5j2r.xyz Open in urlscan Pro
192.161.87.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rakutenevl.com/
Effective URL:
https://5j2r.xyz/1.html?channelCode=lgjc16
Submission: On June 16 via api (June 16th 2024, 4:37:06 pm UTC) from JP — Scanned from JP

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 16 domains to perform 65 HTTP transactions. The main IP is 192.161.87.164, located in United States and belongs to CNSERVERS, US. The main domain is 5j2r.xyz.
TLS certificate: Issued by R11 on June 16th 2024. Valid for: 3 months.

This is the only time 5j2r.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete 5a3ed00692166582aa3651697d18194b.apk 39 MB

Size: 39 MB (41259587 bytes, 4% done)

Downloaded from: https://jiarenxin.hnyuxiangyuan.com/public/5a3ed00692166582aa3651697d18194b.apk?auth_key=1718555818-0-0-d0607da41cf591aa1ff0489f90607f01

Domain & IP information

	IP Address	AS Autonomous System
20	206.119.178.109 206.119.178.109	133199 (SONDERCLO...) (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited)
1	45.32.65.219 45.32.65.219	20473 (AS-CHOOPA) (AS-CHOOPA)
1	172.67.172.54 172.67.172.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.222.244.150 51.222.244.150	16276 (OVH) (OVH)
1	128.1.157.224 128.1.157.224	21859 (ZEN-ECN) (ZEN-ECN)
2	111.45.11.83 111.45.11.83	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
3	23.224.30.106 23.224.30.106	40065 (CNSERVERS) (CNSERVERS)
5	192.161.87.164 192.161.87.164	40065 (CNSERVERS) (CNSERVERS)
1	163.181.23.191 163.181.23.191	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
7	43.128.240.54 43.128.240.54	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	43.128.240.55 43.128.240.55	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	128.1.157.196 128.1.157.196	() ()
1 3	170.33.13.110 170.33.13.110	134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited)
1 1	13.213.18.30 13.213.18.30	() ()
1	120.209.209.15 120.209.209.15	() ()
65	15

20 206.119.178.109 (Los Angeles, United States)

ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK)

rakutenevl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rakutenn156.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.32.65.219 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.32.65.219.vultrusercontent.com

xss9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.172.54 (United States)

ASN13335 (CLOUDFLARENET, US)

useragent.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.244.150 (Canada)

ASN16276 (OVH, FR)
PTR: ns5005926.ip-51-222-244.net

uv60.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.1.157.224 (United States)

ASN21859 (ZEN-ECN, US)

dns.efangcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.45.11.83 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.224.30.106 (United States)

ASN40065 (CNSERVERS, US)

ck.efangcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.161.87.164 (United States)

ASN40065 (CNSERVERS, US)

5j2r.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.23.191 (Tokyo, Japan)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 43.128.240.54 (Tokyo, Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

j1sxh-1326572717.cos.accelerate.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.128.240.55 (Tokyo, Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

xjsbw-1326572717.cos.accelerate.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.1.157.196 (None, )

ASN- ()

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 170.33.13.110 (Singapore) 1 redirects

ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)

vp6rhkoadwvvx4g.huabanwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.213.18.30 (None, ) 1 redirects

ASN- ()

2akctg.jfdh168.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.209.209.15 (None, )

ASN- ()

jiarenxin.hnyuxiangyuan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	rakutenevl.com rakutenevl.com	627 KB
9	myqcloud.com j1sxh-1326572717.cos.accelerate.myqcloud.com xjsbw-1326572717.cos.accelerate.myqcloud.com	1 MB
5	5j2r.xyz 5j2r.xyz	71 KB
5	rakutenn156.com rakutenn156.com Failed	2 KB
4	efangcdn.com dns.efangcdn.com ck.efangcdn.com	50 KB
3	huabanwl.com 1 redirects vp6rhkoadwvvx4g.huabanwl.com	2 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 65668 collect-v6.51.la	14 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 11413	12 KB
2	uv60.cn uv60.cn — Cisco Umbrella Rank: 509771	23 KB
1	hnyuxiangyuan.com jiarenxin.hnyuxiangyuan.com
1	jfdh168.com 1 redirects 2akctg.jfdh168.com	309 B
1	useragent.top useragent.top	628 B
1	xss9.com xss9.com	676 B
0	sdaqyi.cn Failed sdaqyi.cn Failed
0	dcloud.net.cn Failed cdn.dcloud.net.cn Failed
0	onlycash01.xyz Failed onlycash01.xyz Failed
65	16

	Domain	Requested by
15	rakutenevl.com	rakutenevl.com
7	j1sxh-1326572717.cos.accelerate.myqcloud.com	5j2r.xyz
5	5j2r.xyz	xss9.com 5j2r.xyz
5	rakutenn156.com	rakutenevl.com
3	vp6rhkoadwvvx4g.huabanwl.com	1 redirects xjsbw-1326572717.cos.accelerate.myqcloud.com
3	ck.efangcdn.com	dns.efangcdn.com
2	xjsbw-1326572717.cos.accelerate.myqcloud.com	5j2r.xyz
2	hm.baidu.com	useragent.top rakutenevl.com
2	uv60.cn	xss9.com uv60.cn
1	jiarenxin.hnyuxiangyuan.com	xjsbw-1326572717.cos.accelerate.myqcloud.com
1	2akctg.jfdh168.com	1 redirects
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	5j2r.xyz
1	dns.efangcdn.com	xss9.com
1	useragent.top	rakutenevl.com
1	xss9.com	rakutenevl.com
0	sdaqyi.cn Failed	5j2r.xyz
0	cdn.dcloud.net.cn Failed	rakutenevl.com
0	onlycash01.xyz Failed
65	19

This site contains no links.

Subject Issuer	Validity	Valid
rakutenevl.com R11	`2024-06-14` - `2024-09-12`	3 months	crt.sh
xss9.com R3	`2024-05-10` - `2024-08-08`	3 months	crt.sh
useragent.top WE1	`2024-06-07` - `2024-09-05`	3 months	crt.sh
uv60.cn Sectigo RSA Domain Validation Secure Server CA	`2024-05-19` - `2025-05-19`	a year	crt.sh
dns.efangcdn.com R3	`2024-05-28` - `2024-08-26`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
ck.efangcdn.com R3	`2024-05-30` - `2024-08-28`	3 months	crt.sh
rakutenn156.com R11	`2024-06-14` - `2024-09-12`	3 months	crt.sh
5j2r.xyz R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	a year	crt.sh
*.cos.ap-tokyo.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-02-21` - `2025-03-24`	a year	crt.sh
*.huabanwl.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-26` - `2025-01-25`	a year	crt.sh
hnyuxiangyuan.com R11	`2024-06-14` - `2024-09-12`	3 months	crt.sh

This page contains 1 frames:

Frame: https://jiarenxin.hnyuxiangyuan.com/public/5a3ed00692166582aa3651697d18194b.apk?auth_key=1718555818-0-0-d0607da41cf591aa1ff0489f90607f01
Frame ID: 6AE47221B61E8ED507268122EE94F8C8
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

欢迎访问

Page URL History Show full URLs

http://rakutenevl.com/ HTTP 307
https://rakutenevl.com/ Page URL
https://5j2r.xyz/1.html?channelCode=lgjc16 Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

65
Requests

75 %
HTTPS

0 %
IPv6

16
Domains

19
Subdomains

15
IPs

5
Countries

1968 kB
Transfer

3321 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rakutenevl.com/ HTTP 307
https://rakutenevl.com/ Page URL
https://5j2r.xyz/1.html?channelCode=lgjc16 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://rakutenevl.com/ HTTP 307
https://rakutenevl.com/

Request Chain 44

https://rakutenevl.com/favicon.ico HTTP 0
http://onlycash01.xyz/

Request Chain 65

https://vp6rhkoadwvvx4g.huabanwl.com:6443/page/yuoqfl/install/c/eyJjIjoibGdqYzE2IiwibSI6Ik80eTVIMFpIZm00QUFBR1FJZWkwbGlvbHoyampWcEtEQS1NeElNRksyQzdjSTFaZF83d1o2VjV6bGJodUM4aG12RE9fejZDbXdCSHdpV1AzdTJFOU14emNfSWZMVFZqMVExNndLanRteW1lMFRWOVRRSHRwTWl0ck1qU0pNXzJNMkEifQ==?p=0 HTTP 302
https://2akctg.jfdh168.com/ossapk/3qcz4f8f13086c HTTP 302
https://jiarenxin.hnyuxiangyuan.com/public/5a3ed00692166582aa3651697d18194b.apk?auth_key=1718555818-0-0-d0607da41cf591aa1ff0489f90607f01

65 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
rakutenevl.com/
Redirect Chain

http://rakutenevl.com/
https://rakutenevl.com/

1 KB
876 B

493ms
51ms

Document
text/html

206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

faa6f46066d9ce6ad1efc43c894d0fe6299080f04d5f3be333c362d9b55a3803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 16 Jun 2024 16:36:50 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Location: https://rakutenevl.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 FWkB Show response
xss9.com/ 1 KB
676 B 490ms
165ms Script
application/x-javascript 45.32.65.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://xss9.com/FWkB
Requested by: Host: rakutenevl.com
URL: https://rakutenevl.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.65.219 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.65.219.vultrusercontent.com
Software: Apache /
Resource Hash: 5394eedc56bb8bc4e20da37292f4cbbe36d85dec294d4e98b6c90f167ea62254

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 16:36:52 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: nocache
content-length: 558

GET
H2 200 index.63b34199.css
rakutenevl.com/static/ 94 KB
29 KB 106ms
104ms Stylesheet
text/css 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenevl.com/static/index.63b34199.css

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

0cbe21cbd48de683ef65476d5eef01398e97cd11130758352c99f9eb5b266da6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 14 Jun 2024 15:08:19 GMT
server: nginx
etag: W/"666c5ce3-17884"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 04:36:50 GMT

GET
H2 200 chunk-vendors.e8ca6031.js Show response
rakutenevl.com/static/js/ 723 KB
255 KB 169ms
167ms Script
application/javascript 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenevl.com/static/js/chunk-vendors.e8ca6031.js

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

5e11a4a057c2ad6f90f47d84e7d16b0db43b339652c34cf1b6aef45829bf8166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 14 Jun 2024 15:08:40 GMT
server: nginx
etag: W/"666c5cf8-b4df6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 04:36:50 GMT

GET
H2 200 index.1350bf98.js Show response
rakutenevl.com/static/js/ 811 KB
247 KB 195ms
193ms Script
application/javascript 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenevl.com/static/js/index.1350bf98.js

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

852d8e048b3d1235732bf78d8ff30de8b4777a1a70490a6a7caa0ec69478a5f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:50 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 14 Jun 2024 15:19:55 GMT
server: nginx
etag: W/"666c5f9b-cacc4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 04:36:50 GMT

GET
H3 200 jquery.js Show response
useragent.top/ 253 B
628 B 27ms
12ms Script
application/javascript 172.67.172.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useragent.top/jquery.js
Requested by: Host: rakutenevl.com
URL: https://rakutenevl.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.172.54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da557c324b3144ce723ba6ca7e77b4936b07f0b5139510b891179f26341fcec

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Jun 2024 17:11:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4382
etag: W/"666c79c5-fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rAIWhs5sR3I9fsQ03SE8CGqzF4a6c6rQ693tzW9TQPxooq5jwjd5VNKksMNQPKtBQRjbnnIf%2BFBMUZBJCP92OXAQkpVIfobevHdVOIom1vtPLUqS0XRSVZ%2ByhSAbcjM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 894c38a4f8b2b006-NRT
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK tongji.js Show response
uv60.cn/tj/ 55 KB
22 KB 595ms
241ms Script
application/javascript 51.222.244.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://uv60.cn/tj/tongji.js?v=2.08

Requested by

Host: xss9.com
URL: https://xss9.com/FWkB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.222.244.150 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5005926.ip-51-222-244.net

Software

nginx /

Resource Hash

2c60a4ba87818b0c31e5993bd2b6e173ac40358604d57a58acea3c38d313940e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:53 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Thu, 30 May 2024 04:56:57 GMT
Server: nginx
ETag: W/"66580719-da2e"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 o.js Show response
dns.efangcdn.com/ 47 KB
48 KB 27ms
4ms Script
text/plain 128.1.157.224
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: https://dns.efangcdn.com/o.js
Requested by: Host: xss9.com
URL: https://xss9.com/FWkB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 128.1.157.224 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: Tengine /
Resource Hash: e86c9175c7f1254c003370cc24af7c0530a3a5a9bfde54c19430ecb3a6dbd4f7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 11:32:15 GMT
via: cache16.l2jp1[391,390,200-0,M], cache26.l2jp1[393,0], cache18.jp6[0,0,200-0,H], cache3.jp6[0,0]
age: 1055078
x-swift-cachetime: 2592000
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 04 Jun 2024 11:32:15 GMT
content-length: 48415
server: Tengine
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: text/plain; charset=utf-8
access-control-allow-origin
ali-swift-global-savetime: 1717500735
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
eagleid: 80019d9717185558131186129e

GET
H2 200 pages-tabBar-cart~pages-tabBar-home~pages-tabBar-my~pagesB-comment-addGoodsComment~pagesB-distributi~bf5dad70.0f3a2559.js Show response
rakutenevl.com/static/js/ 55 KB
32 KB 66ms
65ms Script
application/javascript 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenevl.com/static/js/pages-tabBar-cart~pages-tabBar-home~pages-tabBar-my~pagesB-comment-addGoodsComment~pagesB-distributi~bf5dad70.0f3a2559.js

