Submitted URL: https://5555587.com/
Effective URL: https://https.4444492.com/?5555587.com
Submission: On July 22 via api from US — Scanned from US

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3031::ac43:956d, located in United States and belongs to CLOUDFLARENET, US. The main domain is https.4444492.com.
TLS certificate: Issued by WE1 on July 13th 2024. Valid for: 3 months.
This is the only time https.4444492.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 39.156.66.111 9808 (CHINAMOBI...)
18 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 14.215.183.79 4134 (CHINANET-...)
28 6
Apex Domain
Subdomains
Transfer
18 49tu.net
res.49tu.net
1 MB
4 baidu.com
libs.baidu.com — Cisco Umbrella Rank: 134886
hm.baidu.com — Cisco Umbrella Rank: 8226
46 KB
4 118x.net
s31.118x.net
46 KB
1 servers01.com
ws2.servers01.com
643 B
1 4444492.com
https.4444492.com
17 KB
1 5555587.com
5555587.com
2 KB
28 6
Domain Requested by
18 res.49tu.net https.4444492.com
4 s31.118x.net https.4444492.com
s31.118x.net
3 hm.baidu.com https.4444492.com
1 ws2.servers01.com libs.baidu.com
1 libs.baidu.com https.4444492.com
1 https.4444492.com
1 5555587.com 1 redirects
28 7
Subject Issuer Validity Valid
4444492.com
WE1
2024-07-13 -
2024-10-11
3 months crt.sh
118x.net
WE1
2024-07-18 -
2024-10-16
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2024-07-08 -
2025-08-09
a year crt.sh
49tu.net
GTS CA 1P5
2024-06-03 -
2024-09-01
3 months crt.sh
servers01.com
WE1
2024-07-02 -
2024-09-30
3 months crt.sh

This page contains 1 frames:

Primary Page: https://https.4444492.com/?5555587.com
Frame ID: 93C912CD9F51D09F9C0D0E8BE438DE95
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

红双喜网

Page URL History Show full URLs

  1. https://5555587.com/ HTTP 302
    http://https.4444492.com/?5555587.com HTTP 307
    https://https.4444492.com/?5555587.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

28
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

1617 kB
Transfer

1758 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://5555587.com/ HTTP 302
    http://https.4444492.com/?5555587.com HTTP 307
    https://https.4444492.com/?5555587.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
https.4444492.com/
Redirect Chain
  • https://5555587.com/
  • http://https.4444492.com/?5555587.com
  • https://https.4444492.com/?5555587.com
74 KB
17 KB
Document
General
Full URL
https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:956d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b613bdf85eb1f478311c687b1a019f6d554bc45dd34a3832276538acf8620be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private max-age=300
cf-cache-status
DYNAMIC
cf-ray
8a6fcc342f2a187d-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 22 Jul 2024 01:53:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BfKYXyKWGyp3qdfcPUq3BrEbjzXJ0cEra67ByyehczfMNjFEG7gg9uab5x7MJuRss%2F9V6vWl64Esok5f19estuxexhHySE1vIUdVPLPfoNO29N3wUgWaenJZkJL3wGKX6Fp4gxI%2Fs1wFiW%2FUHOU2yg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Location
https://https.4444492.com/?5555587.com
Non-Authoritative-Reason
HttpsUpgrades
style.css
s31.118x.net/assets/css/
17 KB
4 KB
Stylesheet
General
Full URL
https://s31.118x.net/assets/css/style.css?v=0.40
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:6e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54dda2c870559f1f6f7586a833809212cd5a40994081200707cadca1bec1a494

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
status=cannot_optimize
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 12 Mar 2024 15:07:18 GMT
server
cloudflare
etag
W/"65f06fa6-423e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=unsLEIOeHdfOsA%2Fu%2F4ghZKpZBjgOvcle3ScXMAfCLYhjdqmrf3EY3l2vh7oghiPX3bdTMq2sMYyvjGsUKd4RIANp2tc9hAOF%2FNicxTNwm%2FqGPlqi6RPvwTVm7UKlLWQrJ5eS4evw%2B5fUDjU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8a6fcc370ea88cdc-EWR
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Mon, 22 Jul 2024 13:53:33 GMT
AnimalsHelper.js
s31.118x.net/assets/js/
9 KB
4 KB
Script
General
Full URL
https://s31.118x.net/assets/js/AnimalsHelper.js?v=0.40
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:6e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea603c6a486e9e9517abaa0a69dd7cf7b3ccccf95b35d3d56a0900cc5dd76c86

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:33 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=12544
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 08 Oct 2023 15:55:02 GMT
server
cloudflare
etag
W/"6522d0d6-3100"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDJbtTwsjHpNBb%2FKVH9FxhtiHYZfr9OLhGUq1cC0Y9lcjjLZJaWdZ4bnCYOPsQODCR6O2dWX9a7weoqb%2BaN00FMd2Itj4cR4BqwTiDLrg%2FkOaJ%2BcGRz1XGgmQ%2FrgN%2FrGipvgV11Se%2BOSEV4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8a6fcc370eab8cdc-EWR
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Mon, 22 Jul 2024 13:53:33 GMT
jquery.min.js
libs.baidu.com/jquery/1.11.1/
94 KB
33 KB
Script
General
Full URL
https://libs.baidu.com/jquery/1.11.1/jquery.min.js
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
Apache /
Resource Hash
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
Security Headers
Name Value
Strict-Transport-Security max-age=87600

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:53:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=87600
Last-Modified
Tue, 08 Jul 2014 03:05:51 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Wed, 21 Aug 2024 01:53:34 GMT
57header.jpg
res.49tu.net/com/
76 KB
76 KB
Image
General
Full URL
https://res.49tu.net/com/57header.jpg
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38a08fb3426270d6eb769f0dfd3a59330f3ed63278592e684dd4b7bf765cb80

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:33 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Jul 2023 07:15:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64c4bc87-12f4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnRr38talBNIi1NxiAXRxVt%2BKpi2xzHJ9n0cq7aPYrVlU4SQ5cLwrFCkJCd%2FeckO6zih3c4AntxsbvBuNuyStlShqGA%2BEnbXXq7SXwSZNCfp%2B1kf0cQetVgH3NKY4%2FoL%2B3YNJFROTzLE2lc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc36fe988c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
77643
expires
Wed, 21 Aug 2024 01:53:33 GMT
57gsb.jpg
res.49tu.net/com/
50 KB
50 KB
Image
General
Full URL
https://res.49tu.net/com/57gsb.jpg
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b5fd1ccaab2cda7fc004ec01cedb0dd0183b8956170861edcbf1779da99fdbf

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:33 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Jul 2023 07:15:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64c4bc87-c712"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8UDiAfcWZXcvmN2dm2aF8IlXgSIURP%2BZ2vkR0E3TJh54kbY12JVnqizAf8zQfAsCr6708Sljbd6Q%2BUKYKW%2BYl0xqLqqcIybFplkpG3Xnj85JwNy87bnok7rBrfkFd%2F3c6DnO5rrUQqFvjrk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc36fe9a8c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
50962
expires
Wed, 21 Aug 2024 01:53:33 GMT
57jht.jpg
res.49tu.net/com/
49 KB
50 KB
Image
General
Full URL
https://res.49tu.net/com/57jht.jpg
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b714571dc23db70212001bb38327127c97e61cafce1cbbe389ac86bae81e352e

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:33 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Jul 2023 07:15:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64c4bc88-c5a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqkSJJdL8p6CusBNT%2B5IGT3IlGKzGfqtcssoQFeew320BOUBDNKSdtLzAjSCrrmA8hmeKXprey12VFqq0EA6512ShzTAZc5zkGkezDVf840DzBdBAvRXd55mYfDvKCKKYrX5PKMHhNdRVD8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc37ef628c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
50596
expires
Wed, 21 Aug 2024 01:53:33 GMT
redbag.gif
res.49tu.net/pt/
21 KB
22 KB
Image
General
Full URL
https://res.49tu.net/pt/redbag.gif
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd6063eb290aca837588b66afb9264d7bfa62b76f48605b9573fef286642d32

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 12 Mar 2024 14:34:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65f067d8-5446"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qDc640JIXsgrDFS5pWm94ZZrtCEVkNbmyA85bqbivdzF3JzqQfGKF4NjbMmCSKtkpYXXczFUPxx9s8%2FstHyRMpNBj5qq4YXuQvNJkFWpDM%2B5jLyTVCHHI7tMFSY%2BmqhpzwVYx6fdTLZY%2BmY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45aed78c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
21574
expires
Wed, 21 Aug 2024 01:53:35 GMT
049click.gif
res.49tu.net/img/
36 KB
37 KB
Image
General
Full URL
https://res.49tu.net/img/049click.gif
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac32a495fbb3354ecfbf8118c84587fd84b123bf89f7df59e76e567ef70e6de7

