urlscan.io logo urlscan.io
SecurityTrails logo

zhifaduck.com Open in urlscan Pro
154.195.243.82  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zhifaduck.com/
Effective URL: http://zhifaduck.com/2024.html
Submission: On October 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 52 HTTP transactions. The main IP is 154.195.243.82, located in United States and belongs to POWERLINE-AS-AP POWER LINE DATACENTER, HK. The main domain is zhifaduck.com.
This is the only time zhifaduck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 154.195.243.82 132839 (POWERLINE...)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
20 172.67.15.14 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
52 5
Apex Domain
Subdomains		 Transfer
27 tawk.to
embed.tawk.to — Cisco Umbrella Rank: 10809
va.tawk.to — Cisco Umbrella Rank: 10430
278 KB
23 zhifaduck.com
zhifaduck.com
1 MB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
41 KB
0 baidu.com Failed
hm.baidu.com Failed
52 4
Domain Requested by
23 zhifaduck.com zhifaduck.com
22 embed.tawk.to zhifaduck.com
embed.tawk.to
5 va.tawk.to embed.tawk.to
1 cdn.jsdelivr.net embed.tawk.to
0 hm.baidu.com Failed zhifaduck.com
52 5

This site contains no links.

Subject Issuer Validity Valid
tawk.to
WE1		 2024-09-21 -
2024-12-20		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh

This page contains 5 frames:

Primary Page: http://zhifaduck.com/2024.html
Frame ID: C9910EFF415F6F49BE1320197DF23106
Requests: 45 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6711d43859e/css/bubble-widget.css
Frame ID: 4437B04AA7DECD503AC20C0DA47741F2
Requests: 3 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6711d43859e/css/min-widget.css
Frame ID: 5016A622AE5FF5C971AF43FD1BE375F1
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6711d43859e/css/message-preview.css
Frame ID: 64ADCAEC24CE7A410AFE97F4F8AED684
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/6711d43859e/css/max-widget.css
Frame ID: 16A36FAE84779FDA4ED030139AD1954F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

信誉至尊线上平台

Page URL History Show full URLs

  1. http://zhifaduck.com/ HTTP 307
    https://zhifaduck.com/ HTTP 307
    http://zhifaduck.com/ Page URL
  2. http://zhifaduck.com/2024.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //embed\.tawk\.to
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

52
Requests

54 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

1538 kB
Transfer

2593 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zhifaduck.com/ HTTP 307
    https://zhifaduck.com/ HTTP 307
    http://zhifaduck.com/ Page URL
  2. http://zhifaduck.com/2024.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://zhifaduck.com/ HTTP 307
  • https://zhifaduck.com/ HTTP 307
  • http://zhifaduck.com/

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
zhifaduck.com/
Redirect Chain
  • http://zhifaduck.com/
  • https://zhifaduck.com/
  • http://zhifaduck.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Sat, 19 Oct 2024 03:06:17 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Location
http://zhifaduck.com/
Non-Authoritative-Reason
HttpsUpgrades
hm.js
hm.baidu.com/ 		0
0
Primary Request 2024.html
zhifaduck.com/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/2024.html
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
40760c194ca8ab97f220989c4db6639a50ab4456dcb1c101ea90130f91e2c866

Request headers

Referer
http://zhifaduck.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 19 Oct 2024 03:06:17 GMT
ETag
W/"66ae0abf-27dc"
Last-Modified
Sat, 03 Aug 2024 10:47:27 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
jquery.min.js
zhifaduck.com/skin/js/ 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/skin/js/jquery.min.js
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"65f03149-14497"
Connection
keep-alive
Expires
Sat, 19 Oct 2024 15:06:17 GMT
Date
Sat, 19 Oct 2024 03:06:17 GMT
Content-Type
application/javascript
Last-Modified
Tue, 12 Mar 2024 10:41:13 GMT
Server
nginx
Vary
Accept-Encoding
js-sdk-pro.min.js
zhifaduck.com/skin/js/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/skin/js/js-sdk-pro.min.js
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"65f0314a-861a"
Connection
keep-alive
Expires
Sat, 19 Oct 2024 15:06:17 GMT
Date
Sat, 19 Oct 2024 03:06:17 GMT
Content-Type
application/javascript
Last-Modified
Tue, 12 Mar 2024 10:41:14 GMT
Server
nginx
Vary
Accept-Encoding
main.css
zhifaduck.com/skin/css/ 		104 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/skin/css/main.css
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
170669644c6aa73f01c8277db808712bdb83c792ed9133dda3d23448ae9bea72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"66041784-19e2e"
Connection
keep-alive
Expires
Sat, 19 Oct 2024 15:06:17 GMT
Date
Sat, 19 Oct 2024 03:06:17 GMT
Content-Type
text/css
Last-Modified
Wed, 27 Mar 2024 12:56:36 GMT
Server
nginx
Vary
Accept-Encoding
rbsmgwmmnw-ahnf9aabt7ce2zgq81.png
zhifaduck.com/skin/picture/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zhifaduck.com/skin/picture/rbsmgwmmnw-ahnf9aabt7ce2zgq81.png
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
4d85ac80d95ad6a5bb3c40ca1849213dc5d81343c149100c1ec8f465fe0cd469

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"660407cf-6acf"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 03:06:17 GMT
Date
Sat, 19 Oct 2024 03:06:17 GMT
Content-Type
image/png
Last-Modified
Wed, 27 Mar 2024 11:49:35 GMT
Server
nginx
Vary
Accept-Encoding
e6a5cd9e9d3718b1dfeae5307b0342be.png
zhifaduck.com/skin/picture/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zhifaduck.com/skin/picture/e6a5cd9e9d3718b1dfeae5307b0342be.png
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
4f20b7c19f00c069e0890647bd8843f9454e1c4a8e872efe535799f7f7a0191c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"66040cd1-a94a"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 03:06:17 GMT
Date
Sat, 19 Oct 2024 03:06:17 GMT
Content-Type
image/png
Last-Modified
Wed, 27 Mar 2024 12:10:57 GMT
Server
nginx
Vary
Accept-Encoding
agzr-a1c71e5be9b39f7336d00a3c639b4fea.png
zhifaduck.com/skin/picture/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zhifaduck.com/skin/picture/agzr-a1c71e5be9b39f7336d00a3c639b4fea.png
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
bcc28a38ce82ed3ae1c1b5e52226f596966aca816c913da0b3208f3ca71fa9a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"6604096d-51b1"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 03:06:18 GMT
Date
Sat, 19 Oct 2024 03:06:18 GMT
Content-Type
image/png
Last-Modified
Wed, 27 Mar 2024 11:56:29 GMT
Server
nginx
Vary
Accept-Encoding
ag-7808f49a88fd25b6401101e3320ff385.png
zhifaduck.com/skin/picture/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zhifaduck.com/skin/picture/ag-7808f49a88fd25b6401101e3320ff385.png
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
a7ccc85977d21bea1f9b5b627c5af3a7fc65f02b5175211d6308a1dffc57c8f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"66040bb4-536d"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 03:06:18 GMT
Date
Sat, 19 Oct 2024 03:06:18 GMT
Content-Type
image/png
Last-Modified
Wed, 27 Mar 2024 12:06:12 GMT
Server
nginx
Vary
Accept-Encoding
title.png
zhifaduck.com/skin/picture/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zhifaduck.com/skin/picture/title.png
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
fdd37ce5bf96200eebe2ec81a560574d8e8af3ee63e5327e1ca7cce5cca0876d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"65f15082-1b45"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 03:06:18 GMT
Date
Sat, 19 Oct 2024 03:06:18 GMT
Content-Type
image/png
Last-Modified
Wed, 13 Mar 2024 07:06:42 GMT
Server
nginx
Vary
Accept-Encoding
kf.gif
zhifaduck.com/skin/picture/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zhifaduck.com/skin/picture/kf.gif
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
63b7330085206af70120a6a984dce7ec0d8016fbe2d887492ba269ee23477c6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"65f00470-1034c"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 03:06:18 GMT
Date
Sat, 19 Oct 2024 03:06:18 GMT
Content-Type
image/gif
Last-Modified
Tue, 12 Mar 2024 07:29:52 GMT
Server
nginx
Vary
Accept-Encoding
link.js
zhifaduck.com/skin/js/ 		1 KB
824 B 		Script
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/skin/js/link.js
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
504eb61ae29973dc5a27890a6ee54cdb5866b1a974570222d4a45d78d0c4674d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"67123cb2-4a0"
Connection
keep-alive
Expires
Sat, 19 Oct 2024 15:06:18 GMT
Date
Sat, 19 Oct 2024 03:06:18 GMT
Content-Type
application/javascript
Last-Modified
Fri, 18 Oct 2024 10:47:14 GMT
Server
nginx
Vary
Accept-Encoding
code.js
zhifaduck.com/skin/js/ 		2 KB
735 B 		Script
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/skin/js/code.js
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
ae8d8141a5fc7d71af5ce5e1dcff9f90bff8d883259e358dd613d9b30c95a5c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=43200
Content-Encoding
gzip
ETag
W/"66ae0761-75d"
Connection
keep-alive
Expires
Sat, 19 Oct 2024 15:06:18 GMT
Date
Sat, 19 Oct 2024 03:06:18 GMT
Content-Type
application/javascript
Last-Modified
Sat, 03 Aug 2024 10:33:05 GMT
Server
nginx
Vary
Accept-Encoding
1gnf3nqfr
embed.tawk.to/63ce6559c2f1ac1e202f1f13/ 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/63ce6559c2f1ac1e202f1f13/1gnf3nqfr
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/2024.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2d8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40baf2c753d68e2c04b00f69dadae37887c195ee4ac0a75faa7727e8e289ca39
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
http://zhifaduck.com/

Response headers

strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=7200, s-maxage=3600
content-encoding
gzip
cf-cache-status
MISS
etag
W/"stable-v4-6711d43859e"
x-content-type-options
nosniff
cf-ray
8d4d8d2a3fdb9136-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:18 GMT
content-type
application/x-javascript
vary
Accept-Encoding
server
cloudflare
background.png
zhifaduck.com/skin/images/ 		211 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zhifaduck.com/skin/images/background.png
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/skin/css/main.css
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
d2a73e393a37d81da87a9c40a079aab28916dfc13b371038f4aec702448d7331

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/skin/css/main.css

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"65f0314b-34d7c"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 03:06:18 GMT
Date
Sat, 19 Oct 2024 03:06:18 GMT
Content-Type
image/png
Last-Modified
Tue, 12 Mar 2024 10:41:15 GMT
Server
nginx
Vary
Accept-Encoding
ag-66.png
zhifaduck.com/skin/images/ 		212 KB
211 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zhifaduck.com/skin/images/ag-66.png
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/skin/css/main.css
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
f19fe2c491dfcc9eef6aad394eea674b3f51041e12c956d1df8b6aa1e5fa5187

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/skin/css/main.css

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"65f03149-34e3e"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 03:06:18 GMT
Date
Sat, 19 Oct 2024 03:06:18 GMT
Content-Type
image/png
Last-Modified
Tue, 12 Mar 2024 10:41:13 GMT
Server
nginx
Vary
Accept-Encoding
truncated
/ 		39 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34e0792ec3f2e3a45a2afb3565a00e75241984dd331bd103cb99207f0fdfa44e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

Content-Type
image/png
kaiyunlogo.png
zhifaduck.com/skin/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zhifaduck.com/skin/images/kaiyunlogo.png
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/skin/css/main.css
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
bef26e479b4f7136509c5193108e73e73dcaa6dd188cbe3ad73ac454f1fce526

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/skin/css/main.css

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"65f0314b-3c4e"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 03:06:18 GMT
Date
Sat, 19 Oct 2024 03:06:18 GMT
Content-Type
image/png
Last-Modified
Tue, 12 Mar 2024 10:41:15 GMT
Server
nginx
Vary
Accept-Encoding
hthlogo.png
zhifaduck.com/skin/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zhifaduck.com/skin/images/hthlogo.png
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/skin/css/main.css
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
42666954b6fab0a9be2310a0448fbaa0334d7f1fcb9c87e27599f1115aed69ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/skin/css/main.css

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"65f0314a-16d9"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 03:06:19 GMT
Date
Sat, 19 Oct 2024 03:06:19 GMT
Content-Type
image/png
Last-Modified
Tue, 12 Mar 2024 10:41:14 GMT
Server
nginx
Vary
Accept-Encoding
sport-item-bg.png
zhifaduck.com/skin/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://zhifaduck.com/skin/images/sport-item-bg.png
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/skin/css/main.css
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
4895bd6a111f770353a2530ac1b9092f8ee261abd8e36553e329e6c319961f42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/skin/css/main.css

Response headers

Transfer-Encoding
chunked
Cache-Control
max-age=2592000
Content-Encoding
gzip
ETag
W/"65f0314a-30e7"
Connection
keep-alive
Expires
Mon, 18 Nov 2024 03:06:19 GMT
Date
Sat, 19 Oct 2024 03:06:19 GMT
Content-Type
image/png
Last-Modified
Tue, 12 Mar 2024 10:41:14 GMT
Server
nginx
Vary
Accept-Encoding
latin.fab57614.woff2
zhifaduck.com/skin/fonts/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/skin/fonts/latin.fab57614.woff2
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/skin/css/main.css
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
fab57614b562fa655d1663afa2720078a3b016e0fd780cf7305c06338642516f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
http://zhifaduck.com/skin/css/main.css

Response headers

ETag
"65f0314a-78d0"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30928
Date
Sat, 19 Oct 2024 03:06:18 GMT
Content-Type
font/woff2
Last-Modified
Tue, 12 Mar 2024 10:41:14 GMT
Server
nginx
montserrat-regular.949efd65.ttf
zhifaduck.com/skin/fonts/ 		194 KB
194 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/skin/fonts/montserrat-regular.949efd65.ttf
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/skin/css/main.css
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
949efd65ba9a02a120d693ba6606767d990ee821c30fb59a1cb9a95d2c7882ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
http://zhifaduck.com/skin/css/main.css

Response headers

ETag
"65f03149-30798"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198552
Date
Sat, 19 Oct 2024 03:06:18 GMT
Content-Type
application/octet-stream
Last-Modified
Tue, 12 Mar 2024 10:41:13 GMT
Server
nginx
iconfont.599951c1.woff2
zhifaduck.com/skin/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/skin/fonts/iconfont.599951c1.woff2
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/skin/css/main.css
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
407a95e9d3f3d987e7f5d7a73e7cb743c3f4525260ae3b00acff310aa719e0dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
http://zhifaduck.com/skin/css/main.css

Response headers

ETag
"65f0314b-7ae4"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31460
Date
Sat, 19 Oct 2024 03:06:19 GMT
Content-Type
font/woff2
Last-Modified
Tue, 12 Mar 2024 10:41:15 GMT
Server
nginx
montserrat-black.be2a4b98.ttf
zhifaduck.com/skin/fonts/ 		194 KB
194 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/skin/fonts/montserrat-black.be2a4b98.ttf
Requested by
Host: zhifaduck.com
URL: http://zhifaduck.com/skin/css/main.css
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
be2a4b98fed0915bf1cf1eac6b6fd25b41cc3cbabd5c284a951e7655220ec359

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
http://zhifaduck.com/skin/css/main.css

Response headers

ETag
"65f0314a-30710"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198416
Date
Sat, 19 Oct 2024 03:06:19 GMT
Content-Type
application/octet-stream
Last-Modified
Tue, 12 Mar 2024 10:41:14 GMT
Server
nginx
twk-main.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		121 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-main.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce6559c2f1ac1e202f1f13/1gnf3nqfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2d8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
http://zhifaduck.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
content-encoding
br
cf-cache-status
MISS
etag
W/"da5bb1dc647470204df0e49f5afac2de"
x-content-type-options
nosniff
cf-ray
8d4d8d308a6d9136-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:19 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
server
cloudflare
twk-vendor.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-vendor.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce6559c2f1ac1e202f1f13/1gnf3nqfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2d8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
http://zhifaduck.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"3b341e35b39f6195793ecaf5db7c1d63"
x-content-type-options
nosniff
cf-ray
8d4d8d308a6e9136-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:19 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
server
cloudflare
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		212 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-vendors.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce6559c2f1ac1e202f1f13/1gnf3nqfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2d8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
http://zhifaduck.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"77a40166698f808a0942865537165b0f"
x-content-type-options
nosniff
cf-ray
8d4d8d308a6f9136-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:19 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
server
cloudflare
twk-chunk-common.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		223 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-common.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce6559c2f1ac1e202f1f13/1gnf3nqfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2d8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1817fb50033e18603787fb591356172099e387edcc30764b8654b068114447a6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
http://zhifaduck.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"88a56f2103b1aa7fd52f40b8b9ef8013"
x-content-type-options
nosniff
cf-ray
8d4d8d308a719136-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:19 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
server
cloudflare
twk-runtime.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-runtime.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce6559c2f1ac1e202f1f13/1gnf3nqfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2d8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51cd0e75ca8d0004555c881bdf07ed87003b75b137a63ae2968931638197cb0c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
http://zhifaduck.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
content-encoding
gzip
cf-cache-status
MISS
etag
W/"b48457f0df75902838d8297bb1cf65e1"
x-content-type-options
nosniff
cf-ray
8d4d8d308a729136-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:19 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
server
cloudflare
twk-app.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		151 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-app.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/63ce6559c2f1ac1e202f1f13/1gnf3nqfr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2d8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
http://zhifaduck.com/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
content-encoding
br
cf-cache-status
MISS
etag
W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-content-type-options
nosniff
cf-ray
8d4d8d308a739136-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:19 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
server
cloudflare
favicon.ico
zhifaduck.com/skin/images/ 		25 KB
25 KB 		Other
General
Check archive.org
Download Go to
Full URL
http://zhifaduck.com/skin/images/favicon.ico
Protocol
HTTP/1.1
Server
154.195.243.82 , United States, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),
Reverse DNS
Software
nginx /
Resource Hash
daef5345fdc6d378e8523e305b85351c3a92ac8fe7a8763063689f895dfbe46f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/2024.html

Response headers

ETag
"65f156b2-6392"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25490
Date
Sat, 19 Oct 2024 03:06:19 GMT
Content-Type
image/x-icon
Last-Modified
Wed, 13 Mar 2024 07:33:06 GMT
Server
nginx
widget-settings
va.tawk.to/v1/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/widget-settings?propertyId=63ce6559c2f1ac1e202f1f13&widgetId=1gnf3nqfr&sv=null
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c5e4298ddafa8f59412bc6eb6aa07479e1d55cd151a33d9bb1bae38cfa9a89
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
MISS
etag
W/"2-141-0"
access-control-allow-methods
GET,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/json
x-served-by
visitor-application-preemptive-99jw
vary
Accept-Encoding
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=7200, s-maxage=1800
cf-ray
8d4d8d33ca299171-FRA
access-control-allow-origin
*
server
cloudflare
start
va.tawk.to/v1/session/ 		1 KB
1022 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63fc1d7a5d4139ef83f109f9098119c195f833f5c7eaf8bfc67e235c189874b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Referer
http://zhifaduck.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
DYNAMIC
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/json
x-served-by
visitor-application-preemptive-sr7r
vary
Accept-Encoding
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-credentials
true
cf-ray
8d4d8d350b68dc8e-FRA
access-control-allow-origin
http://zhifaduck.com
server
cloudflare
start
va.tawk.to/v1/session/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/v1/session/start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://zhifaduck.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
http://zhifaduck.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8d4d8d33ca2a9171-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 19 Oct 2024 03:06:20 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-3xpl
zh_cn.js
embed.tawk.to/_s/v4/app/6711d43859e/languages/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/languages/zh_cn.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c461d37c9a68e7b37162c98938cbb65eb32820f3ef38cbdb55f260f24c9ec9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"0ad5f37fa26994e7c8171f3c6639f1b6"
age
84991
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d363ca0dc8e-FRA
access-control-allow-origin
*
server
cloudflare
twk-chunk-bf24a88e.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-bf24a88e.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"c96127c9a0429d69fecbeb73fd410443"
age
85182
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d36fd69dc8e-FRA
access-control-allow-origin
*
server
cloudflare
twk-chunk-71978bb6.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-71978bb6.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc68c446eb37acc7df3f2187cc86eb95a453c9802e08e5313d708ac51fe65afc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"2119962e6ba0011d10b833242454a749"
age
85182
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
MISS
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d36fd6adc8e-FRA
access-control-allow-origin
*
server
cloudflare
twk-chunk-f1565420.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-f1565420.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b2da1f98a532035bcbf70f5e5da71fc1cee256467c260cde21e69f09cb488f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"3d1c2c9e029ed72e9759b3f81fd4a26c"
age
85173
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d36fd6bdc8e-FRA
access-control-allow-origin
*
server
cloudflare
twk-chunk-7c2f6ba4.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-7c2f6ba4.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"977b0aa25f349861d14d837b480e5615"
age
85182
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d36fd6ddc8e-FRA
access-control-allow-origin
*
server
cloudflare
twk-chunk-48f3b594.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-48f3b594.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad479afe06177a688892b63075f8c7d215016f70fe2162de48cfb06aab14efa
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"1aab9e4b0c3188c24b66300eae9721a0"
age
85182
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d36fd6fdc8e-FRA
access-control-allow-origin
*
server
cloudflare
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		906 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-4fe9d5dd.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"1c5ecf371149feca23bd895ba9dfec4d"
age
85182
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d36fd70dc8e-FRA
access-control-allow-origin
*
server
cloudflare
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		535 B
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-2d0b9454.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"c506281367048d4a134c9affbc68c8c6"
age
85182
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d36fd71dc8e-FRA
access-control-allow-origin
*
server
cloudflare
twk-chunk-24d8db78.js
embed.tawk.to/_s/v4/app/6711d43859e/js/ 		119 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-24d8db78.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-runtime.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d78b54c17499fe67bcd823664e7d733c4b95a7158c36be035cd62563adba81e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"e14bf53e917aa93fefc3c7a7c705488c"
age
85182
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d36fd72dc8e-FRA
access-control-allow-origin
*
server
cloudflare
bubble-widget.css
embed.tawk.to/_s/v4/app/6711d43859e/css/ Frame 4437 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/css/bubble-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"ce7913b80c763449b3895d46419f7a6b"
age
85173
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=13594
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
text/css
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d376dffdc8e-FRA
access-control-allow-origin
*
server
cloudflare
min-widget.css
embed.tawk.to/_s/v4/app/6711d43859e/css/ Frame 5016 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/css/min-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"2d7f176b563b25833791f4844819b5ee"
age
85182
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=24809
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
text/css
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d379e4ddc8e-FRA
access-control-allow-origin
*
server
cloudflare
message-preview.css
embed.tawk.to/_s/v4/app/6711d43859e/css/ Frame 64AD 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/css/message-preview.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bb9bea122d99ce774ad8d639165ac575f675703844e30358b46619447bac6b1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"313ec28abf9889abec5153d8318e8022"
age
85182
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=42689
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
text/css
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d379e7bdc8e-FRA
access-control-allow-origin
*
server
cloudflare
max-widget.css
embed.tawk.to/_s/v4/app/6711d43859e/css/ Frame 16A3 		79 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/app/6711d43859e/css/max-widget.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-bf24a88e.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d4d194dffcc3052af0656024429caba99ea312e3b16eb080ae0371565c8a0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"d20ad407080e4c57efd32ce36955d7db"
age
85182
cf-cache-status
HIT
x-content-type-options
nosniff
cf-polished
origSize=80847
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
text/css
last-modified
Fri, 18 Oct 2024 03:21:57 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d381ef0dc8e-FRA
access-control-allow-origin
*
server
cloudflare
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 4437 		22 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"f66e029841759471d2ec78b86760dca7"
age
378638
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
image/svg+xml
last-modified
Sat, 22 May 2021 07:25:19 GMT
vary
Accept-Encoding
x-cache-status
MISS
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d381ef7dc8e-FRA
access-control-allow-origin
*
server
cloudflare
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 		295 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-vendors.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
http://zhifaduck.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
age
2084038
x-content-type-options
nosniff
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Sat, 19 Oct 2024 03:06:20 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230136-FRA, cache-cph2320035-CPH
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
41275
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 4437 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/_s/v4/assets/fonts/tawk-font-icon-2.woff2?55755728=
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/css/bubble-widget.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
http://zhifaduck.com
Referer
https://embed.tawk.to/_s/v4/app/6711d43859e/css/bubble-widget.css

Response headers

cf-cache-status
MISS
etag
"054b3b66812d0a4b87ffc6776f0a42f1"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:21 GMT
content-type
font/woff2
last-modified
Sat, 22 May 2021 07:25:13 GMT
vary
Accept-Encoding
x-cache-status
HIT
strict-transport-security
max-age=0; includeSubDomains; preload
cache-control
public, max-age=2592000, immutable
cf-ray
8d4d8d383e2cdbc8-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
10520
server
cloudflare
v3
va.tawk.to/log-performance/ 		5 B
280 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/6711d43859e/js/twk-chunk-common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json; charset=utf-8
Referer
http://zhifaduck.com/

Response headers

access-control-max-age
3600
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 03:06:21 GMT
content-type
text/html; charset=utf-8
x-served-by
visitor-application-preemptive-3xpl
vary
Accept-Encoding
access-control-allow-headers
content-type,x-tawk-token
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-credentials
true
cf-ray
8d4d8d3bedaf9171-FRA
access-control-allow-origin
http://zhifaduck.com
server
cloudflare
v3
va.tawk.to/log-performance/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.15.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
http://zhifaduck.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-tawk-token
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
http://zhifaduck.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
cache-control
public, s-maxage=600, max-age=600
cf-cache-status
DYNAMIC
cf-ray
8d4d8d3aed499171-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 19 Oct 2024 03:06:21 GMT
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-served-by
visitor-application-preemptive-r7h2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?764822dcccee5aa286a71b6fab780e0b

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| $ function| jQuery object| LA object| ybty_link function| ybty_visit function| ybty_visit_newopen function| ybty_kf function| getMyUrl string| ayx_code string| ky_code string| jiuyou_code function| jiuYouPc_visit function| jiuYouH5_visit function| jiuYouApp_visit function| ayxPc_visit function| ayxH5_visit function| ayxApp_visit function| kyPc_visit function| kyH5_visit function| kyApp_visit function| device9GameRegist function| device9GameRegistby1 function| deviceAYXRegist function| deviceAYXRegistby1 function| deviceKYRegist function| deviceKYRegistby1 string| message function| defeatIE function| defeatNS object| Tawk_API object| Tawk_LoadStart string| $_Tawk_AccountKey string| $_Tawk_WidgetId object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| emojione

3 Cookies

Domain/Path Name / Value
zhifaduck.com/ Name: twk_idm_key
Value: UGIbmq_ZZ5Ef9mq_paPQw
zhifaduck.com/ Name: TawkConnectionTime
Value: 0
.zhifaduck.com/ Name: twk_uuid_63ce6559c2f1ac1e202f1f13
Value: %7B%22uuid%22%3A%221.1vXHB1yTjCljzl9FZOZ9dDP2QKAd8wTYViXVGNpW8Ox6HlRYJeAyKfUJYXmVZ268f57SUH9FSzPdtRfybONQUAhFsOzLz0BDLOAG9Th2lMezsb7VzTqUHBA%22%2C%22version%22%3A3%2C%22domain%22%3A%22zhifaduck.com%22%2C%22ts%22%3A1729307180609%7D

1 Console Messages

Source Level URL
Text
network error URL: http://zhifaduck.com/
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
embed.tawk.to
hm.baidu.com
va.tawk.to
zhifaduck.com
hm.baidu.com
154.195.243.82
172.67.15.14
2606:4700:10::6816:2d8e
2a04:4e42:600::485
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
170669644c6aa73f01c8277db808712bdb83c792ed9133dda3d23448ae9bea72
1817fb50033e18603787fb591356172099e387edcc30764b8654b068114447a6
194c4fa82fa9bf5897963b335fddcfdb462fe898cafbe8b2eb72a9803f2db05f
1dbc2527f5f9662d10909d5a818c5d50b12f128df778f041ecfc5d438815c8d9
2bb9bea122d99ce774ad8d639165ac575f675703844e30358b46619447bac6b1
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
34e0792ec3f2e3a45a2afb3565a00e75241984dd331bd103cb99207f0fdfa44e
357f86eb123b4e1a850f2583a8779a9171a61b98284cea3c89fb285e1baebb81
3d78b54c17499fe67bcd823664e7d733c4b95a7158c36be035cd62563adba81e
40760c194ca8ab97f220989c4db6639a50ab4456dcb1c101ea90130f91e2c866
407a95e9d3f3d987e7f5d7a73e7cb743c3f4525260ae3b00acff310aa719e0dd
40baf2c753d68e2c04b00f69dadae37887c195ee4ac0a75faa7727e8e289ca39
42666954b6fab0a9be2310a0448fbaa0334d7f1fcb9c87e27599f1115aed69ff
4895bd6a111f770353a2530ac1b9092f8ee261abd8e36553e329e6c319961f42
4d85ac80d95ad6a5bb3c40ca1849213dc5d81343c149100c1ec8f465fe0cd469
4f20b7c19f00c069e0890647bd8843f9454e1c4a8e872efe535799f7f7a0191c
504eb61ae29973dc5a27890a6ee54cdb5866b1a974570222d4a45d78d0c4674d
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
51cd0e75ca8d0004555c881bdf07ed87003b75b137a63ae2968931638197cb0c
548669d6434f5204dca25b9a6f8a02f63301b8c1b58a717b91fec8b6c2918305
63b7330085206af70120a6a984dce7ec0d8016fbe2d887492ba269ee23477c6d
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7f4d4d194dffcc3052af0656024429caba99ea312e3b16eb080ae0371565c8a0
92c5e4298ddafa8f59412bc6eb6aa07479e1d55cd151a33d9bb1bae38cfa9a89
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
949efd65ba9a02a120d693ba6606767d990ee821c30fb59a1cb9a95d2c7882ff
96b2da1f98a532035bcbf70f5e5da71fc1cee256467c260cde21e69f09cb488f
a7ccc85977d21bea1f9b5b627c5af3a7fc65f02b5175211d6308a1dffc57c8f9
ae8d8141a5fc7d71af5ce5e1dcff9f90bff8d883259e358dd613d9b30c95a5c1
bad479afe06177a688892b63075f8c7d215016f70fe2162de48cfb06aab14efa
bc68c446eb37acc7df3f2187cc86eb95a453c9802e08e5313d708ac51fe65afc
bcc28a38ce82ed3ae1c1b5e52226f596966aca816c913da0b3208f3ca71fa9a6
be2a4b98fed0915bf1cf1eac6b6fd25b41cc3cbabd5c284a951e7655220ec359
bef26e479b4f7136509c5193108e73e73dcaa6dd188cbe3ad73ac454f1fce526
c6c461d37c9a68e7b37162c98938cbb65eb32820f3ef38cbdb55f260f24c9ec9
cf0bb2630fde34a664dc471d3a575a72c37b5a96cb74fcafb92ca7f17fefbe40
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d2a73e393a37d81da87a9c40a079aab28916dfc13b371038f4aec702448d7331
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
daef5345fdc6d378e8523e305b85351c3a92ac8fe7a8763063689f895dfbe46f
f19fe2c491dfcc9eef6aad394eea674b3f51041e12c956d1df8b6aa1e5fa5187
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f63fc1d7a5d4139ef83f109f9098119c195f833f5c7eaf8bfc67e235c189874b
fab57614b562fa655d1663afa2720078a3b016e0fd780cf7305c06338642516f
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fdd37ce5bf96200eebe2ec81a560574d8e8af3ee63e5327e1ca7cce5cca0876d