www.holdkids.com Open in urlscan Pro
156.248.235.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.holdkids.com/
Effective URL:
http://www.holdkids.com/
Submission: On July 18 via manual (July 18th 2022, 9:47:31 pm UTC) from CA — Scanned from CA

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 22 domains to perform 59 HTTP transactions. The main IP is 156.248.235.252, located in United States and belongs to IHGGROUP-001, US. The main domain is www.holdkids.com.

This is the only time www.holdkids.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	156.248.235.252 156.248.235.252	399674 (IHGGROUP-001) (IHGGROUP-001)
15	156.248.208.195 156.248.208.195	399674 (IHGGROUP-001) (IHGGROUP-001)
4	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
19	72.52.71.252 72.52.71.252	6939 (HURRICANE) (HURRICANE)
1	64.112.76.82 64.112.76.82	174 (COGENT-174) (COGENT-174)
1	45.61.212.216 45.61.212.216	53587 (AZT) (AZT)
1	103.170.15.71 103.170.15.71	7483 (SKYCLOUD-...) (SKYCLOUD-NET Skycloud Computing co.)
2	47.57.203.168 47.57.203.168	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	47.75.19.145 47.75.19.145	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 1	23.225.222.2 23.225.222.2	40065 (CNSERVERS) (CNSERVERS)
1	104.193.90.80 104.193.90.80	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 1	107.148.17.189 107.148.17.189	398823 (PEGTECHIN...) (PEGTECHINC-AP-02)
1	2606:4700:303... 2606:4700:3033::ac43:bdcb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	66.150.130.123 66.150.130.123	35913 (DEDIPATH-LLC) (DEDIPATH-LLC)
1	2606:4700:303... 2606:4700:3038::6815:eac9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.61.212.126 45.61.212.126	53587 (AZT) (AZT)
1 1	45.154.215.92 45.154.215.92	201106 (SPARTANHOST) (SPARTANHOST)
1	2606:4700:303... 2606:4700:3038::6815:ead1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	161.8.149.6 161.8.149.6	18978 (ENZUINC-) (ENZUINC-)
1	2606:4700:303... 2606:4700:3034::ac43:a135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.225.154.19 23.225.154.19	40065 (CNSERVERS) (CNSERVERS)
1	183.136.208.250 183.136.208.250	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
1	112.90.153.42 112.90.153.42	136959 (UNICOM-FU...) (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network)
1	183.131.207.66 183.131.207.66	() ()
59	20

3 156.248.235.252 (United States)

ASN399674 (IHGGROUP-001, US)

www.holdkids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 156.248.208.195 (United States)

ASN399674 (IHGGROUP-001, US)

qaz-kljlsa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 72.52.71.252 (Logan, United States)

ASN6939 (HURRICANE, US)

img.siwazywimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.112.76.82 (United States)

ASN174 (COGENT-174, US)
PTR: customer.tatraservices.com

siwazywcdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.216 (United States)

ASN53587 (AZT, US)

n7516.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.170.15.71 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)

n7181.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.57.203.168 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

tupaiyy.oss-cn-hongkong.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.75.19.145 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

aixuntupian.oss-cn-hongkong.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.225.222.2 (United States) 1 redirects

ASN40065 (CNSERVERS, US)

img.777731.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.193.90.80 (United States)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

pic.rmb.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.148.17.189 (United States) 1 redirects

ASN398823 (PEGTECHINC-AP-02, US)

kvezz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:bdcb (United States)

ASN13335 (CLOUDFLARENET, US)

acoozzh.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.150.130.123 (Seattle, United States) 1 redirects

ASN35913 (DEDIPATH-LLC, US)

kzeaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eac9 (United States)

ASN13335 (CLOUDFLARENET, US)

acoossi.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.126 (United States)

ASN53587 (AZT, US)

kgagck6.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.154.215.92 (Seattle, United States) 1 redirects

ASN201106 (SPARTANHOST, GB)

kvemm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ead1 (United States)

ASN13335 (CLOUDFLARENET, US)

acoossd.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.8.149.6 (Los Angeles, United States)

ASN18978 (ENZUINC-, US)
PTR: 6.149-8-161.rdns.scalabledns.com

111kkkkk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:a135 (United States)

ASN13335 (CLOUDFLARENET, US)

aooacctp.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.225.154.19 (United States)

ASN40065 (CNSERVERS, US)

www.govhebie.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.136.208.250 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

v1.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 112.90.153.42 (China)

ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (None, )

ASN- ()

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	siwazywimg.com img.siwazywimg.com — Cisco Umbrella Rank: 304790	792 KB
15	qaz-kljlsa.com qaz-kljlsa.com	46 KB
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7884	24 KB
3	aliyuncs.com tupaiyy.oss-cn-hongkong.aliyuncs.com — Cisco Umbrella Rank: 649594 aixuntupian.oss-cn-hongkong.aliyuncs.com — Cisco Umbrella Rank: 523182	2 MB
3	holdkids.com www.holdkids.com	2 KB
2	51.la js.users.51.la — Cisco Umbrella Rank: 63669 ia.51.la	3 KB
2	govhebie.cn www.govhebie.cn	552 B
1	cnzz.com v1.cnzz.com — Cisco Umbrella Rank: 64349	436 B
1	aooacctp.vip aooacctp.vip — Cisco Umbrella Rank: 707489	88 KB
1	111kkkkk.com 111kkkkk.com	986 KB
1	acoossd.top acoossd.top	883 KB
1	kvemm.com 1 redirects kvemm.com — Cisco Umbrella Rank: 336156	133 B
1	kgagck6.com kgagck6.com	928 KB
1	acoossi.top acoossi.top	181 KB
1	kzeaa.com 1 redirects kzeaa.com — Cisco Umbrella Rank: 350266	133 B
1	acoozzh.top acoozzh.top — Cisco Umbrella Rank: 518411	392 KB
1	kvezz.com 1 redirects kvezz.com — Cisco Umbrella Rank: 280490	133 B
1	bdstatic.com pic.rmb.bdstatic.com — Cisco Umbrella Rank: 29447	287 KB
1	777731.net 1 redirects img.777731.net	117 B
1	n7181.com n7181.com	1 MB
1	n7516.com n7516.com	860 KB
1	siwazywcdn2.com siwazywcdn2.com — Cisco Umbrella Rank: 379709	41 KB
59	22

