h5nfohek.ldruupogtjfh.com Open in urlscan Pro
45.89.196.108 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://h5nfohek.ldruupogtjfh.com/
Effective URL:
https://h5nfohek.ldruupogtjfh.com/
Submission: On January 17 via api (January 17th 2025, 11:45:37 am UTC) from US — Scanned from DE

Summary HTTP 30 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 8 domains to perform 30 HTTP transactions. The main IP is 45.89.196.108, located in Los Angeles, United States and belongs to STARK-INDUSTRIES STARK INDUSTRIES SOLUTIONS LTD, GB. The main domain is h5nfohek.ldruupogtjfh.com.
TLS certificate: Issued by R10 on January 2nd 2025. Valid for: 3 months.

This is the only time h5nfohek.ldruupogtjfh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	45.89.196.108 45.89.196.108	44477 (STARK-IND...) (STARK-INDUSTRIES STARK INDUSTRIES SOLUTIONS LTD)
16	49.51.129.251 49.51.129.251	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
3	185.213.240.176 185.213.240.176	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare London)
1	143.92.32.181 143.92.32.181	152194 (CTGSERVER...) (CTGSERVERLIMITED-AS-AP CTG Server Limited)
7	138.113.35.109 138.113.35.109	54994 (ML-1432-5...) (ML-1432-54994)
1	154.203.26.157 154.203.26.157	146993 (DBL-AS-AP...) (DBL-AS-AP DEEP BRIGHT LIMITED)
1	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
30	7

1 45.89.196.108 (Los Angeles, United States)

ASN44477 (STARK-INDUSTRIES STARK INDUSTRIES SOLUTIONS LTD, GB)
PTR: vm3463819.stark-industries.solutions

h5nfohek.ldruupogtjfh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 49.51.129.251 (Frankfurt am Main, Germany)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

322wg-1329230387.cos.accelerate.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.213.240.176 (Frankfurt (Oder), Germany)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US)

xiazaizhanyuming01.332ossjiashuyuming11.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2025-1-10.332ossjiashuyuming10.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.92.32.181 (Hong Kong, Hong Kong)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)

zhifuyuming01.zhifuyuming020.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 138.113.35.109 (Canada)

ASN54994 (ML-1432-54994, CA)

2025-1-10.332woainihaojie09.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.203.26.157 (Hong Kong, Hong Kong)

ASN146993 (DBL-AS-AP DEEP BRIGHT LIMITED, MY)

2025-1-10.332appdatinxiaojie01.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api151611ojiba-gff5fhg5a7c0cta5.a03.azurefd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	myqcloud.com 322wg-1329230387.cos.accelerate.myqcloud.com	2 MB
7	332woainihaojie09.cc 2025-1-10.332woainihaojie09.cc	3 KB
2	332ossjiashuyuming11.cc xiazaizhanyuming01.332ossjiashuyuming11.cc	5 KB
1	332ossjiashuyuming10.cc 2025-1-10.332ossjiashuyuming10.cc	460 B
1	azurefd.net api151611ojiba-gff5fhg5a7c0cta5.a03.azurefd.net	278 B
1	332appdatinxiaojie01.cc 2025-1-10.332appdatinxiaojie01.cc	366 B
1	zhifuyuming020.com zhifuyuming01.zhifuyuming020.com	388 B
1	ldruupogtjfh.com h5nfohek.ldruupogtjfh.com	2 KB
30	8

	Domain	Requested by
16	322wg-1329230387.cos.accelerate.myqcloud.com	h5nfohek.ldruupogtjfh.com 322wg-1329230387.cos.accelerate.myqcloud.com
7	2025-1-10.332woainihaojie09.cc	322wg-1329230387.cos.accelerate.myqcloud.com
2	xiazaizhanyuming01.332ossjiashuyuming11.cc	322wg-1329230387.cos.accelerate.myqcloud.com
1	2025-1-10.332ossjiashuyuming10.cc	322wg-1329230387.cos.accelerate.myqcloud.com
1	api151611ojiba-gff5fhg5a7c0cta5.a03.azurefd.net	322wg-1329230387.cos.accelerate.myqcloud.com
1	2025-1-10.332appdatinxiaojie01.cc	322wg-1329230387.cos.accelerate.myqcloud.com
1	zhifuyuming01.zhifuyuming020.com	322wg-1329230387.cos.accelerate.myqcloud.com
1	h5nfohek.ldruupogtjfh.com
30	8

This site contains links to these domains. Also see Links.

