5j2r.xyz Open in urlscan Pro
192.161.87.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://rakutenzo12.vip/
Effective URL:
https://5j2r.xyz/1.html?channelCode=lgjc16
Submission: On June 17 via automatic, source certstream-suspicious (June 17th 2024, 1:53:26 am UTC) — Scanned from DE

Summary HTTP 48 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 48 HTTP transactions. The main IP is 192.161.87.164, located in United States and belongs to CNSERVERS, US. The main domain is 5j2r.xyz.
TLS certificate: Issued by R11 on June 16th 2024. Valid for: 3 months.

This is the only time 5j2r.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Incomplete 56efa15462e6412d1d002590ac11453d.apk 39 MB

Size: 39 MB (41299671 bytes, 2% done)

Downloaded from: https://jiarenxin.hnyuxiangyuan.com/public/56efa15462e6412d1d002590ac11453d.apk?auth_key=1718589201-0-0-a4506f32b04a001e30024f32b4226b8f

Domain & IP information

	IP Address	AS Autonomous System
1 19	206.119.178.109 206.119.178.109	133199 (SONDERCLO...) (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited)
1	45.32.65.219 45.32.65.219	20473 (AS-CHOOPA) (AS-CHOOPA)
1	2606:4700:303... 2606:4700:3031::ac43:ac36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	51.222.244.150 51.222.244.150	16276 (OVH) (OVH)
1	47.246.46.147 47.246.46.147	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
3	23.224.30.106 23.224.30.106	40065 (CNSERVERS) (CNSERVERS)
2	183.240.98.228 183.240.98.228	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
5	192.161.87.164 192.161.87.164	40065 (CNSERVERS) (CNSERVERS)
1	163.181.131.223 163.181.131.223	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
7	49.51.131.81 49.51.131.81	() ()
2	49.51.129.251 49.51.129.251	() ()
1	47.246.46.182 47.246.46.182	() ()
1 3	170.33.13.110 170.33.13.110	() ()
1 1	13.213.18.30 13.213.18.30	() ()
1	111.6.42.113 111.6.42.113	() ()
48	15

19 206.119.178.109 (Los Angeles, United States) 1 redirects

ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK)

rakutenzo12.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.32.65.219 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.32.65.219.vultrusercontent.com

xss9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:ac36 (United States)

ASN13335 (CLOUDFLARENET, US)

useragent.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.244.150 (Canada)

ASN16276 (OVH, FR)
PTR: ns5005926.ip-51-222-244.net

uv60.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.46.147 (Milan, Italy)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

dns.efangcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.224.30.106 (United States)

ASN40065 (CNSERVERS, US)

ck.efangcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.240.98.228 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.161.87.164 (United States)

ASN40065 (CNSERVERS, US)

5j2r.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.131.223 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 49.51.131.81 (None, )

ASN- ()

j1sxh-1326572717.cos.accelerate.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.51.129.251 (None, )

ASN- ()

xjsbw-1326572717.cos.accelerate.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.46.182 (None, )

ASN- ()

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 170.33.13.110 (None, ) 1 redirects

ASN- ()

fze6f5fafxtui8o.huabanwl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.213.18.30 (None, ) 1 redirects

ASN- ()

2akctg.jfdh168.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 111.6.42.113 (None, )

ASN- ()

jiarenxin.hnyuxiangyuan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	rakutenzo12.vip 1 redirects rakutenzo12.vip	447 KB
9	myqcloud.com j1sxh-1326572717.cos.accelerate.myqcloud.com xjsbw-1326572717.cos.accelerate.myqcloud.com	1 MB
5	5j2r.xyz 5j2r.xyz	71 KB
4	efangcdn.com dns.efangcdn.com ck.efangcdn.com	50 KB
3	huabanwl.com 1 redirects fze6f5fafxtui8o.huabanwl.com	2 KB
2	51.la sdk.51.la — Cisco Umbrella Rank: 65668 collect-v6.51.la	14 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 11413	12 KB
2	uv60.cn uv60.cn — Cisco Umbrella Rank: 509771	23 KB
1	hnyuxiangyuan.com jiarenxin.hnyuxiangyuan.com
1	jfdh168.com 1 redirects 2akctg.jfdh168.com	309 B
1	useragent.top useragent.top	641 B
1	xss9.com xss9.com	675 B
0	sdaqyi.cn Failed sdaqyi.cn Failed
48	13

	Domain	Requested by
19	rakutenzo12.vip	1 redirects rakutenzo12.vip
7	j1sxh-1326572717.cos.accelerate.myqcloud.com	5j2r.xyz
5	5j2r.xyz	xss9.com 5j2r.xyz
3	fze6f5fafxtui8o.huabanwl.com	1 redirects xjsbw-1326572717.cos.accelerate.myqcloud.com
3	ck.efangcdn.com	dns.efangcdn.com
2	xjsbw-1326572717.cos.accelerate.myqcloud.com	5j2r.xyz
2	hm.baidu.com	useragent.top rakutenzo12.vip
2	uv60.cn	xss9.com uv60.cn
1	jiarenxin.hnyuxiangyuan.com	xjsbw-1326572717.cos.accelerate.myqcloud.com
1	2akctg.jfdh168.com	1 redirects
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	5j2r.xyz
1	dns.efangcdn.com	xss9.com
1	useragent.top	rakutenzo12.vip
1	xss9.com	rakutenzo12.vip
0	sdaqyi.cn Failed	5j2r.xyz
48	16

This site contains no links.

