t11.t11.hzliuwen.cn Open in urlscan Pro
172.67.156.101  Public Scan

26 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t11.t11.hzliuwen.cn/ Page URL
2. https://t11.t11.hzliuwen.cn/index2.html Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

• https://t11.t11.hzliuwen.cn/favicon.ico HTTP 302
• https://yxkaadh-kad.hjh1h-ahsk.gtahg.hhgpjagdj-hhunkm-abtpg-gkjambg.cloud/

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response t11.t11.hzliuwen.cn/	4 KB 2 KB	1808ms 541ms	Document text/html	2606:4700:3033::ac43:9c65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t11.t11.hzliuwen.cn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:9c65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash eeebb0d7a9e950937ea876437531fbdd356ee52712034c998723c60969ca00d8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a64b9941bbb21e2-MIA content-encoding br content-type text/html date Sat, 20 Jul 2024 17:38:27 GMT last-modified Fri, 05 Jul 2024 10:47:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKaHUY8wFAya4jnkMQS%2FYOGD6eOzVaW4umqz1Pdu%2FTzVZWbaREzvohE0EduEIu8rSgfCg56Zo4sVc0bO%2FOJ8O5jU18XEkLpN2msOEaBYPYBcjChI47vlI9229cUM8ONFCeGOKsT6pkd%2BNE370HqcEKQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by ASP.NET
GET H2	200	rocket-loader.min.js Show response t11.t11.hzliuwen.cn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	35ms 34ms	Script application/javascript	2606:4700:3033::ac43:9c65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t11.t11.hzliuwen.cn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:9c65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://t11.t11.hzliuwen.cn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 17:38:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 16 Jul 2024 17:12:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6696a9e8-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmA6IP8adZhD5krmi8Q09qLwNjBOQFtZlwV8nQtlsn91qMBqAAUUtMbR3VLUWYsleZD1B4UtVoZusDpKR6EezzBMf1x%2BDYOzYIE2r5uwFwZNKFYel9aml2HuCQda7c42UT6qfVXfwHRb4tJtJ8z1tk4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 8a64b9979e6221e2-MIA expires Mon, 22 Jul 2024 17:38:27 GMT
GET H/1.1	200 OK	21737711.js Show response js.users.51.la/	5 KB 5 KB	848ms 289ms	Script application/javascript	47.246.24.227 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/21737711.js Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 47.246.24.227 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash 45c89be946408bba9104c240f1992e25e7b70d60e8ab69a08e1819ea0daafcc1 Request headers Referer https://t11.t11.hzliuwen.cn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 20 Jul 2024 17:38:27 GMT Via cache21.l2us1[226,226,200-0,M], cache3.l2us1[227,0], ens-cache4.us18[228,228,200-0,M], ens-cache16.us18[229,0] X-Swift-CacheTime 0 Transfer-Encoding chunked X-Cache MISS TCP_MISS dirn:-2:-2 Connection keep-alive X-Swift-SaveTime Sat, 20 Jul 2024 17:38:28 GMT Server Tengine Ali-Swift-Global-Savetime 1721497108 Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store Access-Control-Allow-Credentials true Timing-Allow-Origin * Access-Control-Allow-Headers Content-Type EagleId 2ff618a417214971077784443e
GET H/1.1	200 OK	json fast.ip.useragentinfo.com/	163 B 484 B	1842ms 269ms	XHR text/plain	103.219.30.70 CMNET-ZHEJIANG-AP...
General Check archive.org Show headers Download Go to Full URL https://fast.ip.useragentinfo.com/json?token=ab28a017dc0b7536f452fd951aed51d3 Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.219.30.70 , China, ASN56041 (CMNET-ZHEJIANG-AP China Mobile communications corporation, CN), Reverse DNS Software nginx / Resource Hash Request headers Referer https://t11.t11.hzliuwen.cn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 20 Jul 2024 17:38:28 GMT Server nginx Access-Control-Allow-Methods * Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://t11.t11.hzliuwen.cn Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers * Content-Length 163
GET		/ yxkaadh-kad.hjh1h-ahsk.gtahg.hhgpjagdj-hhunkm-abtpg-gkjambg.cloud/ Redirect Chain https://t11.t11.hzliuwen.cn/favicon.ico https://yxkaadh-kad.hjh1h-ahsk.gtahg.hhgpjagdj-hhunkm-abtpg-gkjambg.cloud/	0 0
GET H/1.1	200 OK	go1 ia.51.la/	0 192 B	613ms 339ms	Image text/plain	4.14.239.105 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://ia.51.la/go1?id=21737711&rt=1721497108049&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1721497108049&tt=&kw=&cu=https%253A%252F%252Ft11.t11.hzliuwen.cn%252F&pu= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 4.14.239.105 Washington, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://t11.t11.hzliuwen.cn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 20 Jul 2024 17:38:28 GMT Connection keep-alive Content-Length 0 X-Ser BC199_lt-obgp-fujian-xiamen-33-cache-1, BC103_US-DistColumbia-washingtonDC-1-cache-1
GET H/1.1	200 OK	hm.js hm.baidu.com/	29 KB 12 KB	1666ms 363ms	Script application/javascript	14.215.183.79 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?93c02ae5f38cd06edc752ce37af63fc8 Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software apache / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Referer https://t11.t11.hzliuwen.cn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 20 Jul 2024 17:38:29 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 6f9b817cbc4960260d019778f3a5b0ea P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11299
GET H3	200	Primary Request index2.html Show response t11.t11.hzliuwen.cn/	170 KB 9 KB	585ms 584ms	Document text/html	172.67.156.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t11.t11.hzliuwen.cn/index2.html Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash a47123bdf3a501e96c3e5293017348a7c473e37e0c6efb769dedd0637e6e0675 Request headers Referer https://t11.t11.hzliuwen.cn/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a64b9a56d01a695-MIA content-encoding br content-type text/html date Sat, 20 Jul 2024 17:38:29 GMT last-modified Sat, 20 Jul 2024 17:38:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2QsmZo9BQFY%2FqX%2BZJ3KbzNx%2F9lEuGK9IAyab6%2FOe7pOSXI5cGjj99lcWf721pHvRX3tS0UJ9c8NC65Otk2p96Af%2BO8vF0CAFFYXNWMU9xupfo8%2FStQFQCtE6SAVc%2FH2SyqmJyw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by ASP.NET
GET		hm.gif hm.baidu.com/	0 0
GET		hm.gif hm.baidu.com/	0 0
GET H3	200	list.css t11.t11.hzliuwen.cn/cache/985tl/	2 KB 1 KB	951ms 950ms	Stylesheet text/css	172.67.156.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t11.t11.hzliuwen.cn/cache/985tl/list.css Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/index2.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 4b05da3e9f6aeb9b14992a4940475d56e7203a2b8a545d7936b516ca354c26ba Request headers Referer https://t11.t11.hzliuwen.cn/index2.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 17:38:30 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=2392 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Sat, 02 Apr 2022 13:41:28 GMT server cloudflare etag W/"2a38ca5a9746d81:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJJEp6hz5adX0sIMxSaNuHQsfmOKHnCIqXK72rBC5opc5yuxKcrexUMSGtmPdj5cy3e6embicER5MW9hT5vPc0n9crQCnCZOzmEljdXht2tkimRLjSLb5w7A9cejtlxYnBfbUr8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a64b9a919bfa695-MIA
GET H3	200	style.css t11.t11.hzliuwen.cn/cache/985tl/	8 KB 2 KB	972ms 971ms	Stylesheet text/css	172.67.156.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t11.t11.hzliuwen.cn/cache/985tl/style.css Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/index2.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash fc346ffefb93e8acd13854376d843a583d0e815e9c600ed31433eaaa382dd09f Request headers Referer https://t11.t11.hzliuwen.cn/index2.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 17:38:30 GMT content-encoding br cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=9613 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Sat, 02 Apr 2022 14:18:32 GMT server cloudflare etag W/"7a7aa889c46d81:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2WKSJmRM3afPtn5HiXM2aZ6NdGU6VMI4d8KtWi6q8iY%2FiM4eYH0wuka7W%2BCODE%2Fo6CjYTQwr9vdOZUL16AqlYXZY14Cc65H86zBlNXYWTKrXtwKC2Z3cOLq5Abpid8c6aOXJz4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 8a64b9a919c1a695-MIA
GET H3	200	v2.gif t11.t11.hzliuwen.cn/cache/985tl/	1 KB 2 KB	300ms 299ms	Image image/gif	172.67.156.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://t11.t11.hzliuwen.cn/cache/985tl/v2.gif Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/index2.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash be8e3d540c9cdcb9616260b39244a118fea7e003e70f09843683e08d7e34d7fb Request headers Referer https://t11.t11.hzliuwen.cn/index2.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 17:38:30 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET cf-polished status=not_needed alt-svc h3=":443"; ma=86400 content-length 1527 cf-bgj imgq:85,h2pri last-modified Sat, 02 Apr 2022 13:41:28 GMT server cloudflare etag "cafac15a9746d81:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4qHcnZMy4j6EjTIUylQLmUPz6qSVLzyJG%2FheW2KdtjwDJtuJB%2BwrwIDImBwCSxSQMSn1Qz%2FGpNqmmZVPGqoXusdSrF2tA4edKWz1rgpLS6AByaJ0WVqR0i5nloTbwEYhZG6NQ7I%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 8a64b9aa8b42a695-MIA
GET H2	200	rocket-loader.min.js Show response t11.t11.hzliuwen.cn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 0	0ms 0ms	Script application/javascript	2606:4700:3033::ac43:9c65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t11.t11.hzliuwen.cn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/index2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:9c65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://t11.t11.hzliuwen.cn/index2.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 17:38:27 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 16 Jul 2024 17:12:08 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6696a9e8-302c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gmA6IP8adZhD5krmi8Q09qLwNjBOQFtZlwV8nQtlsn91qMBqAAUUtMbR3VLUWYsleZD1B4UtVoZusDpKR6EezzBMf1x%2BDYOzYIE2r5uwFwZNKFYel9aml2HuCQda7c42UT6qfVXfwHRb4tJtJ8z1tk4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript x-frame-options DENY cache-control max-age=172800, public cf-ray 8a64b9979e6221e2-MIA expires Mon, 22 Jul 2024 17:38:27 GMT
GET H/1.1	200 OK	21891943.js Show response js.users.51.la/	5 KB 5 KB	615ms 608ms	Script application/javascript	47.246.24.227 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/21891943.js Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 47.246.24.227 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash d06d70811b227197157650a4846771d1ca7faf18489b3067146414ea7ac55c94 Request headers Referer https://t11.t11.hzliuwen.cn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 20 Jul 2024 17:38:31 GMT Via cache36.l2us1[503,503,200-0,M], cache13.l2us1[504,0], ens-cache12.us18[507,507,200-0,M], ens-cache16.us18[509,0] X-Swift-CacheTime 0 Transfer-Encoding chunked X-Cache MISS TCP_MISS dirn:-2:-2 Connection keep-alive X-Swift-SaveTime Sat, 20 Jul 2024 17:38:31 GMT Server Tengine Ali-Swift-Global-Savetime 1721497111 Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control no-store Access-Control-Allow-Credentials true Timing-Allow-Origin * Access-Control-Allow-Headers Content-Type EagleId 2ff618a417214971109572955e
GET H3	200	top.js Show response t11.t11.hzliuwen.cn/cache/985tl/	0 520 B	301ms 295ms	Script application/x-javascript	172.67.156.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t11.t11.hzliuwen.cn/cache/985tl/top.js Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://t11.t11.hzliuwen.cn/index2.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 17:38:31 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=1010 x-powered-by ASP.NET alt-svc h3=":443"; ma=86400 content-length 0 cf-bgj minify last-modified Fri, 28 Jun 2024 07:40:17 GMT server cloudflare etag "6081bb6b2ec9da1:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DP5v1kjn29cMz1PSxDCzaCH%2BotmswjQ6KLGEB5nvYoXXf74GOe22cN8x2DEIKvDQNrB1Mtl38zU%2BZ9S7mBtIBpsP4ckpHR5ahCtS%2BgZ4kX01NAPS5NKOViOufDh5eXz7dUwBjxM%3D"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript cache-control max-age=14400 accept-ranges bytes cf-ray 8a64b9af59aaa695-MIA
GET H3	200	header.jpg t11.t11.hzliuwen.cn/cache/985tl/	30 KB 31 KB	1031ms 1025ms	Image image/jpeg	172.67.156.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://t11.t11.hzliuwen.cn/cache/985tl/header.jpg Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/cache/985tl/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 5d0a843c0ed532fbdcd2b11ed47370da6d07bf297edebb1924ee4958a4966882 Request headers Referer https://t11.t11.hzliuwen.cn/cache/985tl/style.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 17:38:31 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET cf-polished origSize=32920, status=webp_bigger alt-svc h3=":443"; ma=86400 content-length 31111 cf-bgj imgq:85,h2pri last-modified Fri, 05 Jul 2024 12:19:47 GMT server cloudflare etag "80f315a0d5ceda1:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RNJR%2FWtbm7zYTE%2Fm73t3mILBk07t36DDA%2FOtF7a%2BhT%2BBP2Nj6u%2B9saKys9s1QgG7o1pfkoOsTYUqEHT8EJpPmcE96IrzrRRQoUNo8vhA9el9p4orkJ%2F2pP1jjoQa1WxKYE9BIUQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 8a64b9af59aca695-MIA
GET H3	200	bar.png t11.t11.hzliuwen.cn/cache/985tl/	170 B 720 B	949ms 943ms	Image image/webp	172.67.156.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://t11.t11.hzliuwen.cn/cache/985tl/bar.png Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/cache/985tl/list.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash c86e1ca9ccd1d8cc2c2c7fc9b0734ddf1cd40eeee35a547ab729e18d94517484 Request headers Referer https://t11.t11.hzliuwen.cn/cache/985tl/list.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 17:38:31 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origFmt=png, origSize=2982 x-powered-by ASP.NET content-disposition inline; filename="bar.webp" alt-svc h3=":443"; ma=86400 content-length 170 cf-bgj imgq:85,h2pri last-modified Sat, 02 Apr 2022 13:41:28 GMT server cloudflare etag "5a338b5a9746d81:0" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvI9cpLiuCuKOMoJgOFCtSH670IYzUcsjVnxxNAqoj0tbDR88oEnS9hP7hEAGdoT4sUQ3tCn1ETrnzhk%2FlPTaD2%2FahGOBpby%2FYA5qCDIyjdM6b2YPhiJskXXK3MO3Y83%2FduKfpY%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control max-age=14400 accept-ranges bytes cf-ray 8a64b9af59aea695-MIA
GET H3	200	v1.gif t11.t11.hzliuwen.cn/cache/985tl/	1 KB 2 KB	291ms 289ms	Image image/gif	172.67.156.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://t11.t11.hzliuwen.cn/cache/985tl/v1.gif Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e41a9b112078b0446364eaabc6acccc06e490066ea91d5f8f3a5d28f18fd2bfb Request headers Referer https://t11.t11.hzliuwen.cn/index2.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 17:38:32 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET cf-polished origSize=1522, status=webp_bigger alt-svc h3=":443"; ma=86400 content-length 1521 cf-bgj imgq:85,h2pri last-modified Sat, 02 Apr 2022 13:41:28 GMT server cloudflare etag "9afdad5a9746d81:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLF9g4324QccPjnQEYIDoUKkwU%2Fa4DyW2KGjhxWCwuKrcmwwL6vT1nzCbbHUxXGu4%2FZlnSCjBJEz%2F0Mb2Rj8GyN387YC0mghx5LM1v7rXXg0By8rOkNE0UJDpi9QVk%2BTz0np1gk%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 8a64b9b60a2ca695-MIA
GET H3	200	atop.gif t11.t11.hzliuwen.cn/cache/985tl/	281 B 809 B	292ms 290ms	Image image/gif	172.67.156.101 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://t11.t11.hzliuwen.cn/cache/985tl/atop.gif Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.156.101 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash fcf491d39cb48dfaf0fd8ba614ba9eac4d50feb365c7faa30d2be31b0d051aa8 Request headers Referer https://t11.t11.hzliuwen.cn/index2.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 20 Jul 2024 17:38:32 GMT cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by ASP.NET cf-polished origSize=299, status=webp_bigger alt-svc h3=":443"; ma=86400 content-length 281 cf-bgj imgq:85,h2pri last-modified Sat, 02 Apr 2022 13:41:28 GMT server cloudflare etag "1a18b45a9746d81:0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y8NmEUfwyC%2FjI1o4h4AsgqDWQrUOH3oNX0x2LOkM5GXmUzIrXMDOaq5oqzGL7OlkEVLsy6q29QfL5PjifU%2Bx8eEKTb7DWwbI3So8tnRzNg4O9ndQNlb1M0XMlYLuc32l%2BdjieKI%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 8a64b9b60a2ea695-MIA
GET H/1.1	200 OK	go1 ia.51.la/	0 192 B	328ms 327ms	Image text/plain	4.14.239.105 LEVEL3
General Check archive.org Show headers Download Go to Show image Full URL https://ia.51.la/go1?id=21891943&rt=1721497112022&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=985tl.com-%25E6%25B8%25B8%25E6%2588%258F%25E8%25B5%2584%25E6%25BA%2590%25E7%25BD%2591-%25E5%25A4%25A9%25E9%25BE%2599%25E5%2585%25AB%25E9%2583%25A8SF%25EF%25BC%258C%25E5%25A4%25A9%25E9%25BE%2599%25E5%2585%25AB%25E9%2583%25A8%25E7%25A7%2581%25E6%259C%258D%25E5%258F%2591&ing=2&ekc=&sid=1721497112022&tt=985tl.com-%25E6%25B8%25B8%25E6%2588%258F%25E8%25B5%2584%25E6%25BA%2590%25E7%25BD%2591&kw=%25E5%25A4%25A9%25E9%25BE%2599%25E5%2585%25AB%25E9%2583%25A8SF%25EF%25BC%258C%25E5%25A4%25A9%25E9%25BE%2599%25E5%2585%25AB%25E9%2583%25A8%25E7%25A7%2581%25E6%259C%258D%25E5%258F%2591%25E5%25B8%2583%25E7%25BD%2591%252C%25E5%25A4%25A9%25E9%25BE%2599%25E5%2585%25AB%25E9%2583%25A8%25E5%258F%2591%25E5%25B8%2583%25E7%25BD%2591%252C%25E5%25A4%25A9%25E9%25BE%2599%25E5%2585%25AB%25E9%2583%25A8%25E7%25A7%2581%25E6%259C%258D%252C%25E5%25A4%25A9%25E9%25BE%2599%25E7%25A7%2581%25E6%259C%258D%252C%25E5%25A4%25A9%25E9%25BE%2599SF&cu=https%253A%252F%252Ft11.t11.hzliuwen.cn%252Findex2.html&pu=https%253A%252F%252Ft11.t11.hzliuwen.cn%252F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 4.14.239.105 Washington, United States, ASN3356 (LEVEL3, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://t11.t11.hzliuwen.cn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 20 Jul 2024 17:38:32 GMT Connection keep-alive Content-Length 0 X-Ser BC199_lt-obgp-fujian-xiamen-33-cache-1, BC103_US-DistColumbia-washingtonDC-1-cache-1
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 208 B	349ms 348ms	Script application/javascript	14.215.183.79 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?93c02ae5f38cd06edc752ce37af63fc8 Requested by Host: t11.t11.hzliuwen.cn URL: https://t11.t11.hzliuwen.cn/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software apache / Resource Hash 54dc8db1a59cab542c7dd86363599a59d59f83c34cabc85f27e8a6ccf7a0dd38 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Referer https://t11.t11.hzliuwen.cn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Sat, 20 Jul 2024 17:38:32 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 6f9b817cbc4960260d019778f3a5b0ea Content-Type application/javascript P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Length 11299
GET		favicon.ico t11.t11.hzliuwen.cn/	0 0
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	359ms 358ms	Image image/gif	14.215.183.79 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?hca=056BBC1170A7F41C&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1942790916&si=93c02ae5f38cd06edc752ce37af63fc8&v=1.3.2&lv=1&sn=23730&r=0&ww=1600&u=https%3A%2F%2Ft11.t11.hzliuwen.cn%2F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Referer https://t11.t11.hzliuwen.cn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Pragma no-cache Date Sat, 20 Jul 2024 17:38:32 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET		hm.gif hm.baidu.com/	0 0
GET		hm.gif hm.baidu.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

yxkaadh-kad.hjh1h-ahsk.gtahg.hhgpjagdj-hhunkm-abtpg-gkjambg.cloud

URL

https://yxkaadh-kad.hjh1h-ahsk.gtahg.hhgpjagdj-hhunkm-abtpg-gkjambg.cloud/

Domain

hm.baidu.com

URL

https://hm.baidu.com/hm.gif?hca=056BBC1170A7F41C&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1942790916&si=93c02ae5f38cd06edc752ce37af63fc8&v=1.3.2&lv=1&sn=23730&r=0&ww=1600&u=https%3A%2F%2Ft11.t11.hzliuwen.cn%2F

Domain

hm.baidu.com

URL

https://hm.baidu.com/hm.gif?hca=056BBC1170A7F41C&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=203%2C203&et=3&ja=0&ln=en-us&lo=0&rnd=323149445&si=93c02ae5f38cd06edc752ce37af63fc8&v=1.3.2&lv=1&sn=23730&r=0&ww=1600&u=https%3A%2F%2Ft11.t11.hzliuwen.cn%2F

Domain

t11.t11.hzliuwen.cn

URL

https://t11.t11.hzliuwen.cn/favicon.ico

Domain

hm.baidu.com

URL

https://hm.baidu.com/hm.gif?hca=056BBC1170A7F41C&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=203%2C203&et=3&ja=0&ln=en-us&lo=0&rnd=323149445&si=93c02ae5f38cd06edc752ce37af63fc8&v=1.3.2&lv=1&sn=23730&r=0&ww=1600&u=https%3A%2F%2Ft11.t11.hzliuwen.cn%2F

Domain

hm.baidu.com

URL

https://hm.baidu.com/hm.gif?hca=056BBC1170A7F41C&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&lt=1721497110&rnd=1862611716&si=93c02ae5f38cd06edc752ce37af63fc8&su=https%3A%2F%2Ft11.t11.hzliuwen.cn%2F&v=1.3.2&lv=2&sn=23732&r=0&ww=1600&u=https%3A%2F%2Ft11.t11.hzliuwen.cn%2Findex2.html&tt=985tl.com-%E6%B8%B8%E6%88%8F%E8%B5%84%E6%BA%90%E7%BD%91

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR object| theAds object| _hmt string| limit number| parselimit function| beginrefresh boolean| __cfRLUnblockHandlers number| curmin number| cursec string| curtime boolean| _bdhm_loaded_93c02ae5f38cd06edc752ce37af63fc8 object| mini_tangram_log_d4truc object| mini_tangram_log_g9pnn9

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			t11.t11.hzliuwen.cn/	1969-12-31 23:59:59	Name: __tins__21737711 Value: %7B%22sid%22%3A%201721497108049%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201721498908049%7D
			t11.t11.hzliuwen.cn/	1969-12-31 23:59:59	Name: __51cke__ Value:
			.hm.baidu.com/	1970-01-21 07:47:37	Name: HMACCOUNT_BFESS Value: 056BBC1170A7F41C
			.t11.t11.hzliuwen.cn/	1970-01-21 06:57:13	Name: Hm_lvt_93c02ae5f38cd06edc752ce37af63fc8 Value: 1721497110
			.t11.t11.hzliuwen.cn/	1969-12-31 23:59:59	Name: HMACCOUNT Value: 056BBC1170A7F41C
			t11.t11.hzliuwen.cn/	1969-12-31 23:59:59	Name: __tins__21891943 Value: %7B%22sid%22%3A%201721497112022%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201721498912022%7D
			t11.t11.hzliuwen.cn/	1969-12-31 23:59:59	Name: __51laig__ Value: 2
			.t11.t11.hzliuwen.cn/	1969-12-31 23:59:59	Name: Hm_lpvt_93c02ae5f38cd06edc752ce37af63fc8 Value: 1721497112

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fast.ip.useragentinfo.com
hm.baidu.com
ia.51.la
js.users.51.la
t11.t11.hzliuwen.cn
yxkaadh-kad.hjh1h-ahsk.gtahg.hhgpjagdj-hhunkm-abtpg-gkjambg.cloud
hm.baidu.com
t11.t11.hzliuwen.cn
yxkaadh-kad.hjh1h-ahsk.gtahg.hhgpjagdj-hhunkm-abtpg-gkjambg.cloud
103.219.30.70
14.215.183.79
172.67.156.101
2606:4700:3033::ac43:9c65
4.14.239.105
47.246.24.227
45c89be946408bba9104c240f1992e25e7b70d60e8ab69a08e1819ea0daafcc1
4b05da3e9f6aeb9b14992a4940475d56e7203a2b8a545d7936b516ca354c26ba
54dc8db1a59cab542c7dd86363599a59d59f83c34cabc85f27e8a6ccf7a0dd38
5d0a843c0ed532fbdcd2b11ed47370da6d07bf297edebb1924ee4958a4966882
a47123bdf3a501e96c3e5293017348a7c473e37e0c6efb769dedd0637e6e0675
be8e3d540c9cdcb9616260b39244a118fea7e003e70f09843683e08d7e34d7fb
c86e1ca9ccd1d8cc2c2c7fc9b0734ddf1cd40eeee35a547ab729e18d94517484
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06d70811b227197157650a4846771d1ca7faf18489b3067146414ea7ac55c94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41a9b112078b0446364eaabc6acccc06e490066ea91d5f8f3a5d28f18fd2bfb
eeebb0d7a9e950937ea876437531fbdd356ee52712034c998723c60969ca00d8
fc346ffefb93e8acd13854376d843a583d0e815e9c600ed31433eaaa382dd09f
fcf491d39cb48dfaf0fd8ba614ba9eac4d50feb365c7faa30d2be31b0d051aa8