3030::ac43:8207 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

57 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

301 kB
Transfer

479 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions