urlscan.io logo urlscan.io
SecurityTrails logo

www.saficoo.net Open in urlscan Pro
154.23.117.87  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://saficoo.net/
Effective URL: http://www.saficoo.net/index.php
Submission: On July 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 21 domains to perform 53 HTTP transactions. The main IP is 154.23.117.87, located in Tai Wan, Hong Kong and belongs to HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK. The main domain is www.saficoo.net.
This is the only time www.saficoo.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 154.23.117.87 139646 (HKMTC-AS-...)
8 104.252.181.78 18779 (EGIHOSTING)
3 103.235.46.191 55967 (BAIDU Bei...)
1 1 45.154.215.92 201106 (SPARTANHOST)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 104.143.94.110 201106 (SPARTANHOST)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 67.198.205.125 ()
1 2606:4700:303... ()
1 20.187.120.53 8075 (MICROSOFT...)
1 220.128.218.220 ()
2 47.56.33.37 ()
2 2606:1980:8::5 54994 (QUANTILNE...)
14 2606:4700:303... 13335 (CLOUDFLAR...)
1 14.17.102.110 4134 (CHINANET-...)
1 47.243.34.232 ()
53 14
4    154.23.117.87 (Tai Wan, Hong Kong)

ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)
saficoo.net
www.saficoo.net
8    104.252.181.78 (United States)

ASN18779 (EGIHOSTING, US)
www.ddys032.top
3    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    45.154.215.92 (Seattle, United States)

ASN201106 (SPARTANHOST, GB)
kvezz.com
1    2606:4700:3034::ac43:9715 (United States)

ASN13335 (CLOUDFLARENET, US)
acoossu.top
1    104.143.94.110 (Seattle, United States)

ASN201106 (SPARTANHOST, GB)
kzerr.com
1    2606:4700:3035::6815:210c (United States)

ASN13335 (CLOUDFLARENET, US)
kvhooo.top
1    67.198.205.125 (None, )

ASN- ()
kzeaa.com
1    2606:4700:3038::6815:eac6 (None, )

ASN- ()
kvheee.top
1    20.187.120.53 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
fadacaitp.com
1    220.128.218.220 (None, )

ASN- ()
taiwtp1.com
2    47.56.33.37 (None, )

ASN- ()
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com
2    2606:1980:8::5 (United States)

ASN54994 (QUANTILNETWORKS, US)
si1.go2yd.com
14    2606:4700:3038::6815:ebad (United States)

ASN13335 (CLOUDFLARENET, US)
fmlb.netlbtu.com
1    14.17.102.110 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
js.users.51.la
1    47.243.34.232 (None, )

ASN- ()
www.9aijavbus.org
Apex Domain
Subdomains		 Transfer
14 netlbtu.com
fmlb.netlbtu.com — Cisco Umbrella Rank: 185464
142 KB
8 ddys032.top
www.ddys032.top
68 KB
4 saficoo.net
saficoo.net
www.saficoo.net
2 KB
3 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 7790
23 KB
2 go2yd.com
si1.go2yd.com — Cisco Umbrella Rank: 304788
259 KB
2 aliyuncs.com
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com
1 9aijavbus.org
www.9aijavbus.org
556 B
1 51.la
js.users.51.la — Cisco Umbrella Rank: 60541
ia.51.la Failed
3 KB
1 taiwtp1.com
taiwtp1.com
46 KB
1 fadacaitp.com
fadacaitp.com — Cisco Umbrella Rank: 559642
581 KB
1 kvheee.top
kvheee.top
1002 KB
1 kzeaa.com
kzeaa.com
133 B
1 kvhooo.top
kvhooo.top — Cisco Umbrella Rank: 811452
899 KB
1 kzerr.com
kzerr.com — Cisco Umbrella Rank: 377980
133 B
1 acoossu.top
acoossu.top — Cisco Umbrella Rank: 565907
392 KB
1 kvezz.com
kvezz.com — Cisco Umbrella Rank: 293877
132 B
0 marjorienice.com Failed
marjorienice.com Failed
0 toutiaoimg.com Failed
p26.toutiaoimg.com Failed
0 loli.net Failed
i.loli.net Failed
0 bdstatic.com Failed
pic.rmb.bdstatic.com Failed
0 xox9325.com Failed
xox9325.com Failed
53 21
Domain Requested by
14 fmlb.netlbtu.com www.ddys032.top
8 www.ddys032.top www.saficoo.net
www.ddys032.top
3 hm.baidu.com www.saficoo.net
www.ddys032.top
3 www.saficoo.net www.saficoo.net
2 si1.go2yd.com www.ddys032.top
2 aliyun-static-oss.oss-cn-hongkong.aliyuncs.com www.ddys032.top
1 www.9aijavbus.org www.saficoo.net
1 js.users.51.la www.ddys032.top
1 taiwtp1.com www.ddys032.top
1 fadacaitp.com www.ddys032.top
1 kvheee.top www.ddys032.top
1 kzeaa.com 1 redirects
1 kvhooo.top www.ddys032.top
1 kzerr.com 1 redirects
1 acoossu.top www.ddys032.top
1 kvezz.com 1 redirects
1 saficoo.net 1 redirects
0 ia.51.la Failed www.ddys032.top
0 marjorienice.com Failed www.saficoo.net
0 p26.toutiaoimg.com Failed www.ddys032.top
0 i.loli.net Failed www.ddys032.top
0 pic.rmb.bdstatic.com Failed www.ddys032.top
0 xox9325.com Failed www.ddys032.top
53 23

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018		 2021-11-15 -
2022-08-02		 9 months crt.sh
fadacaitp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-18 -
2023-05-18		 a year crt.sh
taiwtp1.com
R3		 2022-04-10 -
2022-07-09		 3 months crt.sh
*.oss-cn-hongkong.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-01-20 -
2023-02-21		 a year crt.sh
*.go2yd.com
GeoTrust RSA CN CA G2		 2021-06-21 -
2022-07-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-09 -
2023-04-09		 a year crt.sh
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-29 -
2023-04-30		 a year crt.sh
www.9aijavbus.org
TrustAsia RSA DV TLS CA G2		 2022-04-18 -
2023-04-18		 a year crt.sh

This page contains 2 frames:

Primary Page: http://www.saficoo.net/index.php
Frame ID: 7EC00AD777CDA1A0B0D5E8926EC23E54
Requests: 5 HTTP requests in this frame

Frame: http://www.ddys032.top/
Frame ID: E993DB6C70D5081F20919535979D89F0
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

莱芜纱蹿家居有限公司国产精品无码一区二区三区不卡,99精品国产自在自线,亚洲日韩视频一区二区,色欲日日拍夜夜嗷嗷叫莱芜纱蹿家居有限公司

Page URL History Show full URLs

  1. http://saficoo.net/ HTTP 301
    http://www.saficoo.net/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

53
Requests

47 %
HTTPS

31 %
IPv6

21
Domains

23
Subdomains

14
IPs

3
Countries

3417 kB
Transfer

3754 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://saficoo.net/ HTTP 301
    http://www.saficoo.net/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP 301
  • https://acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
Request Chain 9
  • https://kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif HTTP 301
  • https://kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
Request Chain 10
  • https://kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif HTTP 301
  • https://kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif

53 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.saficoo.net/
Redirect Chain
  • http://saficoo.net/
  • http://www.saficoo.net/index.php
2 KB
769 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.saficoo.net/index.php
Protocol
HTTP/1.1
Server
154.23.117.87 Tai Wan, Hong Kong, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
caf430453a6973b82b1f51a1cfca5ce65ac2ce5b0e354be296e332c91d98e4bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 03 Jul 2022 01:02:56 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Sun, 03 Jul 2022 01:02:54 GMT
Location
http://www.saficoo.net/index.php
Server
nginx
common.js
www.saficoo.net/ 		1 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.saficoo.net/common.js
Requested by
Host: www.saficoo.net
URL: http://www.saficoo.net/index.php
Protocol
HTTP/1.1
Server
154.23.117.87 Tai Wan, Hong Kong, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
b718543d317024c097735be8ab9059533044d9457e0cd5703a76b52f6c1ae8f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.saficoo.net/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:02:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/x-javascript
tj.js
www.saficoo.net/ 		258 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.saficoo.net/tj.js
Requested by
Host: www.saficoo.net
URL: http://www.saficoo.net/index.php
Protocol
HTTP/1.1
Server
154.23.117.87 Tai Wan, Hong Kong, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
3ec3f55f76ee1f29f890643d1682caf56fca75bafac14e8ac35248f1ff74a32a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.saficoo.net/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:02:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
258
Content-Type
application/x-javascript
/
www.ddys032.top/ Frame E993 		53 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.ddys032.top/
Requested by
Host: www.saficoo.net
URL: http://www.saficoo.net/index.php
Protocol
HTTP/1.1
Server
104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / PHP/7.0.33 ASP.NET
Resource Hash
70434238eaacea0d6a2403b267625956f4304bcdeef485225e33a7a3ad496082

Request headers

Referer
http://www.saficoo.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Content-Length
13434
Content-Type
text/html; charset=utf-8
Date
Sun, 03 Jul 2022 01:03:03 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.33 ASP.NET
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?4be25e0e0c8202825fbfdc4be5300eb4
Requested by
Host: www.saficoo.net
URL: http://www.saficoo.net/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
c921f138ba1bcf5600161866732131f3b3de3704c6dbadec52e186aab60e5625
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.saficoo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:02 GMT
Content-Encoding
gzip
Server
apache
Etag
974df1cb2f424ce40c9206f34062d033
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11294
ate.css
www.ddys032.top/template/m1938pc/css/ Frame E993 		74 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.ddys032.top/template/m1938pc/css/ate.css
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
HTTP/1.1
Server
104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 May 2021 10:47:33 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"805073622e43d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4498
zui.css
www.ddys032.top/template/m1938pc/css/ Frame E993 		87 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.ddys032.top/template/m1938pc/css/zui.css
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
HTTP/1.1
Server
104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5e3473c5a974705b59872614b21e3a20c570c18425388a45a03335c4cc2094c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 May 2021 10:47:34 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0e7b632e43d71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
15198
jquery.js
www.ddys032.top/static/js/ Frame E993 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ddys032.top/static/js/jquery.js
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
HTTP/1.1
Server
104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:03 GMT
Content-Encoding
gzip
Last-Modified
Sun, 10 Mar 2019 13:12:51 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"80cbdbf642d7d41:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
32864
e0d6aae10b4142538ebf41524c5162fe.gif
xox9325.com/ Frame E993 		0
0
95ca29ec3907b3bf2d8a24b35e3eda22.gif
acoossu.top/ Frame E993
Redirect Chain
  • https://kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
  • https://acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
391 KB
392 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Server
2606:4700:3034::ac43:9715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
618518
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
400264
last-modified
Mon, 02 May 2022 19:22:39 GMT
server
cloudflare
etag
"62702f7f-61b88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFJB%2B6r%2Ft%2FUbQJbZGskXEuKhucap8FunmXaypGDsfI3TWGo%2BPbpYgsHOqBOR7CoTiDQGZ8Ku2G9pXJttXOkMJvAP%2BTm9Yv7iRvuTJea%2BwgAX6Vq2i3dkx%2FcjLH7XAsJc7pPQ3RdZDLLXLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb307def1922b-FRA
expires
Mon, 25 Jul 2022 21:14:26 GMT

Redirect headers

location
https://acoossu.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
date
Sun, 03 Jul 2022 01:03:04 GMT
server
nginx
content-length
162
strict-transport-security
max-age=31536000
content-type
text/html
6fb5deabda1e984b6bd49b2baa8dfa10.gif
kvhooo.top/ Frame E993
Redirect Chain
  • https://kzerr.com/6fb5deabda1e984b6bd49b2baa8dfa10.gif
  • https://kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
897 KB
899 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Server
2606:4700:3035::6815:210c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40826
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
918679
last-modified
Sat, 02 Jul 2022 13:09:08 GMT
server
cloudflare
etag
"62c04374-e0497"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMmkT%2B%2BPb8DvF386QWZ67590Qen8h9WWJBJXqZB14nZXyucvzyzexVjI4X5utrmKL9jPniZhy87jn2sF6NsuwEdSl%2FK9cDpPk3bolm4e%2B4Q91iaqqDt76Fhj%2FQifx4fdXfxCZtGZrc1W"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb309281a9202-FRA
expires
Mon, 01 Aug 2022 13:42:39 GMT