Domain
411j.yt
708j.yt
159j.yt

Subject Issuer	Validity	Valid
*.r2srz84av712.com R10	`2025-01-02` - `2025-04-02`	3 months	crt.sh
*.cos.eu-frankfurt.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-03-06` - `2025-04-07`	a year	crt.sh
xiazaizhanyuming01.332ossjiashuyuming11.cc R10	`2025-01-04` - `2025-04-04`	3 months	crt.sh
zhifuyuming01.zhifuyuming020.com R11	`2025-01-13` - `2025-04-13`	3 months	crt.sh
2025-1-10.332woainihaojie09.cc R10	`2025-01-10` - `2025-04-10`	3 months	crt.sh
2025-1-10.332appdatinxiaojie01.cc Sectigo RSA Domain Validation Secure Server CA	`2025-01-10` - `2026-01-10`	a year	crt.sh
*.azurefd.net Microsoft Azure RSA TLS Issuing CA 04	`2024-12-13` - `2025-06-11`	6 months	crt.sh
2025-1-10.332ossjiashuyuming10.cc R11	`2025-01-10` - `2025-04-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://h5nfohek.ldruupogtjfh.com/
Frame ID: 1F0FDB18573E2CCDC09D2F6096BD9FB9
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PG直营站

Page URL History Show full URLs

http://h5nfohek.ldruupogtjfh.com/ HTTP 307
https://h5nfohek.ldruupogtjfh.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

2268 kB
Transfer

2261 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://411j.yt/
Title: 15ms H5网页版

Search URL Search Domain Scan URL

URL: https://708j.yt/
Title: 12ms H5网页版

Search URL Search Domain Scan URL

URL: https://159j.yt/
Title: 13ms H5网页版

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://h5nfohek.ldruupogtjfh.com/ HTTP 307
https://h5nfohek.ldruupogtjfh.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
h5nfohek.ldruupogtjfh.com/
Redirect Chain

http://h5nfohek.ldruupogtjfh.com/
https://h5nfohek.ldruupogtjfh.com/

4 KB
2 KB

901ms
469ms

Document
text/html

45.89.196.108
STARK-INDUSTRIES ...

General

Check archive.org

Show headers Download Go to

Full URL

https://h5nfohek.ldruupogtjfh.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.89.196.108 Los Angeles, United States, ASN44477 (STARK-INDUSTRIES STARK INDUSTRIES SOLUTIONS LTD, GB),

Reverse DNS

vm3463819.stark-industries.solutions

Software

cloudflare /

Resource Hash

8dba627728172c0e98418920c5ca128dcb5e6189489c01b44f968b81b8b70d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 1615
content-type: text/html
date: Fri, 17 Jan 2025 11:45:43 GMT
etag: W/"678a083c-11fc"
last-modified: Fri, 17 Jan 2025 07:35:24 GMT
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: BYPASS

Redirect headers

Location: https://h5nfohek.ldruupogtjfh.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK cg-download-lib.umd.js Show response
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/ 126 KB
127 KB 1550ms
463ms Script
application/javascript 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/cg-download-lib.umd.js
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 37f68f524e92dfe3ad23257129276d2b49ecaf7f0ba633d0398012a4f6cbfcb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "22931af4c5dbf3ce4a1d67bc2821c646"
x-cos-request-id: Njc4YTQyZGJfZTVhZDM0MGJfMjRiOTNfNDIzZjVmZQ==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 2606241229916355365
Accept-Ranges: bytes
Content-Length: 129268
Date: Fri, 17 Jan 2025 11:45:31 GMT
Content-Type: application/javascript
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:30 GMT

GET
H/1.1 200
OK index.js Show response
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/ 2 KB
3 KB 1528ms
440ms Script
application/javascript 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/index.js
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: aa8abdf0e42a9934df7975ac458baa1ad485f9944f9da9b2b6d1d92572f8ded6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "eccf833f93f48672dbe687df8a0bf497"
x-cos-request-id: Njc4YTQyZGJfZDdiNmYwMDlfMmNiNjVfNGRkZWFlMg==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 10710939982803747455
Accept-Ranges: bytes
Content-Length: 2381
Date: Fri, 17 Jan 2025 11:45:31 GMT
Content-Type: application/javascript
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:29 GMT

GET
H/1.1 200
OK style.min.css
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/css/ 9 KB
10 KB 1526ms
443ms Stylesheet
text/css 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/css/style.min.css
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 6b7b9a01d965750c4c1c3786c43f869db32181e8a2b879822302479c892c4a9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "5dcc189ba118cfac0cfd4a52c2d92cb5"
x-cos-request-id: Njc4YTQyZGJfZjdhZDM0MGJfMTIyMjBfNDE4MzdhNg==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 12657240295583526902
Accept-Ranges: bytes
Content-Length: 9451
Date: Fri, 17 Jan 2025 11:45:31 GMT
Content-Type: text/css
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:23 GMT

GET
H/1.1 200
OK Swiper.css
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/css/ 13 KB
14 KB 1928ms
846ms Stylesheet
text/css 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/css/Swiper.css
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 56c3dd16a5cf2ebefe0a3ee896bb3f20bc7b4327f75588188343c488d4aa951c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "60a23d2c5b75975b1a2c21520e483352"
x-cos-request-id: Njc4YTQyZGJfNDYxMDc4NjRfYThjXzJkNjc2ZDI=
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 15876482861024731407
Accept-Ranges: bytes
Content-Length: 13680
Date: Fri, 17 Jan 2025 11:45:31 GMT
Content-Type: text/css
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:24 GMT

GET
H/1.1 200
OK dnsoft.css
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/css/ 259 B
684 B 1525ms
442ms Stylesheet
text/css 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/css/dnsoft.css
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: c90c267a3a7b0ca7c2ef0f0c6e2d8199ed9c34eba7be8723aa3791a7345a6541

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "64fff26e8876a3ad90db0d6e2471142b"
x-cos-request-id: Njc4YTQyZGJfNWNiNGYwMDlfMTE3MGRfNGQ5ODU5Mw==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 10387233733197138958
Accept-Ranges: bytes
Content-Length: 259
Date: Fri, 17 Jan 2025 11:45:31 GMT
Content-Type: text/css
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:23 GMT

GET
H/1.1 200
OK 1.gif
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/ 722 KB
722 KB 1991ms
901ms Image
image/gif 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/1.gif
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 1496d983ad5b2991ac08446d6a1040bb8584bae451c8352d641fe72c9ecbe7fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "25cd2a95a6b43fbdc2f9bb7016bcef08"
x-cos-request-id: Njc4YTQyZGJfNGQwZjc4NjRfOTZiNV8yZDlhMzc1
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 588267940785782909
Accept-Ranges: bytes
Content-Length: 739296
Date: Fri, 17 Jan 2025 11:45:32 GMT
Content-Type: image/gif
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:24 GMT

GET
H/1.1 200
OK 23.png
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/ 5 KB
5 KB 429ms
429ms Image
image/png 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/23.png
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 9990dd535b79a53fc75ef75e7a0680a1b0b7ba0115e681af2c26238e46e66ded

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "02a87abc7764c22a582cc8a166e778b2"
x-cos-request-id: Njc4YTQyZGJfNWNiNGYwMDlfMTE3NTZfNGVkYzk2Zg==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 17206692040447013845
Accept-Ranges: bytes
Content-Length: 5151
Date: Fri, 17 Jan 2025 11:45:31 GMT
Content-Type: image/png
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:25 GMT

GET
H/1.1 200
OK 2.gif
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/ 459 KB
459 KB 451ms
451ms Image
image/gif 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/2.gif
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: ebdd2bb5260e9e5ad405c9b75a36bacfdc6da34cb3d2ca25c2f88f5122d645bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "aa93ca552982ecaa6d3d40f7be98b70b"
x-cos-request-id: Njc4YTQyZGNfNWNiNGYwMDlfMTE3MGJfNGRjNDU0NQ==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 449493000693270376
Accept-Ranges: bytes
Content-Length: 470030
Date: Fri, 17 Jan 2025 11:45:32 GMT
Content-Type: image/gif
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:25 GMT

GET
H/1.1 200
OK 3.jpg
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/ 518 KB
518 KB 471ms
470ms Image
image/jpeg 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/3.jpg
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 5a9daadac275e02f0bb196bfc7b93f7e4ace0ccc04f3b99dc3d0ad985b2a7457

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "29f9cf005b210d83e2f5049607b24306"
x-cos-request-id: Njc4YTQyZGNfZTVhZDM0MGJfMjRiZTVfNDI2Njg4Mw==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 13801609239477361008
Accept-Ranges: bytes
Content-Length: 530472
Date: Fri, 17 Jan 2025 11:45:32 GMT
Content-Type: image/jpeg
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:26 GMT

GET
H/1.1 200
OK bt.jpg
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/ 141 KB
141 KB 441ms
441ms Image
image/jpeg 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/bt.jpg
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: a6754b4b70303470e432a2f154ed6ecf41f7e78b644e2994c60d9c0c73ae4741

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "b48b4249a2650290bbfc8205dec4870f"
x-cos-request-id: Njc4YTQyZGNfNDYxMDc4NjRfYTg2XzJkNDk3Njk=
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 6379275142698730934
Accept-Ranges: bytes
Content-Length: 143910
Date: Fri, 17 Jan 2025 11:45:32 GMT
Content-Type: image/jpeg
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:26 GMT

GET
H/1.1 200
OK bt1.png
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/ 25 KB
25 KB 1167ms
466ms Image
image/png 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/bt1.png
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: d7049547734fcdd2f8f3346d1ae006d39016733f6973f041ff240c1fc1ee7e3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "aeaf6218abb4da9c60e43687b0bce436"
x-cos-request-id: Njc4YTQyZGNfNGQwZjc4NjRfOTZjNF8yY2ZjODdi
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 14808590880146789375
Accept-Ranges: bytes
Content-Length: 25643
Date: Fri, 17 Jan 2025 11:45:33 GMT
Content-Type: image/png
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:26 GMT

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/js/ 84 KB
84 KB 466ms
466ms Script
application/javascript 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/js/jquery-2.2.4.min.js
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "2f6b11a7e914718e0290410e85366fe9"
x-cos-request-id: Njc4YTQyZGNfZDdiNmYwMDlfMmNiMWZfNGUzYTJmMg==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 16200118577543649759
Accept-Ranges: bytes
Content-Length: 85578
Date: Fri, 17 Jan 2025 11:45:32 GMT
Content-Type: application/javascript
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:27 GMT

GET
H/1.1 200
OK swiper-4.2.0.min.js Show response
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/js/ 117 KB
117 KB 420ms
420ms Script
application/javascript 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/js/swiper-4.2.0.min.js
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: add18244c3d92cb789bd50456f05f02ca034c908bbf4210fedbd9013b3bf5d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "be15b3ba6a71edd608b9af34dfc6130c"
x-cos-request-id: Njc4YTQyZGNfZjdhZDM0MGJfMTIyMjRfNDE5MmIxMg==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 17892873501356430583
Accept-Ranges: bytes
Content-Length: 119506
Date: Fri, 17 Jan 2025 11:45:32 GMT
Content-Type: application/javascript
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:27 GMT

GET
H/1.1 200
OK rem.js Show response
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/js/ 840 B
1 KB 407ms
407ms Script
application/javascript 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/js/rem.js
Requested by: Host: h5nfohek.ldruupogtjfh.com
URL: https://h5nfohek.ldruupogtjfh.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 33442081f56c808935dba715de506e29ebf99eea4d997a64818edb9081369fa5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "e74e945fcc19cbd1d5276e5d4548d525"
x-cos-request-id: Njc4YTQyZGNfZjdhZDM0MGJfMTIyMGNfNDE2ZTIxMg==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 14527282361785495796
Accept-Ranges: bytes
Content-Length: 840
Date: Fri, 17 Jan 2025 11:45:33 GMT
Content-Type: application/javascript
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:27 GMT

GET
H/1.1 200
OK btn.png
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/ 23 KB
24 KB 1171ms
485ms Image
image/png 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/img/btn.png
Requested by: Host: 322wg-1329230387.cos.accelerate.myqcloud.com
URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/css/style.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: d76ce03350dd4b3a5714939ca6e1f243d78796f8622cb6e02bde768b7a06019f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/css/style.min.css

Response headers

ETag: "0d42648b98f1d99a6afbfb1a97ea2a27"
x-cos-request-id: Njc4YTQyZGNfZDdiNmYwMDlfMmNiMzFfNGU1ZDRmYQ==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 13905543051890727985
Accept-Ranges: bytes
Content-Length: 23985
Date: Fri, 17 Jan 2025 11:45:33 GMT
Content-Type: image/png
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:27 GMT

GET
H2 200 config_data.json Show response
xiazaizhanyuming01.332ossjiashuyuming11.cc/cocos/ 5 KB
5 KB 337ms
336ms Fetch
application/json 185.213.240.176
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://xiazaizhanyuming01.332ossjiashuyuming11.cc/cocos/config_data.json?t=1737114

Requested by

Host: 322wg-1329230387.cos.accelerate.myqcloud.com
URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/cg-download-lib.umd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.213.240.176 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

**** /

Resource Hash

325f4a2edead88ad060a38c33041224faeba9517e01178225dea0c8b3da4ef39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

