urlscan.io logo urlscan.io
SecurityTrails logo

billwing.fun Open in urlscan Pro
76.76.21.21  Public Scan

Go To Rescan Add Verdict Report
URL: https://billwing.fun/
Submission: On August 28 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 10 domains to perform 35 HTTP transactions. The main IP is 76.76.21.21, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is billwing.fun.
TLS certificate: Issued by R11 on August 27th 2024. Valid for: 3 months.
This is the only time billwing.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 76.76.21.21 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 103.126.92.132 137263 (NETEASE-A...)
2 76.76.21.22 16509 (AMAZON-02)
1 240e:e9:6003:... 134756 (CHINANET-...)
1 97.64.23.206 25820 (IT7NET)
35 7
17    76.76.21.21 (Walnut, United States)

ASN16509 (AMAZON-02, US)
billwing.fun
2    2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    103.126.92.132 (Hong Kong)

ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK)
music.163.com
2    76.76.21.22 (Walnut, United States)

ASN16509 (AMAZON-02, US)
www.fomal.cc
cdn.dusays.com
1    240e:e9:6003:211::cf (China)

ASN134756 (CHINANET-NANJING-JISHAN-IDC CHINANET Nanjing Jishan IDC network, CN)
thirdqq.qlogo.cn
1    97.64.23.206 (Los Angeles, United States)

ASN25820 (IT7NET, CA)
PTR: localhost.localdomain
busuanzi.ibruce.info
Apex Domain
Subdomains		 Transfer
17 billwing.fun
billwing.fun
3 MB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314
66 KB
1 ibruce.info
busuanzi.ibruce.info — Cisco Umbrella Rank: 365181
280 B
1 qlogo.cn
thirdqq.qlogo.cn — Cisco Umbrella Rank: 34917
15 KB
1 dusays.com
cdn.dusays.com
127 KB
1 fomal.cc
www.fomal.cc
15 KB
1 163.com
music.163.com — Cisco Umbrella Rank: 18103
0 anzhiy.cn Failed
img01.anzhiy.cn Failed
0 crrashh.cn Failed
res.crrashh.cn Failed
0 lncld.net Failed
cdn1.lncld.net Failed
35 10
Domain Requested by
17 billwing.fun billwing.fun
2 unpkg.com 1 redirects billwing.fun
1 busuanzi.ibruce.info billwing.fun
1 thirdqq.qlogo.cn billwing.fun
1 cdn.dusays.com billwing.fun
1 www.fomal.cc billwing.fun
1 music.163.com billwing.fun
0 img01.anzhiy.cn Failed billwing.fun
0 res.crrashh.cn Failed billwing.fun
0 cdn1.lncld.net Failed billwing.fun
35 10

This site contains links to these domains. Also see Links.

Domain
github.com
blog.crrashh.cn
anzhiy.cn
www.fomal.cc
dusays.com
www.fish9.cn
Subject Issuer Validity Valid
billwing.fun
R11		 2024-08-27 -
2024-11-25		 3 months crt.sh
*.163.com
GeoTrust RSA CN CA G2		 2024-03-28 -
2025-04-27		 a year crt.sh
www.fomal.cc
R11		 2024-07-26 -
2024-10-24		 3 months crt.sh
cdn.dusays.com
R11		 2024-08-03 -
2024-11-01		 3 months crt.sh
*.qpic.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2024-03-21 -
2025-04-21		 a year crt.sh
busuanzi.ibruce.info
R11		 2024-06-11 -
2024-09-09		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://billwing.fun/
Frame ID: 3318C8717969D1086B1DFC418392D6E3
Requests: 33 HTTP requests in this frame

Frame: https://music.163.com/outchain/player?type=2&id=1433434738&auto=0&height=66
Frame ID: 02BC06AD58E26C56F6506869BCE00A89
Requests: 1 HTTP requests in this frame

Frame: https://billwing.fun/pdf/HerbertSimon.pdf
Frame ID: 9C4D490D1DD73A19DDF6A3801B4AEF18
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hexo

Page Statistics

35
Requests

63 %
HTTPS

33 %
IPv6

10
Domains

10
Subdomains

7
IPs

3
Countries

3184 kB
Transfer

3516 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://unpkg.com/valine/dist/Valine.min.js HTTP 302
  • https://unpkg.com/valine@1.5.2/dist/Valine.min.js

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
billwing.fun/ 		168 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
572ee4d56d017481928c95835324c0c3f30c3a07f2cc84a1557624b4276b881e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
2345730
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 28 Aug 2024 06:52:47 GMT
etag
W/"fd0be5ecfc7dd2cd54c8497245fad455"
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
fra1::5q7r4-1724827967341-5be8707a50d6
main.a5fda8.css
billwing.fun/ 		56 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://billwing.fun/main.a5fda8.css
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b6767228806cdacd77d5ce30ab5469b466562962b7beffcdf56e4f482534358d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::7zfjm-1724827967363-5023d64101b3
age
0
etag
W/"ee827b2a68f493a6542797d9b7cc8819"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="main.a5fda8.css"
head.jpg
billwing.fun/img/ 		243 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billwing.fun/img/head.jpg
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
fb1abf6f4c4e8da3ad3b0e7dff9e99cc07f667d4e70821c6caa121931aecb4df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::xxw59-1724827967363-db1367ca64b1
age
0
etag
"63fd6f533fad3324639facbfec14368e"
x-vercel-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="head.jpg"
accept-ranges
bytes
content-length
249292
av-min.js
cdn1.lncld.net/static/js/3.0.4/ 		0
0
Valine.min.js
unpkg.com/valine@1.5.2/dist/
Redirect Chain
  • https://unpkg.com/valine/dist/Valine.min.js
  • https://unpkg.com/valine@1.5.2/dist/Valine.min.js
163 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/valine@1.5.2/dist/Valine.min.js
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3acda18caf5c964bfd18aa4b441d8ee9270e745396e1a4553c5404f5968e3f5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3173305
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J3D9TKZPA1QDW83T2MGKGN8Z-fra
server
cloudflare
etag
"28c6e-ogGJ85NZrpVfNpM+2l1HHuraydk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8ba2616c8dac9f2e-FRA

Redirect headers

date
Wed, 28 Aug 2024 06:52:47 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01J6BVTE0HD9TG5GZAZXPAZST8-fra
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
322
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/valine@1.5.2/dist/Valine.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8ba2616c5d7f9f2e-FRA
4.png
billwing.fun/image/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billwing.fun/image/4.png
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
88ecde5d5db695a24faec237d05fa76c9995a688cf7f051c2f2ac5aa5fbea641
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::kb6pf-1724827967393-a9eb2b64e0c3
age
0
etag
"60baa88e3fcd7dd25536410c9fdbd2fc"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="4.png"
accept-ranges
bytes
content-length
1360182
xitongsiwei.jpg
billwing.fun/image/ 		398 KB
398 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billwing.fun/image/xitongsiwei.jpg
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
920f9311067df389adb65075896596b805dc21498255b00e8bdb70917ede0eba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::bp6hm-1724827967393-5305796fb6e2
age
0
etag
"c3222dd8c799d21a58e7efa43671e725"
x-vercel-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="xitongsiwei.jpg"
accept-ranges
bytes
content-length
407120
teerfeifa.jpg
billwing.fun/image/ 		386 KB
386 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billwing.fun/image/teerfeifa.jpg
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4a3a29d91178321efb692c77a65d9595bb03531258f78763e4f819915372e7a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::cgztk-1724827967393-a3848d679429
age
0
etag
"8cad866fd0b93a027036012fad0139dd"
x-vercel-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="teerfeifa.jpg"
accept-ranges
bytes
content-length
395061
nwct.jpg
billwing.fun/image/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billwing.fun/image/nwct.jpg
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6c0f2300229055551e1d3019959e88cdf49c05045afd3abbb9fb0c9303bf3f85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::j8fwc-1724827967393-c67f0f4e95b8
age
0
etag
"30325f3c8302325436cb831f2318f36d"
x-vercel-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="nwct.jpg"
accept-ranges
bytes
content-length
39239
tesla.jpg
billwing.fun/image/ 		427 KB
427 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billwing.fun/image/tesla.jpg
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7c6ceef85ab12369d86c2c83aae1a729f6c3e7357bcac149fffb44df173ef0d9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::jnv6r-1724827967393-d94e0bd35e19
age
0
etag
"ac25734c418b9ffbbe1c99b15339e674"
x-vercel-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="tesla.jpg"
accept-ranges
bytes
content-length
436778
busuanzi.pure.js
billwing.fun/lib/ 		2 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://billwing.fun/lib/busuanzi.pure.js
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
827e27a6de7ec1749c0e163ad95a5550ba3ba1316a293012e01457380aeb4819
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::pbb65-1724827967393-118e43fa371e
age
631211
etag
W/"d80e4eae60818eec40a0378b3123a1a1"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="busuanzi.pure.js"
player
music.163.com/outchain/ Frame 02BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://music.163.com/outchain/player?type=2&id=1433434738&auto=0&height=66
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.132 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://billwing.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control
no-store no-cache
content-encoding
br
content-language
de-DE
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=utf8
date
Wed, 28 Aug 2024 06:52:49 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragrma
no-cache
server
nginx
vary
Accept-Encoding
x-from-src
80.255.10.197
x-via
MusicServer
main.a5fda8.js
billwing.fun/ 		62 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billwing.fun/main.a5fda8.js
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6d713ef2be3779ce2c2957a97d295a8a0799a6a923dcc5323dc5c62585ce6408
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::d2552-1724827967396-07aae9402f34
age
0
etag
W/"17f5d51336a4fdf6985bb428a7203552"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="main.a5fda8.js"
crrashh1542.jpg
res.crrashh.cn/img/avatars/ 		0
0
6444e85234e51.jpg
img01.anzhiy.cn/useruploads/90/2023/04/23/ 		0
0
avatar.webp
www.fomal.cc/assets/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.fomal.cc/assets/avatar.webp
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3b7c5337378ec92f691474cf27e32695bb9da8dcf790ca091234ffa0bbcefc7c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:48 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::4d5ct-1724827968293-5c5f639f9c08
age
5873035
etag
"32685c13d9873f79cdce249339a3429f"
x-vercel-cache
HIT
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="avatar.webp"
accept-ranges
bytes
content-length
15306
avatar.png
cdn.dusays.com/ 		126 KB
127 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.dusays.com/avatar.png
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6f44d54d9fa62788cd158569e79c87432a5dcaabe9de4fae5a01575dba69dabc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:50 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::6q7ks-1724827970454-dba7c13c39df
age
570127
etag
"cada4272f68764cc4c855bbf1ed9ef3f"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="avatar.png"
accept-ranges
bytes
content-length
129439
g
thirdqq.qlogo.cn/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thirdqq.qlogo.cn/g?b=qq&nk=2911396166&s=100
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:e9:6003:211::cf , China, ASN134756 (CHINANET-NANJING-JISHAN-IDC CHINANET Nanjing Jishan IDC network, CN),
Reverse DNS
Software
NWSs /
Resource Hash
f79e637b7c358184c795bc5033ed4644b5dcbb745c810bfc420bef8b321a529e

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

X-DataSrc
0
Date
Wed, 28 Aug 2024 06:52:49 GMT
Size
15001
Connection
keep-alive
Content-Length
15001
X-Info
real data
X-ReqGue
0
User-ReturnCode
0
fid
0
Last-Modified
Sun, 31 Jul 2022 17:41:53 GMT
Server
NWSs
X-Cpt
filename=0
Vary
Accept,Origin
Content-Type
image/png
X-Delay
20005 us
chid
0
Cache-Control
max-age=2592000
X-BCheck
1659260513_0
X-NWS-LOG-UUID
55dd950c-d441-4a41-8a6b-bea0e0cefbb4
activate-power-mode.js
billwing.fun/plugins/activate-power-mode/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billwing.fun/plugins/activate-power-mode/activate-power-mode.js
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ec3030e19b5a48446ccc8b145176efb45d54936a5006ba7039664b7baee2ffb0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::j8fwc-1724827967396-baae9d47b260
age
758966
etag
W/"c196ffaddbaee510820d45164d66312c"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="activate-power-mode.js"
manzhouli.jpg
billwing.fun/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billwing.fun/img/manzhouli.jpg
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
02f98ec8572b876037d5ffa6b0c916ec5310c69065f977a8ab451eb335f0c24e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::qjltt-1724827967539-8f1c5372884a
age
0
etag
"566262e4392907009c5265fbc48c3f44"
x-vercel-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="manzhouli.jpg"
accept-ranges
bytes
content-length
13289
fonteditor.bbc4b5.woff2
billwing.fun/fonts/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://billwing.fun/fonts/fonteditor.bbc4b5.woff2
Requested by
Host: billwing.fun
URL: https://billwing.fun/main.a5fda8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
770bf29170caf7a3b4338dfc5639d00bf163fc11834a665e81530b27b6971fba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/main.a5fda8.css
Origin
https://billwing.fun
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::qfhrd-1724827967592-04800ecc8ba2
age
0
etag
"bbc4b56f8f408339a19890f0ae264a8e"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="fonteditor.bbc4b5.woff2"
accept-ranges
bytes
content-length
7652
scrollbar_arrow.png
billwing.fun/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://billwing.fun/img/scrollbar_arrow.png
Requested by
Host: billwing.fun
URL: https://billwing.fun/main.a5fda8.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
426515dda03b749ae34cabbbec9e0ad1445d4a3d628015e42eabaafe679d3e1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/main.a5fda8.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::pbb65-1724827967545-905a980831af
age
0
etag
"be5381cedbd6b778b1d92e224fd71cf7"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="scrollbar_arrow.png"
accept-ranges
bytes
content-length
3065
av-min.js
cdn1.lncld.net/static/js/3.0.4/ 		0
0
av-min.js
cdn1.lncld.net/static/js/3.0.4/ 		0
0
av-min.js
cdn1.lncld.net/static/js/3.0.4/ 		0
0
av-min.js
cdn1.lncld.net/static/js/3.0.4/ 		0
0
HerbertSimon.pdf
billwing.fun/pdf/ Frame 9C4D 		345 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://billwing.fun/pdf/HerbertSimon.pdf
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b52d2e2119dabb4f2de39fb19227c34095f6e6896c7754d83e01aca44fb10c60
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="HerbertSimon.pdf"
content-length
6695977
content-type
application/pdf
date
Wed, 28 Aug 2024 06:52:48 GMT
etag
"c5a4ee6bceff2b3b320269340c0faeb8"
server
Vercel
strict-transport-security
max-age=63072000
x-vercel-cache
HIT
x-vercel-id
fra1::ntjwb-1724827967742-d90d723be6ae
av-min.js
cdn1.lncld.net/static/js/3.0.4/ 		0
0
av-min.js
cdn1.lncld.net/static/js/3.0.4/ 		0
0
av-min.js
cdn1.lncld.net/static/js/3.0.4/ 		0
0
av-min.js
cdn1.lncld.net/static/js/3.0.4/ 		0
0
av-min.js
cdn1.lncld.net/static/js/3.0.4/ 		0
0
busuanzi
busuanzi.ibruce.info/ 		107 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://busuanzi.ibruce.info/busuanzi?jsonpCallback=BusuanziCallback_762801886551
Requested by
Host: billwing.fun
URL: https://billwing.fun/lib/busuanzi.pure.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
97.64.23.206 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
localhost.localdomain
Software
nginx/1.14.1 /
Resource Hash
fd67cf43855cc07049755d84d5cca6484539384bbb7100aa8e9f9a064db55e7f

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:48 GMT
server
nginx/1.14.1
content-length
107
content-type
application/json
slider.27463f.js
billwing.fun/ 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://billwing.fun/slider.27463f.js
Requested by
Host: billwing.fun
URL: https://billwing.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
489b5cc8a9b87f35e21a96041a13be4072a563967ba5fc1870005c24f7f1b5b9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::tbkkw-1724827967893-9da816c3b04f
age
262350
etag
W/"9e709dd7a154ef39ffebc37b3bd17cc6"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="slider.27463f.js"
content.json
billwing.fun/ 		2 KB
804 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://billwing.fun/content.json?t=1724827967945
Requested by
Host: billwing.fun
URL: https://billwing.fun/slider.27463f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.21 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
024f08a1636ec8015d7811653704b287fb3edc2f5174f75ea529ca3f080517d7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://billwing.fun/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Wed, 28 Aug 2024 06:52:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1::kb6pf-1724827967950-3a3437115a8d
age
0
etag
W/"925f99970abc59807d93611d0446c65e"
x-vercel-cache
HIT
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="content.json"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn1.lncld.net
URL
https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Domain
res.crrashh.cn
URL
https://res.crrashh.cn/img/avatars/crrashh1542.jpg
Domain
img01.anzhiy.cn
URL
https://img01.anzhiy.cn/useruploads/90/2023/04/23/6444e85234e51.jpg
Domain
cdn1.lncld.net
URL
https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Domain
cdn1.lncld.net
URL
https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Domain
cdn1.lncld.net
URL
https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Domain
cdn1.lncld.net
URL
https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Domain
cdn1.lncld.net
URL
https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Domain
cdn1.lncld.net
URL
https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Domain
cdn1.lncld.net
URL
https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Domain
cdn1.lncld.net
URL
https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Domain
cdn1.lncld.net
URL
https://cdn1.lncld.net/static/js/3.0.4/av-min.js

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| filterCSS function| filterXSS function| Valine object| bszCaller object| bszTag function| ready object| scriptTag function| BusuanziCallback_762801886551 object| yiliaConfig object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| PhotoSwipe function| PhotoSwipeUI_Default string| originTitle function| POWERMODE

1 Cookies

Domain/Path Name / Value
.busuanzi.ibruce.info/ Name: busuanziId
Value: 7028D2A0DB07497C8650CFC93BDE01AA

12 Console Messages

Source Level URL
Text
network error URL: https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://img01.anzhiy.cn/useruploads/90/2023/04/23/6444e85234e51.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn1.lncld.net/static/js/3.0.4/av-min.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://res.crrashh.cn/img/avatars/crrashh1542.jpg
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billwing.fun
busuanzi.ibruce.info
cdn.dusays.com
cdn1.lncld.net
img01.anzhiy.cn
music.163.com
res.crrashh.cn
thirdqq.qlogo.cn
unpkg.com
www.fomal.cc
cdn1.lncld.net
img01.anzhiy.cn
res.crrashh.cn
103.126.92.132
240e:e9:6003:211::cf
2606:4700::6811:f6cb
76.76.21.21
76.76.21.22
97.64.23.206
024f08a1636ec8015d7811653704b287fb3edc2f5174f75ea529ca3f080517d7
02f98ec8572b876037d5ffa6b0c916ec5310c69065f977a8ab451eb335f0c24e
3acda18caf5c964bfd18aa4b441d8ee9270e745396e1a4553c5404f5968e3f5b
3b7c5337378ec92f691474cf27e32695bb9da8dcf790ca091234ffa0bbcefc7c
426515dda03b749ae34cabbbec9e0ad1445d4a3d628015e42eabaafe679d3e1a
489b5cc8a9b87f35e21a96041a13be4072a563967ba5fc1870005c24f7f1b5b9
4a3a29d91178321efb692c77a65d9595bb03531258f78763e4f819915372e7a5
572ee4d56d017481928c95835324c0c3f30c3a07f2cc84a1557624b4276b881e
6c0f2300229055551e1d3019959e88cdf49c05045afd3abbb9fb0c9303bf3f85
6d713ef2be3779ce2c2957a97d295a8a0799a6a923dcc5323dc5c62585ce6408
6f44d54d9fa62788cd158569e79c87432a5dcaabe9de4fae5a01575dba69dabc
770bf29170caf7a3b4338dfc5639d00bf163fc11834a665e81530b27b6971fba
7c6ceef85ab12369d86c2c83aae1a729f6c3e7357bcac149fffb44df173ef0d9
827e27a6de7ec1749c0e163ad95a5550ba3ba1316a293012e01457380aeb4819
88ecde5d5db695a24faec237d05fa76c9995a688cf7f051c2f2ac5aa5fbea641
920f9311067df389adb65075896596b805dc21498255b00e8bdb70917ede0eba
b52d2e2119dabb4f2de39fb19227c34095f6e6896c7754d83e01aca44fb10c60
b6767228806cdacd77d5ce30ab5469b466562962b7beffcdf56e4f482534358d
ec3030e19b5a48446ccc8b145176efb45d54936a5006ba7039664b7baee2ffb0
f79e637b7c358184c795bc5033ed4644b5dcbb745c810bfc420bef8b321a529e
fb1abf6f4c4e8da3ad3b0e7dff9e99cc07f667d4e70821c6caa121931aecb4df
fd67cf43855cc07049755d84d5cca6484539384bbb7100aa8e9f9a064db55e7f