URL: https://xgcsy-znlj.xgcsy.icu/
Submission: On March 30 via api from US — Scanned from US

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 20 HTTP transactions. The main IP is 154.212.149.91, located in Hong Kong and belongs to HQTC-AS-AP qlhost, TW. The main domain is xgcsy-znlj.xgcsy.icu.
TLS certificate: Issued by R3 on March 30th 2024. Valid for: 3 months.
This is the only time xgcsy-znlj.xgcsy.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 154.212.149.91 142062 (HQTC-AS-A...)
1 143.92.34.170 64050 (BCPL-SG B...)
1 172.67.155.182 13335 (CLOUDFLAR...)
1 172.67.169.232 13335 (CLOUDFLAR...)
20 5
Domain Requested by
14 xgcsy-znlj.xgcsy.icu xgcsy-znlj.xgcsy.icu
1 kj.11kj.site xgcsy-znlj.xgcsy.icu
1 aa.118ww.xyz xgcsy-znlj.xgcsy.icu
1 555bbb555bbb.com xgcsy-znlj.xgcsy.icu
0 Failed xgcsy-znlj.xgcsy.icu
0 ssuan64958.jiujiutuku.com Failed xgcsy-znlj.xgcsy.icu
20 6
Subject Issuer Validity Valid
xgcsy-1.xgcsy.icu
R3
2024-03-30 -
2024-06-28
3 months crt.sh
222bbb888bbb.com
R3
2024-03-05 -
2024-06-03
3 months crt.sh
118ww.xyz
E1
2024-03-23 -
2024-06-21
3 months crt.sh
11kj.site
GTS CA 1P5
2024-03-11 -
2024-06-09
3 months crt.sh

This page contains 2 frames:

Primary Page: https://xgcsy-znlj.xgcsy.icu/
Frame ID: 8D97A6D1AD983D4F519BCAC86D81D089
Requests: 19 HTTP requests in this frame

Frame: https://kj.11kj.site/api/kj.html
Frame ID: 1F21062F127B52BBDBA3BEAB00E143A4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

香港财神爷-欢迎您

Page Statistics

20
Requests

85 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

1996 kB
Transfer

2286 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
xgcsy-znlj.xgcsy.icu/
330 KB
38 KB
Document
General
Full URL
https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
361f5c0d1972ff9e9d3316d0c90bbe45d807949590ffd58a54551604235ececa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
38685
content-type
text/html
date
Sat, 30 Mar 2024 16:44:22 GMT
etag
"b827ea287b82da1:0"
last-modified
Sat, 30 Mar 2024 08:20:43 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-powered-by
ASP.NET
11.jpg
xgcsy-znlj.xgcsy.icu/images/
15 KB
15 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/images/11.jpg
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
67053b52ba307d62a73065e04d6ff387894f9282bb610de77d4d5afbbe717ffc

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Mon, 16 Oct 2023 10:09:37 GMT
server
Microsoft-IIS/10.0
etag
"e36b9de180da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
15232
cs.png
xgcsy-znlj.xgcsy.icu/images/
65 KB
65 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/images/cs.png
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d6d64603b4b235259425666668fe351f2f4103e4e78646e86de4cc0add59dee2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Mon, 16 Oct 2023 10:09:37 GMT
server
Microsoft-IIS/10.0
etag
"e36b9de180da1:0"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
66905
index_103.jpg
xgcsy-znlj.xgcsy.icu/images/
4 KB
4 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/images/index_103.jpg
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
5829e20ee195b2571701e6dfcec8af24255ec5319f40a2d3f8fa3be6422cf0d4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Mon, 16 Oct 2023 10:09:37 GMT
server
Microsoft-IIS/10.0
etag
"646abbde180da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
3989
jt.gif
xgcsy-znlj.xgcsy.icu/images/
2 KB
2 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/images/jt.gif
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9be846c18af51a3afe4ae5926237234faa293785eac585f4122eb8c8e1ddebac

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Mon, 16 Oct 2023 10:09:37 GMT
server
Microsoft-IIS/10.0
etag
"646abbde180da1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
2109
b607e3a593444a3abb17d92afddf6bfe.gif
555bbb555bbb.com/
637 KB
637 KB
Image
General
Full URL
https://555bbb555bbb.com/b607e3a593444a3abb17d92afddf6bfe.gif
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
143.92.34.170 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
cdn /
Resource Hash
4ddb4161e08af45806ad41ff017e556b0d3cfb3719758d1a37f38490b478a219

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 30 Mar 2024 16:44:48 GMT
Last-Modified
Mon, 18 Mar 2024 15:49:14 GMT
Server
cdn
ETag
"65f8627a-9f3a2"
X-Cache-Status
HIT
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
652194
hhh12.gif
xgcsy-znlj.xgcsy.icu/img/
273 KB
273 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/img/hhh12.gif
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
11b5405cb49488857c007a6879f7041653d983c42e8f64ab34e55bac2e083ade

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Mon, 08 Jan 2024 14:28:35 GMT
server
Microsoft-IIS/10.0
etag
"4e54e0f63e42da1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
279197
853tk7.gif
xgcsy-znlj.xgcsy.icu/img/
520 KB
521 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/img/853tk7.gif
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6455ac8e9bb5a601f4490c48a4da511b4a25cf900025abc21c77b268ab2c256f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Wed, 01 Nov 2023 12:42:53 GMT
server
Microsoft-IIS/10.0
etag
"1a6991eec0cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
532688
hfhf.gif
xgcsy-znlj.xgcsy.icu/images/
26 KB
26 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/images/hfhf.gif
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4f14870605c6c81917a248a55467be53151b21d0cf57baf4acbba0ccc22d88ff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Mon, 16 Oct 2023 10:09:37 GMT
server
Microsoft-IIS/10.0
etag
"e36b9de180da1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
26706
xggp.jpg
ssuan64958.jiujiutuku.com/TP/
0
0

2891.jpg
aa.118ww.xyz/UploadFiles/pic/2/
368 KB
369 KB
Image
General
Full URL
https://aa.118ww.xyz/UploadFiles/pic/2/2891.jpg
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.155.182 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
349525f101d811411615d64569001e24b610fa82dad9a689f22fb959858c8150

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7122
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
377110
last-modified
Fri, 29 Mar 2024 03:47:26 GMT
server
cloudflare
etag
"d843c0d08b81da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LCArBj%2BuzibBlw31mIKFp%2B2DixtK%2BBnoVLk63qscqmsQY42NwsBai90gXaglNFIlxwsPCFyhL9DEfup4DQjh3gXxnIi0TYszVzsk5RPHceo0B5KmPy0hpWOSlGH1xTo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
86c9910139792588-MIA
lpg.jpg
ssuan64958.jiujiutuku.com/TP/
0
0

foot_ad.gif
xgcsy-znlj.xgcsy.icu/images/
3 KB
3 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/images/foot_ad.gif
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2ed382df88171c2b2f6f64503338318f5362022de04aa1ce906d7b21835287b4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Mon, 16 Oct 2023 10:09:37 GMT
server
Microsoft-IIS/10.0
etag
"e36b9de180da1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
2756
index_144.jpg
xgcsy-znlj.xgcsy.icu/images/
7 KB
7 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/images/index_144.jpg
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f7fe2ce67cbf7fa16e7b2d8f88eba6dcfe7b088e85b242857a6996a4c4b2189e

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Mon, 16 Oct 2023 10:09:37 GMT
server
Microsoft-IIS/10.0
etag
"646abbde180da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
7016
kj.html
kj.11kj.site/api/ Frame 1F21
0
0
Document
General
Full URL
https://kj.11kj.site/api/kj.html
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.169.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://xgcsy-znlj.xgcsy.icu/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,auth,token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
86c991016d778dc4-MIA
content-encoding
br
content-type
text/html
date
Sat, 30 Mar 2024 16:44:48 GMT
last-modified
Sun, 24 Mar 2024 12:52:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ko8UPZr5zuOKKZQzgF4YU7GfcN6ZrZz05FyfWx8WYykKK3lU8UkyhNeXZ78o4NW8rxQGf0zwmR%2Fz2aTd9uYW6vVN9cYfvsr4sDiR9KY5lwJMkLzy3pKEQvGgskwjWiM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
jt.gif
/C:/Users/images/
0
0

index_155.jpg
xgcsy-znlj.xgcsy.icu/images/
1 KB
1 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/images/index_155.jpg
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
fe3c770173edb00381510dba1eb57ca840092dcf8c44c172975a506f16de8ad0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Mon, 16 Oct 2023 10:09:37 GMT
server
Microsoft-IIS/10.0
etag
"646abbde180da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
1425
index_101.jpg
xgcsy-znlj.xgcsy.icu/images/
11 KB
11 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/images/index_101.jpg
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
47f6316c6e5c4572ac5ca952f7178145009aa0dd03d0f0be3a474fc001c8b788

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Mon, 16 Oct 2023 10:09:37 GMT
server
Microsoft-IIS/10.0
etag
"646abbde180da1:0"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
11628
bg.gif
xgcsy-znlj.xgcsy.icu/images/
22 KB
22 KB
Image
General
Full URL
https://xgcsy-znlj.xgcsy.icu/images/bg.gif
Requested by
Host: xgcsy-znlj.xgcsy.icu
URL: https://xgcsy-znlj.xgcsy.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e41d2163cd518827834b20c5c9bc6246a4ab60f03791c4c35f0f5b8ec5324d29

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:23 GMT
last-modified
Mon, 16 Oct 2023 10:09:37 GMT
server
Microsoft-IIS/10.0
etag
"e36b9de180da1:0"
x-powered-by
ASP.NET
content-type
image/gif
accept-ranges
bytes
content-length
22445
favicon.ico
xgcsy-znlj.xgcsy.icu/
1 KB
1 KB
Other
General
Full URL
https://xgcsy-znlj.xgcsy.icu/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
154.212.149.91 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://xgcsy-znlj.xgcsy.icu/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 16:44:26 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
1163
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ssuan64958.jiujiutuku.com
URL
https://ssuan64958.jiujiutuku.com/TP/xggp.jpg
Domain
ssuan64958.jiujiutuku.com
URL
https://ssuan64958.jiujiutuku.com/TP/lpg.jpg
Domain
URL
file:///C:/Users/images/jt.gif

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onpagereveal

1 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 70CE436CAE40117B

10 Console Messages

Source Level URL
Text
security warning URL: https://xgcsy-znlj.xgcsy.icu/
Message:
Mixed Content: The page at 'https://xgcsy-znlj.xgcsy.icu/' was loaded over HTTPS, but requested an insecure element 'http://ssuan64958.jiujiutuku.com/TP/xggp.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xgcsy-znlj.xgcsy.icu/
Message:
Mixed Content: The page at 'https://xgcsy-znlj.xgcsy.icu/' was loaded over HTTPS, but requested an insecure element 'http://ssuan64958.jiujiutuku.com/TP/lpg.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript error URL: https://xgcsy-znlj.xgcsy.icu/(Line 983)
Message:
Not allowed to load local resource: file:///C:/Users/images/jt.gif
security warning URL: https://xgcsy-znlj.xgcsy.icu/(Line 3483)
Message:
Mixed Content: The page at 'https://xgcsy-znlj.xgcsy.icu/' was loaded over HTTPS, but requested an insecure element 'http://ssuan64958.jiujiutuku.com/TP/xggp.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://xgcsy-znlj.xgcsy.icu/(Line 3483)
Message:
Mixed Content: The page at 'https://xgcsy-znlj.xgcsy.icu/' was loaded over HTTPS, but requested an insecure element 'http://ssuan64958.jiujiutuku.com/TP/lpg.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://ssuan64958.jiujiutuku.com/TP/xggp.jpg
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
network error URL: https://ssuan64958.jiujiutuku.com/TP/lpg.jpg
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED
other warning URL: https://xgcsy-znlj.xgcsy.icu/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://xgcsy-znlj.xgcsy.icu/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://xgcsy-znlj.xgcsy.icu/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()