	Domain	Requested by
19	img.siwazywimg.com	qaz-kljlsa.com
15	qaz-kljlsa.com	www.holdkids.com qaz-kljlsa.com
4	hm.baidu.com	www.holdkids.com qaz-kljlsa.com
3	www.holdkids.com	www.holdkids.com
2	www.govhebie.cn	qaz-kljlsa.com
2	tupaiyy.oss-cn-hongkong.aliyuncs.com	qaz-kljlsa.com
1	ia.51.la	qaz-kljlsa.com
1	js.users.51.la	qaz-kljlsa.com
1	v1.cnzz.com	qaz-kljlsa.com
1	aooacctp.vip	qaz-kljlsa.com
1	111kkkkk.com	qaz-kljlsa.com
1	acoossd.top	qaz-kljlsa.com
1	kvemm.com	1 redirects
1	kgagck6.com	qaz-kljlsa.com
1	acoossi.top	qaz-kljlsa.com
1	kzeaa.com	1 redirects
1	acoozzh.top	qaz-kljlsa.com
1	kvezz.com	1 redirects
1	pic.rmb.bdstatic.com	qaz-kljlsa.com
1	img.777731.net	1 redirects
1	aixuntupian.oss-cn-hongkong.aliyuncs.com	qaz-kljlsa.com
1	n7181.com	qaz-kljlsa.com
1	n7516.com	qaz-kljlsa.com
1	siwazywcdn2.com	qaz-kljlsa.com
59	24

This site contains no links.

Subject Issuer	Validity	Valid
qaz-kljlsa.com R3	`2022-05-02` - `2022-07-31`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.siwazywimg.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-18` - `2022-09-18`	a year	crt.sh
*.siwazywcdn2.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-28` - `2022-09-28`	a year	crt.sh
n7516.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-03` - `2023-07-03`	a year	crt.sh
n7181.com Sectigo RSA Domain Validation Secure Server CA	`2022-07-03` - `2023-07-03`	a year	crt.sh
*.oss-cn-hongkong.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-01-20` - `2023-02-21`	a year	crt.sh
kgagck6.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-23` - `2023-03-23`	a year	crt.sh
111kkkkk.com R3	`2022-07-18` - `2022-10-16`	3 months	crt.sh
*.aooacctp.vip E1	`2022-06-13` - `2022-09-11`	3 months	crt.sh
govhebie.cn TrustAsia TLS RSA CA	`2021-10-11` - `2022-10-10`	a year	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-01-11` - `2023-02-12`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-04-19` - `2023-05-21`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.holdkids.com/
Frame ID: 47DD541440FED24AA0FD7A16A9D01E11
Requests: 5 HTTP requests in this frame

Frame: https://qaz-kljlsa.com/
Frame ID: AABE8ACAFF59F3165F140128F4B44C8B
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

桐城媚涸环保科技有限公司国产欧美日韩精品一区二区,高清国产天干天干天干,精品国产品国语在线不卡桐城媚涸环保科技有限公司

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

CNZZ (Analytics) Expand

Overall confidence: 100%
Detected patterns

//[^./]+\.cnzz\.com/(?:z_stat.php|core)\?

Page Statistics

59
Requests

88 %
HTTPS

17 %
IPv6

22
Domains

24
Subdomains

20
IPs

4
Countries

8862 kB
Transfer

9339 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://img.777731.net/images/62c9796470b11560500b8112.gif HTTP 302
https://pic.rmb.bdstatic.com/bjh/84c2e2914d7bc27fbc122f455e3e39e1.gif

Request Chain 41

https://kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP 301
https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif

Request Chain 42

https://kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif HTTP 301
https://acoossi.top/e74b75b58cdf79b04bfb0592f5a858dc.gif

Request Chain 44

https://kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif HTTP 301
https://acoossd.top/ec9fcd758df74f805f29f72e8545d13b.gif

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.holdkids.com/ 2 KB
707 B 232ms
91ms Document
text/html 156.248.235.252
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://www.holdkids.com/
Protocol: HTTP/1.1
Server: 156.248.235.252 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e447c05c891ad9c64c2a60701a5583478a6573b75e2aea1c7dd57e6f3e59df8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 18 Jul 2022 21:47:28 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK common.js Show response
www.holdkids.com/ 1 KB
866 B 86ms
86ms Script
application/x-javascript 156.248.235.252
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://www.holdkids.com/common.js
Requested by: Host: www.holdkids.com
URL: http://www.holdkids.com/
Protocol: HTTP/1.1
Server: 156.248.235.252 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f219ebfa67c20349a5873d34f86df867279c0b89c21fc10d62fab498308ae79

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.holdkids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.holdkids.com/ 258 B
414 B 172ms
85ms Script
application/x-javascript 156.248.235.252
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://www.holdkids.com/tj.js
Requested by: Host: www.holdkids.com
URL: http://www.holdkids.com/
Protocol: HTTP/1.1
Server: 156.248.235.252 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: nginx /
Resource Hash: 5e63d8857ab10581b634d80ccce5073fe471e9a6dd7d206f8e18f483589283a8

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.holdkids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 258
Content-Type: application/x-javascript

GET
H/1.1 200
OK / Show response
qaz-kljlsa.com/ Frame AABE 19 KB
6 KB 502ms
143ms Document
text/html 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: https://qaz-kljlsa.com/
Requested by: Host: www.holdkids.com
URL: http://www.holdkids.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / PHP/7.1.33 ASP.NET
Resource Hash: e46c2d914611554c90bbb14db4e04e180122aae3d976c06201eeb20f360be643

Request headers

Referer: http://www.holdkids.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Content-Encoding: gzip
Content-Length: 5491
Content-Type: text/html; charset=utf-8
Date: Mon, 18 Jul 2022 21:47:24 GMT
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.33 ASP.NET

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 812ms
314ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?b47eb7f64a6441bc726febc89cad58a3

Requested by

Host: www.holdkids.com
URL: http://www.holdkids.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

b6f8b6c4cf22d52ac8f3d92f130edd053cc49a4b8024cae880711ed0960ba015

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.holdkids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:26 GMT
Content-Encoding: gzip
Server: apache
Etag: 6174acd76b0c9ada73a3c6fee1b03095
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11340

GET
H/1.1 200
OK ate.css
qaz-kljlsa.com/template/m1938pc/css/ Frame AABE 74 KB
5 KB 84ms
84ms Stylesheet
text/css 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: https://qaz-kljlsa.com/template/m1938pc/css/ate.css
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Jan 2021 07:28:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "06ae58622f2d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4498

GET
H/1.1 200
OK zui.css
qaz-kljlsa.com/template/m1938pc/css/ Frame AABE 84 KB
15 KB 170ms
84ms Stylesheet
text/css 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: https://qaz-kljlsa.com/template/m1938pc/css/zui.css
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 05:34:18 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0e972e6ef4d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 15351

GET
H/1.1 200
OK loogo8.png
qaz-kljlsa.com/template/m1938pc/css/ Frame AABE 10 KB
11 KB 173ms
173ms Image
image/png 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qaz-kljlsa.com/template/m1938pc/css/loogo8.png
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a2346154aace150e89165e0115e34cc33f9a9215e0d8fd35f6a8c01a4e0c951d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Last-Modified: Sat, 27 Nov 2021 11:24:11 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b35df14c81e3d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 10707

GET
H/1.1 200
OK xx1.js Show response
qaz-kljlsa.com/template/m1938pc/ads/ Frame AABE 4 KB
1 KB 250ms
84ms Script
application/javascript 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: https://qaz-kljlsa.com/template/m1938pc/ads/xx1.js
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bcf22ea10cbe7b333f83b38e1a1d39100deb3198376a8c51be73696b3f6df64d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Content-Encoding: gzip
Last-Modified: Sat, 16 Jul 2022 10:08:16 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0e842f7fb98d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1098

GET
H/1.1 200
OK dh1.js Show response
qaz-kljlsa.com/template/m1938pc/ads/ Frame AABE 2 KB
1 KB 251ms
84ms Script
application/javascript 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: https://qaz-kljlsa.com/template/m1938pc/ads/dh1.js
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5a7420aa863361685968f540d6fb37801cdeb560769a301f882d18c07c485a2c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Jul 2022 13:03:14 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "70414593dd99d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 801

GET
H/1.1 200
OK 1.gif
qaz-kljlsa.com/template/m1938pc/images/ Frame AABE 254 B
500 B 87ms
87ms Image
image/gif 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qaz-kljlsa.com/template/m1938pc/images/1.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Last-Modified: Fri, 11 Jun 2021 00:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "28ba8f2595ed71:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 254

GET
H/1.1 200
OK dh.js Show response
qaz-kljlsa.com/template/m1938pc/ads/ Frame AABE 2 KB
977 B 258ms
86ms Script
application/javascript 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: https://qaz-kljlsa.com/template/m1938pc/ads/dh.js
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 09c33ead6633fe64a8196172a420737bdf89bb9228e0aed5ae845af0b09abf01

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Jul 2022 11:21:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "adf7d268cf99d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 670

GET
H/1.1 200
OK xx2.js Show response
qaz-kljlsa.com/template/m1938pc/ads/ Frame AABE 1 KB
800 B 259ms
86ms Script
application/javascript 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: https://qaz-kljlsa.com/template/m1938pc/ads/xx2.js
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 652f51a0483f1b139558a748b988871e4d566499e893f7f6593479b7049ccc67

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Jul 2022 11:21:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "cec144ecf99d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 494

GET
H/1.1 200
OK 1.js Show response
qaz-kljlsa.com/template/m1938pc/ads/ Frame AABE 1 KB
878 B 179ms
86ms Script
application/javascript 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: https://qaz-kljlsa.com/template/m1938pc/ads/1.js
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 518014909ebbb10f13e751e28267d1f285d4397a31c47da820b91448b674e855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Content-Encoding: gzip
Last-Modified: Sun, 17 Jul 2022 13:02:19 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "ebcfc372dd99d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 571

GET
H2 200 iGWpr3u6.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 63 KB
63 KB 1027ms
168ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/iGWpr3u6.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e9de18ea85dfe55509c4ba37ff54def97112179e96ed9a263bd8def1015c2f2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Mon, 22 Nov 2021 11:10:33 GMT
server: nginx
etag: "619b7aa9-fa97"
x-cache-status: HIT, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 64151

GET
H2 200 qsWNunS2.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 64 KB
64 KB 1133ms
274ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/qsWNunS2.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: a479c13dea80b7cf0280819cc8d9ce2575d60201cc7594fc034a072567be6903

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Mon, 22 Nov 2021 11:10:43 GMT
server: nginx
etag: "619b7ab3-ffec"
x-cache-status: HIT, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 65516

GET
H2 200 rmx9yD5i.jpg
siwazywcdn2.com/cvjpg/ Frame AABE 41 KB
41 KB 465ms
79ms Image
image/jpeg 64.112.76.82
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siwazywcdn2.com:5278/cvjpg/rmx9yD5i.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.76.82 , United States, ASN174 (COGENT-174, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: e456db3db5154228a6fd3fcf122a38b455bf25f7bf28e86b57eb60ae797a6618

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:26 GMT
last-modified: Wed, 11 May 2022 10:49:46 GMT
server: nginx
etag: "627b94ca-a21c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 41500

GET
H2 200 92Lje8i5.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 94 KB
95 KB 1150ms
292ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/92Lje8i5.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: a85ded447ca8863012767d01947891f517d0322b595ccd4d4a474993dc06e574

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Mon, 22 Nov 2021 11:10:32 GMT
server: nginx
etag: "619b7aa8-179f3"
x-cache-status: HIT, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 96755

GET
H2 200 BVwe6uXU.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 89 KB
89 KB 1152ms
293ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/BVwe6uXU.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 25af85f34fa9021bae72e2da430d3cb807dbc1f53a4f28f0480aa7c17643e65e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Mon, 22 Nov 2021 11:10:35 GMT
server: nginx
etag: "619b7aab-1631e"
x-cache-status: HIT, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 90910

GET
H2 200 PrQmUTkj.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 153 KB
154 KB 1151ms
293ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/PrQmUTkj.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6185f434fab28d7a5226bd18b3c814b502743f292feeca8e30a4ab7afa5d56

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Mon, 22 Nov 2021 11:10:34 GMT
server: nginx
etag: "619b7aaa-26594"
x-cache-status: HIT, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 157076

GET
H2 200 QYoOGELW.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 61 KB
61 KB 814ms
293ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/QYoOGELW.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 58171d87797db4e86a57160f173f9e529509d091ecf347882bc92f75696c3e62

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Mon, 22 Nov 2021 11:10:43 GMT
server: nginx
etag: "619b7ab3-f45d"
x-cache-status: HIT, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 62557

GET
H2 200 IVxpBK6v.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 60 KB
60 KB 284ms
283ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/IVxpBK6v.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: cfa0858650f22f6503d04e7e6d3c88e8f49e69f84cabd217e456995fb0fa518d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Mon, 22 Nov 2021 11:10:33 GMT
server: nginx
etag: "619b7aa9-eeaa"
x-cache-status: HIT, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 61098

GET
H2 200 bpJ6afiE.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 92 KB
92 KB 284ms
283ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/bpJ6afiE.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e161699e506e7e4e9ef5f1a5c3014abfb88148bbeb34bff960b749b9c646095

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Mon, 22 Nov 2021 11:10:40 GMT
server: nginx
etag: "619b7ab0-16ea3"
x-cache-status: HIT, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 93859

GET
H2 200 U05cjnim.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 59 KB
59 KB 285ms
284ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/U05cjnim.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: cab123ad64207ca6e7580ce8c35d3be10358553b551a11ab04059667eaa2573d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Mon, 22 Nov 2021 11:10:45 GMT
server: nginx
etag: "619b7ab5-eb82"
x-cache-status: HIT, HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 60290

GET
H2 200 wxLTrhWt.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 5 KB
6 KB 285ms
284ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/wxLTrhWt.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9762b3b42344e9780ab4ffd82d0fb0f5d09fd32c0e89b751076671c8e776f975

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Sat, 16 Jul 2022 12:13:35 GMT
server: nginx
etag: "62d2ab6f-15f6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5622

GET
H2 200 1CwgaM9f.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 4 KB
4 KB 285ms
284ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/1CwgaM9f.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: d99f97d57c2da04350df74577bb5f381fcdbb17ebf6d46148a7f50fbb1938ce1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Sat, 16 Jul 2022 11:08:08 GMT
server: nginx
etag: "62d29c18-e14"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3604

GET
H2 200 AUjZTJfI.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 5 KB
5 KB 286ms
285ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/AUjZTJfI.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: f2fc91392f42d7441dab4416888da3ded8301304fa90efc7eabf32b2177010f2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Sat, 16 Jul 2022 10:55:24 GMT
server: nginx
etag: "62d2991c-1302"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4866

GET
H2 200 cwm1sJl2.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 5 KB
5 KB 286ms
285ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/cwm1sJl2.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 433dfc5eec4418606a326c6815431c14b44198a4352b17c829828c687e7a4cbc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Sat, 16 Jul 2022 12:02:20 GMT
server: nginx
etag: "62d2a8cc-131d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4893

GET
H2 200 LGvqr04Y.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 6 KB
7 KB 286ms
285ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/LGvqr04Y.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: cab3fd518564b216ecde2889607cb3c50fe98e140e94ed122ce0d42c139bf4d6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Sat, 16 Jul 2022 10:52:10 GMT
server: nginx
etag: "62d2985a-19fb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 6651

GET
H2 200 dj29fKhu.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 3 KB
3 KB 287ms
286ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/dj29fKhu.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: cf823e0a88bc4964e4d3a912cfd5497b351a55800800c68d636e221f7620b11d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Sat, 16 Jul 2022 12:12:29 GMT
server: nginx
etag: "62d2ab2d-cb1"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3249

GET
H2 200 v2a3hZfz.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 7 KB
7 KB 287ms
286ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/v2a3hZfz.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 34d2698ccdb43fa2689caf37aab991fb9abb6aaa4da2952633a6009ae8e8d6be

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Sat, 16 Jul 2022 11:07:25 GMT
server: nginx
etag: "62d29bed-1b59"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7001

GET
H2 200 jBySMYKR.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 5 KB
6 KB 287ms
287ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/jBySMYKR.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 23e6d19442cb8ff05d6a9fa5a97c978da7c537887e0290dff0b0612eb1f25b5f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Sat, 16 Jul 2022 11:57:58 GMT
server: nginx
etag: "62d2a7c6-1572"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5490

GET
H2 200 Y8D2qhfF.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 7 KB
8 KB 288ms
287ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/Y8D2qhfF.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: c72ec39c94fd28cabff99f9d28131054a67979e077bf794495db3b28ce57bd83

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Sat, 16 Jul 2022 12:02:56 GMT
server: nginx
etag: "62d2a8f0-1d30"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7472

GET
H2 200 fHqYrzCo.jpg
img.siwazywimg.com/cvjpg/ Frame AABE 3 KB
4 KB 288ms
287ms Image
image/jpeg 72.52.71.252
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/fHqYrzCo.jpg
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 72.52.71.252 Logan, United States, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 62f46158d7fd04fcca09e953dd9b347214f5193408f0b117d3f45f6ab5ae645b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
last-modified: Sat, 16 Jul 2022 11:55:32 GMT
server: nginx
etag: "62d2a734-db2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3506

GET
H/1.1 200
OK xx3.js Show response
qaz-kljlsa.com/template/m1938pc/ads/ Frame AABE 596 B
704 B 86ms
86ms Script
application/javascript 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: https://qaz-kljlsa.com/template/m1938pc/ads/xx3.js
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9063e8059ba64a30197dbe4bb49b362edf3df4fa1bff1fb6bceb171e52740ae7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jul 2022 18:20:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "a1d42ebcd28fd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 397

GET
H/1.1 200
OK dl.js Show response
qaz-kljlsa.com/template/m1938pc/ads/ Frame AABE 865 B
766 B 87ms
86ms Script
application/javascript 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: https://qaz-kljlsa.com/template/m1938pc/ads/dl.js
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9e9bf9d364d057359d1fefa614e53932d7d00c55f63e9501a5412ffa66eb973b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 14:18:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "53132728c38bd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 459

GET
H/1.1 200
OK tj.js Show response
qaz-kljlsa.com/template/m1938pc/ads/ Frame AABE 238 B
590 B 87ms
86ms Script
application/javascript 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: https://qaz-kljlsa.com/template/m1938pc/ads/tj.js
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d9b034f942505e2f141b357dc31e788f5b04acfb4e18067de194946ba956f123

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Mar 2022 13:30:42 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8e6eb231ba3ed81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 283

GET
H/1.1 200
OK f1feda5e508d4fdea0b6285348bd8586.gif
n7516.com/ Frame AABE 860 KB
860 KB 2634ms
381ms Image
image/gif 45.61.212.216
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n7516.com/f1feda5e508d4fdea0b6285348bd8586.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.216 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 487d1d9209c62f62d81facdd97f4f2a2b2d4bb1d9d393978ef95c5494617729e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 11:40:31 GMT
Last-Modified: Sat, 04 Jun 2022 08:52:59 GMT
Server: nginx
ETag: "629b1d6b-d6e69"
X-Cache: HIT from cloud-us3-cdnb-16
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 880233

GET
H/1.1 200
OK 697f70363cba40df853fd709d32e2c7d.gif
n7181.com/ Frame AABE 1 MB
1 MB 2360ms
91ms Image
image/gif 103.170.15.71
SKYCLOUD-NET Skyc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n7181.com/697f70363cba40df853fd709d32e2c7d.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.71 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software: nginx /
Resource Hash: c98dce83c03e22afb392873703b76795a050bb129f1c72ebecfe78315dff9aeb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 00:11:25 GMT
Last-Modified: Sat, 04 Jun 2022 08:52:22 GMT
Server: nginx
ETag: "629b1d46-138ebf"
X-Cache: HIT from yd11_13-cdn-g01-la2-01
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1281727

GET
H/1.1 200
OK tfdewwww.gif
tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/ Frame AABE 2 MB
2 MB 789ms
259ms Image
image/gif 47.57.203.168
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/tfdewwww.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.57.203.168 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: fa18040d8075823d8eb8e92a9e3a8f8ea627ac1afc741a284744c6b1c0e29bf6

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:27 GMT
x-oss-request-id: 62D5D4EF2A67CA33345D8FAA
Content-MD5: 0ugloBCFxqyQBO5nNIYn3A==
Content-Disposition: attachment; filename="tfdewwww.gif"
Connection: keep-alive
Content-Length: 1737912
x-oss-object-type: Normal
Last-Modified: Mon, 04 Jul 2022 07:28:34 GMT
Server: AliyunOSS
ETag: "D2E825A01085C6AC9004EE67348627DC"
Content-Type: image/gif
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 817518345630989865
x-oss-server-time: 1

GET
H/1.1 200
OK yyyyuuuu.gif
aixuntupian.oss-cn-hongkong.aliyuncs.com/dongtu/ Frame AABE 298 KB
0 872ms
268ms Image
image/gif 47.75.19.145
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aixuntupian.oss-cn-hongkong.aliyuncs.com/dongtu/yyyyuuuu.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.145 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 18 Jul 2022 21:47:27 GMT
x-oss-request-id: 62D5D4EF0E14E43134B0C437
Last-Modified: Mon, 11 Jul 2022 08:54:34 GMT
Server: AliyunOSS
Content-MD5: DI1cB09m4r8MREKCo3F2bA==
ETag: "0C8D5C074F66E2BF0C444282A371766C"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 70154829827587139
Content-Length: 2231446
x-oss-server-time: 3

GET
H2

200

84c2e2914d7bc27fbc122f455e3e39e1.gif
pic.rmb.bdstatic.com/bjh/ Frame AABE
Redirect Chain

https://img.777731.net/images/62c9796470b11560500b8112.gif
https://pic.rmb.bdstatic.com/bjh/84c2e2914d7bc27fbc122f455e3e39e1.gif

286 KB
287 KB

1412ms
26ms

Image
image/gif

104.193.90.80
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/84c2e2914d7bc27fbc122f455e3e39e1.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Server: 104.193.90.80 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 2c978d5da4312c46fd3e32f64ac24e2687ce609557b5f299838ea76697627b64

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ohc-file-size: 293186
date: Mon, 18 Jul 2022 21:47:28 GMT
content-md5: hMLikU17wn+8Ei9FXj454Q==
age: 808012
x-cache-status: HIT
x-bce-restore-cache: -
x-bce-storage-class: STANDARD
content-length: 293186
ohc-cache-hit: iad01-sys-jomo0.iad01.baidu.com [2], zhuzuncache128 [3], xaix171 [1]
last-modified: Sat, 09 Jul 2022 12:49:46 GMT
server: JSP3/2.0.14
etag: "84c2e2914d7bc27fbc122f455e3e39e1"
x-bce-request-id: 3ace62ec-1509-4887-bbed-7e646defe387
x-bce-restore-tier: -
content-type: image/gif
x-bce-debug-id: tWAgN+pAW3/tUOQj2r4ou6skGQuoV/7zB7KPdyu8XUvCkZB3gIMf5zos5lYbdkcm2DmjaNUKRwRRRp5PLpyPKg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3322398656
expires: Tue, 12 Jul 2022 12:50:01 GMT

Redirect headers

location: https://pic.rmb.bdstatic.com/bjh/84c2e2914d7bc27fbc122f455e3e39e1.gif
cache-control: max-age=86400
referrer-policy: no-referrer

GET
H2

200

95ca29ec3907b3bf2d8a24b35e3eda22.gif
acoozzh.top/ Frame AABE
Redirect Chain

https://kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif

391 KB
392 KB

70ms
22ms

Image
image/gif

2606:4700:3033::ac43:bdcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Server: 2606:4700:3033::ac43:bdcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 778997
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
server: cloudflare
etag: "62702f7f-61b88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUiBpJqFX3T9UxXBAufdNFv8DDmM5an7%2F64YlKdbX%2BlY7Yp7suO38Flq15ZG3Mr0oGJ0PQax6%2Bg%2FNPqHyUAm9seH4yHc3DKSBzy44Ii%2FMIs5OEQ5kFvm2n0%2Bv86jZ6e7EhVTEAXSBp3fVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 72ce6a755e5e7148-YUL
expires: Mon, 08 Aug 2022 21:24:09 GMT

Redirect headers

location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
date: Mon, 18 Jul 2022 21:47:26 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

e74b75b58cdf79b04bfb0592f5a858dc.gif
acoossi.top/ Frame AABE
Redirect Chain

https://kzeaa.com/e74b75b58cdf79b04bfb0592f5a858dc.gif
https://acoossi.top/e74b75b58cdf79b04bfb0592f5a858dc.gif

181 KB
181 KB

542ms
491ms

Image
image/gif

2606:4700:3038::6815:eac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoossi.top/e74b75b58cdf79b04bfb0592f5a858dc.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Server: 2606:4700:3038::6815:eac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34924659831f47a88bb09ee743e6e993c7b98c6038e0d6f9ba93123ba0a92a50

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 184926
last-modified: Wed, 25 May 2022 14:01:09 GMT
server: cloudflare
etag: "628e36a5-2d25e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sq%2FnCA2F0P0vPhkhho7jGRPdG%2FkAD%2Bxy5tDkBX0LKe2t3NOyOLy1x0MmsCJSkHxRfLskcPemsuUYg6Qv1EUUmMuUcr21LUbJo%2FzsMDRrL6PIntotSoMhP25BlqUIB4uYzsJV1%2Bd7a8a8sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 72ce6a757a347157-YUL
expires: Wed, 17 Aug 2022 21:47:27 GMT

Redirect headers

location: https://acoossi.top/e74b75b58cdf79b04bfb0592f5a858dc.gif
date: Mon, 18 Jul 2022 21:47:26 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H/1.1 200
OK 222be277fed0433b9ed65afa56ccfcb1.gif
kgagck6.com/ Frame AABE 927 KB
928 KB 1850ms
391ms Image
image/gif 45.61.212.126
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kgagck6.com/222be277fed0433b9ed65afa56ccfcb1.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.126 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 49f1e25f36d735696eb54c8b3931cc37b28afe2cbbab419c2139e2443a638f29

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 22:57:48 GMT
Last-Modified: Fri, 03 Jun 2022 11:15:06 GMT
Server: nginx
ETag: "6299ed3a-e7d98"
X-Cache: HIT from cloud-us2-cdnb-26
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 949656

GET
H2

200

ec9fcd758df74f805f29f72e8545d13b.gif
acoossd.top/ Frame AABE
Redirect Chain

https://kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
https://acoossd.top/ec9fcd758df74f805f29f72e8545d13b.gif

881 KB
883 KB

83ms
41ms

Image
image/gif

2606:4700:3038::6815:ead1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoossd.top/ec9fcd758df74f805f29f72e8545d13b.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Server: 2606:4700:3038::6815:ead1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 592950
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
server: cloudflare
etag: "622cb988-dc4a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t74aw4t%2BlXJZearPOfNcJwbBb74QWZtjGn%2ByGMg5qviRObQ6da5JKmwxLgDUmCQJSTAyB3sV6msw1nm829AnQUrO9Fn9g4wRp%2FrEWaidxzeGxj%2BfmqhVktlKwoIX1IrDfOECUVQHLz8kBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 72ce6a75ae13ca5f-YUL
expires: Thu, 11 Aug 2022 01:04:57 GMT

Redirect headers

location: https://acoossd.top/ec9fcd758df74f805f29f72e8545d13b.gif
date: Mon, 18 Jul 2022 21:47:26 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 960-120-%E5%8A%A8%E6%80%81%E6%96%87%E4%BB%B6---7-16.gif
111kkkkk.com/static/img/ Frame AABE 985 KB
986 KB 311ms
77ms Image
image/gif 161.8.149.6
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://111kkkkk.com/static/img/960-120-%E5%8A%A8%E6%80%81%E6%96%87%E4%BB%B6---7-16.gif

Requested by

Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

161.8.149.6 Los Angeles, United States, ASN18978 (ENZUINC-, US),

Reverse DNS

6.149-8-161.rdns.scalabledns.com

Software

nginx /

Resource Hash

ce531ba87a6832389e20668fe5b3abdc7226d54ad3768d53f1f1b3a225500307

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:26 GMT
last-modified: Sat, 16 Jul 2022 13:38:41 GMT
server: nginx
etag: "62d2bf61-f62a8"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1008296
expires: Wed, 17 Aug 2022 21:47:26 GMT

GET
H/1.1 200
OK ddwq.gif
tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/ Frame AABE 399 KB
400 KB 811ms
274ms Image
image/gif 47.57.203.168
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tupaiyy.oss-cn-hongkong.aliyuncs.com/huazidongtu/ddwq.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.57.203.168 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: b11e168dffce02d885da51ca27f591d58a5fdeb762422caed2411347c84b66f4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:27 GMT
x-oss-request-id: 62D5D4EF2A67CA33368F8FAA
Content-MD5: NxtvEhJixCVptti2+52m8w==
Content-Disposition: attachment; filename="ddwq.gif"
Connection: keep-alive
Content-Length: 408728
x-oss-object-type: Normal
Last-Modified: Mon, 04 Jul 2022 07:23:16 GMT
Server: AliyunOSS
ETag: "371B6F121262C42569B6D8B6FB9DA6F3"
Content-Type: image/gif
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 12519031946448943376
x-oss-server-time: 1

GET
H2 200 ynv100.gif
aooacctp.vip/lm/ Frame AABE 87 KB
88 KB 137ms
27ms Image
image/gif 2606:4700:3034::ac43:a135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aooacctp.vip/lm/ynv100.gif
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1672264
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89034
last-modified: Sun, 29 May 2022 06:37:35 GMT
server: cloudflare
etag: "629314af-15bca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeAPOM2g2B2TxsIRrGunUwxBqrFVVhBXP4OCsLp2obhrKvOv6xfBM3agrWZuc1coxdD5ZoWl6Te9ssfF2dNRv5efi7RdIDGj%2F267FCTIG%2FVsbzJEL1EgyaiCXEzcKHY%2FjRtaVVzNI%2F%2BB3yA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 72ce6a74ada07133-YUL
expires: Fri, 29 Jul 2022 13:16:27 GMT

GET
H/1.1 200
OK video-mask.png
qaz-kljlsa.com/template/m1938pc/images/ Frame AABE 107 B
354 B 87ms
86ms Image
image/png 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qaz-kljlsa.com/template/m1938pc/images/video-mask.png
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/template/m1938pc/css/zui.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:25 GMT
Last-Modified: Sun, 24 Jan 2021 07:28:42 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b0b58b8a22f2d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 107

GET
H/1.1 200
OK video-play.png
qaz-kljlsa.com/template/m1938pc/images/ Frame AABE 2 KB
2 KB 87ms
87ms Image
image/png 156.248.208.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qaz-kljlsa.com/template/m1938pc/images/video-play.png
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/template/m1938pc/css/zui.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 156.248.208.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:25 GMT
Last-Modified: Sun, 24 Jan 2021 07:28:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "4081698d22f2d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1567

GET
H2 200 8D272B9B-772D-16968-33-2E7C0B8FEEB9.alpha Show response
www.govhebie.cn/ty/ Frame AABE 26 B
276 B 1440ms
92ms Script
text/html 23.225.154.19
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govhebie.cn:12443/ty/8D272B9B-772D-16968-33-2E7C0B8FEEB9.alpha
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/template/m1938pc/ads/dl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.225.154.19 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: tengine / PHP/5.6.40
Resource Hash: bc813b8086414a7a973b0eefa86d9d60e6dbe86ec4d06f1608cae4af9a1b053a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 21:47:27 GMT
server: tengine
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
expires: Mon, 18 Jul 2022 22:02:27 GMT

GET
H2 200 98762582-B4FB-16969-34-655C996D7D15.alpha Show response
www.govhebie.cn/ty/ Frame AABE 26 B
276 B 1439ms
91ms Script
text/html 23.225.154.19
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govhebie.cn:12443/ty/98762582-B4FB-16969-34-655C996D7D15.alpha
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/template/m1938pc/ads/dl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.225.154.19 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: tengine / PHP/5.6.40
Resource Hash: bc813b8086414a7a973b0eefa86d9d60e6dbe86ec4d06f1608cae4af9a1b053a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:47:27 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 21:47:27 GMT
server: tengine
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
expires: Mon, 18 Jul 2022 22:02:27 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 316ms
315ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=21387307&si=b47eb7f64a6441bc726febc89cad58a3&v=1.2.96&lv=1&sn=14277&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.holdkids.com%2F&tt=%E6%A1%90%E5%9F%8E%E5%AA%9A%E6%B6%B8%E7%8E%AF%E4%BF%9D%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.holdkids.com
URL: http://www.holdkids.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: http://www.holdkids.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 21:47:26 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 z_stat.php Show response
v1.cnzz.com/ Frame AABE 0
436 B 891ms
210ms Script
application/javascript 183.136.208.250
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.cnzz.com/z_stat.php?id=1280861732&web_id=1280861732
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/template/m1938pc/ads/tj.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 183.136.208.250 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine / PHP/5.5.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 21:03:26 GMT
content-encoding: gzip
age: 2642
x-powered-by: PHP/5.5.25
x-cache: HIT TCP_MEM_HIT dirn:2:164911134
x-swift-cachetime: 1983
x-swift-savetime: Mon, 18 Jul 2022 21:30:23 GMT
content-length: 20
last-modified: Mon, 18 Jul 2022 21:03:26 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1658178206
content-type: application/javascript
via: cache7.l2cn1802[0,0,200-0,H], cache47.l2cn1802[0,0], cache4.cn4420[0,0,200-0,H], cache25.cn4420[0,0]
cache-control: max-age=1800,s-maxage=3600
timing-allow-origin: *
eagleid: b788d02d16581808486994934e

GET
H/1.1 200
OK 20894175.js Show response
js.users.51.la/ Frame AABE 5 KB
3 KB 959ms
245ms Script
application/javascript 112.90.153.42
UNICOM-FUOSHAN-ID...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20894175.js
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/template/m1938pc/ads/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 112.90.153.42 , China, ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: openresty /
Resource Hash: 5939ec25e1e2884ed4f4926e10431b6b2d87b0a31b931e20144513f827a56ef5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:28 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200 go1
ia.51.la/ Frame AABE 0
215 B 1567ms
300ms Image
text/plain 183.131.207.66

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=20894175&rt=1658180848871&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25A4%259C%25E8%2589%25B2%25E8%25B5%2584%25E6%25BA%2590%25E7%25BD%2591%25E7%25AB%2599&ing=1&ekc=&sid=1658180848871&tt=%25E5%25A4%259C%25E8%2589%25B2%25E8%25B5%2584%25E6%25BA%2590%25E7%25BD%2591%25E7%25AB%2599&kw=%25E5%25A4%259C%25E8%2589%25B2%25E8%25B5%2584%25E6%25BA%2590%25E7%25BD%2591%25E7%25AB%2599&cu=https%253A%252F%252Fqaz-kljlsa.com%252F&pu=http%253A%252F%252Fwww.holdkids.com%252F
Requested by: Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 183.131.207.66 -, , ASN (),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:30 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame AABE 30 KB
11 KB 322ms
321ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3

Requested by

Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

c6486c6f9dd4ff9536c8fa967cb2c71a8f4f442130b45cd2d96ad383d1302c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 18 Jul 2022 21:47:29 GMT
Content-Encoding: gzip
Server: apache
Etag: e92b1ddeb5d8d9903a529351bc87bacb
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11338

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame AABE 43 B
299 B 330ms
329ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1859918661&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.holdkids.com%2F&v=1.2.96&lv=1&sn=14279&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fqaz-kljlsa.com%2F&tt=%E5%A4%9C%E8%89%B2%E8%B5%84%E6%BA%90%E7%BD%91%E7%AB%99

Requested by

Host: qaz-kljlsa.com
URL: https://qaz-kljlsa.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://qaz-kljlsa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Jul 2022 21:47:29 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 7002644624DCEE33
.www.holdkids.com/	1970-01-20 13:21:56	Name: Hm_lvt_b47eb7f64a6441bc726febc89cad58a3 Value: 1658180847
.www.holdkids.com/	1969-12-31 23:59:59	Name: Hm_lpvt_b47eb7f64a6441bc726febc89cad58a3 Value: 1658180847
img.siwazywimg.com/	1969-12-31 23:59:59	Name: d Value:

