urlscan.io logo urlscan.io
SecurityTrails logo

5j2r.xyz Open in urlscan Pro
192.161.87.164  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ana485.xyz/
Effective URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Submission: On June 16 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 56 HTTP transactions. The main IP is 192.161.87.164, located in United States and belongs to CNSERVERS, US. The main domain is 5j2r.xyz.
TLS certificate: Issued by R11 on June 16th 2024. Valid for: 3 months.
This is the only time 5j2r.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 165.154.98.224 135377 (UCLOUD-HK...)
2 45.32.65.219 20473 (AS-CHOOPA)
16 170.106.97.194 132203 (TENCENT-N...)
2 51.222.244.150 16276 (OVH)
1 163.181.92.185 24429 (TAOBAO Zh...)
12 23.224.30.106 40065 (CNSERVERS)
3 170.33.13.110 134963 (ASEPL-AS-...)
5 192.161.87.164 40065 (CNSERVERS)
1 163.181.92.246 24429 (TAOBAO Zh...)
2 170.106.97.208 132203 (TENCENT-N...)
1 163.181.92.227 24429 (TAOBAO Zh...)
56 12
6    165.154.98.224 (Hong Kong, Hong Kong)

ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK)
ana485.xyz
2    45.32.65.219 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.32.65.219.vultrusercontent.com
xss9.com
16    170.106.97.194 (United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
install-op-lj-1326511053.cos.accelerate.myqcloud.com
fydgsb-1325731038.cos.accelerate.myqcloud.com
j1sxh-1326572717.cos.accelerate.myqcloud.com
2    51.222.244.150 (Canada)

ASN16276 (OVH, FR)
PTR: ns5005926.ip-51-222-244.net
uv60.cn
1    163.181.92.185 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
dns.efangcdn.com
12    23.224.30.106 (United States)

ASN40065 (CNSERVERS, US)
ck.efangcdn.com
3    170.33.13.110 (Singapore)

ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG)
99dorwotsw1m75v.huabanwl.com
byns74a7h1rijvl.huabanwl.com
5    192.161.87.164 (United States)

ASN40065 (CNSERVERS, US)
5j2r.xyz
1    163.181.92.246 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
sdk.51.la
2    170.106.97.208 (United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
xjsbw-1326572717.cos.accelerate.myqcloud.com
1    163.181.92.227 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
collect-v6.51.la
Domain Requested by
12 ck.efangcdn.com dns.efangcdn.com
8 j1sxh-1326572717.cos.accelerate.myqcloud.com 5j2r.xyz
7 fydgsb-1325731038.cos.accelerate.myqcloud.com ana485.xyz
6 ana485.xyz ana485.xyz
5 5j2r.xyz xss9.com
5j2r.xyz
2 byns74a7h1rijvl.huabanwl.com xjsbw-1326572717.cos.accelerate.myqcloud.com
2 xjsbw-1326572717.cos.accelerate.myqcloud.com 5j2r.xyz
2 uv60.cn xss9.com
uv60.cn
2 xss9.com ana485.xyz
1 collect-v6.51.la sdk.51.la
1 sdk.51.la 5j2r.xyz
1 99dorwotsw1m75v.huabanwl.com install-op-lj-1326511053.cos.accelerate.myqcloud.com
1 dns.efangcdn.com xss9.com
1 install-op-lj-1326511053.cos.accelerate.myqcloud.com ana485.xyz
0 sdaqyi.cn Failed 5j2r.xyz
0 jiarenapk.hnyuxiangyuan.com Failed xjsbw-1326572717.cos.accelerate.myqcloud.com
56 16

This site contains no links.

Subject Issuer Validity Valid
ana485.xyz
R3		 2024-05-16 -
2024-08-14		 3 months crt.sh
xss9.com
R3		 2024-05-10 -
2024-08-08		 3 months crt.sh
*.cos.na-siliconvalley.myqcloud.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-03-11 -
2025-04-12		 a year crt.sh
uv60.cn
Sectigo RSA Domain Validation Secure Server CA		 2024-05-19 -
2025-05-19		 a year crt.sh
dns.efangcdn.com
R3		 2024-05-28 -
2024-08-26		 3 months crt.sh
ck.efangcdn.com
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh
*.huabanwl.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-26 -
2025-01-25		 a year crt.sh
5j2r.xyz
R11		 2024-06-16 -
2024-09-14		 3 months crt.sh
*.51.la
GlobalSign RSA OV SSL CA 2018		 2024-03-19 -
2025-04-20		 a year crt.sh

This page contains 1 frames:

Frame: https://jiarenapk.hnyuxiangyuan.com/public/2fa68cc6dc4a3c8e5c10d92ade1d0b79.apk?auth_key=1718539703-0-0-0db453b0809f991e5144b7de84fbcc33
Frame ID: E3A4855FCB522953F0769624DCF4E3B0
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ana485.xyz/ HTTP 307
    https://ana485.xyz/ Page URL
  2. https://5j2r.xyz/1.html?channelCode=lgjc16 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

56
Requests

91 %
HTTPS

0 %
IPv6

10
Domains

16
Subdomains

12
IPs

5
Countries

3658 kB
Transfer

3884 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ana485.xyz/ HTTP 307
    https://ana485.xyz/ Page URL
  2. https://5j2r.xyz/1.html?channelCode=lgjc16 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://ana485.xyz/ HTTP 307
  • https://ana485.xyz/
Request Chain 57
  • https://byns74a7h1rijvl.huabanwl.com:6443/page/yuoqfl/install/c/eyJjIjoibGdqYzE2IiwibSI6IkdrRk5VQ2xDWnhjQUFBR1FJUExMeGpVR3dMMGNZZE02UHRYOXdSb0RuS3YyczFIUHUzY2Q3dFFfT2F0RVlOZWpBczVuMnBfRnp6YXdmZ0k5VmFSX2l6bWIzX2JOTnFfbXVjVkYzZDBKNDUxbTFQellieXlNOG0yZ2VjTUpYUUFHOWcifQ==?p=0 HTTP 302
  • https://2akctg.jfdh168.com/ossapk/3qcz4f8f13086c HTTP 302
  • https://jiarenapk.hnyuxiangyuan.com/public/2fa68cc6dc4a3c8e5c10d92ade1d0b79.apk?auth_key=1718539703-0-0-0db453b0809f991e5144b7de84fbcc33

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
ana485.xyz/
Redirect Chain
  • http://ana485.xyz/
  • https://ana485.xyz/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
165.154.98.224 Hong Kong, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
3c7effded5e670434321b9fea5ee269b3b6361486135820fa72626273569458b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 16 Jun 2024 12:08:13 GMT
ETag
W/"666eae71-93b"
Last-Modified
Sun, 16 Jun 2024 09:20:49 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
https://ana485.xyz/
Non-Authoritative-Reason
HttpsUpgrades
FWkB
xss9.com/ 		1 KB
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xss9.com/FWkB
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.65.219 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.65.219.vultrusercontent.com
Software
Apache /
Resource Hash
5394eedc56bb8bc4e20da37292f4cbbe36d85dec294d4e98b6c90f167ea62254

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 12:08:13 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
nocache
content-length
558
index.css
ana485.xyz/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ana485.xyz/assets/index.css
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
165.154.98.224 Hong Kong, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
b30e76d008dd8a6b692f0f6faffdec33a4f38e3f0000b43a6dcfc9c36dbf061c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 May 2024 04:33:38 GMT
Server
nginx
ETag
W/"66385da2-a82"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Mon, 17 Jun 2024 00:08:13 GMT
jquery-3.5.1.min.js
ana485.xyz/assets/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ana485.xyz/assets/jquery-3.5.1.min.js
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
165.154.98.224 Hong Kong, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 04 May 2024 14:09:12 GMT
Server
nginx
ETag
W/"66364188-15f5b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Mon, 17 Jun 2024 00:08:13 GMT
appinstall.js
install-op-lj-1326511053.cos.accelerate.myqcloud.com/ 		46 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://install-op-lj-1326511053.cos.accelerate.myqcloud.com/appinstall.js
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:14 GMT
x-cos-hash-crc64ecma
347442768461482610
Last-Modified
Wed, 22 May 2024 11:03:02 GMT
Server
tencent-cos
ETag
"8a14913360cd89f0812ea4971df5a16b"
Content-Type
text/javascript
x-cos-request-id
NjY2ZWQ1YWVfOGI5MTUwMGJfMTg1ZjNfN2I5NmRi
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
47585
qrcode.js
ana485.xyz/assets/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ana485.xyz/assets/qrcode.js
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
165.154.98.224 Hong Kong, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
8cb8815200f765affd4d839dc99216411c5cb3210197e1d18421484ca5bc272e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 May 2024 04:33:26 GMT
Server
nginx
ETag
W/"66385d96-4d1f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Mon, 17 Jun 2024 00:08:14 GMT
channelCode.js
ana485.xyz/ 		151 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ana485.xyz/channelCode.js
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
165.154.98.224 Hong Kong, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
aca90561c6bf714273a8c70122f5f0b3315886beb08fdf9e39e9a1ad88329aeb

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:14 GMT
Last-Modified
Thu, 16 May 2024 11:08:24 GMT
Server
nginx
ETag
"6645e928-97"
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
151
Expires
Mon, 17 Jun 2024 00:08:14 GMT
onclick.js
fydgsb-1325731038.cos.accelerate.myqcloud.com/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fydgsb-1325731038.cos.accelerate.myqcloud.com/onclick.js
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
7837d072b46bfee2357ccae44b947d813dfcf002791172ec2f637660cf6d3e33

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:14 GMT
x-cos-hash-crc64ecma
1904487908638082743
Last-Modified
Thu, 16 May 2024 04:09:47 GMT
Server
tencent-cos
ETag
"7d0e682fed36845b0cf0d725c1bad7b1"
Content-Type
text/javascript
x-cos-request-id
NjY2ZWQ1YWVfZDk0ZTA4MDlfZDEyYl80ODkwYjQz
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
2158
11.js
fydgsb-1325731038.cos.accelerate.myqcloud.com/ 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fydgsb-1325731038.cos.accelerate.myqcloud.com/11.js
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
22df2cea9103879adf6aa2f1b9273a494954dfd40a044ea23f5c8b5180c41ed5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:15 GMT
x-cos-hash-crc64ecma
2497684714617617251
Last-Modified
Tue, 21 May 2024 11:55:43 GMT
Server
tencent-cos
ETag
"3acfee2cc0587aaaa99994b4236bebdf"
Content-Type
text/javascript
x-cos-request-id
NjY2ZWQ1YWVfMzZmMDVlMGJfMjZmYTZfM2JkNWIyMA==
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
174267
ertu.js
fydgsb-1325731038.cos.accelerate.myqcloud.com/ 		639 KB
639 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fydgsb-1325731038.cos.accelerate.myqcloud.com/ertu.js
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
f641708333dae811f4a8dae9c156025a8eaa7e4fa273a2aa21e04a9ac8673852

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:14 GMT
x-cos-hash-crc64ecma
7032776178672021561
Last-Modified
Sun, 12 May 2024 16:35:39 GMT
Server
tencent-cos
ETag
"74688fe406887d4bebade3207772c575"
Content-Type
image/gif
x-cos-request-id
NjY2ZWQ1YWVfZjg4OWQ4MWVfYWNjMF80OGIzMjI3
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
653835
72870.js
fydgsb-1325731038.cos.accelerate.myqcloud.com/ 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fydgsb-1325731038.cos.accelerate.myqcloud.com/72870.js
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
c3345f130ca606d3cbd5fecfed574cfdf1d955d7c106f60a873433c649c81c19

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:15 GMT
x-cos-hash-crc64ecma
13397104659661694418
Last-Modified
Tue, 21 May 2024 11:56:58 GMT
Server
tencent-cos
ETag
"6216fca030a53472ce5fbb309ba5349b"
Content-Type
text/javascript
x-cos-request-id
NjY2ZWQ1YWVfMjc1NzA4MDlfZjc3OF80OTAwYmU5
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
57060
13312.js
fydgsb-1325731038.cos.accelerate.myqcloud.com/ 		452 KB
453 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fydgsb-1325731038.cos.accelerate.myqcloud.com/13312.js
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
7da182221edff0f911b87aca7caf4a392a918c02306a5a39ea451cca20a4b6dc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:15 GMT
x-cos-hash-crc64ecma
1975705051272156790
Last-Modified
Sun, 12 May 2024 16:39:43 GMT
Server
tencent-cos
ETag
"0e90f7ec227d1a879276dd4d316173e9"
Content-Type
image/png
x-cos-request-id
NjY2ZWQ1YWVfZmYyNWUwYl8xMTM5Ml8zYWI5YzVk
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
463140
6_02.js
fydgsb-1325731038.cos.accelerate.myqcloud.com/ 		757 KB
757 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fydgsb-1325731038.cos.accelerate.myqcloud.com/6_02.js
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
0e6bc6c975ede3e65c5b8380f168166cf2af910962b0f291f13b091a1da8cb4a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:15 GMT
x-cos-hash-crc64ecma
14166854694465836159
Last-Modified
Sun, 12 May 2024 16:45:45 GMT
Server
tencent-cos
ETag
"cc66a9605d1d7cebf7cfd71bf60d4d40"
Content-Type
image/png
x-cos-request-id
NjY2ZWQ1YWVfOTJmMDVlMGJfMjYxZmRfM2JhZTRkYg==
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
775200
121.js
fydgsb-1325731038.cos.accelerate.myqcloud.com/ 		178 KB
178 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fydgsb-1325731038.cos.accelerate.myqcloud.com/121.js
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
82d0f17a2322efed41e8202d45935e54f90e32f85d5f194bbc3e208e66dbbe5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:15 GMT
x-cos-hash-crc64ecma
8524299298619933248
Last-Modified
Tue, 21 May 2024 11:57:47 GMT
Server
tencent-cos
ETag
"6509958da0e8d5c40ad07ca2d33b4219"
Content-Type
text/javascript
x-cos-request-id
NjY2ZWQ1YWZfZDk0ZTA4MDlfZDEzY180ODIyNjBl
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
182015
tongji.js
uv60.cn/tj/ 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uv60.cn/tj/tongji.js?v=2.08
Requested by
Host: xss9.com
URL: https://xss9.com/FWkB
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.222.244.150 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5005926.ip-51-222-244.net
Software
nginx /
Resource Hash
2c60a4ba87818b0c31e5993bd2b6e173ac40358604d57a58acea3c38d313940e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:14 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
Last-Modified
Thu, 30 May 2024 04:56:57 GMT
Server
nginx
ETag
W/"66580719-da2e"
X-Cache-Status
HIT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
o.js
dns.efangcdn.com/ 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dns.efangcdn.com/o.js
Requested by
Host: xss9.com
URL: https://xss9.com/FWkB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e86c9175c7f1254c003370cc24af7c0530a3a5a9bfde54c19430ecb3a6dbd4f7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 11:32:43 GMT
via
cache35.l2fr1[0,0,200-0,H], cache10.l2fr1[1,0], ens-cache11.de5[0,0,200-0,H], ens-cache11.de5[0,0]
age
1038931
x-swift-cachetime
2591949
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime
Tue, 04 Jun 2024 11:33:34 GMT
content-length
48415
server
Tengine
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
text/plain; charset=utf-8
access-control-allow-origin
ali-swift-global-savetime
1717500763
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
eagleid
a3b55c9f17185396942398063e
FWkB
xss9.com/ 		1 KB
613 B 		Script
General
Check archive.org
Download Go to
Full URL
https://xss9.com/FWkB
Requested by
Host: ana485.xyz
URL: https://ana485.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.32.65.219 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.32.65.219.vultrusercontent.com
Software
Apache /
Resource Hash
5394eedc56bb8bc4e20da37292f4cbbe36d85dec294d4e98b6c90f167ea62254

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 12:08:14 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
nocache
content-length
558
bid
ck.efangcdn.com/ 		349 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=50b5aa1917507337546c0c1843cdef11&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
fb7de060170887fb506dfe3ab6ba48ae6ece3e82dd0e97de1f9802ebffc17f34

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:14 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
bid
ck.efangcdn.com/ 		349 B
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=df625dbd94723b0c9c7984e64164510a&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
4000f941a4434c422d49f680bd3e32ba31eb9f3903eb89e38f2b506e97b0eb18

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:14 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
bid
ck.efangcdn.com/ 		349 B
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3346&rid=3d1ed80433f6b9927b7fcc1a0db21d68&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
7cc8d1ee9e7b63b11ccb0bef9767d4a3839eac2eb90af890804982268cb15ac3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:14 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
bid
ck.efangcdn.com/ 		349 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=52fb741824cef50306bb9c13c51f33ee&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
721e45214bbc08c4f97428fb61545b9826328503350bc3afd48f6c4cfe30bf05

