Submitted URL: https://11tk11.cc/
Effective URL: https://149.115.248.106:3695/
Submission: On October 11 via api from BE — Scanned from US

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 84 HTTP transactions. The main IP is 149.115.248.106, located in Los Angeles, United States and belongs to XNNET, US. The main domain is 149.115.248.106.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 3rd 2024. Valid for: a year.
This is the only time 149.115.248.106 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 162.218.30.78 8796 (FD-298-8796)
55 149.115.248.106 54467 (XNNET)
4 199.91.74.208 21859 (ZEN-ECN)
9 111.45.3.198 56040 (CMNET-GUA...)
2 38.34.183.179 18978 (ENZUINC-)
1 2a12:a301:201... 3258 (XTOM-JAPA...)
2 240e:954:0:41... 134768 (CHINANET-...)
1 147.92.47.224 59371 (DNC-AS Di...)
1 13.248.217.42 16509 (AMAZON-02)
1 27.124.9.124 152194 (CTGSERVER...)
2 240e:97b:500:... 4134 (CHINANET-...)
2 2409:8c50:700... 56047 (CMNET-HUN...)
84 13
Apex Domain
Subdomains
Transfer
9 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 13307
25 KB
6 cnzz.com
v1.cnzz.com — Cisco Umbrella Rank: 123226
z3.cnzz.com — Cisco Umbrella Rank: 241732
c.cnzz.com — Cisco Umbrella Rank: 101023
11 KB
4 51.la
sdk.51.la — Cisco Umbrella Rank: 57759
collect-v6.51.la — Cisco Umbrella Rank: 56801
68 KB
2 uv60.cn
uv60.cn — Cisco Umbrella Rank: 939940
23 KB
1 777tk.co
vsrbsrtnryvrae.777tk.co
1 staticfile.org
cdn.staticfile.org — Cisco Umbrella Rank: 138535
38 KB
1 87ei7plz.com
87ei7plz.com
269 B
1 dnss.app
hm.dnss.app
12 KB
1 kj1234.app
m23vmmc5.kj1234.app
1 11tk11.cc
11tk11.cc
294 B
0 rockiemountainstars.com Failed
2r44w3f44dh-a.rockiemountainstars.com Failed
0 999tk.co Failed
optionswidth.999tk.co Failed
84 12
Domain Requested by
9 hm.baidu.com 149.115.248.106
hm.baidu.com
2 c.cnzz.com v1.cnzz.com
2 z3.cnzz.com v1.cnzz.com
2 v1.cnzz.com 149.115.248.106
2 uv60.cn 149.115.248.106
uv60.cn
2 collect-v6.51.la sdk.51.la
2 sdk.51.la 149.115.248.106
1 vsrbsrtnryvrae.777tk.co 149.115.248.106
1 cdn.staticfile.org 149.115.248.106
1 87ei7plz.com 149.115.248.106
1 hm.dnss.app 149.115.248.106
1 m23vmmc5.kj1234.app 149.115.248.106
1 11tk11.cc 1 redirects
0 2r44w3f44dh-a.rockiemountainstars.com Failed 149.115.248.106
0 optionswidth.999tk.co Failed 149.115.248.106
84 15
Subject Issuer Validity Valid
149.115.248.106
Sectigo RSA Domain Validation Secure Server CA
2024-08-03 -
2025-08-03
a year crt.sh
*.51.la
GlobalSign RSA OV SSL CA 2018
2024-03-19 -
2025-04-20
a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2024-07-08 -
2025-08-09
a year crt.sh
uv60.cn
Sectigo RSA Domain Validation Secure Server CA
2024-05-19 -
2025-05-19
a year crt.sh
kj1234.app
WR1
2024-10-08 -
2025-01-06
3 months crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G3
2024-02-17 -
2025-03-20
a year crt.sh
hm.dnss.app
R11
2024-09-04 -
2024-12-03
3 months crt.sh
87ei7plz.com
Amazon RSA 2048 M03
2024-02-19 -
2025-03-19
a year crt.sh
*.staticfile.org
GlobalSign GCC R6 AlphaSSL CA 2023
2024-09-15 -
2025-10-17
a year crt.sh
vsrbsrtnryvrae.777tk.co
R10
2024-09-23 -
2024-12-22
3 months crt.sh

This page contains 5 frames:

Primary Page: https://149.115.248.106:3695/
Frame ID: BA79D6F8EC706C5835AC919FDE960AF0
Requests: 62 HTTP requests in this frame

Frame: https://m23vmmc5.kj1234.app:39996/topkj/ambm2.html
Frame ID: D36A3D3CE9F8BC36D496F53C2A3CABDD
Requests: 1 HTTP requests in this frame

Frame: https://149.115.248.106:3695/top-kj/kj.htm
Frame ID: 3F0149DE93234FFEA4D0817E4AC66C86
Requests: 2 HTTP requests in this frame

Frame: https://149.115.248.106:3695/sx/303888.html
Frame ID: ECFC4FD0CC5C0129B26E3E72979E0733
Requests: 18 HTTP requests in this frame

Frame: https://vsrbsrtnryvrae.777tk.co/kj/amkj.html
Frame ID: 9E54B3F8312E9818ECCEBAD60C5A811F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

澳门任我發心水論壇_303888.com

Page URL History Show full URLs

  1. https://11tk11.cc/ HTTP 301
    https://149.115.248.106:3695/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

96 %
HTTPS

33 %
IPv6

12
Domains

15
Subdomains

13
IPs

5
Countries

1166 kB
Transfer

1671 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://11tk11.cc/ HTTP 301
    https://149.115.248.106:3695/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://11tk44.cc/js/sm.js HTTP 301
  • https://optionswidth.999tk.co//js/sm.js

84 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
149.115.248.106/
Redirect Chain
  • https://11tk11.cc/
  • https://149.115.248.106:3695/
92 KB
10 KB
Document
General
Full URL
https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
050628030b464db0f72ce3047c0d0e265cc8160c0be7ef376efbcd52407a6a08

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
10320
content-type
text/html
date
Fri, 11 Oct 2024 04:06:48 GMT
etag
"80da295b1e1bdb1:0"
last-modified
Thu, 10 Oct 2024 14:11:53 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding

Redirect headers

content-length
162
content-type
text/html
date
Fri, 11 Oct 2024 04:06:48 GMT
location
https://149.115.248.106:3695/#888999777/
server
nginx
strict-transport-security
max-age=31536000
style.css
149.115.248.106/css/
31 KB
6 KB
Stylesheet
General
Full URL
https://149.115.248.106:3695/css/style.css
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8f96487dc251ffa500d3ea6f960bb88b3f408e55f16a1893b2881dbfbbb95068

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"0ace295ddd5da1:0"
accept-ranges
bytes
content-length
6251
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
text/css
last-modified
Sun, 14 Jul 2024 11:04:24 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
js-sdk-pro.min.js
sdk.51.la/
34 KB
34 KB
Script
General
Full URL
https://sdk.51.la/js-sdk-pro.min.js?id=KW6Lbx87ljBwqDLu&ck=KW6Lbx87ljBwqDLu
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.208 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

cache-control
no-store
access-control-allow-credentials
true
via
LA-MEX-queretaro-EDGE2-CACHE1[635],LA-MEX-queretaro-EDGE2-CACHE1[ovl,633],LA-MEX-queretaro-EDGE1-CACHE1[ovl,632],CHN-SH-GLOBAL4-CACHE44[ovl,20]
access-control-allow-origin
*
x-ccdn-req-id-46b1
9d4ac3e4e1f15f82b0053895789399fb
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
text/plain; charset=utf-8
server
openresty
common.js
149.115.248.106/js2/
10 KB
3 KB
Script
General
Full URL
https://149.115.248.106:3695/js2/common.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0cc90eafcdefc5c7e135cb58d772f7198af8b8416573875dd934942b4d74d715

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"06ecea1ddd5da1:0"
accept-ranges
bytes
content-length
2886
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Sun, 14 Jul 2024 11:04:44 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
jquery1.42.min.js
149.115.248.106/js2/
139 KB
29 KB
Script
General
Full URL
https://149.115.248.106:3695/js2/jquery1.42.min.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
25c7c6d354928d2f47116853ad68ef25d8f21afdbc1289bdc1a8b520e9fde8e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"803198a3ddd5da1:0"
accept-ranges
bytes
content-length
30019
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Sun, 14 Jul 2024 11:04:47 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
jquery.SuperSlide.2.1.3.js
149.115.248.106/js2/
24 KB
5 KB
Script
General
Full URL
https://149.115.248.106:3695/js2/jquery.SuperSlide.2.1.3.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
94ab49a0b43efeaaee4bc4fa9d774d3973aef8702e01f22016009c3f7447d589

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"80467a2ddd5da1:0"
accept-ranges
bytes
content-length
4744
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Sun, 14 Jul 2024 11:04:45 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
ambm.js
149.115.248.106/js/
3 KB
3 KB
Script
General
Full URL
https://149.115.248.106:3695/js/ambm.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d76594fea4291832ac188b6d0d760ec7f3e94165683bc23589bb6b5e24c7e92b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
2657
etag
"51e8cc669fe9da1:0"
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Thu, 08 Aug 2024 14:29:39 GMT
server
Microsoft-IIS/10.0
logo.js
149.115.248.106/js2/
101 B
178 B
Script
General
Full URL
https://149.115.248.106:3695/js2/logo.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d0236d0329860dcb58be50dc0390b6a9b24822cd55e4f58876da4c23846b537b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
101
etag
"802d8455dfd5da1:0"
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Sun, 14 Jul 2024 11:16:55 GMT
server
Microsoft-IIS/10.0
303888.js
149.115.248.106/js/
5 KB
1 KB
Script
General
Full URL
https://149.115.248.106:3695/js/303888.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5f48813a08134e5a148d2160302218d4f4b668747ac9ee2c56db14458e41f526

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"801e55659fe9da1:0"
accept-ranges
bytes
content-length
1432
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Thu, 08 Aug 2024 14:29:37 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
nm.js
149.115.248.106/js/
0
0
Script
General
Full URL
https://149.115.248.106:3695/js/nm.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-length
1163
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
text/html
server
Microsoft-IIS/10.0
ggao1.js
149.115.248.106/ggao1/
2 KB
2 KB
Script
General
Full URL
https://149.115.248.106:3695/ggao1/ggao1.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f25432b94bea93b3953ec2e7ffd771f30244e6d2f51e2e22dde35b4540ce72b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
1931
etag
"3172262b1d1bdb1:0"
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 14:03:22 GMT
server
Microsoft-IIS/10.0
514c5d90740434a2.gif
149.115.248.106/images/
18 KB
18 KB
Image
General
Full URL
https://149.115.248.106:3695/images/514c5d90740434a2.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1a81e0503d1d31a115e860480d502e9b110be2302811c15833b55ae0fc54e9bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
18245
etag
"9d8612bea0ecda1:0"
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
image/gif
last-modified
Mon, 12 Aug 2024 10:16:48 GMT
server
Microsoft-IIS/10.0
2def9507b7af4ac48008cdc59ca0c411.gif
149.115.248.106/images/
130 KB
130 KB
Image
General
Full URL
https://149.115.248.106:3695/images/2def9507b7af4ac48008cdc59ca0c411.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1a677c5fd37ecb7679901b70ac45454b03f3d2515c39f8616829ad467a43cbeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
132974
etag
"ae5b24a56cf4da1:0"
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
image/gif
last-modified
Thu, 22 Aug 2024 08:24:02 GMT
server
Microsoft-IIS/10.0
994949.jpg
149.115.248.106/images/
36 KB
37 KB
Image
General
Full URL
https://149.115.248.106:3695/images/994949.jpg
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3f124dfca4f9b582c11b3800f4dab7d043228dec9a55f51b78b04ee0bd3a5649

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
37331
etag
"326f644629ebda1:0"
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
image/jpeg
last-modified
Sat, 10 Aug 2024 13:29:06 GMT
server
Microsoft-IIS/10.0
150011.gif
149.115.248.106/images/
260 KB
260 KB
Image
General
Full URL
https://149.115.248.106:3695/images/150011.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
957699f924be1b55ce916a588d3f911765e0bda0d70de8dab8f36a1173da0ede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
266131
etag
"a08b62f6ef7da1:0"
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
image/gif
last-modified
Mon, 26 Aug 2024 04:11:43 GMT
server
Microsoft-IIS/10.0
f767b1df-1548-4d09-ba1f-b7399eea09e5.jpg
149.115.248.106/images/
258 KB
258 KB
Image
General
Full URL
https://149.115.248.106:3695/images/f767b1df-1548-4d09-ba1f-b7399eea09e5.jpg
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0c26e365849ea4d3b37252bca853d2353616879614cbe0b4ef6c98382ea9bfd6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
263873
etag
"80502d71be0da1:0"
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
image/jpeg
last-modified
Sat, 27 Jul 2024 11:49:25 GMT
server
Microsoft-IIS/10.0
gszq.jpg
149.115.248.106/img/
24 KB
24 KB
Image
General
Full URL
https://149.115.248.106:3695/img/gszq.jpg
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ea664f1fe5688093c71d738b1433fab46ac44bcf93917f330ff1b873693b116a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
24241
etag
"80f63f9bddd5da1:0"
date
Fri, 11 Oct 2024 04:06:49 GMT
content-type
image/jpeg
last-modified
Sun, 14 Jul 2024 11:04:33 GMT
server
Microsoft-IIS/10.0
bbs1.js
149.115.248.106/js/
12 KB
2 KB
Script
General
Full URL
https://149.115.248.106:3695/js/bbs1.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d1699b0c6ad2b750a4e89e49f26725a786dc8521f7c274e9d0662f36230c2862

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"0d91e341d1bdb1:0"
accept-ranges
bytes
content-length
1852
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 14:03:38 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
sm.js
optionswidth.999tk.co//js/
Redirect Chain
  • https://11tk44.cc/js/sm.js
  • https://optionswidth.999tk.co//js/sm.js
0
0

xszq.jpg
149.115.248.106/img/
23 KB
24 KB
Image
General
Full URL
https://149.115.248.106:3695/img/xszq.jpg
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
21ac1e2cbeed18c0888e78b4d833a1842849075286c1fbb0bbbcd5931173672c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
24005
etag
"0e73a9eddd5da1:0"
date
Fri, 11 Oct 2024 04:06:49 GMT
content-type
image/jpeg
last-modified
Sun, 14 Jul 2024 11:04:38 GMT
server
Microsoft-IIS/10.0
bbs2.js
149.115.248.106/js/
14 KB
2 KB
Script
General
Full URL
https://149.115.248.106:3695/js/bbs2.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f24519395bff5104314eaaa5ce36404f209680b28fb0cec756bb5ec021e4a8d0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"0d91e341d1bdb1:0"
accept-ranges
bytes
content-length
1983
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 14:03:38 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
xseq.jpg
149.115.248.106/img/
22 KB
22 KB
Image
General
Full URL
https://149.115.248.106:3695/img/xseq.jpg
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
106bc4b0f8b752f575fa516577b655370cc97c95d4d0f61bbd1cf144d64b2a13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
22910
etag
"8050a29dddd5da1:0"
date
Fri, 11 Oct 2024 04:06:49 GMT
content-type
image/jpeg
last-modified
Sun, 14 Jul 2024 11:04:37 GMT
server
Microsoft-IIS/10.0
bbs3.js
149.115.248.106/js/
12 KB
2 KB
Script
General
Full URL
https://149.115.248.106:3695/js/bbs3.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0e495767a72a74dfaeed0724db2f39057cafcc916511dabc135b4ab5c2030180

