urlscan.io logo urlscan.io
SecurityTrails logo

dh.spflw.xyz Open in urlscan Pro
172.67.208.235  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://spflw.cfd/#ne
Effective URL: https://dh.spflw.xyz/
Submission Tags: 0xscam
Submission: On December 13 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 18 HTTP transactions. The main IP is 172.67.208.235, located in United States and belongs to CLOUDFLARENET, US. The main domain is dh.spflw.xyz.
TLS certificate: Issued by WE1 on December 10th 2024. Valid for: 3 months.
This is the only time dh.spflw.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
10 172.67.208.235 13335 (CLOUDFLAR...)
2 183.240.98.228 56040 (CMNET-GUA...)
1 27.124.9.124 152194 (CTGSERVER...)
1 58.254.150.48 136958 (UNICOM-GU...)
1 2600:9000:266... 16509 (AMAZON-02)
1 18.195.235.189 16509 (AMAZON-02)
1 103.235.47.188 55967 (BAIDU Bei...)
18 8
1    2606:4700:3033::6815:4d56 (United States)

ASN13335 (CLOUDFLARENET, US)
spflw.cfd
10    172.67.208.235 (United States)

ASN13335 (CLOUDFLARENET, US)
dh.spflw.xyz
2    183.240.98.228 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)
hm.baidu.com
1    27.124.9.124 (Shatin, Hong Kong)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)
cdn.staticfile.org
1    58.254.150.48 (Guangzhou, China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)
zz.bdstatic.com
1    2600:9000:266e:3c00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.matomo.cloud
1    18.195.235.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
munvhtcfd.matomo.cloud
1    103.235.47.188 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
sp0.baidu.com
Apex Domain
Subdomains		 Transfer
10 spflw.xyz
dh.spflw.xyz
229 KB
3 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 12020
sp0.baidu.com — Cisco Umbrella Rank: 33725
12 KB
2 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 17022
munvhtcfd.matomo.cloud
41 KB
1 bdstatic.com
zz.bdstatic.com — Cisco Umbrella Rank: 50790
552 B
1 staticfile.org
cdn.staticfile.org — Cisco Umbrella Rank: 126239
37 KB
1 spflw.cfd
spflw.cfd
619 B
18 6
Domain Requested by
10 dh.spflw.xyz dh.spflw.xyz
2 hm.baidu.com dh.spflw.xyz
1 sp0.baidu.com dh.spflw.xyz
1 munvhtcfd.matomo.cloud cdn.matomo.cloud
1 cdn.matomo.cloud dh.spflw.xyz
1 zz.bdstatic.com dh.spflw.xyz
1 cdn.staticfile.org dh.spflw.xyz
1 spflw.cfd 1 redirects
18 8
Subject Issuer Validity Valid
spflw.xyz
WE1		 2024-12-10 -
2025-03-10		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2024-07-08 -
2025-08-09		 a year crt.sh
*.staticfile.org
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-09-15 -
2025-10-17		 a year crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M02		 2024-09-25 -
2025-10-23		 a year crt.sh
*.matomo.cloud
Amazon RSA 2048 M02		 2024-05-21 -
2025-06-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dh.spflw.xyz/
Frame ID: B91B1787D295E851F9AA54C56485A4BE
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

爽片福利网

Page URL History Show full URLs

  1. https://spflw.cfd/ HTTP 301
    https://dh.spflw.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

18
Requests

94 %
HTTPS

25 %
IPv6

6
Domains

8
Subdomains

8
IPs

4
Countries

364 kB
Transfer

761 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://spflw.cfd/ HTTP 301
    https://dh.spflw.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://dh.spflw.xyz/favicon.ico HTTP 0
  • http://dh.spflw.xyz/static/favorite.ico

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dh.spflw.xyz/
Redirect Chain
  • https://spflw.cfd/
  • https://dh.spflw.xyz/
43 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dh.spflw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6620cea2c75ca26954c357bb1043f45711fcdf3721b480a7859678cb1cf3791

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f136e41fb1ad156-CDG
content-encoding
zstd
content-language
fr-FR
content-type
text/html;charset=UTF-8
date
Fri, 13 Dec 2024 05:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r6R%2Fr0xkxf4TaTEf7U9yEwWNEjdkFVRUBTsLcxpBHcgCSAzCMU0pXsZ5YAyN%2FaJBNwpWs2WY1G%2Ff%2Fr%2B7bDUhgyidWqqMuiSb9znHyIMABP8tDDAs9YxWF3XhZ3dIY1A%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15549&min_rtt=15163&rtt_var=2649&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4160&recv_bytes=4480&delivery_rate=691&cwnd=12000&unsent_bytes=0&cid=6869770717a300a2&ts=654&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding

Redirect headers

cache-control
max-age=3600
cf-ray
8f136e417e4b9ea5-CDG
content-length
167
content-type
text/html
date
Fri, 13 Dec 2024 05:07:27 GMT
expires
Fri, 13 Dec 2024 06:07:27 GMT
location
https://dh.spflw.xyz
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bMrfJaS9C93pSWUIfcI%2B%2FUjYc6pA%2BNdHn2R%2BQ50oRKrH55NbKev01cuMMIVxKD%2FP0gtzC4z2GraoLnwDzAp2GjwnoqDImyOki6T3lS4q7zq6IcYQ9rD7uzndOShgz39Z1BWJ5tREcn4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?fee76d86ac783bb927130bd7dd6d02b5
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
bc7604fcc1f870527646d91d9ee601461b868eea508717cb152ea33453deb62d
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
0f21328c2895022c1e7e3fb3efb347b5
Content-Length
11289
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Fri, 13 Dec 2024 05:07:29 GMT
Content-Type
application/javascript
Server
apache
iconfont.css
dh.spflw.xyz/static/plugins/xmanager-icon/ 		72 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dh.spflw.xyz/static/plugins/xmanager-icon/iconfont.css
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d175144e6d4c1fb3b4f3e2730439a019ea179f3415741a13af0a9b88a34329

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"61a500ac-11fef"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tR1CzjXBmpAZuh5uUj4g5mBFfD0JvYaNhM4rVSe7kHSBGWSSlC6evND66pDNaaT7viaaf5TJzTkTBZhnAghdSqa3rkRNF0K5DG7hvlJ2EitROnOfJvGPMKIENk85vTU%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16029&min_rtt=15163&rtt_var=1496&sent=27&recv=22&lost=0&retrans=0&sent_bytes=14917&recv_bytes=6620&delivery_rate=1894&cwnd=12000&unsent_bytes=0&cid=6869770717a300a2&ts=1371&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:07:29 GMT
content-type
text/css
last-modified
Mon, 29 Nov 2021 16:32:44 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f136e46b995d156-CDG
access-control-allow-origin
*
server
cloudflare
16a48841-b76c-4c55-9ba8-7f8ac27e6e68.png
dh.spflw.xyz/download/2024-12-10/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh.spflw.xyz/download/2024-12-10/16a48841-b76c-4c55-9ba8-7f8ac27e6e68.png
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0a2b3880f49179e91c09dfe2c5cac81095561f04ffeab34b2199e19f3ef5d34

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

cf-cache-status
MISS
etag
"6757e68d-10106"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2abnZMFfouqSntmw9XV59BX1BmZVtm%2FcBaBjPu9mVbfkSHiu47YgbMi7NXg5umU7gr38L2medFMTtSp70qeeuWX3m1fmX5eQBphN2b1H%2BqMobglOT1IQRN1k9q5Ohqk%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 13 Mar 2025 05:07:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20136&min_rtt=15163&rtt_var=3690&sent=100&recv=60&lost=0&retrans=1&sent_bytes=99145&recv_bytes=8665&delivery_rate=8064&cwnd=33600&unsent_bytes=0&cid=6869770717a300a2&ts=1897&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:07:29 GMT
content-type
image/png
last-modified
Tue, 10 Dec 2024 06:58:21 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=7776000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f136e46b997d156-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
65798
server
cloudflare
email-decode.min.js
dh.spflw.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dh.spflw.xyz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675318bd-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uj0efqQsjfZ0Kd5coVVZwIddT0GzAbld%2BoBj5%2FhC2TN44Jg0yD0xa4C35WODhHXCPZf5jsC35FiwslMPaNbehOZ8NsApsgYDHJzFLvuq1wevhZaMj308RawqtBuphg4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f136e46b999d156-CDG
expires
Sun, 15 Dec 2024 05:07:28 GMT
date
Fri, 13 Dec 2024 05:07:28 GMT
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 15:31:09 GMT
server
cloudflare
vary
Accept-Encoding
jquery.min.js
cdn.staticfile.org/jquery/1.12.4/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.staticfile.org/jquery/1.12.4/jquery.min.js
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.124.9.124 Shatin, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
expires
0
access-control-allow-origin
*
x-cache
BYPASS
date
Fri, 13 Dec 2024 05:07:29 GMT
content-type
text/javascript; charset=utf-8
server
nginx
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
layui.all.js
dh.spflw.xyz/static/plugins/layui/ 		255 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dh.spflw.xyz/static/plugins/layui/layui.all.js
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f9af376d21b3b97ba943ab3d07995527f16bf2ec59788b238a3f6838de2195