Subject Issuer	Validity	Valid
rakutenzo12.vip R10	`2024-06-17` - `2024-09-15`	3 months	crt.sh
xss9.com R3	`2024-05-10` - `2024-08-08`	3 months	crt.sh
useragent.top WE1	`2024-06-07` - `2024-09-05`	3 months	crt.sh
uv60.cn Sectigo RSA Domain Validation Secure Server CA	`2024-05-19` - `2025-05-19`	a year	crt.sh
dns.efangcdn.com R3	`2024-05-28` - `2024-08-26`	3 months	crt.sh
ck.efangcdn.com R3	`2024-05-30` - `2024-08-28`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
5j2r.xyz R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	a year	crt.sh
*.cos.eu-frankfurt.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-03-06` - `2025-04-07`	a year	crt.sh
*.huabanwl.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-26` - `2025-01-25`	a year	crt.sh
hnyuxiangyuan.com R11	`2024-06-14` - `2024-09-12`	3 months	crt.sh

This page contains 1 frames:

Frame: https://jiarenxin.hnyuxiangyuan.com/public/56efa15462e6412d1d002590ac11453d.apk?auth_key=1718589201-0-0-a4506f32b04a001e30024f32b4226b8f
Frame ID: 2712E98C60EF7312A9E9E088DA1F5FBF
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://rakutenzo12.vip/ HTTP 302
https://rakutenzo12.vip/admin/login/index.html Page URL
https://5j2r.xyz/1.html?channelCode=lgjc16 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

98 %
HTTPS

7 %
IPv6

13
Domains

16
Subdomains

15
IPs

5
Countries

1760 kB
Transfer

2250 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://rakutenzo12.vip/ HTTP 302
https://rakutenzo12.vip/admin/login/index.html Page URL
https://5j2r.xyz/1.html?channelCode=lgjc16 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://rakutenzo12.vip/ HTTP 302
https://rakutenzo12.vip/admin/login/index.html

Request Chain 47

https://fze6f5fafxtui8o.huabanwl.com:6443/page/yuoqfl/install/c/eyJjIjoibGdqYzE2IiwibSI6IktycjA0azl2dDdJQUFBR1FJLVlUN3A1NXN2M1p6b01EMkxLcks4MnRCeFp3T1lDVmoyMHZCdzl4Z0lucTBIeWVPc3BBS1BBNTF0VnJOdFM4UzJqQVFWMlBrbUJycTlNNkIweDVPZlUzeHBUMXYzSlVRdndZdHBjdXJtcW9rTHZNNXcifQ==?p=0 HTTP 302
https://2akctg.jfdh168.com/ossapk/3qcz4f8f13086c HTTP 302
https://jiarenxin.hnyuxiangyuan.com/public/56efa15462e6412d1d002590ac11453d.apk?auth_key=1718589201-0-0-a4506f32b04a001e30024f32b4226b8f

48 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

index.html Show response
rakutenzo12.vip/admin/login/
Redirect Chain

https://rakutenzo12.vip/
https://rakutenzo12.vip/admin/login/index.html

8 KB
3 KB

407ms
407ms

Document
text/html

206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

cfce92bdca811478cb0017a90c2bc096c151647217ae6f4b985368d7f42619bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 17 Jun 2024 01:53:09 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

cache-control: no-cache,must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 17 Jun 2024 01:53:08 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /admin/login/index.html
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 FWkB Show response
xss9.com/ 1 KB
675 B 508ms
166ms Script
application/x-javascript 45.32.65.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://xss9.com/FWkB
Requested by: Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.32.65.219 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 45.32.65.219.vultrusercontent.com
Software: Apache /
Resource Hash: 5394eedc56bb8bc4e20da37292f4cbbe36d85dec294d4e98b6c90f167ea62254

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 01:53:11 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: nocache
content-length: 558

GET
H2 200 bootstrap.min.css
rakutenzo12.vip/static/admin/css/ 118 KB
24 KB 573ms
572ms Stylesheet
text/css 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenzo12.vip/static/admin/css/bootstrap.min.css?v=3.3.6

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

68b69105673fbb64096c34b060f900d2731d4f19202ad8f2c11274f3d6f59126

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 13:24:44 GMT
server: nginx
etag: W/"638df11c-1d996"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:09 GMT

GET
H2 200 font-awesome.css
rakutenzo12.vip/static/admin/css/ 34 KB
7 KB 584ms
584ms Stylesheet
text/css 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenzo12.vip/static/admin/css/font-awesome.css?v=4.4.0

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

d4230e4529ad80ac1e2779112749264647a4212edbe7511088dde28e92d8074b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 13:24:44 GMT
server: nginx
etag: W/"638df11c-8628"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:09 GMT

GET
H2 200 style.css
rakutenzo12.vip/static/admin/css/ 143 KB
29 KB 866ms
866ms Stylesheet
text/css 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenzo12.vip/static/admin/css/style.css?v=4.1.0

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

25befd73df789c77b69694c9fdebdc72f8720e9b6701f85f5b41a8e05042041a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:33:56 GMT
server: nginx
etag: W/"63d748b4-23da0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:09 GMT

GET
H2 200 jquery.min.js Show response
rakutenzo12.vip/static/admin/js/ 82 KB
33 KB 891ms
891ms Script
application/javascript 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenzo12.vip/static/admin/js/jquery.min.js?v=2.1.4

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 13:24:44 GMT
server: nginx
etag: W/"638df11c-1497d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:09 GMT

GET
H2 200 main-logo.png
rakutenzo12.vip/static/admin/img/ 75 KB
75 KB 892ms
891ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenzo12.vip/static/admin/img/main-logo.png

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

911a02a39258dd17076d93b28a511ce3abe5a83054c5a8434dc0ec6e0e1efebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:09 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 15 Aug 2023 17:12:58 GMT
server: nginx
etag: "64dbb21a-12c0d"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76813
expires: Wed, 17 Jul 2024 01:53:09 GMT

GET
H2 200 img-main.png
rakutenzo12.vip/static/admin/img/ 210 KB
210 KB 892ms
892ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenzo12.vip/static/admin/img/img-main.png

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

53387f5bbb174ba06273aa3812f0b0f9da57c1ffdadf73b38a63f3f15fe25168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:09 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 05 Dec 2022 13:24:44 GMT
server: nginx
etag: "638df11c-346e4"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 214756
expires: Wed, 17 Jul 2024 01:53:09 GMT

GET
H2 200 icon-user.png
rakutenzo12.vip/static/admin/img/ 2 KB
2 KB 379ms
377ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenzo12.vip/static/admin/img/icon-user.png

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

dbfc2d8a3b11481a17aa0fd5774a905ea8025cf11a8a9c3ab14daf170faa5683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:10 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 05 Dec 2022 13:24:44 GMT
server: nginx
etag: "638df11c-852"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2130
expires: Wed, 17 Jul 2024 01:53:10 GMT