language: zh
X-Request-Id: e9ce85d8-4b45-4b9c-b1f2-5a647a412a19
timestamp: 1737114333
sign: 8LZVGJial5Cr4reJQiaRP3L8FYaj+O3RLCS343Bv4eqFOSbvZbzK5wOVXOP4hJDn
Referer: https://h5nfohek.ldruupogtjfh.com/
Accept-Language: zh;q=0.9, *;q=0.5
siteCode: undefined
device: iVBORw0KGgoAAAANSUhEUgAAASwAAACWCAYA
nonce: e9ce85d8-4b45-4b9c-b1f2-5a647a412a19
platformtype: 3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-md5: SAqLtv6QSjgPiOcYwTHUWA==
access-control-max-age: 200
x-request-id: 5133cf74d04427325023fff8ef6731e6
access-control-expose-headers: Etag
x-oss-storage-class: Standard
content-encoding: gzip
x-oss-object-type: Normal
access-control-allow-methods: GET, POST, HEAD, PUT
x-cache: BYPASS
date: Fri, 17 Jan 2025 11:45:34 GMT
x-oss-server-time: 2
content-type: application/json
vary: Accept-Encoding, Origin
last-modified: Fri, 17 Jan 2025 09:21:01 GMT
strict-transport-security: max-age=31536000; preload
cache-control: max-age=86400
x-oss-hash-crc64ecma: 7714326972047274051
access-control-allow-origin: *
x-oss-request-id: 678A42DE68A3743430BC985C
server: ****

OPTIONS
H2 200 config_data.json
xiazaizhanyuming01.332ossjiashuyuming11.cc/cocos/ 0
0 1037ms
499ms Preflight 185.213.240.176
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://xiazaizhanyuming01.332ossjiashuyuming11.cc/cocos/config_data.json?t=1737114

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.213.240.176 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

**** /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept: */*
Access-Control-Request-Headers: device,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id
Access-Control-Request-Method: GET
Origin: https://h5nfohek.ldruupogtjfh.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: device, language, nonce, platformtype, sign, sitecode, timestamp, x-request-id
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 200
content-length: 0
date: Fri, 17 Jan 2025 11:45:34 GMT
server: ****
strict-transport-security: max-age=31536000; preload
vary: Origin
x-cache: BYPASS
x-oss-request-id: 678A42DE68A37434304F965C
x-oss-server-time: 1
x-request-id: 4678cc9248868a2bb01f10f0acb0fea9

GET
H/1.1 200
OK favicon.ico
322wg-1329230387.cos.accelerate.myqcloud.com/322-1/ 5 KB
5 KB 442ms
441ms Other
image/vnd.microsoft.icon 49.51.129.251
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 Frankfurt am Main, Germany, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: d1d6c7a3147a93e2ef81b253d1b27b1bd64397fd357d40c4262e0bd03194b973

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

ETag: "feddd3eccd34655a5a0ab2bcee06a279"
x-cos-request-id: Njc4YTQyZGRfZjdhZDM0MGJfMTIyMGFfNDE1MjNiZA==
Connection: keep-alive
x-cos-force-download: true
x-cos-hash-crc64ecma: 4276800157057095369
Accept-Ranges: bytes
Content-Length: 4693
Date: Fri, 17 Jan 2025 11:45:33 GMT
Content-Type: image/vnd.microsoft.icon
Content-Disposition: attachment
Server: tencent-cos
Last-Modified: Fri, 17 Jan 2025 07:22:22 GMT

GET
H/1.1 200
OK ipacdn.txt Show response
zhifuyuming01.zhifuyuming020.com/ 2 B
388 B 1078ms
298ms Fetch
text/plain 143.92.32.181
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://zhifuyuming01.zhifuyuming020.com/ipacdn.txt?t=1737114334614
Requested by: Host: 322wg-1329230387.cos.accelerate.myqcloud.com
URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/cg-download-lib.umd.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.92.32.181 Hong Kong, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

Access-Control-Max-Age: 3600
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
X-Cache: BYPASS
Content-Length: 2
Date: Fri, 17 Jan 2025 11:45:35 GMT
Content-Type: text/plain

GET
H2 200 ipacdn.txt Show response
2025-1-10.332woainihaojie09.cc/ 2 B
381 B 299ms
237ms Fetch
text/plain 138.113.35.109
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://2025-1-10.332woainihaojie09.cc/ipacdn.txt?t=1737114334614
Requested by: Host: 322wg-1329230387.cos.accelerate.myqcloud.com
URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/cg-download-lib.umd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.35.109 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

access-control-max-age: 3600
x-px: ms PS-FRA-04GrK144FRA,ms jp184SIN(origin)
cache-control: s-maxage=315360000,max-age=0,public
x-ws-request-id: 678a42de_PS-FRA-04GVU145_37590-31026
access-control-allow-credentials: true
via: 1.1 jp184:8 (W), 1.1 PS-FRA-04GrK144:4 (W)
access-control-allow-origin: *
content-length: 2
date: Fri, 17 Jan 2025 11:45:34 GMT
content-type: text/plain

GET
H2 200 ipacdn.txt Show response
2025-1-10.332appdatinxiaojie01.cc/ 2 B
366 B 1328ms
365ms Fetch
text/plain 154.203.26.157
DBL-AS-AP DEEP BR...

