zhimeishe168.com Open in urlscan Pro
2606:4700:3034::ac43:9a77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://plusonenative.com/
Effective URL:
https://zhimeishe168.com/
Submission: On April 12 via manual (April 12th 2023, 8:31:10 am UTC) from NL — Scanned from NL

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3034::ac43:9a77, located in United States and belongs to CLOUDFLARENET, US. The main domain is zhimeishe168.com.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2023. Valid for: 3 months.

This is the only time zhimeishe168.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a0d:5300:10::3 2a0d:5300:10::3	135391 (AOFEI-HK ...) (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED)
1	218.93.204.41 218.93.204.41	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	182.61.201.50 182.61.201.50	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
2	2606:4700:303... 2606:4700:3034::ac43:9a77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	7

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

plusonenative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

plusonenative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

n.sinaimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0d:5300:10::3 (Hong Kong)

ASN135391 (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED, HK)

res.smzdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 218.93.204.41 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

ngbjimg.xy599.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.61.201.50 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

ziyuan.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:9a77 (United States)

ASN13335 (CLOUDFLARENET, US)

zhimeishe168.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	plusonenative.com 1 redirects plusonenative.com	22 KB
2	zhimeishe168.com zhimeishe168.com	9 KB
2	sinaimg.cn n.sinaimg.cn — Cisco Umbrella Rank: 37888	153 KB
1	baidu.com ziyuan.baidu.com — Cisco Umbrella Rank: 254353
1	xy599.com ngbjimg.xy599.com	29 KB
1	smzdm.com qnam.smzdm.com Failed res.smzdm.com — Cisco Umbrella Rank: 307490 qna.smzdm.com Failed	727 B
0	zdmimg.com Failed am.zdmimg.com Failed
20	7

	Domain	Requested by
6	plusonenative.com	1 redirects plusonenative.com
2	zhimeishe168.com	plusonenative.com zhimeishe168.com
2	n.sinaimg.cn	plusonenative.com
1	ziyuan.baidu.com	plusonenative.com
1	ngbjimg.xy599.com	plusonenative.com
1	res.smzdm.com	plusonenative.com
0	qna.smzdm.com Failed	plusonenative.com
0	qnam.smzdm.com Failed	plusonenative.com
0	am.zdmimg.com Failed	plusonenative.com
20	9

This site contains no links.

Subject Issuer	Validity	Valid
*.plusonenative.com GTS CA 1P5	`2023-04-01` - `2023-06-30`	3 months	crt.sh
www.sina.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-13`	a year	crt.sh
*.smzdm.com GeoTrust RSA CN CA G2	`2022-09-26` - `2023-10-25`	a year	crt.sh
ngbjimg.xy599.com Encryption Everywhere DV TLS CA - G1	`2023-02-24` - `2024-02-23`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.zhimeishe168.com GTS CA 1P5	`2023-03-01` - `2023-05-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://zhimeishe168.com/
Frame ID: D728B57D602D9BE93238EDD5EEFDD2F9
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

滑动验证

Page URL History Show full URLs

http://plusonenative.com/ HTTP 301
https://plusonenative.com/ Page URL
https://zhimeishe168.com/ Page URL

Page Statistics

20
Requests

60 %
HTTPS

71 %
IPv6

7
Domains

9
Subdomains

7
IPs

4
Countries

214 kB
Transfer

260 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://plusonenative.com/ HTTP 301
https://plusonenative.com/ Page URL
https://zhimeishe168.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://plusonenative.com/ HTTP 301
https://plusonenative.com/

20 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
plusonenative.com/
Redirect Chain

http://plusonenative.com/
https://plusonenative.com/

42 KB
14 KB

8528ms
8465ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://plusonenative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

992f7120b7d7b17a55da468da56a38ab27b82daa15cae925fa0cee5870ab394a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7b6a1c1e1910b91a-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 12 Apr 2023 08:31:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dANwK7GnI8a0502h2jncCxLKobxzVSb9oRb7IdD7L8RKKDIal3f5oU14BNUt8fdgcj4XRXsIGoqYRRVP%2BvVY1qbaTyFYXHDlbdS913dbOy%2BL5e0qAv26jSDX2mXPp5n2yEx7WOGCr4WesIKPJCexzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

CF-RAY: 7b6a1c1d7f35b724-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Wed, 12 Apr 2023 08:30:53 GMT
Expires: Wed, 12 Apr 2023 09:30:53 GMT
Location: https://plusonenative.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3Rrta2SjZKmytnnsw%2FsmyZuxnkuvxyZSa61K%2FGOlMf6ZfnTMROWPH3V4mflEnxFCu04MjsrUVO1ceCSHjHPvzx7pTVqZfdW14eW0G7DnPULr3dxlCjWlyGwVII7RDSNIzf2I0AzK%2BnUrlecuHdNYg%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
plusonenative.com/template/news/news07/css/ 11 KB
3 KB 273ms
272ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://plusonenative.com/template/news/news07/css/style.css

Requested by

Host: plusonenative.com
URL: https://plusonenative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

868d0ee190f2287d5d3e314e73b1a8f8c5a95bf3f7b70ea73c1e28f3d8aeb7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://plusonenative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 08:31:01 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 May 2022 16:06:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"628e540c-2b0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9k0GgqJQipAwRzxp4yKv4N6m2FNdRD4yyXh9VWIibVPXAVrEQ9a%2F%2F8AqR3STo9cPdSJHzou34fYDTDl6B8DNVfdc%2FQceS23zQq6O%2BSnnM11KR685RAqIiomczkmbuvSj9EoZm7qR3gHQhBibg2%2Fjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7b6a1c530fbab91a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 12 Apr 2023 20:31:01 GMT

GET
H2 200 4wxyjzf2xltkvehexcf6ppmr.png
plusonenative.com/images/logo/ 3 KB
3 KB 819ms
819ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://plusonenative.com/images/logo/4wxyjzf2xltkvehexcf6ppmr.png?w=230

Requested by

Host: plusonenative.com
URL: https://plusonenative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7fd3048af864accb960416a6bf209deaa742d050a3ddc517314f1a882d75b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://plusonenative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 08:31:02 GMT
strict-transport-security: max-age=31536000
cf-cache-status: MISS
last-modified: Wed, 12 Apr 2023 08:31:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqzNhqVjzUotgjsSlN2445ApsG79fxXliWvtytqWjZBtsbI90kU2afz5phgRAJ0RHUIJDlsKUAovuhfrx569At9tnDc2amaSQDSw1zZU1EtYMXeo%2BNwJKs84GjdqN7vSXS79tW69jxFW%2FkkySW0neQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 7b6a1c530fbcb91a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET 642e2209b4d157101.jpg_e1080.jpg
am.zdmimg.com/202304/06/ 0
0

GET
H2 200 Boa2-fxpwyhw9789376.jpg
n.sinaimg.cn/front/w440h496/20180311/ 95 KB
96 KB 1861ms
64ms Image
image/jpeg 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.sinaimg.cn/front/w440h496/20180311/Boa2-fxpwyhw9789376.jpg?zdy
Requested by: Host: plusonenative.com
URL: https://plusonenative.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Tengine /
Resource Hash: e9df2b36234fec7a67a30c05b10f286ae902cc15be5a798c5b3fb81c7236e4f1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://plusonenative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 08:31:03 GMT
x-requestid: 01792dd9-2206-0318-2513-047bcb4b71b0
x-swift-cachetime: 31530394
x-via-edge: 1654252595353a40fb5a364ae10ac1114e070
x-cache: TCP_HIT from a23-206-213-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47470434) (-)
x-requester: GRPS000000ANONYMOUSE
x-swift-savetime: Fri, 03 Jun 2022 12:10:01 GMT
content-length: 97441
x-via-cdn: f=Akamai,s=23.206.213.15,c=2a00:1630:2:1c02::12;f=alicdn,s=cache9.de3,c=23.54.206.135;f=edge,s=cmcc.guangzhou.union.123.nb.sinaedge.com,c=163.181.15.164;f=Edge,s=cmcc.guangzhou.union.106,c=172.16.174.100
edge-copy-time: 1654251913990
last-modified: Sun, 11 Mar 2018 04:50:18 GMT
server: Tengine
etag: "96075fd8fb60c0e5c4b82ffdfe6de516"
access-control-max-age: 31536000
x-filesize: 97441
content-type: image/jpeg
x-amz-meta-crc32: ACC3D649
access-control-allow-origin: *
cache-control: max-age=29606739
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
served-from: e:23.206.213.15
ali-swift-global-savetime: 1654252595
timing-allow-origin: *
access-control-allow-headers: Origin, Content-Type, Accept, Range, Content-Length
network_info: FI_HELSINKI_24940, TR_ISTANBUL_16135, BE_SAINTGHISLAIN_396982, NL_AMSTERDAM_49544
eagleid: 4f85b19d16548288997983688e

GET 631595b3027816829.png_e1080.jpg
qnam.smzdm.com/202209/05/ 0
0

GET
H2 200 X1w--fxpwyhw8953842.jpg
n.sinaimg.cn/news/transform/w600h400/20180311/ 56 KB
57 KB 1830ms
33ms Image
image/jpeg 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.sinaimg.cn/news/transform/w600h400/20180311/X1w--fxpwyhw8953842.jpg?zdy
Requested by: Host: plusonenative.com
URL: https://plusonenative.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Tengine /
Resource Hash: 1130487d5958b2b85f0b839f317df5361c4c7afb77c8d48da0e5ba89d1d77d94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://plusonenative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 08:31:03 GMT
x-requestid: 01682407-2206-0313-5351-047bcb4b7078
x-swift-cachetime: 29266926
x-via-edge: 1654235631050a90fb5a355ae10ac2eb77118
x-cache: TCP_HIT from a23-206-213-15.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47470434) (-)
x-requester: GRPS000000ANONYMOUSE
x-swift-savetime: Wed, 29 Jun 2022 12:11:45 GMT
content-length: 57301
x-via-cdn: f=Akamai,s=23.206.213.15,c=2a00:1630:2:1c02::12;f=alicdn,s=cache4.de3,c=23.54.206.170;f=edge,s=cmcc.guangzhou.union.99.nb.sinaedge.com,c=163.181.15.169;f=Edge,s=cnc.guangzhou.union.58,c=172.16.174.85
edge-copy-time: 1654235631314
last-modified: Sun, 14 Jul 2019 08:01:13 GMT
server: Tengine
etag: "612efc69ec6fea74540a2850c3f2c236"
access-control-max-age: 31536000
x-filesize: 57301
content-type: image/jpeg
x-amz-meta-crc32: 1D263A3A
access-control-allow-origin: *
cache-control: max-age=30711732
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
served-from: e:23.206.213.15
ali-swift-global-savetime: 1654235631
timing-allow-origin: *
access-control-allow-headers: Origin, Content-Type, Accept, Range, Content-Length
network_info: DE_FRANKFURT_24940, NL_AMSTERDAM_49544
eagleid: 4f85b19816609638663841341e

GET
H2 200 chuanxiao.svg
res.smzdm.com/resources/public/img/pc_global/ 340 B
727 B 378ms
43ms Image
image/svg+xml 2a0d:5300:10::3
AOFEI-HK AOFEI DA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.smzdm.com/resources/public/img/pc_global/chuanxiao.svg
Requested by: Host: plusonenative.com
URL: https://plusonenative.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a0d:5300:10::3 , Hong Kong, ASN135391 (AOFEI-HK AOFEI DATA INTERNATIONAL COMPANY LIMITED, HK),
Reverse DNS
Software: marco/2.19 /
Resource Hash: 8798ccd94cc3cbfe61d5b04b850b9b8b07c0b89499ba14cd2e01549df43beb13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://plusonenative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 08:31:01 GMT
via: T.208.H, V.403-zj-fud-209, S.pcw-cn-hkg-165, T.165.H, V.pcw-cn-hkg-165, T.133.H, M.gtt-de-fra3-133
content-encoding: br
last-modified: Thu, 30 Dec 2021 08:18:37 GMT
server: marco/2.19
age: 545848
etag: W/"7ddfcf709852034ae1854f34e3bda51c"
vary: Accept-Encoding
x-upyun-content-length: 340
content-type: image/svg+xml
cache-control: max-age=691200
x-source: U/200
x-upyun-content-type: image/svg+xml
x-request-id: a07e39fdb5e828877f2b6514da7046eb; 59fc783e8336fab5e7832ff840817bbe; 33e0b622962f5c12a254517ce2094385; 0b7b3aa0474277c05bae6e286c1830af
expires: Fri, 14 Apr 2023 00:53:33 GMT

GET
H2 200 146049484860989ffbf31856.90583657.jpeg
ngbjimg.xy599.com/ 29 KB
29 KB 2460ms
409ms Image
image/jpeg 218.93.204.41
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ngbjimg.xy599.com/146049484860989ffbf31856.90583657.jpeg
Requested by: Host: plusonenative.com
URL: https://plusonenative.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 218.93.204.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://plusonenative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

ohc-file-size: 29197
x-log: X-Log
date: Wed, 12 Apr 2023 08:31:03 GMT
x-svr: IO
content-md5: 6PxreFLmysSnXs2cFl8WYg==
x-reqid: v_EAAACXKqfEIlUX
x-cache-status: MISS
content-transfer-encoding: binary
content-disposition: inline; filename="146049484860989ffbf31856.90583657.jpeg"; filename*=utf-8''146049484860989ffbf31856.90583657.jpeg
content-length: 29197
x-m-reqid: JIoAAD94zfNlIlUX
x-m-log: QNM:xs1185;SRCPROXY:xs1751;SRC:8/304;SRCPROXY:8/304;QNM3:37
ohc-cache-hit: sqctcache70 [1], suzix196 [1]
last-modified: Mon, 10 May 2021 02:52:44 GMT
server: JSP3/2.0.14
etag: "FkdY0QYbuuoJ-2vyAHr93hlv9WUq"
access-control-max-age: 2592000
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
accept-ranges: bytes
x-qiniu-zone: 0
timing-allow-origin: *
x-qnm-cache: Validate,Hit
ohc-global-saved-time: Wed, 12 Apr 2023 08:31:03 GMT

GET 642fad56dc6482851.jpg_e1080.jpg
qnam.smzdm.com/202304/07/ 0
0

GET 642fb1b40a7572025.jpg_e1080.jpg
qnam.smzdm.com/202304/07/ 0
0

GET 642fba7127bec593.jpg_e1080.jpg
am.zdmimg.com/202304/07/ 0
0

GET 642fbdabeee418891.jpg_e1080.jpg
qnam.smzdm.com/202304/07/ 0
0

GET 642ce32a2bde19478.jpg_e1080.jpg
qna.smzdm.com/202304/05/ 0
0

GET 642f855ac175e8696.jpg_e1080.jpg
qnam.smzdm.com/202304/07/ 0
0

GET
H/1.1 404
Not Found image.gif
ziyuan.baidu.com/ 0
0 1275ms
306ms Image
text/html 182.61.201.50
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ziyuan.baidu.com/image.gif
Requested by: Host: plusonenative.com
URL: https://plusonenative.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 182.61.201.50 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://plusonenative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H3 404 pic2_home.gif
plusonenative.com/template/news/news07/css/images/ 13 B
499 B 640ms
639ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plusonenative.com/template/news/news07/css/images/pic2_home.gif
Requested by: Host: plusonenative.com
URL: https://plusonenative.com/template/news/news07/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://plusonenative.com/template/news/news07/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 08:31:02 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHPGv3I%2FVmJ%2B0t%2BpMJ8Ycj4d4uYD%2Bo3f98tq6DCIonWZ0cSEGbJ4ygOYAMqHkIXIHYCkHqS0ZBbhZvkb9aDLybVnYfSxvPrL9%2BUhEpwta2gPp%2FV4WvKQ1htSPPkOr3mcoPnEujLYKQrSAA78CoJyJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 7b6a1c54c8191c7a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 pic1_home.gif
plusonenative.com/template/news/news07/css/images/ 13 B
462 B 663ms
662ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plusonenative.com/template/news/news07/css/images/pic1_home.gif
Requested by: Host: plusonenative.com
URL: https://plusonenative.com/template/news/news07/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://plusonenative.com/template/news/news07/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 08:31:02 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5A17SSAkoWpinEUj8ZJcs%2Flh54U8Qk%2FdqR%2BqBdb9Z%2FE73IUJ%2FID4QRkUj7zmXZ4F9FQxAZ5WiDylYAfWQuN86fe%2FmIY06zrsUb8MWoPz6qTYYhvWp2SpaduUJFba9VskQmzKGkrKv3RZkihBjcGdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 7b6a1c54c81a1c7a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Primary Request / Show response
zhimeishe168.com/ 911 B
950 B 450ms
357ms Document
text/html 2606:4700:3034::ac43:9a77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zhimeishe168.com/

Requested by

Host: plusonenative.com
URL: https://plusonenative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:9a77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f00908236a2e63a004e09d31b08519a320949b4faa56971923bc6a74e85e351

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://plusonenative.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache no-cache
cf-cache-status: DYNAMIC
cf-ray: 7b6a1c613f8f0b62-AMS
content-encoding: br
content-type: text/html;charset=utf8
date: Wed, 12 Apr 2023 08:31:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38R39OBi7wRhjfDL5MpjRxxFIZeAyrdK54RGGKnvGWapGIe6o%2Fhc87fiUJvVA2Cp7VPlqzByfCsp%2FueIK9%2FcZ5clVtYEnT9Z7jhITlCHVhG8MqpMl%2BdngHJ0MCj6TAZNuc65wLg0RLoQDLLtYwj0"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 huadong_296d626f_692ab8d7101aa18d5526d7038276d007.js Show response
zhimeishe168.com/ 23 KB
9 KB 439ms
438ms Script
text/html 2606:4700:3034::ac43:9a77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zhimeishe168.com/huadong_296d626f_692ab8d7101aa18d5526d7038276d007.js?id=1681288264

Requested by

Host: zhimeishe168.com
URL: https://zhimeishe168.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:9a77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22274e54efdc32b28faf0a139aece8ea353a1708bc2a4278da006c32dfc57615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zhimeishe168.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 08:31:04 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 12 Apr 2023 08:31:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: MISS
content-type: text/html;charset=utf8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVEJPAJuEwINZ8yr9JO1wiQjS6jMlcQ3jjxGWhaxPx7BbMKfoHqhEzZq8ymHd0Vo%2FHL2U0zA77GkKvjxqYKaEl4RuLDL%2FctEreVXfNWVuiNE%2BqPr%2BCeDZCUyx2NTlGiDsvvMLmuTPXuqMl2yJchs"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 7b6a1c638ac90b62-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 12 Apr 2023 08:32:04 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c260f6f48bca5df81d1fed711ea1c8127145be57db9049af94ceb7bc3414acad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: am.zdmimg.com
URL: https://am.zdmimg.com/202304/06/642e2209b4d157101.jpg_e1080.jpg

Domain: qnam.smzdm.com
URL: https://qnam.smzdm.com/202209/05/631595b3027816829.png_e1080.jpg

Domain: qnam.smzdm.com
URL: https://qnam.smzdm.com/202304/07/642fad56dc6482851.jpg_e1080.jpg

Domain: qnam.smzdm.com
URL: https://qnam.smzdm.com/202304/07/642fb1b40a7572025.jpg_e1080.jpg

Domain: am.zdmimg.com
URL: https://am.zdmimg.com/202304/07/642fba7127bec593.jpg_e1080.jpg

Domain: qnam.smzdm.com
URL: https://qnam.smzdm.com/202304/07/642fbdabeee418891.jpg_e1080.jpg

Domain: qna.smzdm.com
URL: https://qna.smzdm.com/202304/05/642ce32a2bde19478.jpg_e1080.jpg

Domain: qnam.smzdm.com
URL: https://qnam.smzdm.com/202304/07/642f855ac175e8696.jpg_e1080.jpg

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| cx function| SliderTools

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.baidu.com/	1970-01-20 19:47:04	Name: BAIDUID_BFESS Value: F46AAE492A75AD26F90200490FA0F00E:FG=1

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://plusonenative.com/ Message: Mixed Content: The page at 'https://plusonenative.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/front/w440h496/20180311/Boa2-fxpwyhw9789376.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://plusonenative.com/ Message: Mixed Content: The page at 'https://plusonenative.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/news/transform/w600h400/20180311/X1w--fxpwyhw8953842.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://plusonenative.com/ Message: Mixed Content: The page at 'https://plusonenative.com/' was loaded over HTTPS, but requested an insecure element 'http://res.smzdm.com/resources/public/img/pc_global/chuanxiao.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://plusonenative.com/ Message: Mixed Content: The page at 'https://plusonenative.com/' was loaded over HTTPS, but requested an insecure element 'http://res.smzdm.com/resources/public/img/pc_global/chuanxiao.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://plusonenative.com/(Line 29) Message: Mixed Content: The page at 'https://plusonenative.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/front/w440h496/20180311/Boa2-fxpwyhw9789376.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://plusonenative.com/(Line 29) Message: Mixed Content: The page at 'https://plusonenative.com/' was loaded over HTTPS, but requested an insecure element 'http://n.sinaimg.cn/news/transform/w600h400/20180311/X1w--fxpwyhw8953842.jpg?zdy'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://plusonenative.com/(Line 29) Message: Mixed Content: The page at 'https://plusonenative.com/' was loaded over HTTPS, but requested an insecure element 'http://res.smzdm.com/resources/public/img/pc_global/chuanxiao.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://plusonenative.com/(Line 29) Message: Mixed Content: The page at 'https://plusonenative.com/' was loaded over HTTPS, but requested an insecure element 'http://res.smzdm.com/resources/public/img/pc_global/chuanxiao.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://plusonenative.com/template/news/news07/css/images/pic2_home.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://plusonenative.com/template/news/news07/css/images/pic1_home.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ziyuan.baidu.com/image.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

am.zdmimg.com
n.sinaimg.cn
ngbjimg.xy599.com
plusonenative.com
qna.smzdm.com
qnam.smzdm.com
res.smzdm.com
zhimeishe168.com
ziyuan.baidu.com
am.zdmimg.com
qna.smzdm.com
qnam.smzdm.com
182.61.201.50
218.93.204.41
2606:4700:3034::ac43:9a77
2a02:26f0:3500:16::215:148f
2a06:98c1:3120::3
2a06:98c1:3121::3
2a0d:5300:10::3
1130487d5958b2b85f0b839f317df5361c4c7afb77c8d48da0e5ba89d1d77d94
22274e54efdc32b28faf0a139aece8ea353a1708bc2a4278da006c32dfc57615
2f00908236a2e63a004e09d31b08519a320949b4faa56971923bc6a74e85e351
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402
868d0ee190f2287d5d3e314e73b1a8f8c5a95bf3f7b70ea73c1e28f3d8aeb7bf
8798ccd94cc3cbfe61d5b04b850b9b8b07c0b89499ba14cd2e01549df43beb13
992f7120b7d7b17a55da468da56a38ab27b82daa15cae925fa0cee5870ab394a
a7fd3048af864accb960416a6bf209deaa742d050a3ddc517314f1a882d75b24
c260f6f48bca5df81d1fed711ea1c8127145be57db9049af94ceb7bc3414acad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9df2b36234fec7a67a30c05b10f286ae902cc15be5a798c5b3fb81c7236e4f1

zhimeishe168.com Open in urlscan Pro 2606:4700:3034::ac43:9a77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

20 Requests

60 %HTTPS

71 %IPv6

7 Domains

9 Subdomains

7 IPs

4 Countries

214 kBTransfer

260 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

11 Console Messages

Security Headers

Indicators

zhimeishe168.com Open in urlscan Pro
2606:4700:3034::ac43:9a77 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

60 %
HTTPS

71 %
IPv6

7
Domains

9
Subdomains

7
IPs

4
Countries

214 kB
Transfer

260 kB
Size

1
Cookies

20 HTTP transactions
1 data transactions