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"61a500ac-3fca1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=avZtucWq%2FR9dfpQAfhj8Tp8Ytjw587vFeQGdz1cYZwjnYiMhkHpH0bSawrwGiXuFX6yemYeaGAhAUa9GrmI%2B89hncE0mz6ktoKj3xZC9%2BExEHtqE74S%2BKCLpE7qPem0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18251&min_rtt=15163&rtt_var=2510&sent=72&recv=45&lost=0&retrans=0&sent_bytes=66115&recv_bytes=8003&delivery_rate=193688&cwnd=33600&unsent_bytes=0&cid=6869770717a300a2&ts=1729&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:07:29 GMT
content-type
application/javascript
last-modified
Mon, 29 Nov 2021 16:32:44 GMT
vary
Accept-Encoding
priority
u=2,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f136e472a3cd156-CDG
access-control-allow-origin
*
server
cloudflare
style.cssx
dh.spflw.xyz/ 		0
616 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dh.spflw.xyz/style.cssx?_wd=false
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SgJ9jEEWVKiwws0wf2uZMH17zQ3A3qEydZtDiXunbPdm%2FsFDJfgkdak4ZKRGE4bu7UdilzWAx1DHlC3hFz8iM%2FT22pCX7QCirhGnaiGWaUOSyAu1oEy8JcnSrBvY%2B%2F8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f136e472a3bd156-CDG
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=16145&min_rtt=15163&rtt_var=1687&sent=26&recv=21&lost=0&retrans=0&sent_bytes=14278&recv_bytes=6576&delivery_rate=24945&cwnd=12000&unsent_bytes=0&cid=6869770717a300a2&ts=1157&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:07:28 GMT
content-type
application/octet-stream
server
cloudflare
priority
u=0,i=?0
push.js
zz.bdstatic.com/linksubmit/ 		308 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zz.bdstatic.com/linksubmit/push.js
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
58.254.150.48 Guangzhou, China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

tracecode
27252333752835390218121311
cache-control
max-age=86400
content-encoding
br
etag
"674969c8-134"
age
4924
ohc-cache-hit
gz3un54 [2], zhuzuncache58 [1]
accept-ranges
bytes
ohc-global-saved-time
Fri, 13 Dec 2024 03:45:25 GMT
date
Fri, 13 Dec 2024 05:07:29 GMT
content-type
application/x-javascript
last-modified
Fri, 29 Nov 2024 07:14:16 GMT
server
JSP3/2.0.14
ohc-response-time
1 0 0 0 0 0
matomo.js
cdn.matomo.cloud/munvhtcfd.matomo.cloud/ 		135 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/munvhtcfd.matomo.cloud/matomo.js
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:3c00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
af8913dfc6809e356c063d03d09a032b00a97369a85447e06e85b8303bf5cb03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

content-encoding
br
x-amz-version-id
JbIsIajEV0Hby2gCY_TPqwV1mIOWUEvQ
etag
W/"44f4848388dce20961c1ffb5debaeb75"
age
16566
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
OveGpbY_c6s23PSDpe1rsoD_PP9Hg--nqcOcAqH-YrH-2B0oLZcz4A==
date
Fri, 13 Dec 2024 00:31:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Wed, 11 Dec 2024 02:33:14 GMT
vary
accept-encoding, Origin
strict-transport-security
max-age=31536000
cache-control
max-age=691200
via
1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
server
CloudFront
jian2.png
dh.spflw.xyz/static/plugins/xmanager-icon/img/ 		341 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dh.spflw.xyz/static/plugins/xmanager-icon/img/jian2.png
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/static/plugins/xmanager-icon/iconfont.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c3e19c41161546d82b570a3262351a5b767f3f47da47ae9d24ae4e80ae37ec7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/static/plugins/xmanager-icon/iconfont.css

Response headers

cf-cache-status
REVALIDATED
etag
"61a500ac-155"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dcZlT2biUgx5jQj2A4JdLTFMafhd4FStomxclIlFk9pntaTysVpkS5CHpG49Hqg7SP%2FfaolOQVXC9TLxvY0khPATOB4Ula1VJxx49eAeqc4Xma5EpZY2g%2BOkzsLFFiA%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17853&min_rtt=15163&rtt_var=1821&sent=217&recv=76&lost=0&retrans=1&sent_bytes=235699&recv_bytes=9382&delivery_rate=2564242&cwnd=63600&unsent_bytes=0&cid=6869770717a300a2&ts=2074&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:07:29 GMT
content-type
image/png
last-modified
Mon, 29 Nov 2021 16:32:44 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f136e4b3fb6d156-CDG
accept-ranges
bytes
access-control-allow-origin
*
content-length
341
server
cloudflare
truncated
/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9976aef4020c61a36bf4ec7c56747d4f0989658df4a2b8c85dd7068ebc5e13cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://dh.spflw.xyz
Referer