General

Check archive.org

Show headers Download Go to

Full URL

https://2025-1-10.332appdatinxiaojie01.cc/ipacdn.txt?t=1737114334614

Requested by

Host: 322wg-1329230387.cos.accelerate.myqcloud.com
URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/cg-download-lib.umd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.203.26.157 Hong Kong, Hong Kong, ASN146993 (DBL-AS-AP DEEP BRIGHT LIMITED, MY),

Reverse DNS

Software

gocache /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 3600
cache-control: s-maxage=315360000,max-age=0,public
rid: 75c259c416a9f84835de62300d6704dc
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 2
date: Fri, 17 Jan 2025 11:45:35 GMT
c-type: pf
content-type: text/plain
server: gocache

GET
H2 200 ipacdn.txt Show response
api151611ojiba-gff5fhg5a7c0cta5.a03.azurefd.net/ 2 B
278 B 1328ms
1087ms Fetch
text/plain 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://api151611ojiba-gff5fhg5a7c0cta5.a03.azurefd.net/ipacdn.txt?t=1737114334614
Requested by: Host: 322wg-1329230387.cos.accelerate.myqcloud.com
URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/cg-download-lib.umd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

access-control-max-age: 3600
cache-control: s-maxage=315360000,max-age=0,public
x-fd-int-roxy-purgeid: 82
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
x-cache: TCP_MISS
content-length: 2
date: Fri, 17 Jan 2025 11:45:35 GMT
content-type: text/plain
x-azure-ref: 20250117T114534Z-179c7d47f7cp4whhhC1FRA7sws0000000d0g000000006t2h

GET
H2 200 ipacdn.txt Show response
2025-1-10.332ossjiashuyuming10.cc/ 2 B
460 B 1363ms
551ms Fetch
text/plain 185.213.240.176
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://2025-1-10.332ossjiashuyuming10.cc/ipacdn.txt?t=1737114334614

Requested by

Host: 322wg-1329230387.cos.accelerate.myqcloud.com
URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/cg-download-lib.umd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.213.240.176 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),

Reverse DNS

Software

**** /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://h5nfohek.ldruupogtjfh.com/

Response headers

strict-transport-security: max-age=31536000; preload
access-control-max-age: 3600
x-request-id: a0f81f169ccee40a024c4b3223fb7b2d
cache-control: s-maxage=315360000,max-age=0,public
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS
content-length: 2
date: Fri, 17 Jan 2025 11:45:35 GMT
content-type: text/plain
server: ****

OPTIONS
H2 200 getAppDownloadInfo
2025-1-10.332woainihaojie09.cc/hall/api/lobby/config/ 0
0 236ms
235ms Preflight
application/octet-stream 138.113.35.109
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://2025-1-10.332woainihaojie09.cc/hall/api/lobby/config/getAppDownloadInfo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.35.109 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,device,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id
Access-Control-Request-Method: POST
Origin: https://h5nfohek.ldruupogtjfh.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,device,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
content-type: application/octet-stream
date: Fri, 17 Jan 2025 11:45:35 GMT
via: 1.1 jp184:8 (W), 1.1 PS-FRA-04GrK144:4 (W)
x-px: ms PS-FRA-04GrK144FRA,ms jp184SIN(origin)
x-ws-request-id: 678a42de_PS-FRA-04GVU145_37590-31035

OPTIONS
H2 200 domain
2025-1-10.332woainihaojie09.cc/hall/promote/pointer/ 0
0 238ms
238ms Preflight
application/octet-stream 138.113.35.109
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://2025-1-10.332woainihaojie09.cc/hall/promote/pointer/domain
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.35.109 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,device,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id
Access-Control-Request-Method: POST
Origin: https://h5nfohek.ldruupogtjfh.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,device,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
content-type: application/octet-stream
date: Fri, 17 Jan 2025 11:45:35 GMT
via: 1.1 jp184:8 (W), 1.1 PS-FRA-04GrK144:4 (W)
x-px: ms PS-FRA-04GrK144FRA,ms jp184SIN(origin)
x-ws-request-id: 678a42de_PS-FRA-04GVU145_37590-31036

POST
H2 200 getAppDownloadInfo Show response
2025-1-10.332woainihaojie09.cc/hall/api/lobby/config/ 598 B
1 KB 245ms
244ms Fetch
application/json 138.113.35.109
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://2025-1-10.332woainihaojie09.cc/hall/api/lobby/config/getAppDownloadInfo
Requested by: Host: 322wg-1329230387.cos.accelerate.myqcloud.com
URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/cg-download-lib.umd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.35.109 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: 6c1edd0d10174b1fbde66a60df2ce406494d8760688bc47863241095b1fc64d7