GET
H2 200 icon-password.png
rakutenzo12.vip/static/admin/img/ 1 KB
1 KB 379ms
377ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenzo12.vip/static/admin/img/icon-password.png

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

1cdb604b164f1ca1b652a2fbfaddfff4a8dcda9dc142f72f6aa2f4c3078aad09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:10 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 05 Dec 2022 13:24:44 GMT
server: nginx
etag: "638df11c-4db"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1243
expires: Wed, 17 Jul 2024 01:53:10 GMT

GET
H2 200 icon-vertifaction.png
rakutenzo12.vip/static/admin/img/ 2 KB
2 KB 379ms
377ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenzo12.vip/static/admin/img/icon-vertifaction.png

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

32b42352c10d11ca246139b4200f3fd203e6082d6645b13df042c48c720d379a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:10 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 05 Dec 2022 13:24:44 GMT
server: nginx
etag: "638df11c-82c"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2092
expires: Wed, 17 Jul 2024 01:53:10 GMT

GET
H2 200 captcha.html
rakutenzo12.vip/ 2 KB
2 KB 655ms
654ms Image
image/png 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenzo12.vip/captcha.html

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

f4ae9557cdeb094207dd6d9d63bfa1be8d27e0f6078d6f357cc94d0572736850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 17 Jun 2024 01:53:10 GMT
strict-transport-security: max-age=31536000
server: nginx
content-type: image/png; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
content-length: 2138
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 layer.min.js Show response
rakutenzo12.vip/static/admin/js/plugins/layer/ 21 KB
8 KB 380ms
377ms Script
application/javascript 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenzo12.vip/static/admin/js/plugins/layer/layer.min.js

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

fd8f3a227ff1476d3d7fb5dd45d8dda480dd894737f5fb55c3ed181a8ede64d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:10 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 13:24:46 GMT
server: nginx
etag: W/"638df11e-535f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:10 GMT

GET
H2 200 jquery.validate.min.js Show response
rakutenzo12.vip/static/admin/js/plugins/validate/ 21 KB
8 KB 380ms
378ms Script
application/javascript 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenzo12.vip/static/admin/js/plugins/validate/jquery.validate.min.js

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

f01f5ea5ff71b32da6759fb193943622b2d04e19a8d4017e8528e0bb1f248fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:10 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 13:24:46 GMT
server: nginx
etag: W/"638df11e-541a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:10 GMT

GET
H2 200 bootstrap.min.js Show response
rakutenzo12.vip/static/admin/js/ 36 KB
11 KB 380ms
378ms Script
application/javascript 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenzo12.vip/static/admin/js/bootstrap.min.js?v=3.3.6

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

214c9901e85e6b004c8dc82dfb8af5c399d14a04649f3ca815eee1c65c9b34ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:10 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 13:24:44 GMT
server: nginx
etag: W/"638df11c-900c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:10 GMT

GET
H2 200 ajax.js Show response
rakutenzo12.vip/static/admin/js/common/ 1 KB
653 B 380ms
378ms Script
application/javascript 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenzo12.vip/static/admin/js/common/ajax.js

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

a3525aaa0e71fdcdb04a13a0c6fc084d522e93a589283c42e066e0c43675b65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:10 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 13:24:44 GMT
server: nginx
etag: W/"638df11c-403"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:10 GMT

GET
H3 200 jquery.js Show response
useragent.top/ 253 B
641 B 46ms
19ms Script
application/javascript 2606:4700:3031::ac43:ac36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useragent.top/jquery.js
Requested by: Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::ac43:ac36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0da557c324b3144ce723ba6ca7e77b4936b07f0b5139510b891179f26341fcec

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:11 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Jun 2024 17:11:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3092
etag: W/"666c79c5-fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VycO5Uax6%2BQzkss9JeX0nnDwXnkn4OZF%2FZtbIhWMUy4HluR9y0vH7xcJr70WrllmWX%2FrKAGccenYkdtr4qjE3qZRtdUvrANtwi8dNqf9pTDlZfYXkBRuugu17BkTiGu9ILBR4FkfOhbnVQbi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 894f6791bdea6ae7-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK tongji.js Show response
uv60.cn/tj/ 55 KB
22 KB 820ms
142ms Script
application/javascript 51.222.244.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://uv60.cn/tj/tongji.js?v=2.08

Requested by

Host: xss9.com
URL: https://xss9.com/FWkB

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.222.244.150 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5005926.ip-51-222-244.net

Software

nginx /

Resource Hash

2c60a4ba87818b0c31e5993bd2b6e173ac40358604d57a58acea3c38d313940e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:12 GMT
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Thu, 30 May 2024 04:56:57 GMT
Server: nginx
ETag: W/"66580719-da2e"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 o.js Show response
dns.efangcdn.com/ 47 KB
48 KB 80ms
16ms Script
text/plain 47.246.46.147
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://dns.efangcdn.com/o.js
Requested by: Host: xss9.com
URL: https://xss9.com/FWkB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.46.147 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: e86c9175c7f1254c003370cc24af7c0530a3a5a9bfde54c19430ecb3a6dbd4f7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 17:41:38 GMT
via: cache4.l2de2[0,0,200-0,H], cache6.l2de2[1,0], ens-cache16.it4[0,0,200-0,H], ens-cache7.it4[1,0]
age: 1498294
x-swift-cachetime: 2181985
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 04 Jun 2024 11:35:13 GMT
content-length: 48415
server: Tengine
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: text/plain; charset=utf-8
access-control-allow-origin
ali-swift-global-savetime: 1717090898
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
eagleid: 2ff62e9b17185891920112322e

GET
H2 200 bid Show response
ck.efangcdn.com/ 349 B
771 B 454ms
148ms Script
application/json 23.224.30.106
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ck.efangcdn.com/bid?url=https%3A%2F%2Frakutenzo12.vip%2Fadmin%2Flogin%2Findex.html&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=b83cf8b4b11eacbe68a6cd9fdac727c4&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by: Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: f4144c9f9d11424354381bb00f5dda4f9daa58f73c5c390788bccedd0f4f3355