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 21 Jul 2024 06:15:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"669ca79f-9031"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4fdw74EDHfJGOpINzdUtjJsLREb%2Blnt7ozY2n2AoLc7NwSoFSQCmme9Ze2Z1rGEtX14VsA5yTP8fjtn3TSWFG4ihZe7uHS710KTAz29j6qx5On4jEIQ5YpYeDl87L6pbCibYMgYBSEyJqIA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45aeda8c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
36913
expires
Wed, 21 Aug 2024 01:53:35 GMT
57bj.jpg
res.49tu.net/com/
26 KB
27 KB
Image
General
Full URL
https://res.49tu.net/com/57bj.jpg
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0617b592ae982093afe364d285410de5fe9b7bb7d16b1289b28353dbaa31c2b

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Jul 2023 07:21:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64c4bde4-68aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DY%2FsSFbCRcmOe4K2xinyOMXEa9hAt%2BLMUu%2FhuDGwythlNImdtPsjodF9sMr3LIHzDbRqSqXN9bGvriH3ZFuYUtX%2B%2BUH8nnVYkeoOjA2G5DvvaZkRTI9m5eHeWtdO3eUmAuYZveKpyvB46Z0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45aedb8c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
26794
expires
Wed, 21 Aug 2024 01:53:35 GMT
gac800x200.gif
res.49tu.net/pt/
74 KB
75 KB
Image
General
Full URL
https://res.49tu.net/pt/gac800x200.gif
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4369efe2210edfc5b9aaccd03d925b6e8c5a823ff51c4d25c57b486339d8d1

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 12 Mar 2024 14:33:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65f067d4-1287b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cTHX%2FSgCcx9YrTpaNqMGr3%2BI6OrEEae2%2Fk%2Fmp9x6bA4Fnh7eZFp0lPSA6xZa4FlvNo%2FPDUaQUtdq3xHYWO3mFKYVVXfnQnht%2FwIz%2FCYG1mMNDEvWpFM7prw%2FlCV1DRjRq6vbWJ1XTYkBEJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45df128c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
75899
expires
Wed, 21 Aug 2024 01:53:35 GMT
app049.png
res.49tu.net/pt/
16 KB
17 KB
Image
General
Full URL
https://res.49tu.net/pt/app049.png
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
183441761d3cc8699bd30a5a670d51cbdd71f64bbd47f6f07fc5c89a432dfa22

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 28 Jan 2023 15:26:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63d53ebc-412a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwoNenjpBZyLJKn7rV1VEuhpaPpovWO4RN9WOjRXMSyClgwfDoEQSPO085G5HLA0Zjuvb3Y6lWbvHadePxy2A%2BAzkxcsye76fQLOcJTZZBHr0HcGSyITx9a1sAUFyXjbrb9gRE7xAYB0eE4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45df158c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
16682
expires
Wed, 21 Aug 2024 01:53:35 GMT
star.png
res.49tu.net/img/
5 KB
5 KB
Image
General
Full URL
https://res.49tu.net/img/star.png
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02de150032a6bc397b93a5fc85cca8b7679a9a91be37df0758769f2ab507a668

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 17 Nov 2020 04:28:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5fb35188-13e3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yX1O%2FcCB5d65aognn0RRVNpquIS2vRJ3HGazOGQlOvX6lp61ZO%2B%2F6bY0eH4Qnto%2FwtE%2BSir0DsZtRdUeucOuFH6kPEKgJjxttGxFL9fsDuL6GjixfSLSOfsJIebtuu8nWwPsdn34bceCn%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45df168c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
5091
expires
Wed, 21 Aug 2024 01:53:35 GMT
rz.png
res.49tu.net/img/
5 KB
5 KB
Image
General
Full URL
https://res.49tu.net/img/rz.png
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dccc8e91b78ba7b840a47fbcedc06638b698a601da38c30014878c38a8cad35d

