snrbfukdab5fp.buliang166.cc Open in urlscan Pro
2606:4700:3035::6815:1473 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gyzulxn--d-3b8aq82d7w7b.63e88.cc/
Effective URL:
https://snrbfukdab5fp.buliang166.cc/shouye/
Submission: On July 26 via api (July 26th 2024, 6:58:08 am UTC) from HK — Scanned from US

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3035::6815:1473, located in United States and belongs to CLOUDFLARENET, US. The main domain is snrbfukdab5fp.buliang166.cc.
TLS certificate: Issued by WE1 on July 11th 2024. Valid for: 3 months.

This is the only time snrbfukdab5fp.buliang166.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::ac43:d06d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3033::6815:5163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4004:c09::61	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::64	15169 (GOOGLE) (GOOGLE)
1 8	2606:4700:303... 2606:4700:3035::6815:1473	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c1b::8a	() ()
25	6

1 2606:4700:3037::ac43:d06d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

gyzulxn--d-3b8aq82d7w7b.63e88.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::6815:5163 (United States)

ASN13335 (CLOUDFLARENET, US)

xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2ujqpw5sjiq.i3u4h6.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4004:c09::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::64 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3035::6815:1473 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

snrbfukdab5fp.buliang166.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1b::8a (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	buliang166.cc 1 redirects snrbfukdab5fp.buliang166.cc	56 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	272 KB
3	i3u4h6.cc xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc 2ujqpw5sjiq.i3u4h6.cc	23 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
1	63e88.cc 1 redirects gyzulxn--d-3b8aq82d7w7b.63e88.cc	550 B
0	yandex.ru Failed mc.yandex.ru Failed
0	mi-img.com Failed shop.io.mi-img.com Failed
25	7

	Domain	Requested by
8	snrbfukdab5fp.buliang166.cc	1 redirects 2ujqpw5sjiq.i3u4h6.cc snrbfukdab5fp.buliang166.cc
8	www.googletagmanager.com	xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc snrbfukdab5fp.buliang166.cc www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com
2	xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc
1	2ujqpw5sjiq.i3u4h6.cc	xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc
1	gyzulxn--d-3b8aq82d7w7b.63e88.cc	1 redirects
0	mc.yandex.ru Failed	snrbfukdab5fp.buliang166.cc
0	shop.io.mi-img.com Failed	snrbfukdab5fp.buliang166.cc
25	8

This site contains no links.

Subject Issuer	Validity	Valid
i3u4h6.cc WE1	`2024-06-30` - `2024-09-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
buliang166.cc WE1	`2024-07-11` - `2024-10-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://snrbfukdab5fp.buliang166.cc/shouye/
Frame ID: 1BFB44B60E25F0EC51BFC675A2063A37
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

好看好玩好用的导航

Page URL History Show full URLs

http://gyzulxn--d-3b8aq82d7w7b.63e88.cc/ HTTP 307
https://gyzulxn--d-3b8aq82d7w7b.63e88.cc/ HTTP 302
https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html Page URL
https://2ujqpw5sjiq.i3u4h6.cc/a/%E6%98%8E%E5%A4%A9%E4%BC%9A%E6%9B%B4%E5%A5%BD.html Page URL
https://snrbfukdab5fp.buliang166.cc/shouye HTTP 301
http://snrbfukdab5fp.buliang166.cc/shouye/ HTTP 307
https://snrbfukdab5fp.buliang166.cc/shouye/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

80 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

6
IPs

1
Countries

351 kB
Transfer

1200 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gyzulxn--d-3b8aq82d7w7b.63e88.cc/ HTTP 307
https://gyzulxn--d-3b8aq82d7w7b.63e88.cc/ HTTP 302
https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html Page URL
https://2ujqpw5sjiq.i3u4h6.cc/a/%E6%98%8E%E5%A4%A9%E4%BC%9A%E6%9B%B4%E5%A5%BD.html Page URL
https://snrbfukdab5fp.buliang166.cc/shouye HTTP 301
http://snrbfukdab5fp.buliang166.cc/shouye/ HTTP 307
https://snrbfukdab5fp.buliang166.cc/shouye/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://gyzulxn--d-3b8aq82d7w7b.63e88.cc/ HTTP 307
https://gyzulxn--d-3b8aq82d7w7b.63e88.cc/ HTTP 302
https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html Show response
xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/
Redirect Chain

http://gyzulxn--d-3b8aq82d7w7b.63e88.cc/
https://gyzulxn--d-3b8aq82d7w7b.63e88.cc/
https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html