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/static/js/index.1350bf98.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

0ff66743ebed098002a5b22632c0cd1b4ce460decf6e13b22b7358c20632d8a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 14 Jun 2024 15:08:42 GMT
server: nginx
etag: W/"666c5cfa-dce0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 04:36:51 GMT

GET
H2 200 pages-tabBar-home~pages-tabBar-my~pagesC-goods-categoryGoods~pagesC-goods-goodsDetails~pagesC-live-i~8493a961.2b13783b.js Show response
rakutenevl.com/static/js/ 30 KB
6 KB 85ms
84ms Script
application/javascript 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenevl.com/static/js/pages-tabBar-home~pages-tabBar-my~pagesC-goods-categoryGoods~pagesC-goods-goodsDetails~pagesC-live-i~8493a961.2b13783b.js

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/static/js/index.1350bf98.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

6e76c7c46065257ea04a7780f8a1f92e0b9e59b952e6a0c51029082889322d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 14 Jun 2024 15:08:43 GMT
server: nginx
etag: W/"666c5cfb-7711"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 04:36:51 GMT

GET
H2 200 pages-tabBar-home.9b6e1303.js Show response
rakutenevl.com/static/js/ 128 KB
25 KB 99ms
99ms Script
application/javascript 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenevl.com/static/js/pages-tabBar-home.9b6e1303.js

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/static/js/index.1350bf98.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

9ed2bd854789a2f46047add8df599d78a142d112d0a183e69a011920dc1162ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 14 Jun 2024 15:08:43 GMT
server: nginx
etag: W/"666c5cfb-201b3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 04:36:51 GMT

GET
H2 200 home_active.png
rakutenevl.com/static/images/tabbar/ 1 KB
1 KB 86ms
85ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenevl.com/static/images/tabbar/home_active.png

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

1fd7ca29f3eff6bfcec02633be23b6a65cf2c2ebfe0dcf8373f83e18414d7e47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 14 Jun 2024 15:09:20 GMT
server: nginx
etag: "666c5d20-501"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1281
expires: Tue, 16 Jul 2024 16:36:51 GMT

GET
H2 200 category.png
rakutenevl.com/static/images/tabbar/ 2 KB
2 KB 88ms
87ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenevl.com/static/images/tabbar/category.png

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

cf8fdf312634504b333135a3817d646bce8c27688cbf33e5c3bb444f1c11d7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 14 Jun 2024 15:09:19 GMT
server: nginx
etag: "666c5d1f-750"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1872
expires: Tue, 16 Jul 2024 16:36:51 GMT

GET
H2 200 cart.png
rakutenevl.com/static/images/tabbar/ 887 B
1 KB 89ms
89ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenevl.com/static/images/tabbar/cart.png

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

41e3321f8b17d1d704eecc54604bf024fb0d5c6e69f40744f0e981c4f448fdb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 14 Jun 2024 15:09:19 GMT
server: nginx
etag: "666c5d1f-377"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 887
expires: Tue, 16 Jul 2024 16:36:51 GMT

GET
H2 200 customer_service.png
rakutenevl.com/static/images/tabbar/ 22 KB
22 KB 103ms
103ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenevl.com/static/images/tabbar/customer_service.png

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

66685651e610b7449bf2caff4766df085d3f868f42cf824fe57bab6ecd1c86ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 14 Jun 2024 15:09:19 GMT
server: nginx
etag: "666c5d1f-56a9"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22185
expires: Tue, 16 Jul 2024 16:36:51 GMT

GET
H2 200 personal.png
rakutenevl.com/static/images/tabbar/ 902 B
1 KB 109ms
108ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenevl.com/static/images/tabbar/personal.png

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

62e1850bb1f34008190c980c84500c371e6d48f6c49ed23d1620e8acdfb07fed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 14 Jun 2024 15:09:20 GMT
server: nginx
etag: "666c5d20-386"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 902
expires: Tue, 16 Jul 2024 16:36:51 GMT

OPTIONS getShowConfig
rakutenn156.com/api/Config/ 0
0

POST getShowConfig
rakutenn156.com/api/Config/ 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 441ms
210ms Script
application/javascript 111.45.11.83
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?b5872be0cccfc94f1320039f66b0577d

Requested by

Host: useragent.top
URL: https://useragent.top/jquery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

5e4ba7c31c6a94f0edb5beca3f6323949c0aef0b93755b84ec7ce4c64e67daa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:53 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: e652de012e89a7ffe8d9b23719b95637
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11253

GET
H2 200 bid Show response
ck.efangcdn.com/ 349 B
788 B 314ms
102ms Script
application/json 23.224.30.106
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ck.efangcdn.com/bid?url=https%3A%2F%2Frakutenevl.com%2F%23%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-540&ws=1600x1200&gdm=8&iw=0&cpn=12&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=7539ae1f8883ad73615cdc3682c54214&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by: Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: a3851edda0ecc3a8f76536d4ef66c341473d8cf3561a20b6ce2d7b8f9795dd01

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:53 GMT
server: nginx
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: application/json
access-control-allow-origin
x-cache: MISS
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 349

GET
H2 200 bid Show response
ck.efangcdn.com/ 349 B
786 B 316ms
104ms Script
application/json 23.224.30.106
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ck.efangcdn.com/bid?url=https%3A%2F%2Frakutenevl.com%2F%23%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-540&ws=1600x1200&gdm=8&iw=0&cpn=12&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=5929e943983d377566e8a5d9be0f9d28&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by: Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 4cbc701803ad644ca94b568b5587ed4ddb89d9a8de43992362063e130819ca32

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:53 GMT
server: nginx
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: application/json
access-control-allow-origin
x-cache: MISS
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 349

GET
H2 200 bid Show response
ck.efangcdn.com/ 349 B
787 B 314ms
103ms Script
application/json 23.224.30.106
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ck.efangcdn.com/bid?url=https%3A%2F%2Frakutenevl.com%2F%23%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-540&ws=1600x1200&gdm=8&iw=0&cpn=12&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3346&rid=2c7fb7dfb676c5e3a56d24e9b30cf988&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by: Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d27d73a1e4fb28a5383cc352e58893721fced11128f5325f38d4643ad992fa4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:53 GMT
server: nginx
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: application/json
access-control-allow-origin
x-cache: MISS
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 349

GET
H2 200 icon-shopcart.png
rakutenevl.com/static/images/ 1 KB
1 KB 51ms
51ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenevl.com/static/images/icon-shopcart.png

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

844cca652f7e5036336d11de228a166463f488421a53b027bb0f7b3aa5706604

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 14 Jun 2024 15:08:27 GMT
server: nginx
etag: "666c5ceb-48e"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1166
expires: Tue, 16 Jul 2024 16:36:51 GMT

GET
H2 200 icon-chat.png
rakutenevl.com/static/images/ 1 KB
2 KB 53ms
53ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenevl.com/static/images/icon-chat.png

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

40bfa38a73b97c255bf552445a2ba381dc52f23997ec9d407bd150e67d741754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 14 Jun 2024 15:08:26 GMT
server: nginx
etag: "666c5cea-57a"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1402
expires: Tue, 16 Jul 2024 16:36:51 GMT

GET
H2 200 icon-translation.png
rakutenevl.com/static/images/ 763 B
969 B 54ms
54ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenevl.com/static/images/icon-translation.png

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

5704d46e0ff6e9884ac28472dcca629353118c1c302991ef35ffea028aac5418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:51 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 14 Jun 2024 15:08:28 GMT
server: nginx
etag: "666c5cec-2fb"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 763
expires: Tue, 16 Jul 2024 16:36:51 GMT

GET
DATA 200
OK truncated
/ 25 KB
25 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30862aa5ef1388afc385160c37ddccc834854feb3c0cd658141c9bd6a4f11479

Request headers

Referer
Origin: https://rakutenevl.com
Accept-Language: ja-JP,ja;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

POST getAdByTag
rakutenn156.com/api/Ad/ 0
0

OPTIONS
H2 200 getAdByTag
rakutenn156.com/api/Ad/ 0
0 200ms
199ms Preflight
text/html 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenn156.com/api/Ad/getAdByTag?lang=zh-cn&?t=1718555813500

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rakutenevl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 16 Jun 2024 16:36:51 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

POST
H2 200 getAdByTag Show response
rakutenn156.com/api/Ad/ 393 B
524 B 223ms
222ms XHR
text/html 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenn156.com/api/Ad/getAdByTag?lang=zh-cn&?t=1718555813500

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/static/js/chunk-vendors.e8ca6031.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

a7a86a9caffd71a0aec4871fe29490a5ec9a971ccb8a33154e42586b77fb03c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 16:36:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

OPTIONS
H2 200 getAdByTag
rakutenn156.com/api/Ad/ 0
0 160ms
160ms Preflight
text/html 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenn156.com/api/Ad/getAdByTag?lang=zh-cn&?t=1718555813500

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rakutenevl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 16 Jun 2024 16:36:51 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

OPTIONS
H2 200 getIndexShowcase
rakutenn156.com/api/Index/ 0
0 158ms
158ms Preflight
text/html 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenn156.com/api/Index/getIndexShowcase?lang=zh-cn&?t=1718555813501

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://rakutenevl.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 16 Jun 2024 16:36:51 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

POST
H2 200 getIndexShowcase Show response
rakutenn156.com/api/Index/ 3 KB
2 KB 714ms
714ms XHR
text/html 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenn156.com/api/Index/getIndexShowcase?lang=zh-cn&?t=1718555813501

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/static/js/chunk-vendors.e8ca6031.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

b6e8bdfb743d80ce526adea9a10f63312c307cb6f9294f3d026a6948dcea415c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 16:36:52 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST getRecommendShops
rakutenn156.com/api/Shops/ 0
0

OPTIONS getRecommendShops
rakutenn156.com/api/Shops/ 0
0

POST getGoodsList
rakutenn156.com/api/Index/ 0
0

OPTIONS getGoodsList
rakutenn156.com/api/Index/ 0
0

POST indexInfo
rakutenn156.com/api/Index/ 0
0

OPTIONS indexInfo
rakutenn156.com/api/Index/ 0
0

OPTIONS getMenuList
rakutenn156.com/api/NavMenu/ 0
0

POST getMenuList
rakutenn156.com/api/NavMenu/ 0
0

POST getIndexNavList
rakutenn156.com/api/Index/ 0
0

OPTIONS getIndexNavList
rakutenn156.com/api/Index/ 0
0

GET
H/1.1 200
OK start Show response
uv60.cn/api/v1/api2/statistics/ 102 B
830 B 244ms
243ms XHR
application/json 51.222.244.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://uv60.cn/api/v1/api2/statistics/start?s=13e15343743a84bff9235a19447d75d8&d=MjEwbE0zc1k5M2wrbmk1bmh3MXJJTExtaDk3WGRmT1ZTenhLeks3Tzl0VXNZdm5aVFNpUE9BR09vcm5SS3E4NmFtcWpqUlZKQURUdlB5Q3B6dHVVMDZpaFhYM0t2cDZIVkFZY0VRbExONnFDbjJINnBJR2xyY3pROWtYOGF2emY4YVJ1d0FkQU9lRGc2V3BGeFZtYVpwbmFLcTc2Y1Z4OWlGSTRuTEtjQVRLY3k0M25MSlBhL2RDd3Q3ai9qM0JYSnNHSlA2YmtoUmJhdENOK0tVcmhJRnZkVGV3czkvSlZkRy8zMlVwQ25NOUo5K0R2RGZSeGpwQ016enhjMndkWHIrZlI4RHE3eWYyUDIyUC90ZU16UTlPbDdaRFJxanVmaG1MY1YvaDIvalhranRRQnh3c2xvWE44NHRLWkhqYnVsaHdtMHh4em92amxUeW9PNE11eTBRPT0=&t=1718555813845

Requested by

Host: uv60.cn
URL: https://uv60.cn/tj/tongji.js?v=2.08

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.222.244.150 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5005926.ip-51-222-244.net

Software

nginx /

Resource Hash

1ba38951b78a55a0ed3330f395a314181ad89e34810cfe37dc6bf9f2c30dcd3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:54 GMT
Strict-Transport-Security: max-age=31536000
Server: nginx
Access-Control-Max-Age: 10080
Access-Control-Allow-Methods: POST,GET,DELETE,OPTIONS,HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://rakutenevl.com
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: lang,signature,key,timestamp,secret,Content-Type,form-type,Content-Length,Accept-Encoding,X-Requested-with, x-token,x_token,x-user-id,x-c,x-xsrf-token, Origin, Authorization
Content-Length: 102

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 185ms
184ms Image
image/gif 111.45.11.83
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=ja-jp&lo=0&rnd=475024078&si=b5872be0cccfc94f1320039f66b0577d&v=1.3.0&lv=1&sn=31509&r=0&ww=1600&u=https%3A%2F%2Frakutenevl.com%2F%23%2F&tt=%E9%A6%96%E9%A1%B5

Requested by

Host: rakutenevl.com
URL: https://rakutenevl.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenevl.com/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Sun, 16 Jun 2024 16:36:53 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET

/
onlycash01.xyz/
Redirect Chain

https://rakutenevl.com/favicon.ico
http://onlycash01.xyz/

0
0

GET
H2 200 Primary Request 1.html Show response
5j2r.xyz/ 3 KB
1 KB 167ms
52ms Document
text/html 192.161.87.164
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://5j2r.xyz/1.html?channelCode=lgjc16

Requested by

Host: xss9.com
URL: https://xss9.com/FWkB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.161.87.164 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

bb6c3a3cf3ec55d3782262dc99c77a52c8f9578a39e3bc4d425f9b4bec4d287a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://rakutenevl.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 16 Jun 2024 16:36:56 GMT
etag: W/"666eb3e5-a4f"
last-modified: Sun, 16 Jun 2024 09:44:05 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET shadow-grey.png
cdn.dcloud.net.cn/img/ 0
0

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 49ms
18ms Script
application/javascript 163.181.23.191
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.23.191 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 15 Jun 2024 07:55:20 GMT
via: cache17.l2jp1[1370,1370,304-0,M], cache10.l2jp1[1372,0], ens-cache11.jp7[0,0,200-0,H], ens-cache11.jp7[0,0]
content-encoding: gzip
x-oss-request-id: 666D48E82A7519383258E4CC
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
age: 117696
x-swift-cachetime: 1296000
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-oss-cdn-auth: success
x-swift-savetime: Sat, 15 Jun 2024 07:55:20 GMT
content-length: 12846
x-oss-object-type: Normal
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
server: Tengine
etag: "24BB520E9517F2ED3ED987B46AEAF723"
vary: Accept-Encoding
ali-swift-global-savetime: 1718438120
content-type: application/javascript
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5143829838470429443
eagleid: a3b5179f17185558163404558e
x-oss-server-time: 2

GET
H2 200 m.css
5j2r.xyz/css/ 22 KB
5 KB 61ms
53ms Stylesheet
text/css 192.161.87.164
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://5j2r.xyz/css/m.css

Requested by

Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.161.87.164 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

e83bd6b0888a964c351472e63b1e2d785f66fb77f07424294b79e036810ee078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 02 Apr 2023 10:04:44 GMT
server: nginx
etag: W/"6429533c-5839"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 04:36:56 GMT

GET
H/1.1 200
OK jquery-3.5.1.mina.js Show response
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 88 KB
88 KB 149ms
128ms Script
text/javascript 43.128.240.54
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/jquery-3.5.1.mina.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.128.240.54 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:56 GMT
x-cos-hash-crc64ecma: 9627465483673714013
Last-Modified: Sat, 15 Jun 2024 09:41:12 GMT
Server: tencent-cos
ETag: "cf2fbbf84281d9ecbffb4993203d543b"
Content-Type: text/javascript
x-cos-request-id: NjY2ZjE0YThfZjY3MTUzMGJfMTBlOTVfMjE2NDZlMA==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 89947

GET
H/1.1 200
OK flexible3.js Show response
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 2 KB
3 KB 151ms
132ms Script
text/javascript 43.128.240.54
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/flexible3.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.128.240.54 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 4fb38a8ec69704a9999aa8902d961bc31a6e924a9e3773125f9f90fe8c976f9d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:56 GMT
x-cos-hash-crc64ecma: 6231984596528586936
Last-Modified: Sat, 15 Jun 2024 09:41:12 GMT
Server: tencent-cos
ETag: "c52b622d85861de412b36e66bb49bfe2"
Content-Type: text/javascript
x-cos-request-id: NjY2ZjE0YThfZTU2YzUzMGJfMTE2OGZfMjE3ODQwZA==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 2477

GET
H/1.1 200
OK algppinstall.js Show response
xjsbw-1326572717.cos.accelerate.myqcloud.com/ 46 KB
47 KB 168ms
148ms Script
text/javascript 43.128.240.55
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/algppinstall.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.128.240.55 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:56 GMT
x-cos-hash-crc64ecma: 347442768461482610
Last-Modified: Sat, 15 Jun 2024 09:46:06 GMT
Server: tencent-cos
ETag: "8a14913360cd89f0812ea4971df5a16b"
Content-Type: text/javascript
x-cos-request-id: NjY2ZjE0YThfZTU2YzUzMGJfMTE2YThfMjEyMjAyYQ==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 47585

GET
H/1.1 200
OK qh1.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 73 KB
74 KB 255ms
236ms Image
image/gif 43.128.240.54
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/qh1.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.128.240.54 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 801f201423627ef83919d8d991784ab75fcd705efead135dcaae3b4d1dd14c20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:56 GMT
x-cos-hash-crc64ecma: 2187570150754227116
Last-Modified: Sat, 15 Jun 2024 09:30:46 GMT
Server: tencent-cos
ETag: "e6c1bbe6837032c790aaab02d8851d26"
Content-Type: image/gif
x-cos-request-id: NjY2ZjE0YThfYzVkNDIwMDlfY2I0MV8xNWJhYmM1
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 74973

GET
H/1.1 200
OK zn2.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 746 KB
746 KB 141ms
122ms Image
image/gif 43.128.240.54
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/zn2.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.128.240.54 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: e4e27e2817822c1acf3f16550dbcc73712b6fff77ed6587aa6cbbd3fe9932083

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:56 GMT
x-cos-hash-crc64ecma: 13832222487262166503
Last-Modified: Sat, 15 Jun 2024 09:30:29 GMT
Server: tencent-cos
ETag: "e73e46d0275b9984a1a60c388457b5ac"
Content-Type: image/gif
x-cos-request-id: NjY2ZjE0YThfNWQ0MjAwOV8yNmZmXzE1ZDBiMzQ=
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 763609

GET
H/1.1 200
OK tz3x.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 50 KB
51 KB 125ms
124ms Image
image/gif 43.128.240.54
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/tz3x.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.128.240.54 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: c7b6a3005a9265403191093f3f1e55b8e0db8a263c88506f97128d9f9b5c50cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:56 GMT
x-cos-hash-crc64ecma: 14552864455044849192
Last-Modified: Sat, 15 Jun 2024 09:31:04 GMT
Server: tencent-cos
ETag: "7a0441574f9a67f0aa345fa0d7c62c32"
Content-Type: image/gif
x-cos-request-id: NjY2ZjE0YThfZjY3MTUzMGJfMTBlODBfMjE2MjkyNA==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 51453

GET
H/1.1 200
OK s04.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 108 KB
109 KB 122ms
121ms Image
image/png 43.128.240.54
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/s04.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.128.240.54 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: b8fc8a306d82b4198321c5f4055f00e636779590a602e1b4dfad89703566383f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:56 GMT
x-cos-hash-crc64ecma: 13631132043071439057
Last-Modified: Sat, 15 Jun 2024 09:31:22 GMT
Server: tencent-cos
ETag: "1fad669352ec0f9dc540e6666ed02b5d"
Content-Type: image/png
x-cos-request-id: NjY2ZjE0YThfZTU2YzUzMGJfMTE2OTNfMjE1MWNmNQ==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 110821