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 17 Nov 2020 04:28:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5fb35186-127d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eriPFvbqvnlhYOqeyObBzTQkOZkNmpXYDZCatjdGeDUGIff8EcSqoL0nPiX6r%2FSm5sUpNUoM0BprPboBEg9SNJ%2F1kJ%2BAtfZwrouCwkMo4JBs55m5YHdc3ChFQLVfP%2Fhqy6hV4zpoT3HCX%2FE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45df178c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
4733
expires
Wed, 21 Aug 2024 01:53:35 GMT
az.png
res.49tu.net/img/
4 KB
4 KB
Image
General
Full URL
https://res.49tu.net/img/az.png
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f86361830013708a83bb8ae824db42b8b05dcd33c95d3d0394ee2ff1e4985d55

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 17 Nov 2020 04:28:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5fb35187-fbb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F2F36Ycr51g8OM7x648%2FGRnM792Yja2HbkQ3qgR%2FBKnRj9LrXvzJjmUE7yF5R7uCDKHqHGRhr9IwgprKYo8N5XUrNYpZe80%2BYs48OwSlsPOpfPj1z3rUuI73dXdNDdcn%2B32udz40E3lQLbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45df188c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
4027
expires
Wed, 21 Aug 2024 01:53:35 GMT
ios.png
res.49tu.net/img/
5 KB
6 KB
Image
General
Full URL
https://res.49tu.net/img/ios.png
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe7c24791c3dcb0e27fb33b8970960b39e4fb40127f1d21ce642219b1c9dcc1

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 22 Dec 2022 03:52:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63a3d46f-14de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WB95Pmlm7oySJE0NPh8TDjOV0tO48%2B0rviQxVutzGmCBpzgd%2BwRyJSkkGQCB26Oz3fEy5Lh8DUlT2m7BC0eOBkOxskjfxQT3ftSMRidXNH%2F28NNJBzf%2F1MfAvtFp4rdhJJH0ZqWdPXeDl48%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45df1a8c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
5342
expires
Wed, 21 Aug 2024 01:53:35 GMT
web.png
res.49tu.net/img/
3 KB
3 KB
Image
General
Full URL
https://res.49tu.net/img/web.png
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59563fd050c2c64916c411e9ffd48319f02ae4ca5e4024a649cc7e51d1062bc5

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 17 Nov 2020 04:28:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5fb35186-b73"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c5DhQ33qcoQkerjr%2FCLPfjLCSK97Mkt71Jn5oLdV4632dvsJez%2BaXR33EqXkEuXza4J5gOIFUi17oFlOhqPkTm0uNXII1EHxDvlCqN38yfYEKpVCplomJZCtgSy9IIiezisJExraWxyOPDY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45df1c8c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
2931
expires
Wed, 21 Aug 2024 01:53:35 GMT
am_kj.json
ws2.servers01.com/
75 B
643 B
XHR
General
Full URL
https://ws2.servers01.com/am_kj.json?1721613215645
Requested by
Host: libs.baidu.com
URL: https://libs.baidu.com/jquery/1.11.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:83cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93584e65b1d94e58b1344217458e92a84b117bea25dd51329f9f2563616d08cd

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 22 Jul 2024 01:53:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"669dbb9c-4b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GyS2RqCUhBNavUjw2u5IDXLM%2BK3e2YLuKLhk3A2ZtEuFiu2Rg6eCxLGG53dvLDTSVCxSVjbqI60NIeNASOIq8oVG3OLu86TH73azrb2h%2F5rgcJztA6jpKhVr2N2GW1irjza8OJiuPQlnG012Tc1pUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8a6fcc46cc24c402-EWR
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc
h3=":443"; ma=86400
gac1000x300.gif
res.49tu.net/pt/
117 KB
117 KB
Image
General
Full URL
https://res.49tu.net/pt/gac1000x300.gif
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8302a56a865f3329d222a10c0b83009ef56f39fe32cffea3effc1956035c7fd

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 12 Mar 2024 14:33:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65f067d3-1d3e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1uWXFGEt0tjKdyqLp1s8CTM6G%2FMHS8CQnY0WzwDWcRoAzaTruCDY9c4algzshc34BwqKOokK%2BGZuuznZuw6sGsFb4WaoaqairrY8MJWFHSm3RNed4Dq%2BwIFsjASUgE9PuTzMUtDSDG4jD1s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45ef1d8c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
119777
expires
Wed, 21 Aug 2024 01:53:35 GMT
w100_1.gif
res.49tu.net/pt/
463 KB
464 KB
Image
General
Full URL
https://res.49tu.net/pt/w100_1.gif
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb23b51670d5391590d846f6e2f732606d7f86b9e5743fad873dc6986122b7c5

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 12 Mar 2024 14:33:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65f067d7-73d5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9D99gk9QIhJSlNiW0fj6ovVhU6AYABiXRclMqk50XGXc73YHLqFJB2zzJefaNbOI9GlqXEsThez1rMqLkK9blxsnSOYoHxNWLMTotqAPAf8c1bf7DfAA8kJI3vBLHCFx%2FyP8mJhPgL02IXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45ef1f8c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
474460
expires
Wed, 21 Aug 2024 01:53:35 GMT
w100_2.gif
res.49tu.net/pt/
358 KB
359 KB
Image
General
Full URL
https://res.49tu.net/pt/w100_2.gif
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a214d54e13dd83309ccee41baefe02222ec97e2974c4100c5f94a7861c2a7cb4

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 12 Mar 2024 14:34:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65f067d9-599b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbB%2BmhJ2qFTAkuKEQL%2F3%2BQ%2BNL4Hl9Chy5ce4mhe760uJiKcbBnA%2Bw5txW292FH0LQo5UTVjLArocVK4v2Sj%2FAqqjzH7k00QU9%2BwLDGZaKPuwhHCSxhPLK%2B58Cli%2Bl3W7OOYK%2F%2BoIReyMLzo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45ef248c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
367029
expires
Wed, 21 Aug 2024 01:53:35 GMT
w100_3.gif
res.49tu.net/pt/
175 KB
176 KB
Image
General
Full URL
https://res.49tu.net/pt/w100_3.gif
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e43db417dfb22eb02d1f9a8062bae90d4b0d4ee9add81dc52ca537a62f397388

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 12 Mar 2024 14:33:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"65f067d0-2bcae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hK%2Br9qUJLTnElHSzpFLKSQZBge1WqW4POg7tDFtbwYaPZTWLaSP7ypukmj%2BJMOADJs%2FsRHmMRQk8AXkh1shrLtMWoVOUX3TlI8EwJKR6Siq%2BZAaNpSZR4iUIc6V0RckfijXJCtE8x8aYvnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45ef278c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
179374
expires
Wed, 21 Aug 2024 01:53:35 GMT
gac800x100.gif
res.49tu.net/pt/
14 KB
14 KB
Image
General
Full URL
https://res.49tu.net/pt/gac800x100.gif
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:cfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b748845e9f3c308e694e266e239955053556fe63e19b117f2450bdc875a2864

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 29 Jan 2023 02:05:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63d5d456-3623"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqCg0izF9RVb9iI08eFSGx%2FMsdBJluiTjb5qtC8ku1nuTbQWv%2FY6zUDXrkzl4nZi7HmoGl9xN3zn9h8bss1l%2FjJxDMXQCPypcbC3k8rgkNXEZ6PhOBbc7mr1YWBvsPBD6peFJl%2FF6ozfqj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc45ef298c7e-EWR
alt-svc
h3=":443"; ma=86400
content-length
13859
expires
Wed, 21 Aug 2024 01:53:35 GMT
hm.js
hm.baidu.com/
0
175 B
Script
General
Full URL
https://hm.baidu.com/hm.js?b91587263f5bb18dfa321d47947115e2
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:53:36 GMT
Strict-Transport-Security
max-age=172800
Server
apache
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?5beb5dad244a9961dbefd11051c23af4
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
6215e10a3f94fc97b1d5a1d25c0997adee54a152cab3d111215a81c99961e327
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Mon, 22 Jul 2024 01:53:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
4bef6b62b3ef9e6f9a59afee2cee50c6
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11297
sprite.png
s31.118x.net/assets/img/
33 KB
34 KB
Image
General
Full URL
https://s31.118x.net/assets/img/sprite.png
Requested by
Host: s31.118x.net
URL: https://s31.118x.net/assets/css/style.css?v=0.40
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:6e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63e8320aca132017ad1d727c159c99c9b8e5eba7a58098493926b9e68d7485e4

Request headers

Referer
https://s31.118x.net/assets/css/style.css?v=0.40
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:35 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
34296
last-modified
Wed, 07 Jun 2023 12:52:56 GMT
server
cloudflare
etag
"64807da8-85f8"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IY3yfRbErBr6a31wkqm9uCUtAWpqeRMV9kCvxIdkyovldljW%2Fuam1fMwp1qJeQnm3Wm7xUs4J5OQ39HB3fyatDJpdP3x180vvi4kf3iRKp5p67IRivC7J70gVU0goBjjO1027NYZj7w9GFE%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6fcc46482c8cdc-EWR
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Wed, 21 Aug 2024 01:53:35 GMT
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?hca=24100B03BDC7A2FA&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=527539121&si=5beb5dad244a9961dbefd11051c23af4&v=1.3.2&lv=1&sn=8767&r=0&ww=1600&u=https%3A%2F%2Fhttps.4444492.com%2F%3F5555587.com&tt=%E7%BA%A2%E5%8F%8C%E5%96%9C%E7%BD%91
Requested by
Host: https.4444492.com
URL: https://https.4444492.com/?5555587.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 22 Jul 2024 01:53:37 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
s31.118x.net/
4 KB
4 KB
Other
General
Full URL
https://s31.118x.net/favicon.ico?v=0.40
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:6e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d1c4ddae1c10f2adb48fe23cceace480236c0d09b91ac7ebc6c64c4c3ba15b

Request headers

Referer
https://https.4444492.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 22 Jul 2024 01:53:37 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 07 Jun 2023 12:52:56 GMT
server
cloudflare
etag
W/"64807da8-ef3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/x-icon
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1UHbBJSFbM1WDKF2bkO9TKANHD%2Fa5FuUWHIabyORDYbpgWQWW3ItI8SWiUy3%2B0l5DyRYYpyHDL7DMs8jnE9Wms6Ax%2BuOz3kfc31SWsR%2BzBAYJhtbIRx2IF9YJXNnBWf4mVBdWOMMNMX3J6E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8a6fcc4f9a7a8cdc-EWR
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| no string| site_id object| lunarInfo object| Gan object| Zhi object| animalNumberArray object| boseNumberArray object| xiaoWeiNumberArray object| teMaTouNumberArray object| Animals function| get_ganzhi object| gzwxArr function| get_ganzhiwx function| lYearDays function| leapDays function| leapMonth function| monthDays function| lunar function| $ function| jQuery object| domains_pt string| ptUrl string| pt2Url object| obj number| ot object| myDate number| cur_year number| cur_month number| cur_day object| adArr string| ad_stime_str string| ad_etime_str string| live_etime_str number| ad_stime number| ad_etime number| live_etime string| global_time object| txtstr number| num string| site_type object| B object| _B function| getWX function| getXIAO function| reloadEffect function| initKJ function| showBall function| in_array function| copyArticle object| _hmt number| year boolean| _bdhm_loaded_5beb5dad244a9961dbefd11051c23af4

11 Cookies

Domain/Path Name / Value
5555587.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImlqekYwZDJnU1NSemIwbzFiMytMZVE9PSIsInZhbHVlIjoiN2JnaDdDdld0TFJ0L3BXMFRlOUpJUlZCeCtwUGFLSU1ka3k3TmdjWlNGa1ZUc25wRkZZK3JaRE5GWWZibDNRV3NZZHlGMWoxeHlPenNKNlZDeWFEdU5aNmRmSWZVRFF4alZuS2hrcHJLYVo4NTRxZTVQSE0xSGxZQ3AxSG14RjkiLCJtYWMiOiI3ZjExY2I0ZGEzMTQxMzE3N2E4OTM3N2U5ZjUwOTMzMDZlZjVlYmJhYmNkYjk4ZDBkNjhkNDIwZTE2ODI2M2ZmIiwidGFnIjoiIn0%3D
5555587.com/ Name: 118x_session
Value: eyJpdiI6IllsT3FSd3M3SWUxTi92bzFJRTVhcXc9PSIsInZhbHVlIjoiUUQzcnQ3dGRUdnlZSHd5WkhRVUZyM3hhUmpOVktKWXlUZlUrb2IvVjBxUmZSL0lnd3RjRzdPTlI1M2huQUVzaTViNUp3RjFhbTRrZFg1ck5YS1hPdlFRSU5pZURiWHdNMXozUkVxMmY1Q3RnMS9vZnAzWnNBSit3MkJyRzZsMHUiLCJtYWMiOiJjY2I5OTZkNWIyM2YwZjZlYWZjNGJmZTFhNGMxNDM4ZTcxYTBkNmZlNzVjYWNhNTU4NzE0MGJiMDU4MDUwNDA4IiwidGFnIjoiIn0%3D
5555587.com/ Name: cURUwwWBvxVCSVzJKv5Ljnu1ze8ibhQbZAbNlyF3
Value: eyJpdiI6IjdkdHlKMVp1aHk4WFVWWGpjR09oZlE9PSIsInZhbHVlIjoiY0Q5QlA3U1BlbytTSVR4VGR3R2tqbVM0V3hFa2svV3JTbnVRN2JwOFJWMjhQN3ZzVk0vQzNIYklMRitFNE9oQ0VKSDFaVlJ5YXdjQUNSd1ZqZmRiN1FCb3c2TW5pU1ZuN0F1TzZsWG0vYkxOUGhRNGtTTFlSSW1iVXc3aEZCeXhLbk1HWXpsMDZHQm9FUnlmQVc3Sk5zejA2c3VaZ2ZjdkJRUXVUeGt5dHp3VVV2alQrL1pHM1FEY1ZDQWY2dGc4bStJWkF3eG4rNHZiMTllOUhhRzI1RUtxUkRpTjg4RUhzdE5aNXJJeWhtU2FwTWErdDhyUWpnVEFDNnNQUXBKZkVtYWVBeXJ2VVVFNnBoYkVGTGpERGVrSSswWXJDc05FMlRITXk5cXFGVVZNNG5mbmJ3ZDV0TEtjaGRETStWbGpudTNNOVpOeDZ5QnJ3ckFWeEx1U2NZTmtIS0dma1RrUVlvUzFwZ1RiOVRFPSIsIm1hYyI6IjIxNDZhYzJlZDljZmIzMjhiODc3NjkzOWJmMDc4MjAyMzRlNTk0MGQyM2Y5YjU4OTNiNWQ3OTIwYjdmNzkzZmYiLCJ0YWciOiIifQ%3D%3D
https.4444492.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlJ4cGprdTNmT2h1WFFYWGNVckhGZ3c9PSIsInZhbHVlIjoiM3Jja3dLNlprYW1ORjZyODMvSTJtb2VucU9MT1V4aUtZU3NPTWdCblNsUWNTbkx6bkVQRnFhNERWRlJMM0dhYTdjeDJyNWxOQ0JxbnVVMnNJUEFPL2tUZEIvZkI2b1BISnIzY2NOa2xLZlpHbXIvVjRSSEk4clhOdGVtNzduUUoiLCJtYWMiOiI4NzMyNmRkMzlkNTM4YjZmNTZkYWRkOGViM2JiMzMzYTY3MzMwNWUzYjE1MTk5ZTRiNjczMTNkNTNmZjg3OWM2IiwidGFnIjoiIn0%3D
https.4444492.com/ Name: 118x_session
Value: eyJpdiI6Inh4Y3RHVDgrU0dIa3UzQVhCSlE4K1E9PSIsInZhbHVlIjoibDJidUtmZkFaSW53Qm5zdGk2TEZ6a285K2JvdnUxQWRvcFBtempRWkpaQmFFZlRVL3RyZUFOd25KM1JjWWVHYnh1cE1hS2UvbHNLbEhJVk50ekF3dW84REgzQkRHZmFycVoxRFFza3lianBWVGZDaHlVbnZtY0RjMngxenQrNHMiLCJtYWMiOiI3MjQ4ZDM2YTY2MmMzOTBkZGU4MzVkODQ5NjYyN2Q5ZjY0NzU3NzU1N2IyOGQ5YjgzYmIyMzFmZmQ1OGMzYzk2IiwidGFnIjoiIn0%3D
https.4444492.com/ Name: VpzvlN0fNCHBwH3fhKZFwRxi1YtnUAYb5p1fV7Zo
Value: eyJpdiI6IkpSQ1lGY3crYW5uZHlsRTU2WlV3SEE9PSIsInZhbHVlIjoiZjdmbVErc0ZLT1dPUkY4MEhVL01qQ3R3Q1ppTXZ1RWl5STdUMVEwWDNJVEJzOENBRmErV2ZUOGhoaTVmbVdKaUNabE9sOUd5b2xMY2J1QkFaK01PMW10a0JvamZ1V3lndWkzZzE0OUxrTnpPNVhkUlkxL29sTDJRSCtacmxaYVZRQ2hPR0dPbXFuUEhCejhZS3NiUTRzRXA3SVB3aU8yZ0NreEh2Qyt2RW11ZHBWek9OaFIvcEozY2JDWTcwcFcveER1ay9EbjJxZVhGK1RmUStVazd1NnVDVlQ0d0IwUE9DTXM4Y1JPci9sMWFGMzhEMkxmWVRoeHRpQStQQ2o3c3dsNVZSUlkyb3RpWmpaeDVYUTM3OWx3b0hxb0FlbjhjYng3QWFQUDdVTDFCb3AyWHZVUytsSlZSVXNyWlNWT3cveklCcG5MVGdYR29ZZWw0eDA3azBXOVZ0RVdVUGk3NDZHTUVCbFBENkFDcFVaWm50azRuY3NLZ091elJCc3lMcWhFdmZJU0p6TDB3L00yNDNzUXh4QT09IiwibWFjIjoiMWNjMTJkMjk3MGIyMWE3OTFkMWI5ZWYwZjY5YTZkYzE2MjY2ZDY5OTNjODM2M2YxMTc1NDU2NDNjYjljZThiZCIsInRhZyI6IiJ9
.baidu.com/ Name: BAIDUID_BFESS
Value: 13CD961DCCD22D9A7AC4AE0C4B44DCCA:FG=1
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 24100B03BDC7A2FA
.https.4444492.com/ Name: Hm_lvt_5beb5dad244a9961dbefd11051c23af4
Value: 1721613217
.https.4444492.com/ Name: Hm_lpvt_5beb5dad244a9961dbefd11051c23af4
Value: 1721613217
.https.4444492.com/ Name: HMACCOUNT
Value: 24100B03BDC7A2FA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5555587.com
hm.baidu.com
https.4444492.com
libs.baidu.com
res.49tu.net
s31.118x.net
ws2.servers01.com
14.215.183.79
2606:4700:3030::ac43:83cf
2606:4700:3031::ac43:956d
2606:4700:3033::6815:4169
2606:4700:3033::6815:6e6
2606:4700:3034::6815:cfa
39.156.66.111
02de150032a6bc397b93a5fc85cca8b7679a9a91be37df0758769f2ab507a668
183441761d3cc8699bd30a5a670d51cbdd71f64bbd47f6f07fc5c89a432dfa22
2b613bdf85eb1f478311c687b1a019f6d554bc45dd34a3832276538acf8620be
3bd6063eb290aca837588b66afb9264d7bfa62b76f48605b9573fef286642d32
3c4369efe2210edfc5b9aaccd03d925b6e8c5a823ff51c4d25c57b486339d8d1
3fe7c24791c3dcb0e27fb33b8970960b39e4fb40127f1d21ce642219b1c9dcc1
4b748845e9f3c308e694e266e239955053556fe63e19b117f2450bdc875a2864
54d1c4ddae1c10f2adb48fe23cceace480236c0d09b91ac7ebc6c64c4c3ba15b
54dda2c870559f1f6f7586a833809212cd5a40994081200707cadca1bec1a494
59563fd050c2c64916c411e9ffd48319f02ae4ca5e4024a649cc7e51d1062bc5
6215e10a3f94fc97b1d5a1d25c0997adee54a152cab3d111215a81c99961e327
63e8320aca132017ad1d727c159c99c9b8e5eba7a58098493926b9e68d7485e4
8b5fd1ccaab2cda7fc004ec01cedb0dd0183b8956170861edcbf1779da99fdbf
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
93584e65b1d94e58b1344217458e92a84b117bea25dd51329f9f2563616d08cd
a214d54e13dd83309ccee41baefe02222ec97e2974c4100c5f94a7861c2a7cb4
a38a08fb3426270d6eb769f0dfd3a59330f3ed63278592e684dd4b7bf765cb80
ac32a495fbb3354ecfbf8118c84587fd84b123bf89f7df59e76e567ef70e6de7
b714571dc23db70212001bb38327127c97e61cafce1cbbe389ac86bae81e352e
c0617b592ae982093afe364d285410de5fe9b7bb7d16b1289b28353dbaa31c2b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dccc8e91b78ba7b840a47fbcedc06638b698a601da38c30014878c38a8cad35d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43db417dfb22eb02d1f9a8062bae90d4b0d4ee9add81dc52ca537a62f397388
e8302a56a865f3329d222a10c0b83009ef56f39fe32cffea3effc1956035c7fd
ea603c6a486e9e9517abaa0a69dd7cf7b3ccccf95b35d3d56a0900cc5dd76c86
f86361830013708a83bb8ae824db42b8b05dcd33c95d3d0394ee2ff1e4985d55
fb23b51670d5391590d846f6e2f732606d7f86b9e5743fad873dc6986122b7c5