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
matomo.php
munvhtcfd.matomo.cloud/ 		0
174 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://munvhtcfd.matomo.cloud/matomo.php?action_name=dh.spflw.xyz%2F%E7%88%BD%E7%89%87%E7%A6%8F%E5%88%A9%E7%BD%91&idsite=12&rec=1&r=943116&h=6&m=7&s=29&url=https%3A%2F%2Fdh.spflw.xyz%2F%23ne&_id=8b64dba281927a87&_idn=1&send_image=0&_refts=0&pv_id=n9Ejwf&pf_net=61&pf_srv=648&pf_tfr=9&uadata=%7B%22formFactors%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/munvhtcfd.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://dh.spflw.xyz/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://dh.spflw.xyz
date
Fri, 13 Dec 2024 05:07:29 GMT
vary
X-Forwarded-Proto,User-Agent
server
Apache
access-control-allow-credentials
true
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=DD35C3988C6A65C7&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=fr-fr&lo=0&rnd=644096135&si=fee76d86ac783bb927130bd7dd6d02b5&v=1.3.2&lv=1&sn=10350&r=0&ww=1600&u=https%3A%2F%2Fdh.spflw.xyz%2F%23ne&tt=%E7%88%BD%E7%89%87%E7%A6%8F%E5%88%A9%E7%BD%91
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Fri, 13 Dec 2024 05:07:29 GMT
Content-Type
image/gif
Server
apache
s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://dh.spflw.xyz/
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.47.188 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

Date
Fri, 13 Dec 2024 05:07:31 GMT
Content-Type
text/plain; charset=utf-8
Content-Length
0
laydate.css
dh.spflw.xyz/static/plugins/layui/css/modules/laydate/default/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dh.spflw.xyz/static/plugins/layui/css/modules/laydate/default/laydate.css?v=5.0.9
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/static/plugins/layui/layui.all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2d89fa77cce98cdbcfc391fb1f62c8de16a72971e782dce38a27d4a433275c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"61a500aa-1d71"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qUTfp0kAuCRM%2B7i9EtNZnYETeSyGqhV%2FRMEQhXc74YesllX6dIg4bSeHAyMMf07hzJnVFv4BLiLU7ifCxWDHfJhULs9WRV5n06zxC1DXGhNkERJtEMg7bUc5XT3aduE%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17637&min_rtt=15163&rtt_var=1798&sent=221&recv=80&lost=0&retrans=1&sent_bytes=236809&recv_bytes=11020&delivery_rate=50461&cwnd=63600&unsent_bytes=0&cid=6869770717a300a2&ts=2989&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:07:30 GMT
content-type
text/css
last-modified
Mon, 29 Nov 2021 16:32:42 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f136e50ef89d156-CDG
access-control-allow-origin
*
server
cloudflare
layer.css
dh.spflw.xyz/static/plugins/layui/css/modules/layer/default/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dh.spflw.xyz/static/plugins/layui/css/modules/layer/default/layer.css?v=3.1.1
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/static/plugins/layui/layui.all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f01a58452e90d8141dccdbc5be2fabc6afb6751c36330f2c1a6f032937c9580

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"61a500aa-3859"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fdt6G1sdL1Uy7OTsMUyV24xNphKo9tlsmaBaA0FQBhyKVwlSDFcCEiwWgjrpy5IxHzgacQlZDrGjRHyWe9RU48OifxxSJp6EBJKaLtUEYsynbpAhJHFTEu9UQb5VT%2Bw%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17347&min_rtt=15163&rtt_var=1930&sent=225&recv=81&lost=0&retrans=1&sent_bytes=240716&recv_bytes=11065&delivery_rate=4644&cwnd=63600&unsent_bytes=0&cid=6869770717a300a2&ts=3017&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:07:30 GMT
content-type
text/css
last-modified
Mon, 29 Nov 2021 16:32:42 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f136e50ff9dd156-CDG
access-control-allow-origin
*
server
cloudflare
code.css
dh.spflw.xyz/static/plugins/layui/css/modules/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dh.spflw.xyz/static/plugins/layui/css/modules/code.css
Requested by
Host: dh.spflw.xyz
URL: https://dh.spflw.xyz/static/plugins/layui/layui.all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.235 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed2631e9437ede59e180b14a24010ae12cc053fdd733cfe665c1692ff334a158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dh.spflw.xyz/

Response headers

content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"61a500aa-427"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wzFo6A88NPy9kd9Y3QxhDuP%2FjHmDl1nWz90Pw28t9qFLgk7S6%2FSIOenFVMlyRRF5HJ6gJFQJfuh2Ax6hKhRzDfqiic6O%2B2BXO%2FVaLPuMOVf5M1U0HNNA3ykUrv%2B0rv8%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17637&min_rtt=15163&rtt_var=1798&sent=224&recv=80&lost=0&retrans=1&sent_bytes=239546&recv_bytes=11020&delivery_rate=50461&cwnd=63600&unsent_bytes=0&cid=6869770717a300a2&ts=2999&x=1", cfExtPri, cfHdrFlush;dur=0
date
Fri, 13 Dec 2024 05:07:30 GMT
content-type
text/css
last-modified
Mon, 29 Nov 2021 16:32:42 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f136e510facd156-CDG
access-control-allow-origin
*
server
cloudflare
favorite.ico
dh.spflw.xyz/static/
Redirect Chain
  • https://dh.spflw.xyz/favicon.ico
  • http://dh.spflw.xyz/static/favorite.ico
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dh.spflw.xyz
URL
http://dh.spflw.xyz/static/favorite.ico

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _paq object| Piwik object| Matomo object| matomoAbTestingCampaignUrlParamList object| AnalyticsTracker function| piwik_log boolean| _bdhm_loaded_fee76d86ac783bb927130bd7dd6d02b5 object| _hmt function| $ function| jQuery object| layui function| lay object| layer object| jQuery1123007634465073141117 function| randomColor

8 Cookies

Domain/Path Name / Value
dh.spflw.xyz/ Name: JSESSIONID
Value: D2C967D4FD6810B509527F9F3224DCBF
dh.spflw.xyz/ Name: _wd
Value: false
dh.spflw.xyz/ Name: _pk_id.12.95a2
Value: 8b64dba281927a87.1734066449.
dh.spflw.xyz/ Name: _pk_ses.12.95a2
Value: 1
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: DD35C3988C6A65C7
.dh.spflw.xyz/ Name: Hm_lvt_fee76d86ac783bb927130bd7dd6d02b5
Value: 1734066450
.dh.spflw.xyz/ Name: Hm_lpvt_fee76d86ac783bb927130bd7dd6d02b5
Value: 1734066450
.dh.spflw.xyz/ Name: HMACCOUNT
Value: DD35C3988C6A65C7

1 Console Messages

Source Level URL
Text
security error URL: https://dh.spflw.xyz/#ne
Message:
Mixed Content: The page at 'https://dh.spflw.xyz/#ne' was loaded over HTTPS, but requested an insecure favicon 'http://dh.spflw.xyz/static/favorite.ico'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.matomo.cloud
cdn.staticfile.org
dh.spflw.xyz
hm.baidu.com
munvhtcfd.matomo.cloud
sp0.baidu.com
spflw.cfd
zz.bdstatic.com
dh.spflw.xyz
103.235.47.188
172.67.208.235
18.195.235.189
183.240.98.228
2600:9000:266e:3c00:c:7d55:b3c0:93a1
2606:4700:3033::6815:4d56
27.124.9.124
58.254.150.48
0e2d89fa77cce98cdbcfc391fb1f62c8de16a72971e782dce38a27d4a433275c
10f9af376d21b3b97ba943ab3d07995527f16bf2ec59788b238a3f6838de2195
1f01a58452e90d8141dccdbc5be2fabc6afb6751c36330f2c1a6f032937c9580
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4c3e19c41161546d82b570a3262351a5b767f3f47da47ae9d24ae4e80ae37ec7
54d175144e6d4c1fb3b4f3e2730439a019ea179f3415741a13af0a9b88a34329
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
9976aef4020c61a36bf4ec7c56747d4f0989658df4a2b8c85dd7068ebc5e13cb
af8913dfc6809e356c063d03d09a032b00a97369a85447e06e85b8303bf5cb03
b6620cea2c75ca26954c357bb1043f45711fcdf3721b480a7859678cb1cf3791
bc7604fcc1f870527646d91d9ee601461b868eea508717cb152ea33453deb62d
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed2631e9437ede59e180b14a24010ae12cc053fdd733cfe665c1692ff334a158
f0a2b3880f49179e91c09dfe2c5cac81095561f04ffeab34b2199e19f3ef5d34