GET
H/1.1 200
OK qrcode.minfo3.js Show response
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 19 KB
20 KB 257ms
244ms Script
text/javascript 43.128.240.54
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/qrcode.minfo3.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.128.240.54 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:56 GMT
x-cos-hash-crc64ecma: 17632674935737242381
Last-Modified: Sat, 15 Jun 2024 09:41:12 GMT
Server: tencent-cos
ETag: "517b55d3688ce9ef1085a3d9632bcb97"
Content-Type: text/javascript
x-cos-request-id: NjY2ZjE0YThfNzdjZTIwMDlfYjBjNV8yMWViZGY1
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 19927

GET
H2 200 layer.min.js Show response
5j2r.xyz/js/ 15 KB
6 KB 57ms
56ms Script
application/javascript 192.161.87.164
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://5j2r.xyz/js/layer.min.js

Requested by

Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.161.87.164 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

f63e1469b6bdacf9dd7dbd632018d0a2eee39c0d831a680e4fc6b14f7b047b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 03 Apr 2023 07:12:02 GMT
server: nginx
etag: W/"642a7c42-3a61"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 04:36:56 GMT

GET
H/1.1 200
OK tc15tr.js Show response
xjsbw-1326572717.cos.accelerate.myqcloud.com/ 4 KB
5 KB 133ms
133ms Script
text/javascript 43.128.240.55
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/tc15tr.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.128.240.55 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 68104e53fb4744111bc3a5a6d4dfefa5aef8ca0f2c1c28163239d857571ceebd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:56 GMT
x-cos-hash-crc64ecma: 4512808734867666067
Last-Modified: Sat, 15 Jun 2024 09:47:03 GMT
Server: tencent-cos
ETag: "b0cab6d73e889313b62763de89d751d5"
Content-Type: text/javascript
x-cos-request-id: NjY2ZjE0YThfZTU2YzUzMGJfMTE2ODVfMjE2MGM4NQ==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 4209

POST
H/1.1 200
OK collect Show response
collect-v6.51.la/v6/ 0
611 B 3376ms
3367ms XHR
text/plain 128.1.157.196

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 128.1.157.196 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 16:36:59 GMT
Via: cache13.l2jp1[3361,3361,200-0,M], cache13.l2jp1[3362,0], cache6.jp6[3364,3363,200-0,M], cache6.jp6[3365,0]
Server: Tengine
X-Swift-CacheTime: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Ali-Swift-Global-Savetime: 1718555819
X-Cache: MISS TCP_MISS dirn:-2:-2
Access-Control-Allow-Origin: https://5j2r.xyz
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Swift-SaveTime: Sun, 16 Jun 2024 16:36:59 GMT
Timing-Allow-Origin: *
Content-Length: 0
EagleId: 80019d9a17185558163825658e

GET
H2 200 layer.css
5j2r.xyz/css/ 14 KB
4 KB 53ms
52ms Stylesheet
text/css 192.161.87.164
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://5j2r.xyz/css/layer.css

Requested by

Host: 5j2r.xyz
URL: https://5j2r.xyz/js/layer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.161.87.164 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ca72b169e49ec2ff077ff693483afb1f3d796be88dd04bcbe9b32360b4fd7ed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:56 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Jul 2023 09:41:24 GMT
server: nginx
etag: W/"64ae7544-39a2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 04:36:56 GMT

POST
H2 200 init Show response
vp6rhkoadwvvx4g.huabanwl.com/web/yuoqfl/lgjc16/ 769 B
1016 B 282ms
64ms XHR
application/json 170.33.13.110
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://vp6rhkoadwvvx4g.huabanwl.com:6443/web/yuoqfl/lgjc16/init?channelCode=lgjc16&av=0&cv=0&hash=&server=https%3A%2F%2Fvp6rhkoadwvvx4g.huabanwl.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4ow

Requested by

Host: xjsbw-1326572717.cos.accelerate.myqcloud.com
URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/algppinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

cbefe7d9b0ed1204cedc5b1ab60dc293ad87c1ecef6bf7a1f6156d0c12e3c9bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 16 Jun 2024 16:36:57 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
server: NgxFence
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://5j2r.xyz
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 839bc2639db03e319d6a7a2a5a53757e212d8e2957b30fe9837485fa20bc177b

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 favicon.ico
5j2r.xyz/picture/ 55 KB
55 KB 69ms
69ms Other
image/x-icon 192.161.87.164
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://5j2r.xyz/picture/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.161.87.164 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

18fe81616fe343f7b62da323dc2f90fd9ad043ade6ebe694975cd6b5fa0ad512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:57 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03 Apr 2023 07:15:14 GMT
server: nginx
etag: "642a7d02-dbcb"
content-type: image/x-icon
accept-ranges: bytes
content-length: 56267

POST
H2 200 eyJjIjoibGdqYzE2IiwibSI6IlB2ZjRLX0tYYmNzQUFBR1FJZWkwbGw4UGp0MnhSTEZUWnQwaXFXRExzUTdQbTNjcmliUnNFb3p0VVhMYWpHMUJfWTRQcTBjODVyVHc1bUpDb2hZeFdxbWJDWjlUYXhHNXJOa015TlVlNjVVajJWOElMU054aDJyZzJ5cmFxVUk3L...
vp6rhkoadwvvx4g.huabanwl.com/web/yuoqfl/lgjc16/clicked/c/ 0
376 B 55ms
55ms Ping
text/plain 170.33.13.110
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://vp6rhkoadwvvx4g.huabanwl.com:6443/web/yuoqfl/lgjc16/clicked/c/eyJjIjoibGdqYzE2IiwibSI6IlB2ZjRLX0tYYmNzQUFBR1FJZWkwbGw4UGp0MnhSTEZUWnQwaXFXRExzUTdQbTNjcmliUnNFb3p0VVhMYWpHMUJfWTRQcTBjODVyVHc1bUpDb2hZeFdxbWJDWjlUYXhHNXJOa015TlVlNjVVajJWOElMU054aDJyZzJ5cmFxVUk3LXcifQ==?p=0&ref=https%3A%2F%2F5j2r.xyz%2F1.html%3FchannelCode%3Dlgjc16&ac=0&cc=0&channelCode=lgjc16

Requested by

Host: xjsbw-1326572717.cos.accelerate.myqcloud.com
URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/algppinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),

Reverse DNS

Software

NgxFence /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: ja-JP,ja;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 16:36:57 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
server: NgxFence
vary: Origin, Origin
access-control-allow-origin: https://5j2r.xyz
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0