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:12 GMT
server: nginx
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: application/json
access-control-allow-origin
x-cache: MISS
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 349

GET
H2 200 bid Show response
ck.efangcdn.com/ 349 B
771 B 453ms
148ms Script
application/json 23.224.30.106
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ck.efangcdn.com/bid?url=https%3A%2F%2Frakutenzo12.vip%2Fadmin%2Flogin%2Findex.html&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=9ec7e83079769b2e1a6199bac604d57f&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by: Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 35ac69bf4eb52f4603589bc5340079f9028bb8fad98bcd18353e21eec9a64660

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:12 GMT
server: nginx
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: application/json
access-control-allow-origin
x-cache: MISS
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 349

GET
H2 200 bid Show response
ck.efangcdn.com/ 349 B
772 B 452ms
146ms Script
application/json 23.224.30.106
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://ck.efangcdn.com/bid?url=https%3A%2F%2Frakutenzo12.vip%2Fadmin%2Flogin%2Findex.html&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3346&rid=9d804023a37d1ba71fa7c5d10a1dc68d&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by: Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 820f4779d021ea1250b6c07c498922122d59fc3047a43151f6a62e7e70e475e7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:12 GMT
server: nginx
access-control-allow-methods: POST, GET,PUT, DELETE, UPDATE
content-type: application/json
access-control-allow-origin
x-cache: MISS
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length: 349

GET
H2 200 bg-admin2.jpg
rakutenzo12.vip/static/admin/img/ 21 KB
21 KB 584ms
583ms Image
image/jpeg 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rakutenzo12.vip/static/admin/img/bg-admin2.jpg

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

3e71964f3148c6daabf6c5e8e106e9b1d747b761bf7b269f45f7aa97f8b490a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:10 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 05 Dec 2022 13:24:44 GMT
server: nginx
etag: "638df11c-52dc"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21212
expires: Wed, 17 Jul 2024 01:53:10 GMT

GET
H2 200 layer.css
rakutenzo12.vip/static/admin/js/plugins/layer/skin/default/ 14 KB
3 KB 287ms
287ms Stylesheet
text/css 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL

https://rakutenzo12.vip/static/admin/js/plugins/layer/skin/default/layer.css?v=3.0.11110

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/static/admin/js/plugins/layer/layer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

651f64dffeb4354d09c720e83d62e5d6d0376bc8b973588ad8036150864e2bc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:11 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 13:24:46 GMT
server: nginx
etag: W/"638df11e-37d8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:11 GMT

GET
H/1.1 200
OK start Show response
uv60.cn/api/v1/api2/statistics/ 102 B
831 B 180ms
180ms XHR
application/json 51.222.244.150
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://uv60.cn/api/v1/api2/statistics/start?s=ca111444695e29d26f37db6d83def49b&d=SXVhRlhpdytyVHdPOEpkTWpEREI4T1p4YVhFL2pkaTFvcFZrWmIwTVVjc3I1SklERkVBOVhmYlFRRkVVT21LaTZyRW9LY2FWc0ZIYnljaXNqbTlkUlp6QjQ4bndTN2RGRU9YTWlCdEduSXRwV2x1emtBMW5xT2ozeVVRTHp6WnBDbmoxcXJ5M3VlWVBNeHRGZHMrOUpDV2NYaHUzd3ZET2ZIVTc3dU5nZ3ZmUko0S1FOK3ZDRFJvK1JWVnR0dk95UVZDaVg3NTVVRWNRMGZrSzE1R2ZkOWlLVE1wYjZJN3RNTGdTWkd1QWRCMTI0YWlBVEhSd3kxcXFBM25uY2d4c3RhejNSQXZDN3Q1NUtDQlBwZktrN1hYQUswT3JtZFM0cHVsQzJ0SC9BWXY4UXlGaTh5ejlKQkgrL3dwbXdpc3dyMG1LV1B4L1krY0FUWTVlRnFGcWp6dHRLTkpyU05OSmVCN2srSnlHVHdQTFNIR0lFbUc2T1IrdVpRb2txUlJZR2l0TGVjbm4vcStjWDRTaUZMK2hXNFI5RlpDY29GSjgyTWRKY3c4anlPND0=&t=1718589192929

Requested by

Host: uv60.cn
URL: https://uv60.cn/tj/tongji.js?v=2.08

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

51.222.244.150 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ns5005926.ip-51-222-244.net

Software

nginx /

Resource Hash

925ea4c5a3db3ba175774ba1b24adaf61cb1e172920dc12ee4d6754045ea170b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:13 GMT
Strict-Transport-Security: max-age=31536000
Server: nginx
Access-Control-Max-Age: 10080
Access-Control-Allow-Methods: POST,GET,DELETE,OPTIONS,HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://rakutenzo12.vip
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: lang,signature,key,timestamp,secret,Content-Type,form-type,Content-Length,Accept-Encoding,X-Requested-with, x-token,x_token,x-user-id,x-c,x-xsrf-token, Origin, Authorization
Content-Length: 102

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 940ms
244ms Script
application/javascript 183.240.98.228
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?b5872be0cccfc94f1320039f66b0577d

Requested by

Host: useragent.top
URL: https://useragent.top/jquery.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

51cab7fb0b40002e841db196e3b3e6c9d87c4a90754eaafdb6e256e1a97a562a

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:13 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 5185f5d97eec92e924f5bdd1172376e3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11253

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 248ms
248ms Image
image/gif 183.240.98.228
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1866303131&si=b5872be0cccfc94f1320039f66b0577d&v=1.3.0&lv=1&sn=64889&r=0&ww=1600&u=https%3A%2F%2Frakutenzo12.vip%2Fadmin%2Flogin%2Findex.html&tt=%E6%80%BB%E5%8F%B0%E7%AE%A1%E7%90%86-Ratuken%E5%95%86%E5%9F%8E

Requested by

Host: rakutenzo12.vip
URL: https://rakutenzo12.vip/admin/login/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Mon, 17 Jun 2024 01:53:14 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 404 favicon.ico
rakutenzo12.vip/ 39 KB
6 KB 364ms
364ms Other
text/html 206.119.178.109
SONDERCLOUDLIMITE...

General

Check archive.org

Show headers Download Go to

Full URL: https://rakutenzo12.vip/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.119.178.109 Los Angeles, United States, ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: dd19555a3be2f33340da0e3714a5c0ecb870d8f27613c27838c6b0f40cc7bd1c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rakutenzo12.vip/admin/login/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:12 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 Primary Request 1.html Show response
5j2r.xyz/ 3 KB
1 KB 717ms
215ms Document
text/html 192.161.87.164
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://5j2r.xyz/1.html?channelCode=lgjc16

Requested by

Host: xss9.com
URL: https://xss9.com/FWkB

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.161.87.164 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

bb6c3a3cf3ec55d3782262dc99c77a52c8f9578a39e3bc4d425f9b4bec4d287a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://rakutenzo12.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 17 Jun 2024 01:53:15 GMT
etag: W/"666eb3e5-a4f"
last-modified: Sun, 16 Jun 2024 09:44:05 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 35ms
12ms Script
application/javascript 163.181.131.223
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.131.223 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 19:36:19 GMT
via: cache15.l2de2[0,0,304-0,H], cache2.l2de2[2,0], ens-cache10.de7[0,0,200-0,H], ens-cache1.de7[0,0]
content-encoding: gzip
x-oss-request-id: 6664B2B3DDD87E393088BE82
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
age: 713816
x-swift-cachetime: 1295365
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-oss-cdn-auth: success
x-swift-savetime: Sat, 08 Jun 2024 19:46:54 GMT
content-length: 12846
x-oss-object-type: Normal
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1717875379
content-type: application/javascript
access-control-allow-origin: *
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5143829838470429443
eagleid: a3b5839517185891956876967e
x-oss-server-time: 2

GET
H2 200 m.css
5j2r.xyz/css/ 22 KB
5 KB 233ms
231ms Stylesheet
text/css 192.161.87.164
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://5j2r.xyz/css/m.css

Requested by

Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.161.87.164 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

e83bd6b0888a964c351472e63b1e2d785f66fb77f07424294b79e036810ee078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:15 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 02 Apr 2023 10:04:44 GMT
server: nginx
etag: W/"6429533c-5839"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:15 GMT

GET
H/1.1 200
OK jquery-3.5.1.mina.js Show response
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 88 KB
88 KB 1432ms
881ms Script
text/javascript 49.51.131.81

General

Check archive.org

Show headers Download Go to

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/jquery-3.5.1.mina.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.131.81 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:17 GMT
x-cos-hash-crc64ecma: 9627465483673714013
Last-Modified: Sat, 15 Jun 2024 09:41:12 GMT
Server: tencent-cos
ETag: "cf2fbbf84281d9ecbffb4993203d543b"
Content-Type: text/javascript
x-cos-request-id: NjY2Zjk3MGNfMTViNGYwMDlfMjFlMTJfMzM4ZmY2NQ==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 89947

GET
H/1.1 200
OK flexible3.js Show response
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 2 KB
3 KB 1445ms
895ms Script
text/javascript 49.51.131.81

General

Check archive.org

Show headers Download Go to

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/flexible3.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.131.81 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: 4fb38a8ec69704a9999aa8902d961bc31a6e924a9e3773125f9f90fe8c976f9d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:17 GMT
x-cos-hash-crc64ecma: 6231984596528586936
Last-Modified: Sat, 15 Jun 2024 09:41:12 GMT
Server: tencent-cos
ETag: "c52b622d85861de412b36e66bb49bfe2"
Content-Type: text/javascript
x-cos-request-id: NjY2Zjk3MGNfZDdiNmYwMDlfMmRmYjlfMzBiOTBjYg==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 2477

GET
H/1.1 200
OK algppinstall.js Show response
xjsbw-1326572717.cos.accelerate.myqcloud.com/ 46 KB
47 KB 1486ms
880ms Script
text/javascript 49.51.129.251

General

Check archive.org

Show headers Download Go to

Full URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/algppinstall.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: 7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:17 GMT
x-cos-hash-crc64ecma: 347442768461482610
Last-Modified: Sat, 15 Jun 2024 09:46:06 GMT
Server: tencent-cos
ETag: "8a14913360cd89f0812ea4971df5a16b"
Content-Type: text/javascript
x-cos-request-id: NjY2Zjk3MGNfMjlhZTM0MGJfNjMyNl8zMzViZGVk
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 47585

GET
H/1.1 200
OK qh1.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 73 KB
74 KB 1871ms
1321ms Image
image/gif 49.51.131.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/qh1.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.131.81 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: 801f201423627ef83919d8d991784ab75fcd705efead135dcaae3b4d1dd14c20

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:17 GMT
x-cos-hash-crc64ecma: 2187570150754227116
Last-Modified: Sat, 15 Jun 2024 09:30:46 GMT
Server: tencent-cos
ETag: "e6c1bbe6837032c790aaab02d8851d26"
Content-Type: image/gif
x-cos-request-id: NjY2Zjk3MGNfNWMwZjA2MDlfMTUzNzVfMTMxODllYg==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 74973

GET
H/1.1 200
OK zn2.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 746 KB
746 KB 1440ms
890ms Image
image/gif 49.51.131.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/zn2.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.131.81 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: e4e27e2817822c1acf3f16550dbcc73712b6fff77ed6587aa6cbbd3fe9932083

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:17 GMT
x-cos-hash-crc64ecma: 13832222487262166503
Last-Modified: Sat, 15 Jun 2024 09:30:29 GMT
Server: tencent-cos
ETag: "e73e46d0275b9984a1a60c388457b5ac"
Content-Type: image/gif
x-cos-request-id: NjY2Zjk3MGNfZDdiNmYwMDlfMmRmYWFfMzAzOGQ3OA==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 763609

GET
H/1.1 200
OK tz3x.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 50 KB
51 KB 450ms
449ms Image
image/gif 49.51.131.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/tz3x.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.131.81 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: c7b6a3005a9265403191093f3f1e55b8e0db8a263c88506f97128d9f9b5c50cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:17 GMT
x-cos-hash-crc64ecma: 14552864455044849192
Last-Modified: Sat, 15 Jun 2024 09:31:04 GMT
Server: tencent-cos
ETag: "7a0441574f9a67f0aa345fa0d7c62c32"
Content-Type: image/gif
x-cos-request-id: NjY2Zjk3MGRfMTViNGYwMDlfMjFlMGRfMzM4NTM0ZQ==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 51453

GET
H/1.1 200
OK s04.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 108 KB
109 KB 455ms
455ms Image
image/png 49.51.131.81

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/s04.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.131.81 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: b8fc8a306d82b4198321c5f4055f00e636779590a602e1b4dfad89703566383f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:17 GMT
x-cos-hash-crc64ecma: 13631132043071439057
Last-Modified: Sat, 15 Jun 2024 09:31:22 GMT
Server: tencent-cos
ETag: "1fad669352ec0f9dc540e6666ed02b5d"
Content-Type: image/png
x-cos-request-id: NjY2Zjk3MGRfZDdiNmYwMDlfMmRmNzdfMzA5YTUwYQ==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 110821

GET
H/1.1 200
OK qrcode.minfo3.js Show response
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 19 KB
20 KB 1326ms
1306ms Script
text/javascript 49.51.131.81

General

Check archive.org

Show headers Download Go to

Full URL: https://j1sxh-1326572717.cos.accelerate.myqcloud.com/qrcode.minfo3.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.131.81 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:18 GMT
x-cos-hash-crc64ecma: 17632674935737242381
Last-Modified: Sat, 15 Jun 2024 09:41:12 GMT
Server: tencent-cos
ETag: "517b55d3688ce9ef1085a3d9632bcb97"
Content-Type: text/javascript
x-cos-request-id: NjY2Zjk3MGRfMjlhZTM0MGJfNjMwY18zMzM1Yjg4
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 19927

GET
H2 200 layer.min.js Show response
5j2r.xyz/js/ 15 KB
6 KB 240ms
239ms Script
application/javascript 192.161.87.164
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://5j2r.xyz/js/layer.min.js

Requested by

Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.161.87.164 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

f63e1469b6bdacf9dd7dbd632018d0a2eee39c0d831a680e4fc6b14f7b047b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:17 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 03 Apr 2023 07:12:02 GMT
server: nginx
etag: W/"642a7c42-3a61"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:17 GMT

GET
H/1.1 200
OK tc15tr.js Show response
xjsbw-1326572717.cos.accelerate.myqcloud.com/ 4 KB
5 KB 446ms
446ms Script
text/javascript 49.51.129.251

General

Check archive.org

Show headers Download Go to

Full URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/tc15tr.js
Requested by: Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 49.51.129.251 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: 68104e53fb4744111bc3a5a6d4dfefa5aef8ca0f2c1c28163239d857571ceebd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:17 GMT
x-cos-hash-crc64ecma: 4512808734867666067
Last-Modified: Sat, 15 Jun 2024 09:47:03 GMT
Server: tencent-cos
ETag: "b0cab6d73e889313b62763de89d751d5"
Content-Type: text/javascript
x-cos-request-id: NjY2Zjk3MGRfMjlhZTM0MGJfNjMzNF8zMzY5YjM5
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 4209

POST
H/1.1 200
OK collect Show response
collect-v6.51.la/v6/ 0
619 B 1716ms
1671ms XHR
text/plain 47.246.46.182

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.46.182 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 01:53:17 GMT
Via: cache1.l2de2[1643,1643,200-0,M], cache1.l2de2[1644,0], ens-cache11.it4[1654,1654,200-0,M], ens-cache11.it4[1655,0]
Server: Tengine
X-Swift-CacheTime: 0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Ali-Swift-Global-Savetime: 1718589197
X-Cache: MISS TCP_MISS dirn:-2:-2
Access-Control-Allow-Origin: https://5j2r.xyz
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Swift-SaveTime: Mon, 17 Jun 2024 01:53:17 GMT
Timing-Allow-Origin: *
Content-Length: 0
EagleId: 2ff62e9f17185891957542588e

GET
H2 200 layer.css
5j2r.xyz/css/ 14 KB
4 KB 224ms
224ms Stylesheet
text/css 192.161.87.164
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://5j2r.xyz/css/layer.css

Requested by

Host: 5j2r.xyz
URL: https://5j2r.xyz/js/layer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.161.87.164 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ca72b169e49ec2ff077ff693483afb1f3d796be88dd04bcbe9b32360b4fd7ed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:18 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 12 Jul 2023 09:41:24 GMT
server: nginx
etag: W/"64ae7544-39a2"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 17 Jun 2024 13:53:18 GMT

POST
H2 200 init Show response
fze6f5fafxtui8o.huabanwl.com/web/yuoqfl/lgjc16/ 769 B
1015 B 713ms
167ms XHR
application/json 170.33.13.110

General

Check archive.org

Show headers Download Go to

Full URL

https://fze6f5fafxtui8o.huabanwl.com:6443/web/yuoqfl/lgjc16/init?channelCode=lgjc16&av=0&cv=0&hash=&server=https%3A%2F%2Ffze6f5fafxtui8o.huabanwl.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4pKQ

Requested by

Host: xjsbw-1326572717.cos.accelerate.myqcloud.com
URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/algppinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.13.110 -, , ASN (),

Reverse DNS

Software

NgxFence /

Resource Hash

4b3d17ee511bb594e46498bcc7b02fb6049ccd8409a64d116ed395a205556adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 17 Jun 2024 01:53:19 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
server: NgxFence
vary: Origin, Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://5j2r.xyz
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 839bc2639db03e319d6a7a2a5a53757e212d8e2957b30fe9837485fa20bc177b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 favicon.ico
5j2r.xyz/picture/ 55 KB
55 KB 298ms
298ms Other
image/x-icon 192.161.87.164
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://5j2r.xyz/picture/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.161.87.164 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

18fe81616fe343f7b62da323dc2f90fd9ad043ade6ebe694975cd6b5fa0ad512

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:19 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 03 Apr 2023 07:15:14 GMT
server: nginx
etag: "642a7d02-dbcb"
content-type: image/x-icon
accept-ranges: bytes
content-length: 56267

POST
H2 200 eyJjIjoibGdqYzE2IiwibSI6InpXbnNvWGctX3RRQUFBR1FJLVlUN2tuNmFxTUN0c0d1ekdQeXRyWk5aSlV2ZVRIUU5TOXB6ZkppODZpZjc3LS1JZFkwTmpZNFIxWG5XOHdxbHV6RjlZdTVPR3FfNTZ4ZzJiRUxKY0xib0NLa0FZRXI0dE5iTWpra21CbURVcTRMU...
fze6f5fafxtui8o.huabanwl.com/web/yuoqfl/lgjc16/clicked/c/ 0
375 B 164ms
164ms Ping
text/plain 170.33.13.110

General

Check archive.org

Show headers Download Go to

Full URL

https://fze6f5fafxtui8o.huabanwl.com:6443/web/yuoqfl/lgjc16/clicked/c/eyJjIjoibGdqYzE2IiwibSI6InpXbnNvWGctX3RRQUFBR1FJLVlUN2tuNmFxTUN0c0d1ekdQeXRyWk5aSlV2ZVRIUU5TOXB6ZkppODZpZjc3LS1JZFkwTmpZNFIxWG5XOHdxbHV6RjlZdTVPR3FfNTZ4ZzJiRUxKY0xib0NLa0FZRXI0dE5iTWpra21CbURVcTRMUWcifQ==?p=0&ref=https%3A%2F%2F5j2r.xyz%2F1.html%3FchannelCode%3Dlgjc16&ac=0&cc=0&channelCode=lgjc16

Requested by

Host: xjsbw-1326572717.cos.accelerate.myqcloud.com
URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/algppinstall.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

170.33.13.110 -, , ASN (),

Reverse DNS

Software

NgxFence /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://5j2r.xyz/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 17 Jun 2024 01:53:19 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
server: NgxFence
vary: Origin, Origin
access-control-allow-origin: https://5j2r.xyz
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0

GET
H2

200

56efa15462e6412d1d002590ac11453d.apk
jiarenxin.hnyuxiangyuan.com/public/
Redirect Chain

https://fze6f5fafxtui8o.huabanwl.com:6443/page/yuoqfl/install/c/eyJjIjoibGdqYzE2IiwibSI6IktycjA0azl2dDdJQUFBR1FJLVlUN3A1NXN2M1p6b01EMkxLcks4MnRCeFp3T1lDVmoyMHZCdzl4Z0lucTBIeWVPc3BBS1BBNTF0VnJOdFM4U...
https://2akctg.jfdh168.com/ossapk/3qcz4f8f13086c
https://jiarenxin.hnyuxiangyuan.com/public/56efa15462e6412d1d002590ac11453d.apk?auth_key=1718589201-0-0-a4506f32b04a001e30024f32b4226b8f

0
0

2716ms
520ms

Document
application/octet-stream

111.6.42.113

General

Check archive.org

Show headers Download Go to

Full URL: https://jiarenxin.hnyuxiangyuan.com/public/56efa15462e6412d1d002590ac11453d.apk?auth_key=1718589201-0-0-a4506f32b04a001e30024f32b4226b8f
Requested by: Host: xjsbw-1326572717.cos.accelerate.myqcloud.com
URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/algppinstall.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 111.6.42.113 -, , ASN (),
Reverse DNS
Software: TorNet /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://5j2r.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 52
content-length: 41299671
content-type: application/octet-stream
date: Mon, 17 Jun 2024 01:53:24 GMT
etag: "394cb0e25913222f3e5c63459e1f080e"
last-modified: Mon, 17 Jun 2024 01:52:27 GMT
server: TorNet
via: 1.1 29147f9e38067439b15976c1b4e88fc2.cloudfront.net (CloudFront)
x-amz-cf-id: qQUwGGTiy2lAydDmdzSthORzMFQqgKYYqMd4sYlEcsvpKdyxocnd9Q==
x-amz-cf-pop: HKG1-P1
x-amz-server-side-encryption: AES256
x-cache: MISS

Redirect headers

Connection: keep-alive
Content-Length: 159
Content-Type: text/html; charset=utf-8
Date: Mon, 17 Jun 2024 01:53:21 GMT
Location: https://jiarenxin.hnyuxiangyuan.com/public/56efa15462e6412d1d002590ac11453d.apk?auth_key=1718589201-0-0-a4506f32b04a001e30024f32b4226b8f
Server: Cracker

GET favicon.ico
sdaqyi.cn/tcewm/picture/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sdaqyi.cn
URL: https://sdaqyi.cn/tcewm/picture/favicon.ico

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
rakutenzo12.vip/	1969-12-31 23:59:59	Name: PHPSESSID Value: q955dk1dlcqs83ocr8rioo12ae
ck.efangcdn.com/	1970-01-20 21:27:28	Name: geo Value: %E7%BE%8E%E5%9B%BD%2F%2F
ck.efangcdn.com/	1970-01-21 06:01:33	Name: oid Value: 5adceb77-2c4c-11ef-81dc-44a842470231
.hm.baidu.com/	1970-01-21 06:59:09	Name: HMACCOUNT_BFESS Value: 847D115969A16644
.rakutenzo12.vip/	1970-01-21 06:08:45	Name: Hm_lvt_b5872be0cccfc94f1320039f66b0577d Value: 1718589194
.rakutenzo12.vip/	1969-12-31 23:59:59	Name: Hm_lpvt_b5872be0cccfc94f1320039f66b0577d Value: 1718589194
5j2r.xyz/	1969-12-31 23:59:59	Name: __vtins__KTUtxrrRn2uIdhPe Value: %7B%22sid%22%3A%20%22f0396d92-4985-5f05-84e8-29ef0ea63130%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201718590995693%2C%20%22ct%22%3A%201718589195693%7D
5j2r.xyz/	1970-01-21 06:59:09	Name: __51uvsct__KTUtxrrRn2uIdhPe Value: 1
5j2r.xyz/	1970-01-21 06:59:09	Name: __51vcke__KTUtxrrRn2uIdhPe Value: 47e19241-c8ea-54cf-9ef8-894a1b57b681
5j2r.xyz/	1970-01-21 06:59:09	Name: __51vuft__KTUtxrrRn2uIdhPe Value: 1718589195695