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:14 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
bid
ck.efangcdn.com/ 		349 B
771 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=b3efe68390bbf18f05286977beba6394&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
751337d7c6415bce9c91e59915866a24d7cf98ce21380eb6aaa2e704c6c34078

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:14 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
bid
ck.efangcdn.com/ 		349 B
630 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3346&rid=158b4ebb5846acc21dc892a077c73360&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
30f50dd71bc5e6ae5b8194ae3f24597aaee9e311d1ba4da83a6804bc2fb35d45

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:15 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
bid
ck.efangcdn.com/ 		349 B
630 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=d68ec3e9f774c303ac16a3e6a925025a&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
3c0c8fd17c4e3daf5b758456495c4f1e70ec7ad8e3925d1833f831a24f3c8f03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:15 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
bid
ck.efangcdn.com/ 		349 B
630 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=1567c1c1abb617699d4be571cf9232c2&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
1b96faed9d33840272cd985402dadc66fe6b7666ec933ac5fb967f09f7e11fa2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:15 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
bid
ck.efangcdn.com/ 		349 B
630 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3346&rid=0e5a4f073763bc61bf62bc0d70b19f1e&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
ff4f2b99c823fd3e9e24d58916886926e875417302ff9960374aabecb8340226

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:15 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
start
uv60.cn/api/v1/api2/statistics/ 		102 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://uv60.cn/api/v1/api2/statistics/start?s=4914560344905ea9714c4e558d1bd6a9&d=UlNIaWRVYVpEUE9yQ3FDVGVWcVVhdEk4K1QvMHpDVDNOeTVqQldVUVZ6ZHkyU3FEYWlEbHdWM2FYcXc0ZG9wdk9mRjEvTllJdkE0emRPMktvM0lKbHJudENjNEZSL2dVWVk2NHJCVHhzTkZqS3J3Q1lzNDRjUVpxQTVmclRKbVIrZnhkelhlVFV6QXNmS09hZ0NiTXVqWk82OVFaSUFYUXY2K3g3anBhWTQ4NzcvRW0yR3lFMFpnU3ZVK3NaUHowdDBFUXVhNU0zZWJsRTVsWjlQcE92MGpDZDlJUi9mbXl3QnN4Yjh3OVBhdStCd0lkdVc1V0NQUEpZeWhnQW1oWEVBWjlkWVVGSC8xRlpPeHZxcWQ2T3ZWek5QV2tJbHBEazdWUTVEbStQbFFPSHZIOElnQmU5eDRHRWlzSmEvZWxDeDFDZEFpK1NUTFlCbm5lWUlSME0zNFpkeFk5YXpzeGN4VUZpQTRlTU9PMWMxZ3N3am9qSzFpTWFEclh4TDFpd0RJQWFSTzU2YVY4S0dEc0l5R2t0Zz09&t=1718539694678
Requested by
Host: uv60.cn
URL: https://uv60.cn/tj/tongji.js?v=2.08
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.222.244.150 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns5005926.ip-51-222-244.net
Software
nginx /
Resource Hash
4a309e652475c8132643db4a8115a77f7ac135018f824c66e19b3523739c647f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:14 GMT
Strict-Transport-Security
max-age=31536000
Server
nginx
Access-Control-Max-Age
10080
Access-Control-Allow-Methods
POST,GET,DELETE,OPTIONS,HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://ana485.xyz
Cache-Control
no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
lang,signature,key,timestamp,secret,Content-Type,form-type,Content-Length,Accept-Encoding,X-Requested-with, x-token,x_token,x-user-id,x-c,x-xsrf-token, Origin, Authorization
Content-Length
102
init
99dorwotsw1m75v.huabanwl.com/web/r9h1dq4w/ml8199/ 		773 B
1022 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://99dorwotsw1m75v.huabanwl.com:6443/web/r9h1dq4w/ml8199/init?channelCode=ml8199&av=0&cv=0&hash=&server=https%3A%2F%2F99dorwotsw1m75v.huabanwl.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4pKQ
Requested by
Host: install-op-lj-1326511053.cos.accelerate.myqcloud.com
URL: https://install-op-lj-1326511053.cos.accelerate.myqcloud.com/appinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),
Reverse DNS
Software
NgxFence /
Resource Hash
9f9ff0a7d36b89635739dba31ad5ee163d5af1985f828af4f17bb70edbdf8f1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jun 2024 12:08:15 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
server
NgxFence
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://ana485.xyz
access-control-allow-credentials
true
bid
ck.efangcdn.com/ 		349 B
630 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=834869243bfae34a75a14a1c42aa1250&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
7887b31ff21170614285fcd6b3c0120af3c286725533f268ce02793cdf2116ed

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:15 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
bid
ck.efangcdn.com/ 		349 B
630 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3345&rid=97da756fc8b330228e8a705f1aeaa3d3&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
1f283d6620c5614a0762f2d781da1754c97b10f3c0f35e909cbe151828920735

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:15 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
bid
ck.efangcdn.com/ 		349 B
630 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ck.efangcdn.com/bid?url=https%3A%2F%2Fana485.xyz%2F&frm=0&ref=&ic=1&pl=5&ml=2&sid=118:51:50:58:50:50:51:49:55:50:48:48:52:58:49:58:49:54:48:48:46:49:50:48:48&ps=20030107&lgs=1&zo=-120&ws=1600x1200&gdm=8&iw=0&cpn=14&fid=8ac92b949bf88a7438c65066859a07cb&hl=2&ihn=0&md=0&ns=prompt&np=default&pj=0&top=0&left=0&id=3346&rid=07fdb009c1d870fedb2f3be143206d11&dcc=yes&dcl=100&gvd=Intel%20Inc.&grr=Intel%20Iris%20OpenGL%20Engine&ct=unknown&diit=&dit=&cmn=
Requested by
Host: dns.efangcdn.com
URL: https://dns.efangcdn.com/o.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.30.106 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
0a26554a93d9345a5affd61c23bde9725fa7909e523c53a404f5a481995ea112

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:15 GMT
server
nginx
access-control-allow-methods
POST, GET,PUT, DELETE, UPDATE
content-type
application/json
access-control-allow-origin
x-cache
MISS
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
349
truncated
/ 		85 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d3b73a4e74f8a7ada9d59dc912b8d5986b1279d653758ded0809763b3b999505

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
ana485.xyz/ 		548 B
696 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ana485.xyz/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
165.154.98.224 Hong Kong, Hong Kong, ASN135377 (UCLOUD-HK-AS-AP UCLOUD INFORMATION TECHNOLOGY HK LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ana485.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
548
Content-Type
text/html
1.html
5j2r.xyz/ 		0
0
1.html
5j2r.xyz/ 		0
0
1.html
5j2r.xyz/ 		0
0
Primary Request 1.html
5j2r.xyz/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5j2r.xyz/1.html?channelCode=lgjc16
Requested by
Host: xss9.com
URL: https://xss9.com/FWkB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.87.164 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
bb6c3a3cf3ec55d3782262dc99c77a52c8f9578a39e3bc4d425f9b4bec4d287a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ana485.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 16 Jun 2024 12:08:18 GMT
etag
W/"666eb3e5-a4f"
last-modified
Sun, 16 Jun 2024 09:44:05 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
js-sdk-pro.min.js
sdk.51.la/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.246 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 19:36:19 GMT
via
cache15.l2de2[734,733,304-0,H], cache21.l2de2[735,0], ens-cache1.de5[0,0,200-0,H], ens-cache9.de5[1,0]
content-encoding
gzip
x-oss-request-id
6664B2B3DDD87E393088BE82
content-md5
JLtSDpUX8u0+2Ye0aur3Iw==
age
664319
x-swift-cachetime
1296000
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
x-oss-cdn-auth
success
x-swift-savetime
Sat, 08 Jun 2024 19:36:19 GMT
content-length
12846
x-oss-object-type
Normal
last-modified
Thu, 08 Jun 2023 02:24:34 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1717875379
content-type
application/javascript
access-control-allow-origin
*
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
5143829838470429443
eagleid
a3b55c9d17185396983906557e
x-oss-server-time
2
m.css
5j2r.xyz/css/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://5j2r.xyz/css/m.css
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.87.164 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
e83bd6b0888a964c351472e63b1e2d785f66fb77f07424294b79e036810ee078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:18 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sun, 02 Apr 2023 10:04:44 GMT
server
nginx
etag
W/"6429533c-5839"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 17 Jun 2024 00:08:18 GMT
jquery-3.5.1.mina.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j1sxh-1326572717.cos.accelerate.myqcloud.com/jquery-3.5.1.mina.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:19 GMT
x-cos-hash-crc64ecma
9627465483673714013
Last-Modified
Sat, 15 Jun 2024 09:41:12 GMT
Server
tencent-cos
ETag
"cf2fbbf84281d9ecbffb4993203d543b"
Content-Type
text/javascript
x-cos-request-id
NjY2ZWQ1YjNfM2Q1NTA4MDlfMjQyMF80ODlkYmQy
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
89947
flexible3.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j1sxh-1326572717.cos.accelerate.myqcloud.com/flexible3.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
4fb38a8ec69704a9999aa8902d961bc31a6e924a9e3773125f9f90fe8c976f9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:19 GMT
x-cos-hash-crc64ecma
6231984596528586936
Last-Modified
Sat, 15 Jun 2024 09:41:12 GMT
Server
tencent-cos
ETag
"c52b622d85861de412b36e66bb49bfe2"
Content-Type
text/javascript
x-cos-request-id
NjY2ZWQ1YjNfNThjNTAwYl8yMjM0Ml83YTI4MDU=
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
2477
algppinstall.js
xjsbw-1326572717.cos.accelerate.myqcloud.com/ 		46 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xjsbw-1326572717.cos.accelerate.myqcloud.com/algppinstall.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.208 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:19 GMT
x-cos-hash-crc64ecma
347442768461482610
Last-Modified
Sat, 15 Jun 2024 09:46:06 GMT
Server
tencent-cos
ETag
"8a14913360cd89f0812ea4971df5a16b"
Content-Type
text/javascript
x-cos-request-id
NjY2ZWQ1YjJfNThjNTAwYl8yMjMyOV83OTJhMzg=
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
47585
qh1.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j1sxh-1326572717.cos.accelerate.myqcloud.com/qh1.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
801f201423627ef83919d8d991784ab75fcd705efead135dcaae3b4d1dd14c20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:19 GMT
x-cos-hash-crc64ecma
2187570150754227116
Last-Modified
Sat, 15 Jun 2024 09:30:46 GMT
Server
tencent-cos
ETag
"e6c1bbe6837032c790aaab02d8851d26"
Content-Type
image/gif
x-cos-request-id
NjY2ZWQ1YjNfNjhjNTAwYl8yZTZkYV83YTAyMjk=
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
74973
zn2.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 		746 KB
746 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j1sxh-1326572717.cos.accelerate.myqcloud.com/zn2.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
e4e27e2817822c1acf3f16550dbcc73712b6fff77ed6587aa6cbbd3fe9932083