GET
H2

200

5a3ed00692166582aa3651697d18194b.apk
jiarenxin.hnyuxiangyuan.com/public/
Redirect Chain

https://vp6rhkoadwvvx4g.huabanwl.com:6443/page/yuoqfl/install/c/eyJjIjoibGdqYzE2IiwibSI6Ik80eTVIMFpIZm00QUFBR1FJZWkwbGlvbHoyampWcEtEQS1NeElNRksyQzdjSTFaZF83d1o2VjV6bGJodUM4aG12RE9fejZDbXdCSHdpV1Azd...
https://2akctg.jfdh168.com/ossapk/3qcz4f8f13086c
https://jiarenxin.hnyuxiangyuan.com/public/5a3ed00692166582aa3651697d18194b.apk?auth_key=1718555818-0-0-d0607da41cf591aa1ff0489f90607f01

0
0

704ms
418ms

Document
application/octet-stream

120.209.209.15

General

Check archive.org

Show headers Download Go to

Full URL: https://jiarenxin.hnyuxiangyuan.com/public/5a3ed00692166582aa3651697d18194b.apk?auth_key=1718555818-0-0-d0607da41cf591aa1ff0489f90607f01
Requested by: Host: xjsbw-1326572717.cos.accelerate.myqcloud.com
URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/algppinstall.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 120.209.209.15 -, , ASN (),
Reverse DNS
Software: TorNet /
Resource Hash

Request headers

Accept-Language: ja-JP,ja;q=0.9;q=0.9
Referer: https://5j2r.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 283
content-length: 41259587
content-type: application/octet-stream
date: Sun, 16 Jun 2024 16:36:58 GMT
etag: "987b6dd3b25036ec3de5843ae54ffbd6"
last-modified: Sun, 16 Jun 2024 16:32:12 GMT
server: TorNet
via: 1.1 aeeecbfe839d83f73c414e665186a0d6.cloudfront.net (CloudFront)
x-amz-cf-id: abpioxNTxbkCWXJTq3etoZ7e0qNGNLQKtirSnl25wusY4FmtquHe1w==
x-amz-cf-pop: HKG1-P1
x-amz-server-side-encryption: AES256
x-cache: MISS

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Sun, 16 Jun 2024 16:36:58 GMT
Location: https://jiarenxin.hnyuxiangyuan.com/public/5a3ed00692166582aa3651697d18194b.apk?auth_key=1718555818-0-0-d0607da41cf591aa1ff0489f90607f01
Server: Cracker

GET favicon.ico
sdaqyi.cn/tcewm/picture/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/Config/getShowConfig?lang=zh-cn&?t=1718555813381

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/Config/getShowConfig?lang=zh-cn&?t=1718555813381

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/Ad/getAdByTag?lang=zh-cn&?t=1718555813500

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/Shops/getRecommendShops?lang=zh-cn&?t=1718555813501

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/Shops/getRecommendShops?lang=zh-cn&?t=1718555813501

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/Index/getGoodsList?lang=zh-cn&?t=1718555813501

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/Index/getGoodsList?lang=zh-cn&?t=1718555813501

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/Index/indexInfo?lang=zh-cn&?t=1718555813501

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/Index/indexInfo?lang=zh-cn&?t=1718555813501

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/NavMenu/getMenuList?lang=zh-cn&?t=1718555813501

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/NavMenu/getMenuList?lang=zh-cn&?t=1718555813501

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/Index/getIndexNavList?lang=zh-cn&?t=1718555813501

Domain: rakutenn156.com
URL: https://rakutenn156.com/api/Index/getIndexNavList?lang=zh-cn&?t=1718555813501

Domain: onlycash01.xyz
URL: http://onlycash01.xyz/

Domain: cdn.dcloud.net.cn
URL: https://cdn.dcloud.net.cn/img/shadow-grey.png

Domain: sdaqyi.cn
URL: https://sdaqyi.cn/tcewm/picture/favicon.ico

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ck.efangcdn.com/	1970-01-20 21:26:55	Name: geo Value: %E8%8D%B7%E5%85%B0%2F%2F%E5%85%B6%E4%BB%96
ck.efangcdn.com/	1970-01-21 06:00:59	Name: oid Value: a3839172-2bfe-11ef-81dc-44a842470231
.hm.baidu.com/	1970-01-21 06:58:35	Name: HMACCOUNT_BFESS Value: 872364DED02B02C0
.rakutenevl.com/	1970-01-21 06:08:11	Name: Hm_lvt_b5872be0cccfc94f1320039f66b0577d Value: 1718555814
.rakutenevl.com/	1969-12-31 23:59:59	Name: Hm_lpvt_b5872be0cccfc94f1320039f66b0577d Value: 1718555814
rakutenevl.com/	1970-01-20 21:24:02	Name: last_visit Value: 1
5j2r.xyz/	1969-12-31 23:59:59	Name: __vtins__KTUtxrrRn2uIdhPe Value: %7B%22sid%22%3A%20%22328ff0b4-edd1-50a3-8e6f-f06e23700ebb%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201718557616359%2C%20%22ct%22%3A%201718555816359%7D
5j2r.xyz/	1970-01-21 06:58:35	Name: __51uvsct__KTUtxrrRn2uIdhPe Value: 1
5j2r.xyz/	1970-01-21 06:58:35	Name: __51vcke__KTUtxrrRn2uIdhPe Value: 2b8adef5-4107-51d9-a6ed-8a4bdadb5d6b
5j2r.xyz/	1970-01-21 06:58:35	Name: __51vuft__KTUtxrrRn2uIdhPe Value: 1718555816361

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://rakutenevl.com/#/ Message: Access to XMLHttpRequest at 'https://rakutenn156.com/api/Config/getShowConfig?lang=zh-cn&?t=1718555813381' from origin 'https://rakutenevl.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network	error	URL: https://rakutenn156.com/api/Config/getShowConfig?lang=zh-cn&?t=1718555813381 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rakutenevl.com/#/ Message: Access to XMLHttpRequest at 'https://rakutenn156.com/api/Shops/getRecommendShops?lang=zh-cn&?t=1718555813501' from origin 'https://rakutenevl.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network	error	URL: https://rakutenn156.com/api/Shops/getRecommendShops?lang=zh-cn&?t=1718555813501 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rakutenevl.com/#/ Message: Access to XMLHttpRequest at 'https://rakutenn156.com/api/Index/getGoodsList?lang=zh-cn&?t=1718555813501' from origin 'https://rakutenevl.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network	error	URL: https://rakutenn156.com/api/Index/getGoodsList?lang=zh-cn&?t=1718555813501 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rakutenevl.com/#/ Message: Access to XMLHttpRequest at 'https://rakutenn156.com/api/Index/indexInfo?lang=zh-cn&?t=1718555813501' from origin 'https://rakutenevl.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network	error	URL: https://rakutenn156.com/api/Index/indexInfo?lang=zh-cn&?t=1718555813501 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rakutenevl.com/#/ Message: Access to XMLHttpRequest at 'https://rakutenn156.com/api/NavMenu/getMenuList?lang=zh-cn&?t=1718555813501' from origin 'https://rakutenevl.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network	error	URL: https://rakutenn156.com/api/NavMenu/getMenuList?lang=zh-cn&?t=1718555813501 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rakutenevl.com/#/ Message: Access to XMLHttpRequest at 'https://rakutenn156.com/api/Index/getIndexNavList?lang=zh-cn&?t=1718555813501' from origin 'https://rakutenevl.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
network	error	URL: https://rakutenn156.com/api/Index/getIndexNavList?lang=zh-cn&?t=1718555813501 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://rakutenevl.com/#/ Message: Access to XMLHttpRequest at 'https://rakutenn156.com/api/Ad/getAdByTag?lang=zh-cn&?t=1718555813500' from origin 'https://rakutenevl.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://rakutenn156.com/api/Ad/getAdByTag?lang=zh-cn&?t=1718555813500 Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://rakutenevl.com/#/ Message: Mixed Content: The page at 'https://rakutenevl.com/#/' was loaded over HTTPS, but requested an insecure favicon 'http://onlycash01.xyz/'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://sdaqyi.cn/tcewm/picture/favicon.ico Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2akctg.jfdh168.com
5j2r.xyz
cdn.dcloud.net.cn
ck.efangcdn.com
collect-v6.51.la
dns.efangcdn.com
hm.baidu.com
j1sxh-1326572717.cos.accelerate.myqcloud.com
jiarenxin.hnyuxiangyuan.com
onlycash01.xyz
rakutenevl.com
rakutenn156.com
sdaqyi.cn
sdk.51.la
useragent.top
uv60.cn
vp6rhkoadwvvx4g.huabanwl.com
xjsbw-1326572717.cos.accelerate.myqcloud.com
xss9.com
cdn.dcloud.net.cn
onlycash01.xyz
rakutenn156.com
sdaqyi.cn
111.45.11.83
120.209.209.15
128.1.157.196
128.1.157.224
13.213.18.30
163.181.23.191
170.33.13.110
172.67.172.54
192.161.87.164
206.119.178.109
23.224.30.106
43.128.240.54
43.128.240.55
45.32.65.219
51.222.244.150
0cbe21cbd48de683ef65476d5eef01398e97cd11130758352c99f9eb5b266da6
0da557c324b3144ce723ba6ca7e77b4936b07f0b5139510b891179f26341fcec
0ff66743ebed098002a5b22632c0cd1b4ce460decf6e13b22b7358c20632d8a3
18fe81616fe343f7b62da323dc2f90fd9ad043ade6ebe694975cd6b5fa0ad512
1ba38951b78a55a0ed3330f395a314181ad89e34810cfe37dc6bf9f2c30dcd3f
1fd7ca29f3eff6bfcec02633be23b6a65cf2c2ebfe0dcf8373f83e18414d7e47
2c60a4ba87818b0c31e5993bd2b6e173ac40358604d57a58acea3c38d313940e
30862aa5ef1388afc385160c37ddccc834854feb3c0cd658141c9bd6a4f11479
40bfa38a73b97c255bf552445a2ba381dc52f23997ec9d407bd150e67d741754
41e3321f8b17d1d704eecc54604bf024fb0d5c6e69f40744f0e981c4f448fdb2
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4cbc701803ad644ca94b568b5587ed4ddb89d9a8de43992362063e130819ca32
4fb38a8ec69704a9999aa8902d961bc31a6e924a9e3773125f9f90fe8c976f9d
5394eedc56bb8bc4e20da37292f4cbbe36d85dec294d4e98b6c90f167ea62254
5704d46e0ff6e9884ac28472dcca629353118c1c302991ef35ffea028aac5418
5e11a4a057c2ad6f90f47d84e7d16b0db43b339652c34cf1b6aef45829bf8166
5e4ba7c31c6a94f0edb5beca3f6323949c0aef0b93755b84ec7ce4c64e67daa3
62e1850bb1f34008190c980c84500c371e6d48f6c49ed23d1620e8acdfb07fed
66685651e610b7449bf2caff4766df085d3f868f42cf824fe57bab6ecd1c86ac
68104e53fb4744111bc3a5a6d4dfefa5aef8ca0f2c1c28163239d857571ceebd
6e76c7c46065257ea04a7780f8a1f92e0b9e59b952e6a0c51029082889322d0b
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
801f201423627ef83919d8d991784ab75fcd705efead135dcaae3b4d1dd14c20
839bc2639db03e319d6a7a2a5a53757e212d8e2957b30fe9837485fa20bc177b
844cca652f7e5036336d11de228a166463f488421a53b027bb0f7b3aa5706604
852d8e048b3d1235732bf78d8ff30de8b4777a1a70490a6a7caa0ec69478a5f0
8d27d73a1e4fb28a5383cc352e58893721fced11128f5325f38d4643ad992fa4
9ed2bd854789a2f46047add8df599d78a142d112d0a183e69a011920dc1162ad
a3851edda0ecc3a8f76536d4ef66c341473d8cf3561a20b6ce2d7b8f9795dd01
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a7a86a9caffd71a0aec4871fe29490a5ec9a971ccb8a33154e42586b77fb03c8
b6e8bdfb743d80ce526adea9a10f63312c307cb6f9294f3d026a6948dcea415c
b8fc8a306d82b4198321c5f4055f00e636779590a602e1b4dfad89703566383f
bb6c3a3cf3ec55d3782262dc99c77a52c8f9578a39e3bc4d425f9b4bec4d287a
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
c7b6a3005a9265403191093f3f1e55b8e0db8a263c88506f97128d9f9b5c50cf
ca72b169e49ec2ff077ff693483afb1f3d796be88dd04bcbe9b32360b4fd7ed4
cbefe7d9b0ed1204cedc5b1ab60dc293ad87c1ecef6bf7a1f6156d0c12e3c9bd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf8fdf312634504b333135a3817d646bce8c27688cbf33e5c3bb444f1c11d7f5
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e27e2817822c1acf3f16550dbcc73712b6fff77ed6587aa6cbbd3fe9932083
e83bd6b0888a964c351472e63b1e2d785f66fb77f07424294b79e036810ee078
e86c9175c7f1254c003370cc24af7c0530a3a5a9bfde54c19430ecb3a6dbd4f7
f63e1469b6bdacf9dd7dbd632018d0a2eee39c0d831a680e4fc6b14f7b047b92
faa6f46066d9ce6ad1efc43c894d0fe6299080f04d5f3be333c362d9b55a3803

5j2r.xyz Open in urlscan Pro 192.161.87.164 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

75 %HTTPS

0 %IPv6

16 Domains

19 Subdomains

15 IPs

5 Countries

1968 kBTransfer

3321 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

5j2r.xyz Open in urlscan Pro
192.161.87.164 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

75 %
HTTPS

0 %
IPv6

16
Domains

19
Subdomains

15
IPs

5
Countries

1968 kB
Transfer

3321 kB
Size

10
Cookies

65 HTTP transactions
3 data transactions