18 KB
8 KB

570ms
248ms

Document
text/html

2606:4700:3033::6815:5163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de7dc22676270099af3842509a5bc35f5ae609d7d4a6ea3ccc3d554a18f95b0c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a927fc0ed1941d5-EWR
content-encoding: br
content-type: text/html
date: Fri, 26 Jul 2024 06:58:03 GMT
last-modified: Thu, 23 May 2024 09:03:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qcDzLp%2Fnp8t21X9er%2B6cXEvL00A31xChB7bTlt2qQwrzdzZL3RnZ4LGBSyYZS0TD3KF3GCsqoXj9OwPxtlFak8FFw1trxS9mxzlLOzSY05x3qCVGApxpHHalUnqkBk4I%2FhG%2BQG3feq70MtlcAb%2B%2FfiBhHqJ%2ByIHX6by%2Bsutx4nglvs87xeS%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-ray: 8a927fbe4b6b435e-EWR
content-length: 0
date: Fri, 26 Jul 2024 06:58:02 GMT
location: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2FJ%2FZDVtE4iasi2mNrgjMGjaVnQ17Lt%2FePA6jMUHM7zjJ4iNi6FaQGXpD1yLXCOkyKR2lyrTRG3VQcurGMICzXUTjeWvXNorgqdKBqlzVoMNx8U%2Bp69viX32mfeKlRXnleL6vkP%2FRoRWouSUlCewVpP2MIjaYp3wj%2BJovy0Bzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
102 KB 442ms
109ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q5FQ6J3MND

Requested by

Host: xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc
URL: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12ff01b8ca711d36bbfe5ebda87819a4a08f48371a359a97cbcc7aa2fd5fccda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jul 2024 06:58:03 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 512ms
165ms Fetch
text/plain 2607:f8b0:4004:c1b::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Q5FQ6J3MND&gtm=45je47o0v9119024040za200&_p=1721977083311&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=885713972.1721977084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721977083&sct=1&seg=0&dl=https%3A%2F%2Fxn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc%2F%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html&dt=%E5%9C%A8%E5%98%88%E6%9D%82%E7%9A%84%E7%94%9F%E6%B4%BB%E4%B8%AD%E7%9A%84%E4%B8%80%E5%9D%97%E8%87%AA%E7%95%99%E5%9C%B0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1672
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q5FQ6J3MND
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::64 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 06:58:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a
www.googletagmanager.com/ 0
59 B 129ms
127ms Image
text/html 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-Q5FQ6J3MND&v=3&t=t&pid=719204325&cv=2&rv=47o0&tc=18&tag_exp=95250753&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAACA&h=Ag&z=0

Requested by

Host: xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc
URL: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:03 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 183ms
182ms Image
text/html 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-Q5FQ6J3MND&v=3&t=t&pid=719204325&cv=2&rv=47o0&tc=18&tag_exp=95250753&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAACA&h=Ag&tr=1ogtgasend.1ogtreferralexclusion.1ogtsessiontimeout.1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogtgasend.2ogtreferralexclusion.2ogtsessiontimeout.2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0

Requested by

Host: xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc
URL: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:03 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 186ms
185ms Image
text/html 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-Q5FQ6J3MND&v=3&t=t&pid=719204325&cv=2&rv=47o0&tc=18&tag_exp=95250753&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAACA&h=Ag&tr=1gct&ti=1gct&z=0

Requested by

Host: xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc
URL: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:03 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 186ms
185ms Image
text/html 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-Q5FQ6J3MND&v=3&t=t&pid=719204325&cv=2&rv=47o0&tc=18&tag_exp=95250753&es=1&e=gtag.config&eid=6&u=AAAAAAAAAAAAACCA&ut=Ag&h=Ag&epr=1G.2G&z=0

Requested by

Host: xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc
URL: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:03 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 a
www.googletagmanager.com/ 0
49 B 184ms
184ms Image
text/html 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=G-Q5FQ6J3MND&v=3&t=t&pid=719204325&cv=2&rv=47o0&tc=18&tag_exp=95250753&es=1&e=gtm.dom&eid=7&u=AAAAAAAAAAAAACCA&ut=Ag&h=Ag&z=0

Requested by

Host: xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc
URL: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:03 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 favicon.ico
xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/ 17 KB
10 KB 293ms
292ms Other
image/x-icon 2606:4700:3033::6815:5163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c0e75cb0a4d758e0fe488d41f376a4d4246d3827df9aa7685a014ec1ec4753

Request headers

Referer: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 07 Apr 2024 15:24:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6612ba9a-423e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RF4Si%2BI5jca7N8xla18k90X%2FGkokr7t%2FOCpWCy2x5AbTAr96oToPs7a5iesaSVfxIWna39DEh850%2Fo2HoWDJJqqydZ12L%2Fo0wyhUIW%2FYvETI2ExRx8YWPv0Pjm%2FmTTe%2Fh1HagUbAJoy1vfT%2F8wi31d7NEC53D0DXfNv7wR3UTxEmW5OvxxjQ"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 8a927fc7e90441d5-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 %E6%98%8E%E5%A4%A9%E4%BC%9A%E6%9B%B4%E5%A5%BD.html Show response
2ujqpw5sjiq.i3u4h6.cc/a/ 9 KB
5 KB 609ms
237ms Document
text/html 2606:4700:3033::6815:5163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2ujqpw5sjiq.i3u4h6.cc/a/%E6%98%8E%E5%A4%A9%E4%BC%9A%E6%9B%B4%E5%A5%BD.html?
Requested by: Host: xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc
URL: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fff030e9b79bcdda54a5812de7b926969d791b24520065fe6023728e59c04f2

Request headers

Referer: https://xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a927fd08d5d42bb-EWR
content-encoding: br
content-type: text/html
date: Fri, 26 Jul 2024 06:58:05 GMT
last-modified: Fri, 12 Jul 2024 06:12:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bDTzCbBtQMWkV2P%2BpBjWfRVqMEfXnAMAT6WBK6cRQjmHHMFdz5P4wKWS7nGPWxAnUNV2Oxq8UuqFcm9y2IILD0GbM5%2FeaclXZ%2BxU9BunHgEULSL2HP2PABW8psUWCY8bacetolpUjmzDj%2BTRMDteZyG2JbM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST collect
www.google-analytics.com/g/ 0
0

GET
H3

200

Primary Request / Show response
snrbfukdab5fp.buliang166.cc/shouye/
Redirect Chain

https://snrbfukdab5fp.buliang166.cc/shouye?
http://snrbfukdab5fp.buliang166.cc/shouye/
https://snrbfukdab5fp.buliang166.cc/shouye/

22 KB
7 KB

291ms
290ms

Document
text/html

2606:4700:3035::6815:1473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snrbfukdab5fp.buliang166.cc/shouye/

Requested by

Host: 2ujqpw5sjiq.i3u4h6.cc
URL: https://2ujqpw5sjiq.i3u4h6.cc/a/%E6%98%8E%E5%A4%A9%E4%BC%9A%E6%9B%B4%E5%A5%BD.html?

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1473 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e30b1db901c8c8e49d25c4c0e4434c1ead8a9e4780a0dbac3a760f5ef26875f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2ujqpw5sjiq.i3u4h6.cc/a/%E6%98%8E%E5%A4%A9%E4%BC%9A%E6%9B%B4%E5%A5%BD.html?
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a927fd75bbc4397-EWR
content-encoding: br
content-type: text/html
date: Fri, 26 Jul 2024 06:58:06 GMT
last-modified: Sun, 26 May 2024 02:43:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5FQTIFzzLyD6D70FsExUi37sVy2xz2BJFPTfEoFMgMkoJTPCR%2FUwLLH6AdV85gPpVYszQAdFK1%2F729WxZUaF8SjO3op%2BIBF3QM4TBTrXw1t2ErVjXSkNZA%2FBDg2AH2JMKckSuu9c5cGvoOWK0YvXff0CS8oJ%2FZwfSE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://snrbfukdab5fp.buliang166.cc/shouye/
Non-Authoritative-Reason: HSTS

GET
H3 200 main.css
snrbfukdab5fp.buliang166.cc/css/ 7 KB
2 KB 500ms
498ms Stylesheet
text/css 2606:4700:3035::6815:1473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snrbfukdab5fp.buliang166.cc/css/main.css

Requested by

Host: snrbfukdab5fp.buliang166.cc
URL: https://snrbfukdab5fp.buliang166.cc/shouye/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1473 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48dcd927e2ef288849d202bfb2efc4142fcc5ea212727f1b0262e195d2308ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://snrbfukdab5fp.buliang166.cc/shouye/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 16 Jul 2023 12:37:26 GMT
server: cloudflare
etag: W/"64b3e486-1d7f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mdj9%2BdHZOEeM3L0WEvgjOx%2Fumjkz3Ug%2Bw2Ewf0cBwvbFCMYoYRqS%2BJ0McEQXeUgB6BITNhTUn4cOMosVO0Xpg8V77eCJqB5c4heHu6v0BJNDMg7%2BXS7M0M%2FNAnJJENJiQJg0gvm3NEmWT2adIgS4aa6C9aQgAwmrt3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8a927fd93cea4397-EWR
expires: Fri, 26 Jul 2024 18:58:07 GMT

GET
H3 200 jquery.min.js Show response
snrbfukdab5fp.buliang166.cc/js/ 87 KB
35 KB 697ms
695ms Script
application/javascript 2606:4700:3035::6815:1473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snrbfukdab5fp.buliang166.cc/js/jquery.min.js

Requested by

Host: snrbfukdab5fp.buliang166.cc
URL: https://snrbfukdab5fp.buliang166.cc/shouye/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1473 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://snrbfukdab5fp.buliang166.cc/shouye/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 05:29:30 GMT
server: cloudflare
etag: W/"635a173a-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FJfxLS5a4348%2BNEP1uOsjjcq49n9EPezRXVfO5PJPlQwMkx5a30gqcVFdekKh9gpQt9BUMl6x1lKZXEn333CCefc7iZUCJdLi6ri6y4GvZMm8hhV%2FWr%2BdPa5mUw8AlsuLdGptAcGkdI23Aoe9VCfbek5xkJa8ygb5yg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8a927fd93ced4397-EWR
expires: Fri, 26 Jul 2024 18:58:07 GMT

GET
H3 200 wangzhihemao.js Show response
snrbfukdab5fp.buliang166.cc/js/ 1 KB
1 KB 476ms
475ms Script
application/javascript 2606:4700:3035::6815:1473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snrbfukdab5fp.buliang166.cc/js/wangzhihemao.js

Requested by

Host: snrbfukdab5fp.buliang166.cc
URL: https://snrbfukdab5fp.buliang166.cc/shouye/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1473 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

940d17055a0d65142aedf76b25aa88497b4dbb915f6d85eab7789523150515ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://snrbfukdab5fp.buliang166.cc/shouye/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jun 2024 05:22:30 GMT
server: cloudflare
etag: W/"66765f96-5a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7splVDKFC80OW1XmIDHfA2z9nGu%2BrPNedwURx7rb1kvD10UWRKIpdyiIe9FOtIVBNdCK8sgEoK069VNykNOhM16iGgDsD6fgGn2PjgalQyaC41s9E%2FNIzFxO3tmQH5LxQCAdCtPa4HNM3Xtqy3Ju5nCqYupJ2aX9I0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 8a927fd93cef4397-EWR
expires: Fri, 26 Jul 2024 18:58:07 GMT

GET
H3 200 font-awesome.min.css
snrbfukdab5fp.buliang166.cc/font-awesome/css/ 30 KB
8 KB 498ms
497ms Stylesheet
text/css 2606:4700:3035::6815:1473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snrbfukdab5fp.buliang166.cc/font-awesome/css/font-awesome.min.css

Requested by

Host: snrbfukdab5fp.buliang166.cc
URL: https://snrbfukdab5fp.buliang166.cc/shouye/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1473 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://snrbfukdab5fp.buliang166.cc/shouye/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 22 Aug 2019 17:35:31 GMT
server: cloudflare
etag: W/"5d5ed263-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFyB310K3ZzwmZQXD79XYRiNcJEkzb1T8ZZ2PjefuA60wE6CC7S7BoCyKl8hPBZ925Ud1rvNAJP4ixFw9Sx9cNS4E1FDqm%2FiUNAfT9nNHxxJ67RHFL9G6VAM6mZ2hRLTK1okAfIv9asOc32StH1dJgrqL88RllMxWgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 8a927fd93cf04397-EWR
expires: Fri, 26 Jul 2024 18:58:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
99 KB 461ms
113ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6WJTQL10J2

Requested by

Host: snrbfukdab5fp.buliang166.cc
URL: https://snrbfukdab5fp.buliang166.cc/shouye/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c1fb8e86882c14b25317b1e2588caa0592e9ec1771ae1480921dd12910e9df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://snrbfukdab5fp.buliang166.cc/shouye/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101166
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jul 2024 06:58:07 GMT

GET
H3 200 %E8%8A%AD%E8%95%BE%E8%88%9E%E5%86%A0%E5%86%9B.txt
snrbfukdab5fp.buliang166.cc/load/ 208 KB
0 291ms
291ms XHR
text/plain 2606:4700:3035::6815:1473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://snrbfukdab5fp.buliang166.cc/load/%E8%8A%AD%E8%95%BE%E8%88%9E%E5%86%A0%E5%86%9B.txt

Requested by

Host: snrbfukdab5fp.buliang166.cc
URL: https://snrbfukdab5fp.buliang166.cc/js/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1473 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: text/html, */*; q=0.01
Referer: https://snrbfukdab5fp.buliang166.cc/shouye/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 25 Jul 2024 07:27:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
etag: W/"66a1fe63-39c24"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DVb015ObJHpa9liyJGXz7dLFcuUAtjFeGgBB6mE4HNdFNc4CGpYnsWFnUUfOQQpeh%2F8bRPh6lmBs7VQtZEmgjr8OiiPWmZxZHa2sgBdSlebl1Cu%2FhXJLK92uLitr8BrgK3q4bxhUvX5Iab1mKinL7qKTbS8vtXpyy%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
cf-ray: 8a927fde5ff24397-EWR
alt-svc: h3=":443"; ma=86400

GET img
shop.io.mi-img.com/app/shop/ 0
0

GET tag.js
mc.yandex.ru/metrika/ 0
0

GET
H3 200 mao.svg
snrbfukdab5fp.buliang166.cc/js/ 5 KB
2 KB 467ms
467ms Image
image/svg+xml 2606:4700:3035::6815:1473
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snrbfukdab5fp.buliang166.cc/js/mao.svg

Requested by

Host: snrbfukdab5fp.buliang166.cc
URL: https://snrbfukdab5fp.buliang166.cc/shouye/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1473 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb57da3e82b36303201977f082a5ef4c2da296f937db0bca4cedc4150e2032e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://snrbfukdab5fp.buliang166.cc/shouye/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Tue, 09 Apr 2024 14:50:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
etag: W/"661555b3-1422"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FSbOZ%2BNnQANmbsIw0Mf6ifhzDWC8FDoZtzUVjf1caecEabmtwFqHFvJep3%2BulQk3%2FSMrDzMHChiOBtFoGoazeZ%2Bz6g9y1IGmxRPMwdPdtagao7qTyiCziDrR%2Bnky7FK8MwKOWHlU3f1%2BWcKHjM4Y053Ikj%2BlSozOm5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8a927fde78094397-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 107ms
105ms Script
application/javascript 2607:f8b0:4004:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-159895294-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6WJTQL10J2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51b3232c5031b071e5a4b56dbcab97bb0ed42acd0adde21c05bb77232b8eb23c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://snrbfukdab5fp.buliang166.cc/shouye/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

date: Fri, 26 Jul 2024 06:58:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72048
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 26 Jul 2024 06:58:08 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 517ms
167ms Fetch
text/plain 2607:f8b0:4004:c1b::8a

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6WJTQL10J2&gtm=45je47o0v871723588za200&_p=1721977087711&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1736331909.1721977088&ul=en-us&are=1&frm=0&pscdl=noapi&_geo=1&_rdi=1&_s=1&sid=1721977088&sct=1&seg=0&dl=https%3A%2F%2Fsnrbfukdab5fp.buliang166.cc%2Fshouye%2F&dt=%E5%A5%BD%E7%9C%8B%E5%A5%BD%E7%8E%A9%E5%A5%BD%E7%94%A8%E7%9A%84%E5%AF%BC%E8%88%AA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2322
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6WJTQL10J2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::8a -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://snrbfukdab5fp.buliang166.cc/shouye/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jul 2024 06:58:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://snrbfukdab5fp.buliang166.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET analytics.js
www.google-analytics.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Q5FQ6J3MND&gtm=45je47o0v9119024040za200&_p=1721977083311&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=885713972.1721977084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1721977083&sct=1&seg=0&dl=https%3A%2F%2Fxn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc%2F%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html&dt=%E5%9C%A8%E5%98%88%E6%9D%82%E7%9A%84%E7%94%9F%E6%B4%BB%E4%B8%AD%E7%9A%84%E4%B8%80%E5%9D%97%E8%87%AA%E7%95%99%E5%9C%B0&en=scroll&epn.percent_scrolled=90&_et=5&tfd=3487

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Q5FQ6J3MND&gtm=45je47o0v9119024040za200&_p=1721977083311&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=885713972.1721977084&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1721977083&sct=1&seg=0&dl=https%3A%2F%2Fxn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc%2F%E7%83%AD%E7%88%B1%E7%94%9F%E6%B4%BB.html&dt=%E5%9C%A8%E5%98%88%E6%9D%82%E7%9A%84%E7%94%9F%E6%B4%BB%E4%B8%AD%E7%9A%84%E4%B8%80%E5%9D%97%E8%87%AA%E7%95%99%E5%9C%B0&en=user_engagement&_et=1805&tfd=3487

Domain: shop.io.mi-img.com
URL: https://shop.io.mi-img.com/app/shop/img?id=shop_2881a36bd55e009d225f83c8df6d8c77.jpeg

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.i3u4h6.cc/	1970-01-21 07:55:37	Name: _ga Value: GA1.1.885713972.1721977084
.i3u4h6.cc/	1970-01-21 07:55:37	Name: _ga_Q5FQ6J3MND Value: GS1.1.1721977083.1.0.1721977085.0.0.0
.buliang166.cc/	1970-01-21 07:55:37	Name: _ga Value: GA1.1.1736331909.1721977088
.buliang166.cc/	1970-01-21 07:55:37	Name: _ga_6WJTQL10J2 Value: GS1.1.1721977088.1.0.1721977088.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ujqpw5sjiq.i3u4h6.cc
gyzulxn--d-3b8aq82d7w7b.63e88.cc
mc.yandex.ru
shop.io.mi-img.com
snrbfukdab5fp.buliang166.cc
www.google-analytics.com
www.googletagmanager.com
xn--mxajdghkoc5bqjt9029l3da06b.i3u4h6.cc
mc.yandex.ru
shop.io.mi-img.com
www.google-analytics.com
2606:4700:3033::6815:5163
2606:4700:3035::6815:1473
2606:4700:3037::ac43:d06d
2607:f8b0:4004:c09::61
2607:f8b0:4004:c1b::64
2607:f8b0:4004:c1b::8a
12ff01b8ca711d36bbfe5ebda87819a4a08f48371a359a97cbcc7aa2fd5fccda
2c1fb8e86882c14b25317b1e2588caa0592e9ec1771ae1480921dd12910e9df8
2e30b1db901c8c8e49d25c4c0e4434c1ead8a9e4780a0dbac3a760f5ef26875f
48dcd927e2ef288849d202bfb2efc4142fcc5ea212727f1b0262e195d2308ad0
51b3232c5031b071e5a4b56dbcab97bb0ed42acd0adde21c05bb77232b8eb23c
6fff030e9b79bcdda54a5812de7b926969d791b24520065fe6023728e59c04f2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
940d17055a0d65142aedf76b25aa88497b4dbb915f6d85eab7789523150515ee
cb57da3e82b36303201977f082a5ef4c2da296f937db0bca4cedc4150e2032e1
d7c0e75cb0a4d758e0fe488d41f376a4d4246d3827df9aa7685a014ec1ec4753
de7dc22676270099af3842509a5bc35f5ae609d7d4a6ea3ccc3d554a18f95b0c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

snrbfukdab5fp.buliang166.cc Open in urlscan Pro 2606:4700:3035::6815:1473 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

80 %HTTPS

100 %IPv6

7 Domains

8 Subdomains

6 IPs

1 Countries

351 kBTransfer

1200 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

4 Cookies

Indicators

snrbfukdab5fp.buliang166.cc Open in urlscan Pro
2606:4700:3035::6815:1473 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

80 %
HTTPS

100 %
IPv6

7
Domains

8
Subdomains

6
IPs

1
Countries

351 kB
Transfer

1200 kB
Size

4
Cookies

25 HTTP transactions
0 data transactions