Request headers

language: zh
X-Request-Id: c5158817-57a1-4d63-b449-a8bf55dba66c
timestamp: 1737114334
sign: kmLX36z46YCGfsPxcyqw5fIQHEOh6QK/mOFVDPh47+atKNOTKa8s1BLSARNik7J3
Referer: https://h5nfohek.ldruupogtjfh.com/
Accept-Language: zh;q=0.9, *;q=0.5
siteCode: 1516
device: iVBORw0KGgoAAAANSUhEUgAAASwAAACWCAYA
nonce: c5158817-57a1-4d63-b449-a8bf55dba66c
platformtype: 3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-env-go-biz-gateway: 0
x-server-version: 4.0.0
access-control-max-age: 3600
cache-control: no-cache
x-px: ms PS-FRA-04GrK144FRA,ms jp184SIN(origin)
x-ws-request-id: 678a42df_PS-FRA-04GVU145_37590-31040
access-control-allow-credentials: true
access-control-allow-methods: *
x-trace-id: 63c47fc4c78adac3
via: 1.1 jp184:8 (W), 1.1 PS-FRA-04GrK144:4 (W)
access-control-allow-origin: *
content-length: 598
date: Fri, 17 Jan 2025 11:45:35 GMT
content-type: application/json; charset=utf-8

POST
H2 200 domain Show response
2025-1-10.332woainihaojie09.cc/hall/promote/pointer/ 50 B
544 B 243ms
242ms Fetch
application/json 138.113.35.109
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://2025-1-10.332woainihaojie09.cc/hall/promote/pointer/domain
Requested by: Host: 322wg-1329230387.cos.accelerate.myqcloud.com
URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/cg-download-lib.umd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.35.109 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: 0dd18f3f47cfb15bc17fe7905666810788ecabe9a4cab1c28ce339d748da8f27

Request headers

language: zh
X-Request-Id: f0dab618-f068-4cc7-b9fa-3e307ab401d2
timestamp: 1737114334
sign: 9nZV5y1/KAXREoSmkz62DvPLnSIKKNEpQbhrhfFCGlxei9tiYjkI5YCYQCbFlx/A
Referer: https://h5nfohek.ldruupogtjfh.com/
Accept-Language: zh;q=0.9, *;q=0.5
siteCode: 1516
device: iVBORw0KGgoAAAANSUhEUgAAASwAAACWCAYA
nonce: f0dab618-f068-4cc7-b9fa-3e307ab401d2
platformtype: 3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-server-version: 4.0.0
access-control-max-age: 3600
x-px: ms PS-FRA-04GrK144FRA,ms jp184SIN(origin)
x-env-go-biz-agent-server: 0
api-cache: false
access-control-allow-methods: *
date: Fri, 17 Jan 2025 11:45:35 GMT
content-type: application/json; charset=utf-8
x-env-go-biz-gateway: 0
cache-control: no-cache
x-ws-request-id: 678a42df_PS-FRA-04GVU145_37590-31043
access-control-allow-credentials: true
x-trace-id: 368b297515fde299
via: 1.1 jp184:8 (W), 1.1 PS-FRA-04GrK144:4 (W)
access-control-allow-origin: *
content-length: 50

OPTIONS
H2 200 getAppDownloadInfo
2025-1-10.332woainihaojie09.cc/hall/api/lobby/config/ 0
0 235ms
235ms Preflight
application/octet-stream 138.113.35.109
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://2025-1-10.332woainihaojie09.cc/hall/api/lobby/config/getAppDownloadInfo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.35.109 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,device,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id
Access-Control-Request-Method: POST
Origin: https://h5nfohek.ldruupogtjfh.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,device,language,nonce,platformtype,sign,sitecode,timestamp,x-request-id
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
content-type: application/octet-stream
date: Fri, 17 Jan 2025 11:45:35 GMT
via: 1.1 jp184:8 (W), 1.1 PS-FRA-04GrK144:4 (W)
x-px: ms PS-FRA-04GrK144FRA,ms jp184SIN(origin)
x-ws-request-id: 678a42de_PS-FRA-04GVU145_37590-31037

POST
H2 200 getAppDownloadInfo Show response
2025-1-10.332woainihaojie09.cc/hall/api/lobby/config/ 598 B
1 KB 245ms
244ms Fetch
application/json 138.113.35.109
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://2025-1-10.332woainihaojie09.cc/hall/api/lobby/config/getAppDownloadInfo
Requested by: Host: 322wg-1329230387.cos.accelerate.myqcloud.com
URL: https://322wg-1329230387.cos.accelerate.myqcloud.com/322-1/sdks/cg-download-lib.umd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.35.109 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: 6c1edd0d10174b1fbde66a60df2ce406494d8760688bc47863241095b1fc64d7