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:19 GMT
x-cos-hash-crc64ecma
13832222487262166503
Last-Modified
Sat, 15 Jun 2024 09:30:29 GMT
Server
tencent-cos
ETag
"e73e46d0275b9984a1a60c388457b5ac"
Content-Type
image/gif
x-cos-request-id
NjY2ZWQ1YjNfZmQ0ZTA4MDlfOTMyNF80ODJkZGJk
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
763609
tz3x.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j1sxh-1326572717.cos.accelerate.myqcloud.com/tz3x.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
c7b6a3005a9265403191093f3f1e55b8e0db8a263c88506f97128d9f9b5c50cf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:20 GMT
x-cos-hash-crc64ecma
14552864455044849192
Last-Modified
Sat, 15 Jun 2024 09:31:04 GMT
Server
tencent-cos
ETag
"7a0441574f9a67f0aa345fa0d7c62c32"
Content-Type
image/gif
x-cos-request-id
NjY2ZWQ1YjNfNjhjNTAwYl8yZTZkMV83YTg0NGQ=
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
51453
s04.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 		108 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j1sxh-1326572717.cos.accelerate.myqcloud.com/s04.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
b8fc8a306d82b4198321c5f4055f00e636779590a602e1b4dfad89703566383f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:20 GMT
x-cos-hash-crc64ecma
13631132043071439057
Last-Modified
Sat, 15 Jun 2024 09:31:22 GMT
Server
tencent-cos
ETag
"1fad669352ec0f9dc540e6666ed02b5d"
Content-Type
image/png
x-cos-request-id
NjY2ZWQ1YjRfM2Q1NTA4MDlfMjQyMl80OGM2OTkx
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
110821
qrcode.minfo3.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 		19 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j1sxh-1326572717.cos.accelerate.myqcloud.com/qrcode.minfo3.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:20 GMT
x-cos-hash-crc64ecma
17632674935737242381
Last-Modified
Sat, 15 Jun 2024 09:41:12 GMT
Server
tencent-cos
ETag
"517b55d3688ce9ef1085a3d9632bcb97"
Content-Type
text/javascript
x-cos-request-id
NjY2ZWQ1YjRfNThjNTAwYl8yMjMyY183OWNiZjU=
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
19927
layer.min.js
5j2r.xyz/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5j2r.xyz/js/layer.min.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.87.164 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
f63e1469b6bdacf9dd7dbd632018d0a2eee39c0d831a680e4fc6b14f7b047b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:20 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 03 Apr 2023 07:12:02 GMT
server
nginx
etag
W/"642a7c42-3a61"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 17 Jun 2024 00:08:20 GMT
tc15tr.js
xjsbw-1326572717.cos.accelerate.myqcloud.com/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xjsbw-1326572717.cos.accelerate.myqcloud.com/tc15tr.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.208 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
68104e53fb4744111bc3a5a6d4dfefa5aef8ca0f2c1c28163239d857571ceebd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:20 GMT
x-cos-hash-crc64ecma
4512808734867666067
Last-Modified
Sat, 15 Jun 2024 09:47:03 GMT
Server
tencent-cos
ETag
"b0cab6d73e889313b62763de89d751d5"
Content-Type
text/javascript
x-cos-request-id
NjY2ZWQ1YjRfNThjNTAwYl8yMjM3NV83YWQ5NjY=
Content-Disposition
attachment
Connection
keep-alive
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
4209
collect
collect-v6.51.la/v6/ 		0
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.227 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:18 GMT
Via
cache21.l2de2[223,223,200-0,M], cache21.l2de2[224,0], ens-cache11.de5[227,227,200-0,M], ens-cache11.de5[228,0]
Server
Tengine
X-Swift-CacheTime
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Ali-Swift-Global-Savetime
1718539698
X-Cache
MISS TCP_MISS dirn:-2:-2
Access-Control-Allow-Origin
https://5j2r.xyz
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Swift-SaveTime
Sun, 16 Jun 2024 12:08:18 GMT
Timing-Allow-Origin
*
Content-Length
0
EagleId
a3b55c9f17185396987494442e
qh1.js
j1sxh-1326572717.cos.accelerate.myqcloud.com/ 		73 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://j1sxh-1326572717.cos.accelerate.myqcloud.com/qh1.js
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/1.html?channelCode=lgjc16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
170.106.97.194 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
801f201423627ef83919d8d991784ab75fcd705efead135dcaae3b4d1dd14c20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 12:08:19 GMT
x-cos-hash-crc64ecma
2187570150754227116
Last-Modified
Sat, 15 Jun 2024 09:30:46 GMT
Server
tencent-cos
ETag
"e6c1bbe6837032c790aaab02d8851d26"
Content-Type
image/gif
x-cos-request-id
NjY2ZWQ1YjNfNjhjNTAwYl8yZTZkYV83YTAyMjk=
Content-Disposition
attachment
Accept-Ranges
bytes
x-cos-force-download
true
Content-Length
74973
layer.css
5j2r.xyz/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://5j2r.xyz/css/layer.css
Requested by
Host: 5j2r.xyz
URL: https://5j2r.xyz/js/layer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.87.164 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
ca72b169e49ec2ff077ff693483afb1f3d796be88dd04bcbe9b32360b4fd7ed4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:20 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 12 Jul 2023 09:41:24 GMT
server
nginx
etag
W/"64ae7544-39a2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 17 Jun 2024 00:08:20 GMT
init
byns74a7h1rijvl.huabanwl.com/web/yuoqfl/lgjc16/ 		769 B
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://byns74a7h1rijvl.huabanwl.com:6443/web/yuoqfl/lgjc16/init?channelCode=lgjc16&av=0&cv=0&hash=&server=https%3A%2F%2Fbyns74a7h1rijvl.huabanwl.com%3A6443&sw=p6Cmpg&sh=p6Smpg&sp=1&li=p6GkuKehuKa4pKQ
Requested by
Host: xjsbw-1326572717.cos.accelerate.myqcloud.com
URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/algppinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),
Reverse DNS
Software
NgxFence /
Resource Hash
8318eac02bc8c4d4785e0562057db6a60c7a5ec9a239ad0c1355081ea6ef3ccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 16 Jun 2024 12:08:21 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
server
NgxFence
vary
Origin, Origin
content-type
application/json;charset=utf-8
access-control-allow-origin
https://5j2r.xyz
access-control-allow-credentials
true
truncated
/ 		85 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
839bc2639db03e319d6a7a2a5a53757e212d8e2957b30fe9837485fa20bc177b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
5j2r.xyz/picture/ 		55 KB
55 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://5j2r.xyz/picture/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.161.87.164 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/1.html?channelCode=lgjc16
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:20 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 03 Apr 2023 07:15:14 GMT
server
nginx
etag
"642a7d02-dbcb"
content-type
image/x-icon
accept-ranges
bytes
content-length
56267
eyJjIjoibGdqYzE2IiwibSI6ImpHczBUaXB2SzZJQUFBR1FJUExMeHVYaVBaZ09KRGJ3TzdsMFlPMTdTLThxZEVzTVctaU4tX3F6eDVEb1dyUHR4OXRDcGl1TGtkdG1lRUdQekFxcWhBOUhfZUZNN2lZUTZoNHdHOG84WFBFWEZENVMwOG1CVkRDeVZRUXZrdkF1e...
byns74a7h1rijvl.huabanwl.com/web/yuoqfl/lgjc16/clicked/c/ 		0
373 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://byns74a7h1rijvl.huabanwl.com:6443/web/yuoqfl/lgjc16/clicked/c/eyJjIjoibGdqYzE2IiwibSI6ImpHczBUaXB2SzZJQUFBR1FJUExMeHVYaVBaZ09KRGJ3TzdsMFlPMTdTLThxZEVzTVctaU4tX3F6eDVEb1dyUHR4OXRDcGl1TGtkdG1lRUdQekFxcWhBOUhfZUZNN2lZUTZoNHdHOG84WFBFWEZENVMwOG1CVkRDeVZRUXZrdkF1ekEifQ==?p=0&ref=https%3A%2F%2F5j2r.xyz%2F1.html%3FchannelCode%3Dlgjc16&ac=0&cc=0&channelCode=lgjc16
Requested by
Host: xjsbw-1326572717.cos.accelerate.myqcloud.com
URL: https://xjsbw-1326572717.cos.accelerate.myqcloud.com/algppinstall.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
170.33.13.110 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba Cloud Singapore Private Limited, SG),
Reverse DNS
Software
NgxFence /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://5j2r.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 12:08:21 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
server
NgxFence
vary
Origin, Origin
access-control-allow-origin
https://5j2r.xyz
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
2fa68cc6dc4a3c8e5c10d92ade1d0b79.apk
jiarenapk.hnyuxiangyuan.com/public/
Redirect Chain
  • https://byns74a7h1rijvl.huabanwl.com:6443/page/yuoqfl/install/c/eyJjIjoibGdqYzE2IiwibSI6IkdrRk5VQ2xDWnhjQUFBR1FJUExMeGpVR3dMMGNZZE02UHRYOXdSb0RuS3YyczFIUHUzY2Q3dFFfT2F0RVlOZWpBczVuMnBfRnp6YXdmZ0k5V...
  • https://2akctg.jfdh168.com/ossapk/3qcz4f8f13086c
  • https://jiarenapk.hnyuxiangyuan.com/public/2fa68cc6dc4a3c8e5c10d92ade1d0b79.apk?auth_key=1718539703-0-0-0db453b0809f991e5144b7de84fbcc33
0
0
favicon.ico
sdaqyi.cn/tcewm/picture/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
5j2r.xyz
URL
https://5j2r.xyz/1.html?channelCode=lgjc16
Domain
5j2r.xyz
URL
https://5j2r.xyz/1.html?channelCode=lgjc16
Domain
5j2r.xyz
URL
https://5j2r.xyz/1.html?channelCode=lgjc16
Domain
jiarenapk.hnyuxiangyuan.com
URL
https://jiarenapk.hnyuxiangyuan.com/public/2fa68cc6dc4a3c8e5c10d92ade1d0b79.apk?auth_key=1718539703-0-0-0db453b0809f991e5144b7de84fbcc33
Domain
sdaqyi.cn
URL
https://sdaqyi.cn/tcewm/picture/favicon.ico

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| LA number| laWaitTime

6 Cookies

Domain/Path Name / Value
ck.efangcdn.com/ Name: geo
Value: %E5%BE%B7%E5%9B%BD%2F%2F
ck.efangcdn.com/ Name: oid
Value: 1bf0c06a-2bd9-11ef-81dc-44a842470231
5j2r.xyz/ Name: __vtins__KTUtxrrRn2uIdhPe
Value: %7B%22sid%22%3A%20%22737ced42-e0e3-52ec-9829-7891a3408a81%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201718541498421%2C%20%22ct%22%3A%201718539698421%7D
5j2r.xyz/ Name: __51uvsct__KTUtxrrRn2uIdhPe
Value: 1
5j2r.xyz/ Name: __51vcke__KTUtxrrRn2uIdhPe
Value: 0b7c63f2-f8d5-5146-ac78-c425c8016236
5j2r.xyz/ Name: __51vuft__KTUtxrrRn2uIdhPe
Value: 1718539698423

2 Console Messages

Source Level URL
Text
network error URL: https://ana485.xyz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://sdaqyi.cn/tcewm/picture/favicon.ico
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5j2r.xyz
99dorwotsw1m75v.huabanwl.com
ana485.xyz
byns74a7h1rijvl.huabanwl.com
ck.efangcdn.com
collect-v6.51.la
dns.efangcdn.com
fydgsb-1325731038.cos.accelerate.myqcloud.com
install-op-lj-1326511053.cos.accelerate.myqcloud.com
j1sxh-1326572717.cos.accelerate.myqcloud.com
jiarenapk.hnyuxiangyuan.com
sdaqyi.cn
sdk.51.la
uv60.cn
xjsbw-1326572717.cos.accelerate.myqcloud.com
xss9.com
5j2r.xyz
jiarenapk.hnyuxiangyuan.com
sdaqyi.cn
163.181.92.185
163.181.92.227
163.181.92.246
165.154.98.224
170.106.97.194
170.106.97.208
170.33.13.110
192.161.87.164
23.224.30.106
45.32.65.219
51.222.244.150
0a26554a93d9345a5affd61c23bde9725fa7909e523c53a404f5a481995ea112
0e6bc6c975ede3e65c5b8380f168166cf2af910962b0f291f13b091a1da8cb4a
1b96faed9d33840272cd985402dadc66fe6b7666ec933ac5fb967f09f7e11fa2
1f283d6620c5614a0762f2d781da1754c97b10f3c0f35e909cbe151828920735
22df2cea9103879adf6aa2f1b9273a494954dfd40a044ea23f5c8b5180c41ed5
2c60a4ba87818b0c31e5993bd2b6e173ac40358604d57a58acea3c38d313940e
30f50dd71bc5e6ae5b8194ae3f24597aaee9e311d1ba4da83a6804bc2fb35d45
3c0c8fd17c4e3daf5b758456495c4f1e70ec7ad8e3925d1833f831a24f3c8f03
3c7effded5e670434321b9fea5ee269b3b6361486135820fa72626273569458b
4000f941a4434c422d49f680bd3e32ba31eb9f3903eb89e38f2b506e97b0eb18
4a309e652475c8132643db4a8115a77f7ac135018f824c66e19b3523739c647f
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
4fb38a8ec69704a9999aa8902d961bc31a6e924a9e3773125f9f90fe8c976f9d
5394eedc56bb8bc4e20da37292f4cbbe36d85dec294d4e98b6c90f167ea62254
68104e53fb4744111bc3a5a6d4dfefa5aef8ca0f2c1c28163239d857571ceebd
721e45214bbc08c4f97428fb61545b9826328503350bc3afd48f6c4cfe30bf05
751337d7c6415bce9c91e59915866a24d7cf98ce21380eb6aaa2e704c6c34078
7837d072b46bfee2357ccae44b947d813dfcf002791172ec2f637660cf6d3e33
7887b31ff21170614285fcd6b3c0120af3c286725533f268ce02793cdf2116ed
7c9895f2e57140b2a429c2b5df1eb51b2c0bf49f56365e198fb20a92fe79c1dd
7cc8d1ee9e7b63b11ccb0bef9767d4a3839eac2eb90af890804982268cb15ac3
7da182221edff0f911b87aca7caf4a392a918c02306a5a39ea451cca20a4b6dc
801f201423627ef83919d8d991784ab75fcd705efead135dcaae3b4d1dd14c20
82d0f17a2322efed41e8202d45935e54f90e32f85d5f194bbc3e208e66dbbe5b
8318eac02bc8c4d4785e0562057db6a60c7a5ec9a239ad0c1355081ea6ef3ccd
839bc2639db03e319d6a7a2a5a53757e212d8e2957b30fe9837485fa20bc177b
8cb8815200f765affd4d839dc99216411c5cb3210197e1d18421484ca5bc272e
9f9ff0a7d36b89635739dba31ad5ee163d5af1985f828af4f17bb70edbdf8f1d
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
aca90561c6bf714273a8c70122f5f0b3315886beb08fdf9e39e9a1ad88329aeb
b30e76d008dd8a6b692f0f6faffdec33a4f38e3f0000b43a6dcfc9c36dbf061c
b8fc8a306d82b4198321c5f4055f00e636779590a602e1b4dfad89703566383f
bb6c3a3cf3ec55d3782262dc99c77a52c8f9578a39e3bc4d425f9b4bec4d287a
c3345f130ca606d3cbd5fecfed574cfdf1d955d7c106f60a873433c649c81c19
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
c7b6a3005a9265403191093f3f1e55b8e0db8a263c88506f97128d9f9b5c50cf
ca72b169e49ec2ff077ff693483afb1f3d796be88dd04bcbe9b32360b4fd7ed4
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d3b73a4e74f8a7ada9d59dc912b8d5986b1279d653758ded0809763b3b999505
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e27e2817822c1acf3f16550dbcc73712b6fff77ed6587aa6cbbd3fe9932083
e83bd6b0888a964c351472e63b1e2d785f66fb77f07424294b79e036810ee078
e86c9175c7f1254c003370cc24af7c0530a3a5a9bfde54c19430ecb3a6dbd4f7
f63e1469b6bdacf9dd7dbd632018d0a2eee39c0d831a680e4fc6b14f7b047b92
f641708333dae811f4a8dae9c156025a8eaa7e4fa273a2aa21e04a9ac8673852
fb7de060170887fb506dfe3ab6ba48ae6ece3e82dd0e97de1f9802ebffc17f34
ff4f2b99c823fd3e9e24d58916886926e875417302ff9960374aabecb8340226