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"806fb7341d1bdb1:0"
accept-ranges
bytes
content-length
1697
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 14:03:39 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
gs22.js
149.115.248.106/js/
6 KB
738 B
Script
General
Full URL
https://149.115.248.106:3695/js/gs22.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7b5e4e9a17672819ecfe654f51c26956af35d5b9ae6001eebfbaf7fdbbbc602c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"80c919371d1bdb1:0"
accept-ranges
bytes
content-length
658
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 14:03:43 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
gs.js
149.115.248.106/js/
9 KB
715 B
Script
General
Full URL
https://149.115.248.106:3695/js/gs.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a7c36782d8d3bbebe18ce814b01ddef52266dccc6778b0066fc1ab4c45295ed2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"80c919371d1bdb1:0"
accept-ranges
bytes
content-length
674
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 14:03:43 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
gstupian.js
149.115.248.106/js/
0
0
Script
General
Full URL
https://149.115.248.106:3695/js/gstupian.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-length
1163
date
Fri, 11 Oct 2024 04:06:48 GMT
content-type
text/html
server
Microsoft-IIS/10.0
tupian.js
149.115.248.106/js/
0
0
Script
General
Full URL
https://149.115.248.106:3695/js/tupian.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-length
1163
date
Fri, 11 Oct 2024 04:06:49 GMT
content-type
text/html
server
Microsoft-IIS/10.0
tu.js
149.115.248.106/js/
0
0
Script
General
Full URL
https://149.115.248.106:3695/js/tu.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-length
1163
date
Fri, 11 Oct 2024 04:06:49 GMT
content-type
text/html
server
Microsoft-IIS/10.0
ttz.js
149.115.248.106/js/
6 KB
899 B
Script
General
Full URL
https://149.115.248.106:3695/js/ttz.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
783132e319245489f63b002672e999b7497bac9708436432040e359d08c9bf29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"0e7453b1d1bdb1:0"
accept-ranges
bytes
content-length
821
date
Fri, 11 Oct 2024 04:06:49 GMT
content-type
application/javascript
last-modified
Thu, 10 Oct 2024 14:03:50 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
qnzl.js
149.115.248.106/js/
40 KB
2 KB
Script
General
Full URL
https://149.115.248.106:3695/js/qnzl.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6215472dc44c921493198a2898fe6d91b08b33cd5120c4888f90617daa71609a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
"0a22a72be2db1:0"
accept-ranges
bytes
content-length
1624
date
Fri, 11 Oct 2024 04:06:49 GMT
content-type
application/javascript
last-modified
Mon, 09 Sep 2024 13:44:52 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
index.js
149.115.248.106/alert/
2 KB
2 KB
Script
General
Full URL
https://149.115.248.106:3695/alert/index.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
31b45e145b0ed663a68aa8918848cb8c42ff0b0b617aa162a7056a6cfdcf048f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
2055
etag
"055e995be9da1:0"
date
Fri, 11 Oct 2024 04:06:49 GMT
content-type
application/javascript
last-modified
Thu, 08 Aug 2024 06:24:18 GMT
server
Microsoft-IIS/10.0
ldc.js
149.115.248.106/js/
2 KB
2 KB
Script
General
Full URL
https://149.115.248.106:3695/js/ldc.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9435930cd86f5f14c75266877aef893594c89f70110efc624dd6b20c1055b02c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
1870
etag
"dfac11b5baf6da1:0"
date
Fri, 11 Oct 2024 04:06:49 GMT
content-type
application/javascript
last-modified
Sun, 25 Aug 2024 06:47:52 GMT
server
Microsoft-IIS/10.0
collect
collect-v6.51.la/v6/
0
287 B
XHR
General
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js?id=KW6Lbx87ljBwqDLu&ck=KW6Lbx87ljBwqDLu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.208 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

via
LA-MEX-queretaro-EDGE2-CACHE1[238],LA-MEX-queretaro-EDGE2-CACHE1[ovl,236]
access-control-allow-origin
https://149.115.248.106:3695
x-ccdn-req-id-46b1
74b416b15103b7c6a823f99c296648d0
content-length
0
date
Fri, 11 Oct 2024 04:06:52 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials
true
hm.js
hm.baidu.com/
0
175 B
Script
General
Full URL
https://hm.baidu.com/hm.js?c397589140542811438ab046a764d603
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

Strict-Transport-Security
max-age=172800
Content-Length
0
Date
Fri, 11 Oct 2024 04:06:52 GMT
Content-Type
text/plain; charset=utf-8
Server
apache
tongji.js
uv60.cn/tj/
54 KB
22 KB
Script
General
Full URL
https://uv60.cn/tj/tongji.js?v=2.08
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.34.183.179 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS
179.183-34-38.rdns.scalabledns.com
Software
cdn /
Resource Hash
372fc5181999fe7d9af1a9b6d024461f4c1c517a29d0085a6eaf33aca3f18433
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

x-cache-status
HIT
strict-transport-security
max-age=31536000;
content-encoding
gzip
etag
W/"66da510c-d706"
date
Fri, 11 Oct 2024 04:06:52 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding
server
cdn
last-modified
Fri, 06 Sep 2024 00:47:08 GMT
ambm2.html
m23vmmc5.kj1234.app/topkj/ Frame D36A
0
0
Document
General
Full URL
https://m23vmmc5.kj1234.app:39996/topkj/ambm2.html
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/js/ambm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a12:a301:2010::10b1 Tokyo, Japan, ASN3258 (XTOM-JAPAN xTom Japan, JP),
Reverse DNS
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://149.115.248.106:3695/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 11 Oct 2024 04:06:52 GMT
etag
W/"66955aac-93a"
last-modified
Mon, 15 Jul 2024 17:21:48 GMT
server
openresty
strict-transport-security
max-age=31536000
vary
Accept-Encoding
hm.js
hm.baidu.com/
0
175 B
Script
General
Full URL
https://hm.baidu.com/hm.js?ea1f13aa8075bdfe12cb8d391536d3ed
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/js/ambm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

Strict-Transport-Security
max-age=172800
Content-Length
0
Date
Fri, 11 Oct 2024 04:06:52 GMT
Content-Type
text/plain; charset=utf-8
Server
apache
hm.js
hm.baidu.com/
0
175 B
Script
General
Full URL
https://hm.baidu.com/hm.js?9af0977eb5607ed908fcd6f58bcd0c3a
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/js/ambm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

Strict-Transport-Security
max-age=172800
Content-Length
0
Date
Fri, 11 Oct 2024 04:06:52 GMT
Content-Type
text/plain; charset=utf-8
Server
apache
z.js
v1.cnzz.com/
10 KB
4 KB
Script
General
Full URL
https://v1.cnzz.com/z.js?async=1&id=1281361708
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/js/ambm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:954:0:41:3::7e2 , China, ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c336c3c2df8be5ce89c6831177743ec4677033960672a7c18120c9c1edb07745

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
br
etag
W/"5200395526478009795"
age
85
x-cache
HIT TCP_REFRESH_HIT dirn:10:462799141
date
Fri, 11 Oct 2024 04:05:28 GMT
content-type
application/javascript
vary
accept-encoding
cache-control
public, max-age=300
x-swift-cachetime
215
timing-allow-origin
*
via
cache22.l2cn3155[0,0,304-0,H], cache10.l2cn3155[0,0], cache11.cn7154[11,31,200-0,H], cache21.cn7154[34,0]
ali-swift-global-savetime
1728619528
x-swift-savetime
Fri, 11 Oct 2024 04:06:53 GMT
eagleid
751731a117286196136656613e
content-length
3885
server
Tengine
z.js
v1.cnzz.com/
10 KB
4 KB
Script
General
Full URL
https://v1.cnzz.com/z.js?async=1&id=1281361706
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/js/ambm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:954:0:41:3::7e2 , China, ASN134768 (CHINANET-SHAANXI-CLOUD-BASE CHINANET SHAANXI province Cloud Base network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2ef87c4987a43e9dd80a16d8de2df8190455b4495b24000701806db6c84e9823

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
br
etag
W/"316726480838504779"
age
0
x-cache
MISS TCP_MISS dirn:0:254882631
date
Fri, 11 Oct 2024 04:06:53 GMT
content-type
application/javascript
vary
accept-encoding
cache-control
public, max-age=300
x-swift-cachetime
300
timing-allow-origin
*
via
cache9.l2cn3155[86,86,200-0,H], cache41.l2cn3155[88,0], cache24.cn7154[105,111,200-0,M], cache21.cn7154[114,0]
ali-swift-global-savetime
1728619613
x-swift-savetime
Fri, 11 Oct 2024 04:06:53 GMT
eagleid
751731a117286196136656612e
content-length
3884
server
Tengine
hm.js
hm.dnss.app/
31 KB
12 KB
Script
General
Full URL
https://hm.dnss.app/hm.js?66657c2ddb05b6b65b3cbb98dc4861c6
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/js/ambm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
147.92.47.224 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
93bf8d2c8a0915515341607fe9f5d90150eef653950f339c6ec303668fec61ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
content-length
11756
date
Fri, 11 Oct 2024 04:06:52 GMT
etag
4374751747b09c0e7688b5ec8ba375aa
content-type
application/javascript
server
openresty
logo2.gif
149.115.248.106/img/
49 KB
49 KB
Image
General
Full URL
https://149.115.248.106:3695/img/logo2.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
394c7aa3dda4ef6cd4146a5d818dfd68b88a552ee770bc8a075bd718cec3ad8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
50287
etag
"6cce9f9d4fada1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 30 Aug 2024 11:59:16 GMT
server
Microsoft-IIS/10.0
kj.htm
149.115.248.106/top-kj/ Frame 3F01
4 KB
2 KB
Document
General
Full URL
https://149.115.248.106:3695/top-kj/kj.htm
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/js/303888.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6207260be8860f35b05ac86bbeb7efc20cc43d6f6dbd660aece9210b0dc939b2

Request headers

Referer
https://149.115.248.106:3695/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
1558
content-type
text/html
date
Fri, 11 Oct 2024 04:06:51 GMT
etag
"80202c2989ddb1:0"
last-modified
Mon, 23 Sep 2024 07:21:09 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
mo.png
149.115.248.106/images/
2 KB
2 KB
Image
General
Full URL
https://149.115.248.106:3695/images/mo.png
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4ce369df43bdd72348f5e78ca4d7f39d15893734048cdec5572cdef347650e53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
2410
etag
"060a79addd5da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/png
last-modified
Sun, 14 Jul 2024 11:04:32 GMT
server
Microsoft-IIS/10.0
hk.png
149.115.248.106/images/
2 KB
2 KB
Image
General
Full URL
https://149.115.248.106:3695/images/hk.png
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
08c561599d638bd603c097a8ccc8d5d2d0fb2d3af379b108174c1b7e65372b87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
2467
etag
"806fac97ddd5da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/png
last-modified
Sun, 14 Jul 2024 11:04:27 GMT
server
Microsoft-IIS/10.0
bbbj.jpg
2r44w3f44dh-a.rockiemountainstars.com/img/
0
0

logo.png
149.115.248.106/img/
27 KB
27 KB
Image
General
Full URL
https://149.115.248.106:3695/img/logo.png
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
366dc448216fda48600c3e058aa7fe76ecdbafffddca11a7529ee658275a0c30

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/css/style.css

Response headers

accept-ranges
bytes
content-length
27678
etag
"7dcf809d4fada1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/png
last-modified
Fri, 30 Aug 2024 11:59:16 GMT
server
Microsoft-IIS/10.0
tubiao2.png
149.115.248.106/img/
6 KB
6 KB
Image
General
Full URL
https://149.115.248.106:3695/img/tubiao2.png
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7e4d3d1b5cf9ae8aa1b09e9a20c3dd6ca8741ed42cd1932527063e9da8b436ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/css/style.css

Response headers

accept-ranges
bytes
content-length
6480
etag
"8023719cddd5da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/png
last-modified
Sun, 14 Jul 2024 11:04:35 GMT
server
Microsoft-IIS/10.0
303888.html
149.115.248.106/sx/ Frame ECFC
28 KB
5 KB
Document
General
Full URL
https://149.115.248.106:3695/sx/303888.html
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
242b3c8c280af4b2e7525b4ac083a10a02a695c390fbce2476e1991543ccfb6b

Request headers

Referer
https://149.115.248.106:3695/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
5455
content-type
text/html
date
Fri, 11 Oct 2024 04:06:51 GMT
etag
"09b6b1e6feeda1:0"
last-modified
Wed, 14 Aug 2024 17:26:38 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
66159890860671405.jpg
87ei7plz.com/
0
269 B
Script
General
Full URL
https://87ei7plz.com/66159890860671405.jpg
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/alert/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.217.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a241398cb9d917f30.awsglobalaccelerator.com
Software
openresty/1.25.3.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

cache-control
no-cache, private
content-encoding
gzip
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
date
Fri, 11 Oct 2024 04:06:52 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
openresty/1.25.3.1
access-control-allow-headers
X-Requested-With
jquery.min.js
cdn.staticfile.org/jquery/1.12.3/
95 KB
38 KB
Script
General
Full URL
https://cdn.staticfile.org/jquery/1.12.3/jquery.min.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/alert/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.124.9.124 Shatin, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
expires
0
access-control-allow-origin
*
x-cache
BYPASS
date
Fri, 11 Oct 2024 04:06:52 GMT
content-type
text/javascript; charset=utf-8
server
nginx
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
com.js
149.115.248.106/top-kj/ Frame 3F01
3 KB
3 KB
Script
General
Full URL
https://149.115.248.106:3695/top-kj/com.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/top-kj/kj.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
39e10627a934ca60587a71ee8b45f4c43c0b750c46d3cf15f0d6a5db871bc0b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/top-kj/kj.htm

Response headers

accept-ranges
bytes
content-length
2875
etag
"809c802eb4dada1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
application/javascript
last-modified
Sat, 20 Jul 2024 14:50:37 GMT
server
Microsoft-IIS/10.0
gb.png
149.115.248.106/images/
358 B
435 B
Image
General
Full URL
https://149.115.248.106:3695/images/gb.png
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9fdc4671c243e1dbef8e8189fa541947a5ee9da0fd933bf7a62ed5dd06442279

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
358
etag
"14fdcf1b9f6da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/png
last-modified
Sun, 25 Aug 2024 06:42:24 GMT
server
Microsoft-IIS/10.0
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?1d2dd7fa3c189507223b93afde3f7362
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
8161e82f1b54b39fd37b226be1b03d7819d01fec4afbdd497be8e098f5c2e4d7
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
e8c382c41153d9bac45974a4316f1f82
Content-Length
11299
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Fri, 11 Oct 2024 04:06:52 GMT
Content-Type
application/javascript
Server
apache
js-sdk-pro.min.js
sdk.51.la/ Frame ECFC
34 KB
34 KB
Script
General
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.208 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

cache-control
no-store
access-control-allow-credentials
true
via
LA-MEX-queretaro-EDGE2-CACHE1[234],LA-MEX-queretaro-EDGE2-CACHE1[ovl,227],LA-MEX-queretaro-EDGE1-CACHE1[ovl,227],CHN-SH-GLOBAL4-CACHE49[ovl,21]
access-control-allow-origin
*
x-ccdn-req-id-46b1
75e10614263b398c1214d441f0cdd2ac
date
Fri, 11 Oct 2024 04:06:52 GMT
content-type
text/plain; charset=utf-8
server
openresty
long.gif
149.115.248.106/img/ Frame ECFC
843 B
929 B
Image
General
Full URL
https://149.115.248.106:3695/img/long.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
379b79374fd85419732e9048da588738ef21b50c15673af1160e98cf44a6fd66

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
843
etag
"80948a89cbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:05:17 GMT
server
Microsoft-IIS/10.0
tu.gif
149.115.248.106/img/ Frame ECFC
583 B
661 B
Image
General
Full URL
https://149.115.248.106:3695/img/tu.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0fada6383084eea37080722a0b38e8bbb5c22b5e96c5c1a30e7132d501bebbfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
583
etag
"80ffcf7ecbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:04:59 GMT
server
Microsoft-IIS/10.0
hu.gif
149.115.248.106/img/ Frame ECFC
729 B
807 B
Image
General
Full URL
https://149.115.248.106:3695/img/hu.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a34f9448e801cbb09648b7f84b23ed4c99f350d45b388f02eb94619405d06dd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
729
etag
"80675988cbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:05:15 GMT
server
Microsoft-IIS/10.0
niu.gif
149.115.248.106/img/ Frame ECFC
572 B
649 B
Image
General
Full URL
https://149.115.248.106:3695/img/niu.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7aba29366a261480736a289f19748f4c063cb9b1d23440b4ac77f6d797ea070f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
572
etag
"0a48f86cbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:05:12 GMT
server
Microsoft-IIS/10.0
shu.gif
149.115.248.106/img/ Frame ECFC
526 B
603 B
Image
General
Full URL
https://149.115.248.106:3695/img/shu.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7258ca0727e3213dcc632719b008ae0a03845e123214a881be9cf7d6ba0fa125

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
526
etag
"069377ecbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:04:58 GMT
server
Microsoft-IIS/10.0
zhu.gif
149.115.248.106/img/ Frame ECFC
586 B
663 B
Image
General
Full URL
https://149.115.248.106:3695/img/zhu.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3021fb252ad35d85b4528031714d988ae09b0b3eb118ccf2426c56f0ba4f84ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
586
etag
"0c39980cbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:05:02 GMT
server
Microsoft-IIS/10.0
gou.gif
149.115.248.106/img/ Frame ECFC
603 B
680 B
Image
General
Full URL
https://149.115.248.106:3695/img/gou.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5754a557446c93493bac7a65f4b3ec1e9bce67e2da63ffa61a32b174a9cc6671

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
603
etag
"074a299cbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:05:44 GMT
server
Microsoft-IIS/10.0
ji.gif
149.115.248.106/img/ Frame ECFC
753 B
832 B
Image
General
Full URL
https://149.115.248.106:3695/img/ji.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
daf6d005b90cef0c3554059480c79555bcb6ec6968ee5392889fdd15dc6eb7a2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
753
etag
"0fef188cbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:05:16 GMT
server
Microsoft-IIS/10.0
hou.gif
149.115.248.106/img/ Frame ECFC
777 B
874 B
Image
General
Full URL
https://149.115.248.106:3695/img/hou.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c131eeb45d5ef0c50bbd376d618ac73fc3eb31d9fa0a21398a474748091d48e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
777
etag
"803a2887cbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:05:13 GMT
server
Microsoft-IIS/10.0
yang.gif
149.115.248.106/img/ Frame ECFC
641 B
718 B
Image
General
Full URL
https://149.115.248.106:3695/img/yang.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
3dd447444516a3a7bb51016f53b9d5e51f5e2630382cd45e7cd7aa4f7d73210e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
641
etag
"096687fcbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:05:00 GMT
server
Microsoft-IIS/10.0
ma.gif
149.115.248.106/img/ Frame ECFC
600 B
676 B
Image
General
Full URL
https://149.115.248.106:3695/img/ma.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c3e192e3723193ba163c47df28401d03a95b20a26cebc13cad1025f23dc9b0b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
600
etag
"02b238acbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:05:18 GMT
server
Microsoft-IIS/10.0
she.gif
149.115.248.106/img/ Frame ECFC
572 B
646 B
Image
General
Full URL
https://149.115.248.106:3695/img/she.gif
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b3c1487a4dc0bb8f182ae99cdbc7ae6d50e78fc4ae12aad752704f47cf482eae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/sx/303888.html

Response headers

accept-ranges
bytes
content-length
572
etag
"0394a91cbd9da1:0"
date
Fri, 11 Oct 2024 04:06:51 GMT
content-type
image/gif
last-modified
Fri, 19 Jul 2024 11:05:30 GMT
server
Microsoft-IIS/10.0
amkj.html
vsrbsrtnryvrae.777tk.co/kj/ Frame 9E54
0
0
Document
General
Full URL
https://vsrbsrtnryvrae.777tk.co/kj/amkj.html
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/top-kj/com.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.218.30.78 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://149.115.248.106:3695/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 11 Oct 2024 04:06:52 GMT
etag
W/"650eec7e-d77"
last-modified
Sat, 23 Sep 2023 13:47:42 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
collect
collect-v6.51.la/v6/ Frame ECFC
0
283 B
XHR
General
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.208 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

via
LA-MEX-queretaro-EDGE2-CACHE1[252],LA-MEX-queretaro-EDGE2-CACHE1[ovl,249]
access-control-allow-origin
https://149.115.248.106:3695
x-ccdn-req-id-46b1
7c6e0c4184fdd35beb783743e3e4d147
content-length
0
date
Fri, 11 Oct 2024 04:06:52 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials
true
hm.js
hm.baidu.com/ Frame ECFC
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?1d2dd7fa3c189507223b93afde3f7362
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
bda690413d18c49cafe9a62044b3ac548a15d1e64f033cca27454029236134c8
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
c90746596073a0494da5d5f64026dfba
Content-Length
11299
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Fri, 11 Oct 2024 04:06:52 GMT
Content-Type
application/javascript
Server
apache
start
uv60.cn/api/v1/api2/statistics/
102 B
654 B
XHR
General
Full URL
https://uv60.cn/api/v1/api2/statistics/start?s=5aaa728d4e5f433e57c7e63b620a7b77&d=T3hLUjVxL08wZ2hzcjZoR1kyRlQzeWRBalNmTUs0TWRGUTBVLzlINm5mUUMwVFUvdWVuQ2ZNMTBWNGUxanlucUdVS1k3Uy9XaWp1TmQwcTFHd1JJK21JSHVBVloyMTFIZ29NcXNMbUxaMzljb2ZySXlteERPQXhmMTlDbFo4bmNMZmFBd1Y0UVRVSHJiSEhDWk9NUHhSQlcrZTZ5UTVwWXNQWjJJT20wQUI1NHZ1RTgrdEpqcXkxdkJxUng5Ujkvdk96RTRPUmdFRnprbHBBRXRwaVJiNGNvWnhDVVdsaXFVRWhBai9mNWpWSlZ4UGJEY1lkejU3SDdXZjdrY00xWHdWUi9yTzZTZEp4SllvZFJ2blRBU21pRHRvbzNaemdIYkk2TjVsUUFiMnQyVlEzWVUxWUJMMURxSnVCNG9DdFZ4WTN6TzUwaGFvTTBKdHdOZzNvYStYdi96eUJqVWdQcEdzak9iU2ZBMjBxR3ZVSzZoOFErc0dseEZNQjZYWkJ1&t=1728619612403
Requested by
Host: uv60.cn
URL: https://uv60.cn/tj/tongji.js?v=2.08
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.34.183.179 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS
179.183-34-38.rdns.scalabledns.com
Software
cdn /
Resource Hash
b84b08f2a34de9a0f7e6a02d145e7bc4f271a3dad6def13573cc42f9378ff6ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

x-cache-status
MISS
strict-transport-security
max-age=31536000;
access-control-max-age
10080
cache-control
private, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,DELETE,OPTIONS,HEAD
expires
-1
access-control-allow-origin
https://149.115.248.106:3695
content-length
102
date
Fri, 11 Oct 2024 04:06:52 GMT
content-type
application/json
server
cdn
access-control-allow-headers
lang,signature,key,timestamp,secret,Content-Type,form-type,Content-Length,Accept-Encoding,X-Requested-with, x-token,x_token,x-user-id,x-c,x-xsrf-token, Origin, Authorization
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?hca=ABDA0C9FAAD26162&cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1530795781&si=1d2dd7fa3c189507223b93afde3f7362&v=1.3.2&lv=1&sn=2918&r=0&ww=1600&u=https%3A%2F%2F149.115.248.106%3A3695%2F%23888999777%2F&tt=%E6%BE%B3%E9%97%A8%E4%BB%BB%E6%88%91%E7%99%BC%E5%BF%83%E6%B0%B4%E8%AB%96%E5%A3%87_303888.com
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Fri, 11 Oct 2024 04:06:53 GMT
Content-Type
image/gif
Server
apache
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?hca=ABDA0C9FAAD26162&cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2076928908&si=66657c2ddb05b6b65b3cbb98dc4861c6&v=1.3.2&lv=1&sn=2918&r=0&ww=1600&u=https%3A%2F%2F248.hm.dnss.app%2F%23888999777%2F&tt=%E6%BE%B3%E9%97%A8%E4%BB%BB%E6%88%91%E7%99%BC%E5%BF%83%E6%B0%B4%E8%AB%96%E5%A3%87_303888.com
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Fri, 11 Oct 2024 04:06:53 GMT
Content-Type
image/gif
Server
apache
hm.gif
hm.baidu.com/ Frame ECFC
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?hca=ABDA0C9FAAD26162&cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1530795781&si=1d2dd7fa3c189507223b93afde3f7362&v=1.3.2&lv=1&sn=2918&r=0&ww=1600&u=https%3A%2F%2F149.115.248.106%3A3695%2F%23888999777%2F&tt=%E6%BE%B3%E9%97%A8%E4%BB%BB%E6%88%91%E7%99%BC%E5%BF%83%E6%B0%B4%E8%AB%96%E5%A3%87_303888.com
Requested by
Host: hm.baidu.com
URL: https://hm.baidu.com/hm.js?1d2dd7fa3c189507223b93afde3f7362
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Fri, 11 Oct 2024 04:06:53 GMT
Content-Type
image/gif
Server
apache
hm.gif
hm.baidu.com/ Frame ECFC
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?hca=ABDA0C9FAAD26162&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1575&et=0&ja=0&ln=en-us&lo=0&lt=1728619613&rnd=759768781&si=1d2dd7fa3c189507223b93afde3f7362&su=https%3A%2F%2F149.115.248.106%3A3695%2F&v=1.3.2&lv=2&sn=2918&r=0&ww=716&u=https%3A%2F%2F149.115.248.106%3A3695%2Fsx%2F303888.html&tt=%E5%B1%9E%E6%80%A7
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/sx/303888.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Fri, 11 Oct 2024 04:06:53 GMT
Content-Type
image/gif
Server
apache
layer.js
149.115.248.106/alert/layer/
22 KB
22 KB
Script
General
Full URL
https://149.115.248.106:3695/alert/layer/layer.js?v=3111
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/alert/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
22116
etag
"0823f9a5be9da1:0"
date
Fri, 11 Oct 2024 04:06:52 GMT
content-type
application/javascript
last-modified
Thu, 08 Aug 2024 06:24:20 GMT
server
Microsoft-IIS/10.0
layer.css
149.115.248.106/alert/layer/theme/default/
14 KB
14 KB
Stylesheet
General
Full URL
https://149.115.248.106:3695/alert/layer/theme/default/layer.css?v=3.1.1
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/alert/layer/layer.js?v=3111
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
14367
etag
"80f9cda05be9da1:0"
date
Fri, 11 Oct 2024 04:06:52 GMT
content-type
text/css
last-modified
Thu, 08 Aug 2024 06:24:31 GMT
server
Microsoft-IIS/10.0
config.js
149.115.248.106/alert/
145 B
223 B
Script
General
Full URL
https://149.115.248.106:3695/alert/config.js
Requested by
Host: 149.115.248.106
URL: https://149.115.248.106:3695/alert/index.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e1f27fee705255c667b036cbde8baf7fbccbf482d50e0c3d3b5b1477bccde52e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

accept-ranges
bytes
content-length
145
etag
"1521d86110f3da1:0"
date
Fri, 11 Oct 2024 04:06:52 GMT
content-type
application/javascript
last-modified
Tue, 20 Aug 2024 14:51:04 GMT
server
Microsoft-IIS/10.0
alert.html
149.115.248.106/alert/
1 KB
1 KB
XHR
General
Full URL
https://149.115.248.106:3695/alert/alert.html
Requested by
Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/jquery/1.12.3/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
149.115.248.106 Los Angeles, United States, ASN54467 (XNNET, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f

Request headers

Referer
https://149.115.248.106:3695/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
text/html, */*; q=0.01

Response headers

content-length
1163
date
Fri, 11 Oct 2024 04:06:52 GMT
content-type
text/html
server
Microsoft-IIS/10.0
stat.htm
z3.cnzz.com/
2 B
123 B
Ping
General
Full URL
https://z3.cnzz.com/stat.htm?id=1281361708&r=&lg=en-us&ntime=none&cnzz_eid=none&showp=1600x1200&p=https%3A%2F%2F149.115.248.106%3A3695%2F%23888999777%2F&t=%E6%BE%B3%E9%97%A8%E4%BB%BB%E6%88%91%E7%99%BC%E5%BF%83%E6%B0%B4%E8%AB%96%E5%A3%87_303888.com&umuuid=19279c20e96952-0b88365d770939-1e462c6f-1d4c00-19279c20e97bea&h=1
Requested by
Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?async=1&id=1281361708
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
240e:97b:500:2000::4 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
date
Fri, 11 Oct 2024 04:06:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
Tengine
c.js
c.cnzz.com/
906 B
1 KB
Script
General
Full URL
https://c.cnzz.com/c.js?web_id=1281361708&t=z
Requested by
Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?async=1&id=1281361708
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c50:7000:21:3::3dc , China, ASN56047 (CMNET-HUNAN-AP China Mobile communications corporation, CN),
Reverse DNS
Software
Tengine /
Resource Hash
fa196fb301a5fa8dcf738943af1e47c21464c0b1e04ef569572d4d1ab56629a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

cache-control
public, max-age=321
x-swift-cachetime
321
timing-allow-origin
*
etag
W/"1008364939268394634"
age
0
via
cache56.l2cn3071[30,29,304-0,H], cache65.l2cn3071[31,0], cache9.cn6763[55,55,200-0,H], cache4.cn6763[56,0]
ali-swift-global-savetime
1728619614
x-swift-savetime
Fri, 11 Oct 2024 04:06:54 GMT
x-cache
HIT TCP_REFRESH_HIT dirn:10:397822652
content-length
906
date
Fri, 11 Oct 2024 04:06:54 GMT
content-type
application/javascript
eagleid
78e29d1817286196145188658e
server
Tengine
stat.htm
z3.cnzz.com/
2 B
122 B
Ping
General
Full URL
https://z3.cnzz.com/stat.htm?id=1281361706&r=&lg=en-us&ntime=none&cnzz_eid=none&showp=1600x1200&p=https%3A%2F%2F149.115.248.106%3A3695%2F%23888999777%2F&t=%E6%BE%B3%E9%97%A8%E4%BB%BB%E6%88%91%E7%99%BC%E5%BF%83%E6%B0%B4%E8%AB%96%E5%A3%87_303888.com&umuuid=19279c20e96952-0b88365d770939-1e462c6f-1d4c00-19279c20e97bea&h=1
Requested by
Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?async=1&id=1281361706
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
240e:97b:500:2000::4 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
date
Fri, 11 Oct 2024 04:06:55 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
Tengine
c.js
c.cnzz.com/
906 B
819 B
Script
General
Full URL
https://c.cnzz.com/c.js?web_id=1281361706&t=z
Requested by
Host: v1.cnzz.com
URL: https://v1.cnzz.com/z.js?async=1&id=1281361706
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c50:7000:21:3::3dc , China, ASN56047 (CMNET-HUNAN-AP China Mobile communications corporation, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ccc6b984a94309db5455de479d8cfc4c3cc5d97d88c5f2b18f7343fce10e1425

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://149.115.248.106:3695/

Response headers

content-encoding
gzip
etag
W/"15145571018190438761"
age
0
x-cache
HIT TCP_REFRESH_HIT dirn:9:260020060
date
Fri, 11 Oct 2024 04:06:54 GMT
content-type
application/javascript
vary
accept-encoding
cache-control
public, max-age=321
x-swift-cachetime
321
timing-allow-origin
*
via
cache77.l2cn3071[33,33,304-0,H], cache53.l2cn3071[37,0], cache1.cn6763[58,64,200-0,H], cache4.cn6763[66,0]
ali-swift-global-savetime
1728619614
x-swift-savetime
Fri, 11 Oct 2024 04:06:54 GMT
eagleid
78e29d1817286196145188659e
content-length
591
server
Tengine
favicon.ico
2r44w3f44dh-a.rockiemountainstars.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
optionswidth.999tk.co
URL
https://optionswidth.999tk.co//js/sm.js
Domain
2r44w3f44dh-a.rockiemountainstars.com
URL
https://2r44w3f44dh-a.rockiemountainstars.com:2088/img/bbbj.jpg
Domain
2r44w3f44dh-a.rockiemountainstars.com
URL
https://2r44w3f44dh-a.rockiemountainstars.com:2088/favicon.ico

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| LA number| laWaitTime function| gotoUrl function| selectAllCheckbox function| unselectAllCheckbox function| reselectAllCheckbox function| gotoPage function| zoom_image function| showTipDialogContainerInfoForever function| showTipDialogContainerInfo function| hideTipDialogContainerInfo number| _loadMoreTopicPage function| loadMoreTopicList number| _loadTopicPageSize number| _hasLoadTopicPageSize function| doLoadMoreTopicList function| doSearch function| doLogin function| doRegister function| showSelectYearDialog function| selectYearDialogYearUp function| selectYearDialogYearDown function| selectYearDiaologConfirm function| isVisibleObj function| insertTextIntoTextarea function| deleteTextFromTextarea function| $ function| jQuery object| _hmt string| url_1736 string| token object| cltj object| s object| _analytics object| _czc function| loadJS object| bm object| bs function| dz_action function| killerr function| conn number| v object| CryptoJS function| cnn object| res number| stimer boolean| _bdhm_loaded_1d2dd7fa3c189507223b93afde3f7362 object| modLocation boolean| _bdhm_loaded_66657c2ddb05b6b65b3cbb98dc4861c6 object| layer object| dz_wx string| dz_qq boolean| dz_open object| _cz_loaded string| _cz_account object| _CNZZDbridge_1281361708 object| _CNZZDbridge_1281361706

16 Cookies

Domain/Path Name / Value
149.115.248.106/ Name: __vtins__KW6Lbx87ljBwqDLu
Value: %7B%22sid%22%3A%20%2290b011b2-b98c-5765-aaf0-7eeaf8b0cd47%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201728621411688%2C%20%22ct%22%3A%201728619611688%7D
149.115.248.106/ Name: __51uvsct__KW6Lbx87ljBwqDLu
Value: 1
149.115.248.106/ Name: __51vcke__KW6Lbx87ljBwqDLu
Value: 80a8cfd4-8f7b-5597-87c1-8d1dc35d561e
149.115.248.106/ Name: __51vuft__KW6Lbx87ljBwqDLu
Value: 1728619611695
149.115.248.106/ Name: __vtins__3JF6gPwZ2W6pDKjA
Value: %7B%22sid%22%3A%20%22f6ff6000-fc3a-5d12-a315-9ee9c16da934%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201728621412327%2C%20%22ct%22%3A%201728619612327%7D
149.115.248.106/ Name: __51uvsct__3JF6gPwZ2W6pDKjA
Value: 1
149.115.248.106/ Name: __51vcke__3JF6gPwZ2W6pDKjA
Value: c6fe2547-495f-581c-9587-65227130d7ab
149.115.248.106/ Name: __51vuft__3JF6gPwZ2W6pDKjA
Value: 1728619612329
.hm.dnss.app/ Name: HMACCOUNT
Value: 891EDC5D8AB1AE83
.hm.dnss.app/ Name: HMACCOUNT_BFESS
Value: 891EDC5D8AB1AE83
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 761C2670719F553A
149.115.248.106/ Name: Hm_lvt_1d2dd7fa3c189507223b93afde3f7362
Value: 1728619613
149.115.248.106/ Name: Hm_lpvt_1d2dd7fa3c189507223b93afde3f7362
Value: 1728619613
149.115.248.106/ Name: UM_distinctid
Value: 19279c20e96952-0b88365d770939-1e462c6f-1d4c00-19279c20e97bea
.fcapp.run/ Name: HMACCOUNT
Value: 0C16A2415D5BC30C
.fcapp.run/ Name: HMACCOUNT_BFESS
Value: 0C16A2415D5BC30C

5 Console Messages

Source Level URL
Text
network error URL: https://149.115.248.106:3695/js/nm.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://149.115.248.106:3695/js/gstupian.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://149.115.248.106:3695/js/tupian.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://149.115.248.106:3695/js/tu.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://149.115.248.106:3695/alert/alert.html
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11tk11.cc
2r44w3f44dh-a.rockiemountainstars.com
87ei7plz.com
c.cnzz.com
cdn.staticfile.org
collect-v6.51.la
hm.baidu.com
hm.dnss.app
m23vmmc5.kj1234.app
optionswidth.999tk.co
sdk.51.la
uv60.cn
v1.cnzz.com
vsrbsrtnryvrae.777tk.co
z3.cnzz.com
2r44w3f44dh-a.rockiemountainstars.com
optionswidth.999tk.co
111.45.3.198
13.248.217.42
147.92.47.224
149.115.248.106
162.218.30.78
199.91.74.208
2409:8c50:7000:21:3::3dc
240e:954:0:41:3::7e2
240e:97b:500:2000::4
27.124.9.124
2a12:a301:2010::10b1
38.34.183.179
050628030b464db0f72ce3047c0d0e265cc8160c0be7ef376efbcd52407a6a08
08c561599d638bd603c097a8ccc8d5d2d0fb2d3af379b108174c1b7e65372b87
0c26e365849ea4d3b37252bca853d2353616879614cbe0b4ef6c98382ea9bfd6
0cc90eafcdefc5c7e135cb58d772f7198af8b8416573875dd934942b4d74d715
0e495767a72a74dfaeed0724db2f39057cafcc916511dabc135b4ab5c2030180
0fada6383084eea37080722a0b38e8bbb5c22b5e96c5c1a30e7132d501bebbfe
106bc4b0f8b752f575fa516577b655370cc97c95d4d0f61bbd1cf144d64b2a13
1a677c5fd37ecb7679901b70ac45454b03f3d2515c39f8616829ad467a43cbeb
1a81e0503d1d31a115e860480d502e9b110be2302811c15833b55ae0fc54e9bf
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3
21ac1e2cbeed18c0888e78b4d833a1842849075286c1fbb0bbbcd5931173672c
242b3c8c280af4b2e7525b4ac083a10a02a695c390fbce2476e1991543ccfb6b
25c7c6d354928d2f47116853ad68ef25d8f21afdbc1289bdc1a8b520e9fde8e5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2ef87c4987a43e9dd80a16d8de2df8190455b4495b24000701806db6c84e9823
3021fb252ad35d85b4528031714d988ae09b0b3eb118ccf2426c56f0ba4f84ca
31b45e145b0ed663a68aa8918848cb8c42ff0b0b617aa162a7056a6cfdcf048f
366dc448216fda48600c3e058aa7fe76ecdbafffddca11a7529ee658275a0c30
372fc5181999fe7d9af1a9b6d024461f4c1c517a29d0085a6eaf33aca3f18433
379b79374fd85419732e9048da588738ef21b50c15673af1160e98cf44a6fd66
394c7aa3dda4ef6cd4146a5d818dfd68b88a552ee770bc8a075bd718cec3ad8a
39e10627a934ca60587a71ee8b45f4c43c0b750c46d3cf15f0d6a5db871bc0b0
3dd447444516a3a7bb51016f53b9d5e51f5e2630382cd45e7cd7aa4f7d73210e
3f124dfca4f9b582c11b3800f4dab7d043228dec9a55f51b78b04ee0bd3a5649
4ce369df43bdd72348f5e78ca4d7f39d15893734048cdec5572cdef347650e53
5754a557446c93493bac7a65f4b3ec1e9bce67e2da63ffa61a32b174a9cc6671
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f
5f48813a08134e5a148d2160302218d4f4b668747ac9ee2c56db14458e41f526
6207260be8860f35b05ac86bbeb7efc20cc43d6f6dbd660aece9210b0dc939b2
6215472dc44c921493198a2898fe6d91b08b33cd5120c4888f90617daa71609a
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174
7258ca0727e3213dcc632719b008ae0a03845e123214a881be9cf7d6ba0fa125
783132e319245489f63b002672e999b7497bac9708436432040e359d08c9bf29
7aba29366a261480736a289f19748f4c063cb9b1d23440b4ac77f6d797ea070f
7b5e4e9a17672819ecfe654f51c26956af35d5b9ae6001eebfbaf7fdbbbc602c
7e4d3d1b5cf9ae8aa1b09e9a20c3dd6ca8741ed42cd1932527063e9da8b436ba
8161e82f1b54b39fd37b226be1b03d7819d01fec4afbdd497be8e098f5c2e4d7
8f96487dc251ffa500d3ea6f960bb88b3f408e55f16a1893b2881dbfbbb95068
93bf8d2c8a0915515341607fe9f5d90150eef653950f339c6ec303668fec61ec
9435930cd86f5f14c75266877aef893594c89f70110efc624dd6b20c1055b02c
94ab49a0b43efeaaee4bc4fa9d774d3973aef8702e01f22016009c3f7447d589
957699f924be1b55ce916a588d3f911765e0bda0d70de8dab8f36a1173da0ede
9fdc4671c243e1dbef8e8189fa541947a5ee9da0fd933bf7a62ed5dd06442279
a34f9448e801cbb09648b7f84b23ed4c99f350d45b388f02eb94619405d06dd9
a7c36782d8d3bbebe18ce814b01ddef52266dccc6778b0066fc1ab4c45295ed2
b3c1487a4dc0bb8f182ae99cdbc7ae6d50e78fc4ae12aad752704f47cf482eae
b84b08f2a34de9a0f7e6a02d145e7bc4f271a3dad6def13573cc42f9378ff6ed
bda690413d18c49cafe9a62044b3ac548a15d1e64f033cca27454029236134c8
c131eeb45d5ef0c50bbd376d618ac73fc3eb31d9fa0a21398a474748091d48e1
c336c3c2df8be5ce89c6831177743ec4677033960672a7c18120c9c1edb07745
c3e192e3723193ba163c47df28401d03a95b20a26cebc13cad1025f23dc9b0b5
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
ccc6b984a94309db5455de479d8cfc4c3cc5d97d88c5f2b18f7343fce10e1425
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0236d0329860dcb58be50dc0390b6a9b24822cd55e4f58876da4c23846b537b
d1699b0c6ad2b750a4e89e49f26725a786dc8521f7c274e9d0662f36230c2862
d76594fea4291832ac188b6d0d760ec7f3e94165683bc23589bb6b5e24c7e92b
daf6d005b90cef0c3554059480c79555bcb6ec6968ee5392889fdd15dc6eb7a2
e1f27fee705255c667b036cbde8baf7fbccbf482d50e0c3d3b5b1477bccde52e
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea664f1fe5688093c71d738b1433fab46ac44bcf93917f330ff1b873693b116a
f24519395bff5104314eaaa5ce36404f209680b28fb0cec756bb5ec021e4a8d0
f25432b94bea93b3953ec2e7ffd771f30244e6d2f51e2e22dde35b4540ce72b8
fa196fb301a5fa8dcf738943af1e47c21464c0b1e04ef569572d4d1ab56629a3