h-s-d-f-g.com Open in urlscan Pro
156.248.203.195 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ycjxys.com/
Effective URL:
http://h-s-d-f-g.com/
Submission: On September 19 via api (September 19th 2022, 6:24:58 pm UTC) from SG — Scanned from DE

Summary HTTP 54 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 15 domains to perform 54 HTTP transactions. The main IP is 156.248.203.195, located in United States and belongs to IHGGROUP-001, US. The main domain is h-s-d-f-g.com.

This is the only time h-s-d-f-g.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	104.253.185.252 104.253.185.252	18779 (EGIHOSTING) (EGIHOSTING)
15	156.248.203.195 156.248.203.195	399674 (IHGGROUP-001) (IHGGROUP-001)
19	45.8.191.45 45.8.191.45	6939 (HURRICANE) (HURRICANE)
1	45.8.191.44 45.8.191.44	6939 (HURRICANE) (HURRICANE)
1 1	104.143.94.110 104.143.94.110	201106 (SPARTANHOST) (SPARTANHOST)
1	2606:4700:303... 2606:4700:3038::6815:eb24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.61.212.47 45.61.212.47	53587 (AZT) (AZT)
1	45.61.212.220 45.61.212.220	53587 (AZT) (AZT)
1 1	78.46.107.74 78.46.107.74	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3038::6815:ea28	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	207.60.165.141 207.60.165.141	139646 (HKMTC-AS-...) (HKMTC-AS-AP HONG KONG Megalayer Technology Co.)
1	162.19.88.69 162.19.88.69	16276 (OVH) (OVH)
2	23.225.154.19 23.225.154.19	40065 (CNSERVERS) (CNSERVERS)
2	103.143.19.103 103.143.19.103	134760 (CHINANET-...) (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
54	13

4 104.253.185.252 (United States) 1 redirects

ASN18779 (EGIHOSTING, US)

ycjxys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ycjxys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 156.248.203.195 (United States)

ASN399674 (IHGGROUP-001, US)

h-s-d-f-g.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 45.8.191.45 (London, United Kingdom)

ASN6939 (HURRICANE, US)

img.siwazywimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.8.191.44 (London, United Kingdom)

ASN6939 (HURRICANE, US)

siwazywcdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.143.94.110 (Seattle, United States) 1 redirects

ASN201106 (SPARTANHOST, GB)

kvemm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eb24 (United States)

ASN13335 (CLOUDFLARENET, US)

kvhhhh.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.47 (United States)

ASN53587 (AZT, US)

88225233827.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.220 (United States)

ASN53587 (AZT, US)

65211351892.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.107.74 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.74.107.46.78.clients.your-server.de

kvhaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea28 (United States)

ASN13335 (CLOUDFLARENET, US)

nvhaaa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 207.60.165.141 (United States)

ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)

ppuunji-uuyygbv-ucdfse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.88.69 (France)

ASN16276 (OVH, FR)
PTR: ns3221384.ip-162-19-88.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.225.154.19 (United States)

ASN40065 (CNSERVERS, US)

www.govhebie.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	siwazywimg.com img.siwazywimg.com — Cisco Umbrella Rank: 366025	791 KB
15	h-s-d-f-g.com h-s-d-f-g.com	47 KB
5	ppuunji-uuyygbv-ucdfse.com ppuunji-uuyygbv-ucdfse.com	2 MB
4	ycjxys.com 1 redirects ycjxys.com www.ycjxys.com	2 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8539	12 KB
2	51.la js.users.51.la — Cisco Umbrella Rank: 69326 ia.51.la — Cisco Umbrella Rank: 61002	3 KB
2	govhebie.cn www.govhebie.cn	551 B
1	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 20262	68 KB
1	nvhaaa.top nvhaaa.top — Cisco Umbrella Rank: 912690	409 KB
1	kvhaa.com 1 redirects kvhaa.com — Cisco Umbrella Rank: 796536	132 B
1	65211351892.com 65211351892.com	996 KB
1	88225233827.com 88225233827.com	567 KB
1	kvhhhh.top kvhhhh.top	883 KB
1	kvemm.com 1 redirects kvemm.com — Cisco Umbrella Rank: 404800	133 B
1	siwazywcdn2.com siwazywcdn2.com — Cisco Umbrella Rank: 472821	41 KB
54	15

	Domain	Requested by
19	img.siwazywimg.com	h-s-d-f-g.com
15	h-s-d-f-g.com	www.ycjxys.com h-s-d-f-g.com
5	ppuunji-uuyygbv-ucdfse.com	h-s-d-f-g.com
3	www.ycjxys.com	www.ycjxys.com
2	hm.baidu.com	h-s-d-f-g.com
2	www.govhebie.cn	h-s-d-f-g.com
1	ia.51.la	h-s-d-f-g.com
1	js.users.51.la	h-s-d-f-g.com
1	i.postimg.cc	h-s-d-f-g.com
1	nvhaaa.top	h-s-d-f-g.com
1	kvhaa.com	1 redirects
1	65211351892.com	h-s-d-f-g.com
1	88225233827.com	h-s-d-f-g.com
1	kvhhhh.top	h-s-d-f-g.com
1	kvemm.com	1 redirects
1	siwazywcdn2.com	h-s-d-f-g.com
1	ycjxys.com	1 redirects
54	17

This site contains links to these domains. Also see Links.

Domain
t.me
8030900.cc
7156x.com
5782s.com
sese187.cc
www.89z.com.cn
jm5r.co
xxuu6.xyz
muyowyi.com
zhiyeedu-2.com
dytg531.xyz

Subject Issuer	Validity	Valid
img.siwazywimg.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-19` - `2023-09-19`	a year	crt.sh
*.siwazywcdn2.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-19` - `2023-09-19`	a year	crt.sh
88225233827.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-09` - `2023-08-09`	a year	crt.sh
65211351892.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-09` - `2023-08-09`	a year	crt.sh
ppuunji-uuyygbv-ucdfse.com R3	`2022-09-01` - `2022-11-30`	3 months	crt.sh
postimg.cc R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
govhebie.cn TrustAsia TLS RSA CA	`2021-10-11` - `2022-10-10`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://h-s-d-f-g.com/
Frame ID: 0518A0972345EFE555C65998A3FA0809
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

2022最新免费短视频福利网站

Page URL History Show full URLs

http://ycjxys.com/ HTTP 301
http://www.ycjxys.com/index.php Page URL
http://h-s-d-f-g.com/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Page Statistics

54
Requests

61 %
HTTPS

13 %
IPv6

15
Domains

17
Subdomains

13
IPs

6
Countries

5710 kB
Transfer

5868 kB
Size

6
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/zdq178
Title: 广告合作 Telegram：@zdq178

Search URL Search Domain Scan URL

URL: https://8030900.cc:8443/?shareName=8030900.cc

Search URL Search Domain Scan URL

URL: https://7156x.com:8633/

Search URL Search Domain Scan URL

URL: https://5782s.com:1688/

Search URL Search Domain Scan URL

URL: https://sese187.cc:8443/index.html?shareName=sese187.cc

Search URL Search Domain Scan URL

URL: http://www.89z.com.cn/vip.html

Search URL Search Domain Scan URL

URL: https://jm5r.co/index.html?channelCode=196
Title: 射精指南

Search URL Search Domain Scan URL

URL: https://xxuu6.xyz/
Title: 萝莉破处

Search URL Search Domain Scan URL

URL: https://muyowyi.com/jjphvbz.html
Title: 学生上门

Search URL Search Domain Scan URL

URL: https://zhiyeedu-2.com:550/tb518
Title: 幼女破处

Search URL Search Domain Scan URL

URL: https://dytg531.xyz/1/?lineCode=bjys01
Title: 插逼直播

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ycjxys.com/ HTTP 301
http://www.ycjxys.com/index.php Page URL
http://h-s-d-f-g.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ycjxys.com/ HTTP 301
http://www.ycjxys.com/index.php

Request Chain 35

https://kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif HTTP 301
https://kvhhhh.top/ec9fcd758df74f805f29f72e8545d13b.gif

Request Chain 38

https://kvhaa.com/df0515659c031251093942922779f350.gif HTTP 301
https://nvhaaa.top/df0515659c031251093942922779f350.gif

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

index.php Show response
www.ycjxys.com/
Redirect Chain

http://ycjxys.com/
http://www.ycjxys.com/index.php

2 KB
807 B

450ms
194ms

Document
text/html

104.253.185.252
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ycjxys.com/index.php
Protocol: HTTP/1.1
Server: 104.253.185.252 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d262c69b6e5dbf1c24981a1b02efe16b99dbf13c85fb87ed4beb385f5e18a36

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 19 Sep 2022 18:24:03 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Mon, 19 Sep 2022 18:24:03 GMT
Location: http://www.ycjxys.com/index.php
Server: nginx

GET
H/1.1 200
OK common.js Show response
www.ycjxys.com/ 2 KB
896 B 181ms
181ms Script
application/x-javascript 104.253.185.252
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ycjxys.com/common.js
Requested by: Host: www.ycjxys.com
URL: http://www.ycjxys.com/index.php
Protocol: HTTP/1.1
Server: 104.253.185.252 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: d287228010291b73f3a26b4ea4d2347a7e13ac622bf0ee5dc99c6a9cd73b9b12

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ycjxys.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:03 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js
www.ycjxys.com/ 258 B
414 B 186ms
186ms Script
application/x-javascript 104.253.185.252
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ycjxys.com/tj.js
Requested by: Host: www.ycjxys.com
URL: http://www.ycjxys.com/index.php
Protocol: HTTP/1.1
Server: 104.253.185.252 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ycjxys.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 258
Content-Type: application/x-javascript

GET
H/1.1 200
OK Primary Request / Show response
h-s-d-f-g.com/ 23 KB
7 KB 1006ms
242ms Document
text/html 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/
Requested by: Host: www.ycjxys.com
URL: http://www.ycjxys.com/common.js
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / PHP/7.1.33 ASP.NET
Resource Hash: 284acd81d1358c6d146674d514be79d2959527dfd671db86e5a0a50993736495

Request headers

Referer: http://www.ycjxys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Encoding: gzip
Content-Length: 6635
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Sep 2022 18:24:46 GMT
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.33 ASP.NET

GET
H/1.1 200
OK ate.css
h-s-d-f-g.com/template/m1938pc/css/ 74 KB
8 KB 190ms
189ms Stylesheet
text/css 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/template/m1938pc/css/ate.css
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Jan 2021 07:28:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "70516a8722f2d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 8176

GET
H/1.1 200
OK zui.css
h-s-d-f-g.com/template/m1938pc/css/ 84 KB
22 KB 368ms
189ms Stylesheet
text/css 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/template/m1938pc/css/zui.css
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 05:34:18 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "9fcffde6ef4d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 21818

GET
H/1.1 200
OK xx1.js Show response
h-s-d-f-g.com/template/m1938pc/ads/ 3 KB
1 KB 366ms
183ms Script
application/javascript 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/template/m1938pc/ads/xx1.js
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: be540d8c6c8dadc7e1916fedfd0d7905dfd33c6096aeac042d19915f31a85f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Sep 2022 19:15:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "36fbd8d7c9cad81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1202

GET
H/1.1 200
OK dh1.js Show response
h-s-d-f-g.com/template/m1938pc/ads/ 3 KB
1 KB 370ms
185ms Script
application/javascript 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/template/m1938pc/ads/dh1.js
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9a411e6148149aca9cae77e992a9d83a94693194f43497a381e0287b78e93161

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 14:59:22 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "1252ee6638ccd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1095

GET
H/1.1 200
OK 1.gif
h-s-d-f-g.com/template/m1938pc/images/ 254 B
500 B 185ms
185ms Image
image/gif 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h-s-d-f-g.com/template/m1938pc/images/1.gif
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:47 GMT
Last-Modified: Fri, 11 Jun 2021 00:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "28ba8f2595ed71:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 254

GET
H/1.1 200
OK dh.js Show response
h-s-d-f-g.com/template/m1938pc/ads/ 2 KB
944 B 366ms
200ms Script
application/javascript 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/template/m1938pc/ads/dh.js
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 73d44f3c9d01ef165d4469cbbe5f1a4824a330ad5a333581829b8bbf6bc92aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2022 17:31:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "df929aedfc2d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 638

GET
H/1.1 200
OK app.js Show response
h-s-d-f-g.com/template/m1938pc/ads/ 450 B
730 B 369ms
185ms Script
application/javascript 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/template/m1938pc/ads/app.js
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cb6a1ab016718c50d1e356b6195b702e3fcad9c1ad2ca905190a894ad5960f56

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:46 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Sep 2022 12:21:01 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8052c4822ccd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 424

GET
H/1.1 200
OK xx2.js Show response
h-s-d-f-g.com/template/m1938pc/ads/ 1 KB
737 B 190ms
186ms Script
application/javascript 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/template/m1938pc/ads/xx2.js
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6bc2e01ffb025fb04eff535ee5cdbb68a128dbba892f532f6a9d04abf37429da

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Sep 2022 19:15:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "6e22e0d7c9cad81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 430

GET
H/1.1 200
OK 1.js Show response
h-s-d-f-g.com/template/m1938pc/ads/ 720 B
743 B 188ms
185ms Script
application/javascript 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/template/m1938pc/ads/1.js
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 709e7f92f93f2a9a721d1dd4ccb7709af3892c53b7621feaac67944d7fe9c001

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Sep 2022 17:31:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "452031aedfc2d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 436

GET
H2 200 iGWpr3u6.jpg
img.siwazywimg.com/cvjpg/ 63 KB
63 KB 1952ms
343ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/iGWpr3u6.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e9de18ea85dfe55509c4ba37ff54def97112179e96ed9a263bd8def1015c2f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Mon, 22 Nov 2021 11:10:33 GMT
server: nginx
etag: "619b7aa9-fa97"
x-cache-status: HIT, HIT
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000, public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 64151

GET
H2 200 qsWNunS2.jpg
img.siwazywimg.com/cvjpg/ 64 KB
64 KB 2194ms
585ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/qsWNunS2.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: a479c13dea80b7cf0280819cc8d9ce2575d60201cc7594fc034a072567be6903

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Mon, 22 Nov 2021 11:10:43 GMT
server: nginx
etag: "619b7ab3-ffec"
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000, public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 65516

GET
H2 200 rmx9yD5i.jpg
siwazywcdn2.com/cvjpg/ 41 KB
41 KB 1123ms
209ms Image
image/jpeg 45.8.191.44
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siwazywcdn2.com:5278/cvjpg/rmx9yD5i.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.44 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: e456db3db5154228a6fd3fcf122a38b455bf25f7bf28e86b57eb60ae797a6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:49 GMT
last-modified: Wed, 11 May 2022 10:49:46 GMT
server: nginx
etag: "627b94ca-a21c"
x-cache-server: s242
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000, public, max-age=15768000, public, max-age=15768000, public, max-age=15768000, public, max-age=15768000, public, max-age=15768000, public, max-age=15768000, public, max-age=15768000, public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 41500

GET
H2 200 92Lje8i5.jpg
img.siwazywimg.com/cvjpg/ 94 KB
95 KB 2237ms
629ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/92Lje8i5.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: a85ded447ca8863012767d01947891f517d0322b595ccd4d4a474993dc06e574

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Mon, 22 Nov 2021 11:10:32 GMT
server: nginx
etag: "619b7aa8-179f3"
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000, public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 96755

GET
H2 200 BVwe6uXU.jpg
img.siwazywimg.com/cvjpg/ 89 KB
89 KB 2238ms
629ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/BVwe6uXU.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 25af85f34fa9021bae72e2da430d3cb807dbc1f53a4f28f0480aa7c17643e65e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Mon, 22 Nov 2021 11:10:35 GMT
server: nginx
etag: "619b7aab-1631e"
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000, public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 90910

GET
H2 200 PrQmUTkj.jpg
img.siwazywimg.com/cvjpg/ 153 KB
154 KB 2238ms
630ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/PrQmUTkj.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: fc6185f434fab28d7a5226bd18b3c814b502743f292feeca8e30a4ab7afa5d56

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Mon, 22 Nov 2021 11:10:34 GMT
server: nginx
etag: "619b7aaa-26594"
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000, public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 157076

GET
H2 200 QYoOGELW.jpg
img.siwazywimg.com/cvjpg/ 61 KB
61 KB 2238ms
630ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/QYoOGELW.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 58171d87797db4e86a57160f173f9e529509d091ecf347882bc92f75696c3e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Mon, 22 Nov 2021 11:10:43 GMT
server: nginx
etag: "619b7ab3-f45d"
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000, public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 62557

GET
H2 200 IVxpBK6v.jpg
img.siwazywimg.com/cvjpg/ 60 KB
60 KB 598ms
596ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/IVxpBK6v.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: cfa0858650f22f6503d04e7e6d3c88e8f49e69f84cabd217e456995fb0fa518d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Mon, 22 Nov 2021 11:10:33 GMT
server: nginx
etag: "619b7aa9-eeaa"
x-cache-status: HIT, HIT, HIT
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000, public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 61098

GET
H2 200 bpJ6afiE.jpg
img.siwazywimg.com/cvjpg/ 92 KB
92 KB 598ms
596ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/bpJ6afiE.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e161699e506e7e4e9ef5f1a5c3014abfb88148bbeb34bff960b749b9c646095

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Mon, 22 Nov 2021 11:10:40 GMT
server: nginx
etag: "619b7ab0-16ea3"
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000, public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 93859

GET
H2 200 U05cjnim.jpg
img.siwazywimg.com/cvjpg/ 59 KB
59 KB 599ms
597ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/U05cjnim.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: cab123ad64207ca6e7580ce8c35d3be10358553b551a11ab04059667eaa2573d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Mon, 22 Nov 2021 11:10:45 GMT
server: nginx
etag: "619b7ab5-eb82"
x-cache-status: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000, public, max-age=15768000
access-control-allow-credentials: true, true
accept-ranges: bytes
content-length: 60290

GET
H2 200 wxLTrhWt.jpg
img.siwazywimg.com/cvjpg/ 5 KB
6 KB 599ms
597ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/wxLTrhWt.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 9762b3b42344e9780ab4ffd82d0fb0f5d09fd32c0e89b751076671c8e776f975

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Sat, 16 Jul 2022 12:13:35 GMT
server: nginx
etag: "62d2ab6f-15f6"
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5622

GET
H2 200 1CwgaM9f.jpg
img.siwazywimg.com/cvjpg/ 4 KB
4 KB 599ms
597ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/1CwgaM9f.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: d99f97d57c2da04350df74577bb5f381fcdbb17ebf6d46148a7f50fbb1938ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Sat, 16 Jul 2022 11:08:08 GMT
server: nginx
etag: "62d29c18-e14"
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3604

GET
H2 200 AUjZTJfI.jpg
img.siwazywimg.com/cvjpg/ 5 KB
5 KB 599ms
598ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/AUjZTJfI.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: f2fc91392f42d7441dab4416888da3ded8301304fa90efc7eabf32b2177010f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Sat, 16 Jul 2022 10:55:24 GMT
server: nginx
etag: "62d2991c-1302"
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4866

GET
H2 200 cwm1sJl2.jpg
img.siwazywimg.com/cvjpg/ 5 KB
5 KB 600ms
598ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/cwm1sJl2.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 433dfc5eec4418606a326c6815431c14b44198a4352b17c829828c687e7a4cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Sat, 16 Jul 2022 12:02:20 GMT
server: nginx
etag: "62d2a8cc-131d"
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4893

GET
H2 200 LGvqr04Y.jpg
img.siwazywimg.com/cvjpg/ 6 KB
7 KB 600ms
598ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/LGvqr04Y.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: cab3fd518564b216ecde2889607cb3c50fe98e140e94ed122ce0d42c139bf4d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Sat, 16 Jul 2022 10:52:10 GMT
server: nginx
etag: "62d2985a-19fb"
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 6651

GET
H2 200 dj29fKhu.jpg
img.siwazywimg.com/cvjpg/ 3 KB
3 KB 600ms
598ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/dj29fKhu.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: cf823e0a88bc4964e4d3a912cfd5497b351a55800800c68d636e221f7620b11d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Sat, 16 Jul 2022 12:12:29 GMT
server: nginx
etag: "62d2ab2d-cb1"
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3249

GET
H2 200 v2a3hZfz.jpg
img.siwazywimg.com/cvjpg/ 7 KB
7 KB 600ms
599ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/v2a3hZfz.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 34d2698ccdb43fa2689caf37aab991fb9abb6aaa4da2952633a6009ae8e8d6be

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Sat, 16 Jul 2022 11:07:25 GMT
server: nginx
etag: "62d29bed-1b59"
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7001

GET
H2 200 jBySMYKR.jpg
img.siwazywimg.com/cvjpg/ 5 KB
6 KB 601ms
599ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/jBySMYKR.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 23e6d19442cb8ff05d6a9fa5a97c978da7c537887e0290dff0b0612eb1f25b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Sat, 16 Jul 2022 11:57:58 GMT
server: nginx
etag: "62d2a7c6-1572"
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 5490

GET
H2 200 Y8D2qhfF.jpg
img.siwazywimg.com/cvjpg/ 7 KB
8 KB 601ms
599ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/Y8D2qhfF.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: c72ec39c94fd28cabff99f9d28131054a67979e077bf794495db3b28ce57bd83

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Sat, 16 Jul 2022 12:02:56 GMT
server: nginx
etag: "62d2a8f0-1d30"
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 7472

GET
H2 200 fHqYrzCo.jpg
img.siwazywimg.com/cvjpg/ 3 KB
4 KB 601ms
599ms Image
image/jpeg 45.8.191.45
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.siwazywimg.com:5278/cvjpg/fHqYrzCo.jpg
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.8.191.45 London, United Kingdom, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx /
Resource Hash: 62f46158d7fd04fcca09e953dd9b347214f5193408f0b117d3f45f6ab5ae645b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Sat, 16 Jul 2022 11:55:32 GMT
server: nginx
etag: "62d2a734-db2"
x-cache-server: s122
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 3506

GET
H/1.1 200
OK xx3.js Show response
h-s-d-f-g.com/template/m1938pc/ads/ 275 B
643 B 185ms
184ms Script
application/javascript 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/template/m1938pc/ads/xx3.js
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3695be703522cabdfe39a362515fc0e9f1cbc0f451e4dd739c2052ee1615133a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:46 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Sep 2022 19:15:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "9a49e7d7c9cad81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 336

GET
H/1.1 200
OK dl.js Show response
h-s-d-f-g.com/template/m1938pc/ads/ 865 B
766 B 183ms
183ms Script
application/javascript 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/template/m1938pc/ads/dl.js
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9e9bf9d364d057359d1fefa614e53932d7d00c55f63e9501a5412ffa66eb973b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 14:18:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "53132728c38bd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 459

GET
H/1.1 200
OK tj.js Show response
h-s-d-f-g.com/template/m1938pc/ads/ 102 B
514 B 184ms
184ms Script
application/javascript 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to

Full URL: http://h-s-d-f-g.com/template/m1938pc/ads/tj.js
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d7be4f7c40e87f2c66bb9b94e31915c2cc689f5fda670d3d8ceddee8a610b264

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:47 GMT
Content-Encoding: gzip
Last-Modified: Sun, 04 Sep 2022 14:56:58 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "ae4fc6946ec0d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 207

GET
H2

200

ec9fcd758df74f805f29f72e8545d13b.gif
kvhhhh.top/
Redirect Chain

https://kvemm.com/ec9fcd758df74f805f29f72e8545d13b.gif
https://kvhhhh.top/ec9fcd758df74f805f29f72e8545d13b.gif

881 KB
883 KB

154ms
51ms

Image
image/gif

2606:4700:3038::6815:eb24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhhhh.top/ec9fcd758df74f805f29f72e8545d13b.gif
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Server: 2606:4700:3038::6815:eb24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181198
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 902313
last-modified: Sat, 12 Mar 2022 15:17:28 GMT
server: cloudflare
etag: "622cb988-dc4a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6baEwwr96gnYEzIbt943PbKAYkmAyX4ZCipNPcGaiZjT25RtfUqMAWYeo0w%2B6%2F3eqXKA6U0FcCPv5QxSPZScy%2B56H7z2e7yaUomjq92pr4nf0X7Pexo2WfPtMUad%2BbxZ%2BBivxYIudBp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74d45c4b5a68072e-LHR
expires: Mon, 17 Oct 2022 16:04:52 GMT

Redirect headers

location: https://kvhhhh.top/ec9fcd758df74f805f29f72e8545d13b.gif
date: Mon, 19 Sep 2022 18:24:50 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H/1.1 200
OK 5763ea0cd4c447e989e183612716414b.gif
88225233827.com/ 567 KB
567 KB 3219ms
472ms Image
image/gif 45.61.212.47
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://88225233827.com/5763ea0cd4c447e989e183612716414b.gif
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.47 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 29 Aug 2022 14:44:43 GMT
Last-Modified: Mon, 29 Aug 2022 12:18:35 GMT
Server: nginx
ETag: "630cae9b-8dadb"
X-Cache: HIT from cloud-us1-cdnb-17
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 580315

GET
H/1.1 200
OK 4fe2b2a7d33f4c66a1aa0bd1ae2b2824.gif
65211351892.com/ 996 KB
996 KB 3862ms
472ms Image
image/gif 45.61.212.220
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://65211351892.com/4fe2b2a7d33f4c66a1aa0bd1ae2b2824.gif
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.220 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 16:21:35 GMT
Last-Modified: Sun, 07 Aug 2022 08:10:19 GMT
Server: nginx
ETag: "62ef736b-f90bb"
X-Cache: HIT from cloud-us3-cdnb-20
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1020091

GET
H2

200

df0515659c031251093942922779f350.gif
nvhaaa.top/
Redirect Chain

https://kvhaa.com/df0515659c031251093942922779f350.gif
https://nvhaaa.top/df0515659c031251093942922779f350.gif

408 KB
409 KB

171ms
52ms

Image
image/gif

2606:4700:3038::6815:ea28
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvhaaa.top/df0515659c031251093942922779f350.gif
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Server: 2606:4700:3038::6815:ea28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6051c428622f29877786c097c50417643f91cd4942529192961604762dd40981

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35479
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 417605
last-modified: Mon, 04 Jul 2022 12:16:06 GMT
server: cloudflare
etag: "62c2da06-65f45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BrU8R%2BUOBXfRl0FUfbZN0Pslobh4%2B0EF%2BOYjaN%2FsMxjZDD7FFj4DOftFOrDnZ0D6M9y1OjAd0lRwxmrdlLQflRWGEWUAp9RjBWzDgSOiURKEcHIRbNPem1A37qZzu%2BkyMafhzMryHRJ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 74d45c461a1f76db-LHR
expires: Wed, 19 Oct 2022 08:33:30 GMT

Redirect headers

location: https://nvhaaa.top/df0515659c031251093942922779f350.gif
date: Mon, 19 Sep 2022 18:24:49 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H/1.1 200
OK 1122.gif
ppuunji-uuyygbv-ucdfse.com/tp/ 118 KB
118 KB 1278ms
360ms Image
image/gif 207.60.165.141
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppuunji-uuyygbv-ucdfse.com/tp/1122.gif
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 207.60.165.141 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:56 GMT
Last-Modified: Mon, 21 Mar 2022 13:40:41 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c025b541293dd81:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 120952

GET
H/1.1 200
OK 857857.gif
ppuunji-uuyygbv-ucdfse.com/tp/ 2 MB
2 MB 1123ms
365ms Image
image/gif 207.60.165.141
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppuunji-uuyygbv-ucdfse.com/tp/857857.gif
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 207.60.165.141 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:56 GMT
Last-Modified: Tue, 06 Sep 2022 10:27:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "9d6f334adbc1d81:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 1626999

GET
H/1.1 200
OK 111.gif
ppuunji-uuyygbv-ucdfse.com/tp/ 61 KB
62 KB 1248ms
363ms Image
image/gif 207.60.165.141
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppuunji-uuyygbv-ucdfse.com/tp/111.gif
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 207.60.165.141 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 47e384804881c311fbe7e128b08d5e607ab8ebfee34a208d127e4999e3d560b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:56 GMT
Last-Modified: Wed, 07 Sep 2022 17:21:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "dffb43dec2d81:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 62897

GET
H/1.1 200
OK 222.gif
ppuunji-uuyygbv-ucdfse.com/tp/ 61 KB
61 KB 1110ms
364ms Image
image/gif 207.60.165.141
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppuunji-uuyygbv-ucdfse.com/tp/222.gif
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 207.60.165.141 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0901b03dfb8aaba7ae88832c0da1bd55dc3414d96144c1c80a4d8cb11a41bf53

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:56 GMT
Last-Modified: Wed, 07 Sep 2022 17:21:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "7ab64e51dec2d81:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 62604

GET
H/1.1 200
OK 333.gif
ppuunji-uuyygbv-ucdfse.com/tp/ 59 KB
60 KB 672ms
420ms Image
image/gif 207.60.165.141
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ppuunji-uuyygbv-ucdfse.com/tp/333.gif
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 207.60.165.141 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c4562515f01c31d3a2980aa27fd23a18dbe58c3575d4d9c6498469d28def788d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:56 GMT
Last-Modified: Wed, 07 Sep 2022 17:22:15 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "a7371b60dec2d81:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 60683

GET
H2 200 s1-250x250.gif
i.postimg.cc/mrSfj7wh/ 68 KB
68 KB 167ms
50ms Image
image/gif 162.19.88.69
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/mrSfj7wh/s1-250x250.gif
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.19.88.69 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3221384.ip-162-19-88.eu
Software: nginx /
Resource Hash: a7d0cd2dbade6532590585b5e609ce9fe05bba836bf466a519181c244f77571e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:24:50 GMT
last-modified: Wed, 07 Sep 2022 15:18:54 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 69805
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK video-mask.png
h-s-d-f-g.com/template/m1938pc/images/ 107 B
354 B 185ms
184ms Image
image/png 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h-s-d-f-g.com/template/m1938pc/images/video-mask.png
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/template/m1938pc/css/zui.css
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:49 GMT
Last-Modified: Sun, 24 Jan 2021 07:28:42 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b0b58b8a22f2d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 107

GET
H/1.1 200
OK video-play.png
h-s-d-f-g.com/template/m1938pc/images/ 2 KB
2 KB 185ms
185ms Image
image/png 156.248.203.195
IHGGROUP-001

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h-s-d-f-g.com/template/m1938pc/images/video-play.png
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/template/m1938pc/css/zui.css
Protocol: HTTP/1.1
Server: 156.248.203.195 , United States, ASN399674 (IHGGROUP-001, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:49 GMT
Last-Modified: Sun, 24 Jan 2021 07:28:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "4081698d22f2d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1567

GET
H2 200 652DC186-F0A8-16967-33-92F7018BFD6E.alpha Show response
www.govhebie.cn/ty/ 26 B
275 B 915ms
185ms Script
text/html 23.225.154.19
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govhebie.cn:12443/ty/652DC186-F0A8-16967-33-92F7018BFD6E.alpha
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/template/m1938pc/ads/dl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.225.154.19 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: bc813b8086414a7a973b0eefa86d9d60e6dbe86ec4d06f1608cae4af9a1b053a

Request headers

Referer: http://h-s-d-f-g.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 19 Sep 2022 18:24:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:24:49 GMT
server: nginx
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
expires: Mon, 19 Sep 2022 18:39:49 GMT

GET
H2 200 98762582-B4FB-16969-34-655C996D7D15.alpha Show response
www.govhebie.cn/ty/ 26 B
276 B 913ms
184ms Script
text/html 23.225.154.19
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.govhebie.cn:12443/ty/98762582-B4FB-16969-34-655C996D7D15.alpha
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/template/m1938pc/ads/dl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.225.154.19 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: bc813b8086414a7a973b0eefa86d9d60e6dbe86ec4d06f1608cae4af9a1b053a

Request headers

Referer: http://h-s-d-f-g.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 19 Sep 2022 18:24:49 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:24:49 GMT
server: nginx
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
expires: Mon, 19 Sep 2022 18:39:49 GMT

GET
H/1.1 200
OK 20894175.js Show response
js.users.51.la/ 5 KB
3 KB 1896ms
247ms Script
application/javascript 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20894175.js
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/template/m1938pc/ads/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: 5939ec25e1e2884ed4f4926e10431b6b2d87b0a31b931e20144513f827a56ef5

Request headers

Referer: http://h-s-d-f-g.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 19 Sep 2022 18:24:51 GMT
Content-Encoding: gzip
Server: CloudWAF
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200 go1
ia.51.la/ 0
215 B 800ms
281ms Image
text/plain 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=20894175&rt=1663611891967&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=2022%25E6%259C%2580%25E6%2596%25B0%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E7%25A6%258F%25E5%2588%25A9%25E7%25BD%2591%25E7%25AB%2599&ing=1&ekc=&sid=1663611891967&tt=2022%25E6%259C%2580%25E6%2596%25B0%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E7%25A6%258F%25E5%2588%25A9%25E7%25BD%2591%25E7%25AB%2599&kw=2022%25E6%259C%2580%25E6%2596%25B0%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E7%25A6%258F%25E5%2588%25A9%25E7%25BD%2591%25E7%25AB%2599&cu=http%253A%252F%252Fh-s-d-f-g.com%252F&pu=http%253A%252F%252Fwww.ycjxys.com%252F
Requested by: Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/
Protocol: HTTP/1.1
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:52 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 2018ms
400ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3

Requested by

Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

4c2f5c888011304225b8da06e21db9fac4d2d30b0b545b95328f69b6bf2c6f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 18:24:53 GMT
Content-Encoding: gzip
Server: apache
Etag: f022d0d0463f6cce10c9159e1eaabe61
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11340

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 386ms
386ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1759405952&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.ycjxys.com%2F&v=1.2.97&lv=1&sn=5919&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fh-s-d-f-g.com%2F&tt=2022%E6%9C%80%E6%96%B0%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E7%A6%8F%E5%88%A9%E7%BD%91%E7%AB%99

Requested by

Host: h-s-d-f-g.com
URL: http://h-s-d-f-g.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://h-s-d-f-g.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 18:24:54 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
h-s-d-f-g.com/	1969-12-31 23:59:59	Name: __tins__20894175 Value: %7B%22sid%22%3A%201663611891967%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201663613691967%7D
h-s-d-f-g.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
h-s-d-f-g.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
.hm.baidu.com/	1970-01-20 15:42:51	Name: HMACCOUNT_BFESS Value: E7B2D3B66ADA45D4
.h-s-d-f-g.com/	1970-01-20 14:52:27	Name: Hm_lvt_3df8be917891033aa229f40ad4fd25e3 Value: 1663611894
.h-s-d-f-g.com/	1969-12-31 23:59:59	Name: Hm_lpvt_3df8be917891033aa229f40ad4fd25e3 Value: 1663611894

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://h-s-d-f-g.com/template/m1938pc/ads/dl.js(Line 6) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.govhebie.cn:12443/ty/652DC186-F0A8-16967-33-92F7018BFD6E.alpha, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://h-s-d-f-g.com/template/m1938pc/ads/dl.js(Line 6) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.govhebie.cn:12443/ty/652DC186-F0A8-16967-33-92F7018BFD6E.alpha, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://h-s-d-f-g.com/template/m1938pc/ads/dl.js(Line 19) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.govhebie.cn:12443/ty/98762582-B4FB-16969-34-655C996D7D15.alpha, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://h-s-d-f-g.com/template/m1938pc/ads/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/20894175.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://h-s-d-f-g.com/template/m1938pc/ads/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/20894175.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

65211351892.com
88225233827.com
h-s-d-f-g.com
hm.baidu.com
i.postimg.cc
ia.51.la
img.siwazywimg.com
js.users.51.la
kvemm.com
kvhaa.com
kvhhhh.top
nvhaaa.top
ppuunji-uuyygbv-ucdfse.com
siwazywcdn2.com
www.govhebie.cn
www.ycjxys.com
ycjxys.com
103.143.19.103
103.235.46.191
104.143.94.110
104.253.185.252
156.248.203.195
162.19.88.69
207.60.165.141
23.225.154.19
2606:4700:3038::6815:ea28
2606:4700:3038::6815:eb24
45.61.212.220
45.61.212.47
45.8.191.44
45.8.191.45
78.46.107.74
0901b03dfb8aaba7ae88832c0da1bd55dc3414d96144c1c80a4d8cb11a41bf53
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
23e6d19442cb8ff05d6a9fa5a97c978da7c537887e0290dff0b0612eb1f25b5f
25af85f34fa9021bae72e2da430d3cb807dbc1f53a4f28f0480aa7c17643e65e
284acd81d1358c6d146674d514be79d2959527dfd671db86e5a0a50993736495
34d2698ccdb43fa2689caf37aab991fb9abb6aaa4da2952633a6009ae8e8d6be
3695be703522cabdfe39a362515fc0e9f1cbc0f451e4dd739c2052ee1615133a
433dfc5eec4418606a326c6815431c14b44198a4352b17c829828c687e7a4cbc
47e384804881c311fbe7e128b08d5e607ab8ebfee34a208d127e4999e3d560b0
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435
4c2f5c888011304225b8da06e21db9fac4d2d30b0b545b95328f69b6bf2c6f8d
58171d87797db4e86a57160f173f9e529509d091ecf347882bc92f75696c3e62
5939ec25e1e2884ed4f4926e10431b6b2d87b0a31b931e20144513f827a56ef5
5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce
6051c428622f29877786c097c50417643f91cd4942529192961604762dd40981
62f46158d7fd04fcca09e953dd9b347214f5193408f0b117d3f45f6ab5ae645b
6bc2e01ffb025fb04eff535ee5cdbb68a128dbba892f532f6a9d04abf37429da
6e161699e506e7e4e9ef5f1a5c3014abfb88148bbeb34bff960b749b9c646095
709e7f92f93f2a9a721d1dd4ccb7709af3892c53b7621feaac67944d7fe9c001
73d44f3c9d01ef165d4469cbbe5f1a4824a330ad5a333581829b8bbf6bc92aa5
7d262c69b6e5dbf1c24981a1b02efe16b99dbf13c85fb87ed4beb385f5e18a36
7e9de18ea85dfe55509c4ba37ff54def97112179e96ed9a263bd8def1015c2f2
819a4224605c47089d7456012a957beef9f0a59191a8a63e4c0aefa6c3ece6b7
9762b3b42344e9780ab4ffd82d0fb0f5d09fd32c0e89b751076671c8e776f975
9a411e6148149aca9cae77e992a9d83a94693194f43497a381e0287b78e93161
9e9bf9d364d057359d1fefa614e53932d7d00c55f63e9501a5412ffa66eb973b
a479c13dea80b7cf0280819cc8d9ce2575d60201cc7594fc034a072567be6903
a7d0cd2dbade6532590585b5e609ce9fe05bba836bf466a519181c244f77571e
a85ded447ca8863012767d01947891f517d0322b595ccd4d4a474993dc06e574
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
bc813b8086414a7a973b0eefa86d9d60e6dbe86ec4d06f1608cae4af9a1b053a
be540d8c6c8dadc7e1916fedfd0d7905dfd33c6096aeac042d19915f31a85f03
c4562515f01c31d3a2980aa27fd23a18dbe58c3575d4d9c6498469d28def788d
c72ec39c94fd28cabff99f9d28131054a67979e077bf794495db3b28ce57bd83
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
cab123ad64207ca6e7580ce8c35d3be10358553b551a11ab04059667eaa2573d
cab3fd518564b216ecde2889607cb3c50fe98e140e94ed122ce0d42c139bf4d6
cb6a1ab016718c50d1e356b6195b702e3fcad9c1ad2ca905190a894ad5960f56
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf823e0a88bc4964e4d3a912cfd5497b351a55800800c68d636e221f7620b11d
cfa0858650f22f6503d04e7e6d3c88e8f49e69f84cabd217e456995fb0fa518d
d287228010291b73f3a26b4ea4d2347a7e13ac622bf0ee5dc99c6a9cd73b9b12
d60a38f60cbd8cc782d6ecaf7c076dea16bf5eddfdc064d0aa4c03a440d236aa
d7be4f7c40e87f2c66bb9b94e31915c2cc689f5fda670d3d8ceddee8a610b264
d99f97d57c2da04350df74577bb5f381fcdbb17ebf6d46148a7f50fbb1938ce1
dd5ff25f4d6931bd3d2ef86c1a8901853ee2503fd2d6edb264a61abb37c2b002
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e456db3db5154228a6fd3fcf122a38b455bf25f7bf28e86b57eb60ae797a6618
ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47
f2fc91392f42d7441dab4416888da3ded8301304fa90efc7eabf32b2177010f2
fc6185f434fab28d7a5226bd18b3c814b502743f292feeca8e30a4ab7afa5d56

h-s-d-f-g.com Open in urlscan Pro 156.248.203.195 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

61 %HTTPS

13 %IPv6

15 Domains

17 Subdomains

13 IPs

6 Countries

5710 kBTransfer

5868 kBSize

6 Cookies

11 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

h-s-d-f-g.com Open in urlscan Pro
156.248.203.195 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

61 %
HTTPS

13 %
IPv6

15
Domains

17
Subdomains

13
IPs

6
Countries

5710 kB
Transfer

5868 kB
Size

6
Cookies

54 HTTP transactions
0 data transactions