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

111kkkkk.com
acoossd.top
acoossi.top
acoozzh.top
aixuntupian.oss-cn-hongkong.aliyuncs.com
aooacctp.vip
hm.baidu.com
ia.51.la
img.777731.net
img.siwazywimg.com
js.users.51.la
kgagck6.com
kvemm.com
kvezz.com
kzeaa.com
n7181.com
n7516.com
pic.rmb.bdstatic.com
qaz-kljlsa.com
siwazywcdn2.com
tupaiyy.oss-cn-hongkong.aliyuncs.com
v1.cnzz.com
www.govhebie.cn
www.holdkids.com
103.170.15.71
103.235.46.191
104.193.90.80
107.148.17.189
112.90.153.42
156.248.208.195
156.248.235.252
161.8.149.6
183.131.207.66
183.136.208.250
23.225.154.19
23.225.222.2
2606:4700:3033::ac43:bdcb
2606:4700:3034::ac43:a135
2606:4700:3038::6815:eac9
2606:4700:3038::6815:ead1
45.154.215.92
45.61.212.126
45.61.212.216
47.57.203.168
47.75.19.145
64.112.76.82
66.150.130.123
72.52.71.252
09c33ead6633fe64a8196172a420737bdf89bb9228e0aed5ae845af0b09abf01
0f219ebfa67c20349a5873d34f86df867279c0b89c21fc10d62fab498308ae79
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
1e447c05c891ad9c64c2a60701a5583478a6573b75e2aea1c7dd57e6f3e59df8
23e6d19442cb8ff05d6a9fa5a97c978da7c537887e0290dff0b0612eb1f25b5f
25af85f34fa9021bae72e2da430d3cb807dbc1f53a4f28f0480aa7c17643e65e
2c978d5da4312c46fd3e32f64ac24e2687ce609557b5f299838ea76697627b64
34924659831f47a88bb09ee743e6e993c7b98c6038e0d6f9ba93123ba0a92a50
34d2698ccdb43fa2689caf37aab991fb9abb6aaa4da2952633a6009ae8e8d6be
433dfc5eec4418606a326c6815431c14b44198a4352b17c829828c687e7a4cbc
487d1d9209c62f62d81facdd97f4f2a2b2d4bb1d9d393978ef95c5494617729e
49f1e25f36d735696eb54c8b3931cc37b28afe2cbbab419c2139e2443a638f29
518014909ebbb10f13e751e28267d1f285d4397a31c47da820b91448b674e855
58171d87797db4e86a57160f173f9e529509d091ecf347882bc92f75696c3e62
5939ec25e1e2884ed4f4926e10431b6b2d87b0a31b931e20144513f827a56ef5
5a7420aa863361685968f540d6fb37801cdeb560769a301f882d18c07c485a2c
5e63d8857ab10581b634d80ccce5073fe471e9a6dd7d206f8e18f483589283a8
62f46158d7fd04fcca09e953dd9b347214f5193408f0b117d3f45f6ab5ae645b
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
652f51a0483f1b139558a748b988871e4d566499e893f7f6593479b7049ccc67
6e161699e506e7e4e9ef5f1a5c3014abfb88148bbeb34bff960b749b9c646095
7e9de18ea85dfe55509c4ba37ff54def97112179e96ed9a263bd8def1015c2f2
85b083b68289347328190d67fe187ba65d44e1d0072a254fd9f06d3510133083
9063e8059ba64a30197dbe4bb49b362edf3df4fa1bff1fb6bceb171e52740ae7
9762b3b42344e9780ab4ffd82d0fb0f5d09fd32c0e89b751076671c8e776f975
9e9bf9d364d057359d1fefa614e53932d7d00c55f63e9501a5412ffa66eb973b
a2346154aace150e89165e0115e34cc33f9a9215e0d8fd35f6a8c01a4e0c951d
a479c13dea80b7cf0280819cc8d9ce2575d60201cc7594fc034a072567be6903
a85ded447ca8863012767d01947891f517d0322b595ccd4d4a474993dc06e574
b11e168dffce02d885da51ca27f591d58a5fdeb762422caed2411347c84b66f4
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
b6f8b6c4cf22d52ac8f3d92f130edd053cc49a4b8024cae880711ed0960ba015
bc813b8086414a7a973b0eefa86d9d60e6dbe86ec4d06f1608cae4af9a1b053a
bcf22ea10cbe7b333f83b38e1a1d39100deb3198376a8c51be73696b3f6df64d
c6486c6f9dd4ff9536c8fa967cb2c71a8f4f442130b45cd2d96ad383d1302c89
c72ec39c94fd28cabff99f9d28131054a67979e077bf794495db3b28ce57bd83
c98dce83c03e22afb392873703b76795a050bb129f1c72ebecfe78315dff9aeb
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
cab123ad64207ca6e7580ce8c35d3be10358553b551a11ab04059667eaa2573d
cab3fd518564b216ecde2889607cb3c50fe98e140e94ed122ce0d42c139bf4d6
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
ce531ba87a6832389e20668fe5b3abdc7226d54ad3768d53f1f1b3a225500307
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf823e0a88bc4964e4d3a912cfd5497b351a55800800c68d636e221f7620b11d
cfa0858650f22f6503d04e7e6d3c88e8f49e69f84cabd217e456995fb0fa518d
d99f97d57c2da04350df74577bb5f381fcdbb17ebf6d46148a7f50fbb1938ce1
d9b034f942505e2f141b357dc31e788f5b04acfb4e18067de194946ba956f123
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e456db3db5154228a6fd3fcf122a38b455bf25f7bf28e86b57eb60ae797a6618
e46c2d914611554c90bbb14db4e04e180122aae3d976c06201eeb20f360be643
ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47
f2fc91392f42d7441dab4416888da3ded8301304fa90efc7eabf32b2177010f2
fa18040d8075823d8eb8e92a9e3a8f8ea627ac1afc741a284744c6b1c0e29bf6
fc6185f434fab28d7a5226bd18b3c814b502743f292feeca8e30a4ab7afa5d56

www.holdkids.com Open in urlscan Pro 156.248.235.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

88 %HTTPS

17 %IPv6

22 Domains

24 Subdomains

20 IPs

4 Countries

8862 kBTransfer

9339 kBSize

4 Cookies

0 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.holdkids.com Open in urlscan Pro
156.248.235.252 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

88 %
HTTPS

17 %
IPv6

22
Domains

24
Subdomains

20
IPs

4
Countries

8862 kB
Transfer

9339 kB
Size

4
Cookies

59 HTTP transactions
0 data transactions