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://rakutenzo12.vip/admin/login/index.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://rakutenzo12.vip/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sdaqyi.cn/tcewm/picture/favicon.ico Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2akctg.jfdh168.com
5j2r.xyz
ck.efangcdn.com
collect-v6.51.la
dns.efangcdn.com
fze6f5fafxtui8o.huabanwl.com
hm.baidu.com
j1sxh-1326572717.cos.accelerate.myqcloud.com
jiarenxin.hnyuxiangyuan.com
rakutenzo12.vip
sdaqyi.cn
sdk.51.la
useragent.top
uv60.cn
xjsbw-1326572717.cos.accelerate.myqcloud.com
xss9.com
sdaqyi.cn
111.6.42.113
13.213.18.30
163.181.131.223
170.33.13.110
183.240.98.228
192.161.87.164
206.119.178.109
23.224.30.106
2606:4700:3031::ac43:ac36
45.32.65.219
47.246.46.147
47.246.46.182
49.51.129.251
49.51.131.81
51.222.244.150
0da557c324b3144ce723ba6ca7e77b4936b07f0b5139510b891179f26341fcec
18fe81616fe343f7b62da323dc2f90fd9ad043ade6ebe694975cd6b5fa0ad512
1cdb604b164f1ca1b652a2fbfaddfff4a8dcda9dc142f72f6aa2f4c3078aad09
214c9901e85e6b004c8dc82dfb8af5c399d14a04649f3ca815eee1c65c9b34ba
25befd73df789c77b69694c9fdebdc72f8720e9b6701f85f5b41a8e05042041a
2c60a4ba87818b0c31e5993bd2b6e173ac40358604d57a58acea3c38d313940e
32b42352c10d11ca246139b4200f3fd203e6082d6645b13df042c48c720d379a
35ac69bf4eb52f4603589bc5340079f9028bb8fad98bcd18353e21eec9a64660
3e71964f3148c6daabf6c5e8e106e9b1d747b761bf7b269f45f7aa97f8b490a4
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4b3d17ee511bb594e46498bcc7b02fb6049ccd8409a64d116ed395a205556adc
4fb38a8ec69704a9999aa8902d961bc31a6e924a9e3773125f9f90fe8c976f9d
51cab7fb0b40002e841db196e3b3e6c9d87c4a90754eaafdb6e256e1a97a562a
53387f5bbb174ba06273aa3812f0b0f9da57c1ffdadf73b38a63f3f15fe25168
5394eedc56bb8bc4e20da37292f4cbbe36d85dec294d4e98b6c90f167ea62254
651f64dffeb4354d09c720e83d62e5d6d0376bc8b973588ad8036150864e2bc9
68104e53fb4744111bc3a5a6d4dfefa5aef8ca0f2c1c28163239d857571ceebd
68b69105673fbb64096c34b060f900d2731d4f19202ad8f2c11274f3d6f59126
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
801f201423627ef83919d8d991784ab75fcd705efead135dcaae3b4d1dd14c20
820f4779d021ea1250b6c07c498922122d59fc3047a43151f6a62e7e70e475e7
839bc2639db03e319d6a7a2a5a53757e212d8e2957b30fe9837485fa20bc177b
911a02a39258dd17076d93b28a511ce3abe5a83054c5a8434dc0ec6e0e1efebe
925ea4c5a3db3ba175774ba1b24adaf61cb1e172920dc12ee4d6754045ea170b
a3525aaa0e71fdcdb04a13a0c6fc084d522e93a589283c42e066e0c43675b65e
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b8fc8a306d82b4198321c5f4055f00e636779590a602e1b4dfad89703566383f
bb6c3a3cf3ec55d3782262dc99c77a52c8f9578a39e3bc4d425f9b4bec4d287a
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
c7b6a3005a9265403191093f3f1e55b8e0db8a263c88506f97128d9f9b5c50cf
ca72b169e49ec2ff077ff693483afb1f3d796be88dd04bcbe9b32360b4fd7ed4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfce92bdca811478cb0017a90c2bc096c151647217ae6f4b985368d7f42619bc
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d4230e4529ad80ac1e2779112749264647a4212edbe7511088dde28e92d8074b
dbfc2d8a3b11481a17aa0fd5774a905ea8025cf11a8a9c3ab14daf170faa5683
dd19555a3be2f33340da0e3714a5c0ecb870d8f27613c27838c6b0f40cc7bd1c
de4b3c3d1dc2506b6693f0f98884e1dc074cda9d66cab39b7b48a115fdfc4c0f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e27e2817822c1acf3f16550dbcc73712b6fff77ed6587aa6cbbd3fe9932083
e83bd6b0888a964c351472e63b1e2d785f66fb77f07424294b79e036810ee078
e86c9175c7f1254c003370cc24af7c0530a3a5a9bfde54c19430ecb3a6dbd4f7
f01f5ea5ff71b32da6759fb193943622b2d04e19a8d4017e8528e0bb1f248fde
f4144c9f9d11424354381bb00f5dda4f9daa58f73c5c390788bccedd0f4f3355
f4ae9557cdeb094207dd6d9d63bfa1be8d27e0f6078d6f357cc94d0572736850
f63e1469b6bdacf9dd7dbd632018d0a2eee39c0d831a680e4fc6b14f7b047b92
fd8f3a227ff1476d3d7fb5dd45d8dda480dd894737f5fb55c3ed181a8ede64d2

5j2r.xyz Open in urlscan Pro 192.161.87.164 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

98 %HTTPS

7 %IPv6

13 Domains

16 Subdomains

15 IPs

5 Countries

1760 kBTransfer

2250 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

5j2r.xyz Open in urlscan Pro
192.161.87.164 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

98 %
HTTPS

7 %
IPv6

13
Domains

16
Subdomains

15
IPs

5
Countries

1760 kB
Transfer

2250 kB
Size

10
Cookies

48 HTTP transactions
2 data transactions