Request headers

language: zh
X-Request-Id: 4e30efcf-c888-4d55-a060-7c1940480179
timestamp: 1737114334
sign: wBY14A3iGKsqbo0+zOmamblEt1rxEeRQVV3oFpSQlan+Ysq6LduACxO1AU29K4Yi
Referer: https://h5nfohek.ldruupogtjfh.com/
Accept-Language: zh;q=0.9, *;q=0.5
siteCode: 1516
device: iVBORw0KGgoAAAANSUhEUgAAASwAAACWCAYA
nonce: 4e30efcf-c888-4d55-a060-7c1940480179
platformtype: 3
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-env-go-biz-gateway: 0
x-server-version: 4.0.0
access-control-max-age: 3600
cache-control: no-cache
x-px: ms PS-FRA-04GrK144FRA,ms jp184SIN(origin)
x-ws-request-id: 678a42df_PS-FRA-04GVU145_37590-31041
access-control-allow-credentials: true
access-control-allow-methods: *
x-trace-id: 7dc855e68a9eba2f
via: 1.1 jp184:8 (W), 1.1 PS-FRA-04GrK144:4 (W)
access-control-allow-origin: *
content-length: 598
date: Fri, 17 Jan 2025 11:45:35 GMT
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2025-1-10.332appdatinxiaojie01.cc
2025-1-10.332ossjiashuyuming10.cc
2025-1-10.332woainihaojie09.cc
322wg-1329230387.cos.accelerate.myqcloud.com
api151611ojiba-gff5fhg5a7c0cta5.a03.azurefd.net
h5nfohek.ldruupogtjfh.com
xiazaizhanyuming01.332ossjiashuyuming11.cc
zhifuyuming01.zhifuyuming020.com
138.113.35.109
143.92.32.181
154.203.26.157
185.213.240.176
2620:1ec:29:1::45
45.89.196.108
49.51.129.251
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0dd18f3f47cfb15bc17fe7905666810788ecabe9a4cab1c28ce339d748da8f27
1496d983ad5b2991ac08446d6a1040bb8584bae451c8352d641fe72c9ecbe7fc
325f4a2edead88ad060a38c33041224faeba9517e01178225dea0c8b3da4ef39
33442081f56c808935dba715de506e29ebf99eea4d997a64818edb9081369fa5
37f68f524e92dfe3ad23257129276d2b49ecaf7f0ba633d0398012a4f6cbfcb3
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56c3dd16a5cf2ebefe0a3ee896bb3f20bc7b4327f75588188343c488d4aa951c
5a9daadac275e02f0bb196bfc7b93f7e4ace0ccc04f3b99dc3d0ad985b2a7457
6b7b9a01d965750c4c1c3786c43f869db32181e8a2b879822302479c892c4a9b
6c1edd0d10174b1fbde66a60df2ce406494d8760688bc47863241095b1fc64d7
8dba627728172c0e98418920c5ca128dcb5e6189489c01b44f968b81b8b70d8e
9990dd535b79a53fc75ef75e7a0680a1b0b7ba0115e681af2c26238e46e66ded
a6754b4b70303470e432a2f154ed6ecf41f7e78b644e2994c60d9c0c73ae4741
aa8abdf0e42a9934df7975ac458baa1ad485f9944f9da9b2b6d1d92572f8ded6
add18244c3d92cb789bd50456f05f02ca034c908bbf4210fedbd9013b3bf5d96
c90c267a3a7b0ca7c2ef0f0c6e2d8199ed9c34eba7be8723aa3791a7345a6541
d1d6c7a3147a93e2ef81b253d1b27b1bd64397fd357d40c4262e0bd03194b973
d7049547734fcdd2f8f3346d1ae006d39016733f6973f041ff240c1fc1ee7e3e
d76ce03350dd4b3a5714939ca6e1f243d78796f8622cb6e02bde768b7a06019f
ebdd2bb5260e9e5ad405c9b75a36bacfdc6da34cb3d2ca25c2f88f5122d645bf

h5nfohek.ldruupogtjfh.com Open in urlscan Pro 45.89.196.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

14 %IPv6

8 Domains

8 Subdomains

7 IPs

4 Countries

2268 kBTransfer

2261 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

h5nfohek.ldruupogtjfh.com Open in urlscan Pro
45.89.196.108 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

14 %
IPv6

8
Domains

8
Subdomains

7
IPs

4
Countries

2268 kB
Transfer

2261 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions