urlscan.io logo urlscan.io
SecurityTrails logo

excel.pages.dev Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://excel.pages.dev/
Submission: On June 30 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 12 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is excel.pages.dev.
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.
This is the only time excel.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 2a04:4e42:200... 54113 (FASTLY)
1 172.67.169.115 13335 (CLOUDFLAR...)
1 43.152.26.110 139341 (ACE-AS-AP...)
2 111.45.11.83 56040 (CMNET-GUA...)
12 6
3    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
excel.pages.dev
3    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    172.67.169.115 (United States)

ASN13335 (CLOUDFLARENET, US)
v1.hitokoto.cn
1    43.152.26.110 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
pv.sohu.com
2    111.45.11.83 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)
hm.baidu.com
Apex Domain
Subdomains		 Transfer
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
469 KB
3 pages.dev
excel.pages.dev
18 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 9856
12 KB
1 sohu.com
pv.sohu.com — Cisco Umbrella Rank: 28784
309 B
1 hitokoto.cn
v1.hitokoto.cn — Cisco Umbrella Rank: 397754
1 KB
0 ladydaily.com Failed
rmt.ladydaily.com Failed
0 tianqiapi.com Failed
tianqiapi.com Failed
12 7
Domain Requested by
3 cdn.jsdelivr.net excel.pages.dev
cdn.jsdelivr.net
3 excel.pages.dev excel.pages.dev
2 hm.baidu.com excel.pages.dev
1 pv.sohu.com excel.pages.dev
1 v1.hitokoto.cn excel.pages.dev
0 rmt.ladydaily.com Failed cdn.jsdelivr.net
0 tianqiapi.com Failed excel.pages.dev
12 7

This site contains links to these domains. Also see Links.

Domain
blog.flesx.cn
box.flesx.cn
status.flesx.cn
ssl.flesx.cn
icp.gov.moe
Subject Issuer Validity Valid
excel.pages.dev
WE1		 2024-06-18 -
2024-09-16		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
v1.hitokoto.cn
GTS CA 1P5		 2024-06-02 -
2024-08-31		 3 months crt.sh
www.sohu.com
Secure Site CA G2		 2023-08-10 -
2024-08-10		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://excel.pages.dev/
Frame ID: B103F7C918AA7A8C3A9C1D2898115BE8
Requests: 12 HTTP requests in this frame

Frame: https://tianqiapi.com/api.php?style=tu&skin=pitaya
Frame ID: E04BCEA7171526B0A9150B0F8C90A07A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Flexiston🎉の个人主页

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

12
Requests

83 %
HTTPS

40 %
IPv6

7
Domains

7
Subdomains

6
IPs

3
Countries

591 kB
Transfer

688 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://rmt.dogedoge.com/fetch/Flexiston/storage/ava.jpg HTTP 301
  • https://rmt.ladydaily.com/fetch/Flexiston/storage/ava.jpg

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
excel.pages.dev/ 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://excel.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cd93ae3e0f07ed28b5285fc09c9e800d39db6957a83d2875bb27697b02263ad

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
MISS
cf-ray
89bf22882dc88f40-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 30 Jun 2024 15:19:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=irSU0dMlvIp3j2tmF%2BS8FGJ0ajgSzLexAxvVA6OowzmPTXu%2BGEgAlloKutre%2B1RZ%2BnZnf5RQ%2Ft7KYKd3fMkZOk8SaJUghiJRgI%2FCVW3utpiL3oVg1khdCTg69NI%2Fdbzs00y1I2f%2F%2F2tLunoJSJM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-server
Cloudflare Pages
FiraCode.css
cdn.jsdelivr.net/gh/Flexiston/homepage@master/css/ 		292 KB
219 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/Flexiston/homepage@master/css/FiraCode.css
Requested by
Host: excel.pages.dev
URL: https://excel.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b78621e06ab76350a9e243e147b6aa38540f75a3655cd700844ec74feba28511
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://excel.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 30 Jun 2024 15:19:29 GMT
x-content-type-options
nosniff
content-encoding
br
age
34470
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
223937
x-served-by
cache-fra-eddf8230044-FRA, cache-mad2200144-MAD
x-jsd-version-type
branch
etag
W/"48efc-HCHi8WhZoXNsFxpX9ctEQS2v3vk"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
flesx.css
cdn.jsdelivr.net/gh/Flexiston/homepage@master/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/Flexiston/homepage@master/css/flesx.css
Requested by
Host: excel.pages.dev
URL: https://excel.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d474d11d0e2720db43259160b07d28f6229673655c0690cb50a31ea2371648fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://excel.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 30 Jun 2024 15:19:29 GMT
x-content-type-options
nosniff
content-encoding
br
age
12115
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1869
x-served-by
cache-fra-etou8220051-FRA, cache-mad2200144-MAD
x-jsd-version-type
branch
etag
W/"1cbe-4QuiU+q6OMe0BOIuEzAkgxyX6+I"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
fish.png
excel.pages.dev/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://excel.pages.dev/img/fish.png
Requested by
Host: excel.pages.dev
URL: https://excel.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cc4c5e3755f824e5a07d3a7886f15b249900c506b4494df75698766bc16d417

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://excel.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 15:19:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
cb9ca259e938bf13c8db99062880b743
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fLk7Ev7mt1jpPDt5X7EQqnOGCUMRKVHfg0B2oM46zq3ibVgYIQP8H%2B3plZlORoboQLGWDK827eM1Fub1Rg6%2BoDUuhPKVi%2BIpbaRnIRYmhBadoiCvOwleDnO1BtqLy2d4IwE4L8HEjP4GKHTCP3U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=0, must-revalidate
x-server
Cloudflare Pages
cf-ray
89bf228a38ba8f40-FRA
alt-svc
h3=":443"; ma=86400
content-length
7220
002.png
excel.pages.dev/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://excel.pages.dev/img/002.png
Requested by
Host: excel.pages.dev
URL: https://excel.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d07e3d181c8140847fe0b68ad32aff1d3a7a56a95a46a1455b01c92850768ea6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://excel.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 15:19:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
865962dec7ce02d0bc9a3a9d1681ddb9
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXbBrXZd33RsPqRTRNYnxoEyHHik5fJ74IwrhMNlkRBh%2B0mM1SNTUxYp%2FsgqIayApmB6OMon7l9rB6%2FoOR2%2FzR%2BtzSUIlmRwijB5Tdj6Sf%2Fn00GqpRYU%2FTiKh0bKrQkW%2Bf0ZlJLueB%2FxdG6Rbp8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=0, must-revalidate
x-server
Cloudflare Pages
cf-ray
89bf228a38bc8f40-FRA
alt-svc
h3=":443"; ma=86400
content-length
7661
/
v1.hitokoto.cn/ 		215 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.hitokoto.cn/?encode=js&select=.hito
Requested by
Host: excel.pages.dev
URL: https://excel.pages.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.115 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d23c60a3ecb8de1b40f3531b496568bf15212a80a4a3c1bdd8624a5881ac914
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://excel.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 15:19:30 GMT
content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
EXPIRED
x-permitted-cross-domain-policies
none
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control
off
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
x-request-id
1e179a8c-ef99-44a7-a04a-57f5fda993d0
referrer-policy
no-referrer
last-modified
Sun, 30 Jun 2024 15:08:51 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
access-control-expose-headers
X-Request-Id
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IiPMOs7zRElQC4S6eIRSLGYcQcIUkwSQPmx3NVTbjHNm%2BPOsSxrEyAf7hzF41syARu12HFombLXxya0Y3kyErB2hhGrikl%2BNbGWGpBcV3XMZl0cwpSNqLaCaAyNw8kaxQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
89bf228d6898a01b-FRA
cityjson
pv.sohu.com/ 		72 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pv.sohu.com/cityjson?ie=utf-8
Requested by
Host: excel.pages.dev
URL: https://excel.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.110 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
OverSea_E0 /
Resource Hash
f5d09365810dd11ef1204b35bfede3158a07d5592a9c9cfa449dd534f9964aa9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://excel.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 30 Jun 2024 15:19:31 GMT
X-Cache-Lookup
Return Directly
Server
OverSea_E0
Connection
keep-alive
X-NWS-LOG-UUID
14615352589461554606
Content-Length
72
Content-Type
application/json;charset=utf-8
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?64b96ad59d70567600f8bbc02cd43e45
Requested by
Host: excel.pages.dev
URL: https://excel.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
a05dc865fd7750d9416869c2383e5ec57cc57cee2c1ba5ad04d2d8fc2f8c86c1
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://excel.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 30 Jun 2024 15:19:30 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
e56e5f2d5593356cfb571b60f729f80d
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11256
api.php
tianqiapi.com/ Frame E04B 		0
0
banner2.webp
cdn.jsdelivr.net/gh/Flexiston/homepage@master/img/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/Flexiston/homepage@master/img/banner2.webp
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/Flexiston/homepage@master/css/flesx.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58a688de0f48a68fe7b0f2fe5de64f266ddbc25e48baac767d64744524d31690
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cdn.jsdelivr.net/gh/Flexiston/homepage@master/css/flesx.css
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 30 Jun 2024 15:19:30 GMT
x-content-type-options
nosniff
age
3734
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
253914
x-served-by
cache-fra-etou8220148-FRA, cache-mad2200144-MAD
x-jsd-version-type
branch
etag
W/"3dfda-NiDf2ZqfAV98PtpaK5822NpKhrc"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ava.jpg
rmt.ladydaily.com/fetch/Flexiston/storage/
Redirect Chain
  • https://rmt.dogedoge.com/fetch/Flexiston/storage/ava.jpg
  • https://rmt.ladydaily.com/fetch/Flexiston/storage/ava.jpg
0
0
truncated
/ 		90 KB
90 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46f1951b676d2867844f2e890e5ec98f728c5ffc36fc078ea92dd1a205630401

Request headers

Referer
Origin
https://excel.pages.dev
Accept-Language
nl-NL,nl;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=nl-nl&lo=0&rnd=1420527237&si=64b96ad59d70567600f8bbc02cd43e45&v=1.3.0&lv=1&sn=56836&r=0&ww=1600&u=https%3A%2F%2Fexcel.pages.dev%2F&tt=Flexiston%F0%9F%8E%89%E3%81%AE%E4%B8%AA%E4%BA%BA%E4%B8%BB%E9%A1%B5
Requested by
Host: excel.pages.dev
URL: https://excel.pages.dev/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://excel.pages.dev/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 30 Jun 2024 15:19:31 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tianqiapi.com
URL
https://tianqiapi.com/api.php?style=tu&skin=pitaya
Domain
rmt.ladydaily.com
URL
https://rmt.ladydaily.com/fetch/Flexiston/storage/ava.jpg

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| _hmt boolean| _bdhm_loaded_64b96ad59d70567600f8bbc02cd43e45 object| mini_tangram_log_ypjzar object| returnCitySN

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 8C68F2825F920B6A
.excel.pages.dev/ Name: Hm_lvt_64b96ad59d70567600f8bbc02cd43e45
Value: 1719760771
.excel.pages.dev/ Name: Hm_lpvt_64b96ad59d70567600f8bbc02cd43e45
Value: 1719760771