Redirect headers

location
https://kvhooo.top/6fb5deabda1e984b6bd49b2baa8dfa10.gif
date
Sun, 03 Jul 2022 01:03:05 GMT
server
nginx
content-length
162
strict-transport-security
max-age=31536000
content-type
text/html
92f0c144d76dd785f7c04f84ae149b33.gif
kvheee.top/ Frame E993
Redirect Chain
  • https://kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
  • https://kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
1000 KB
1002 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Server
2606:4700:3038::6815:eac6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
474630
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1024160
last-modified
Wed, 25 May 2022 13:49:10 GMT
server
cloudflare
etag
"628e33d6-fa0a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxpVZQYgFvioKYN1eSNNajOwkzc1E4K%2BKe%2Fa%2FKgd1ECYPz69wd20uYmfchinjdO%2FQvvnTStcA8coPNLxXrW0uLR2%2B95UbARgRTDiY6urI1cSluCd24zNnGwjFYKCeUfeY7rJfMQH0vI7"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
724bb30c4ed371c6-LHR
expires
Wed, 27 Jul 2022 13:12:35 GMT

Redirect headers

location
https://kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
date
Sun, 03 Jul 2022 01:03:05 GMT
server
nginx
content-length
162
strict-transport-security
max-age=31536000
content-type
text/html
68-960-120.gif
fadacaitp.com/ Frame E993 		584 KB
581 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fadacaitp.com/68-960-120.gif
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.187.120.53 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:04 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Sat, 25 Jun 2022 13:09:19 GMT
Server
WAF/2.4-12.1
ETag
W/"62b708ff-91f5c"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Mon, 01 Aug 2022 14:45:32 GMT
a82047b0c42a3d4707d251820bc2ea04.gif
pic.rmb.bdstatic.com/bjh/ Frame E993 		0
0
c0efb3b3baa0c0676d5d1836220cd3b1.gif
pic.rmb.bdstatic.com/bjh/ Frame E993 		0
0
c345c325b2dd601744e2fdf749337f8e.gif
pic.rmb.bdstatic.com/bjh/ Frame E993 		0
0
96060.gif
taiwtp1.com/img/ Frame E993 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taiwtp1.com/img/96060.gif
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
220.128.218.220 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:02:12 GMT
last-modified
Wed, 09 Mar 2022 07:10:56 GMT
server
nginx
etag
"62285300-b707"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
46855
expires
Tue, 02 Aug 2022 01:02:12 GMT
1.gif
www.ddys032.top/template/m1938pc/images/ Frame E993 		254 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ddys032.top/template/m1938pc/images/1.gif
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
HTTP/1.1
Server
104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:04 GMT
Last-Modified
Fri, 07 May 2021 10:47:37 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"563214652e43d71:0"
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
254
U7DLakzcdv4Agwi.gif
i.loli.net/2021/11/17/ Frame E993 		0
0
76795cd0ef7f04b4b686d082ebb9f9.gif
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/2a/ Frame E993 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/2a/76795cd0ef7f04b4b686d082ebb9f9.gif?attname=%E8%89%B2%E7%AB%99%E5%B9%BF%E5%91%8A960X80%E4%B8%8A.gif
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.56.33.37 -, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:05 GMT
x-oss-request-id
62C0EAC922C82A3531115E91
Content-MD5
KnZ5XNDvfwS0tobQguu5+Q==
Content-Disposition
inline;filename=%E8%89%B2%E7%AB%99%E5%B9%BF%E5%91%8A960X80%E4%B8%8A.gif
Connection
keep-alive
Content-Length
118740
x-oss-object-type
Normal
Last-Modified
Sat, 20 Nov 2021 06:39:49 GMT
Server
AliyunOSS
ETag
"2A76795CD0EF7F04B4B686D082EBB9F9"
Vary
Origin
Content-Type
image/gif
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
18282041610815436191
x-oss-server-time
1
56ba1f7b99f34edec560b2bc8c250b.gif
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/83/ Frame E993 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/83/56ba1f7b99f34edec560b2bc8c250b.gif?attname=%E8%89%B2%E7%AB%99%E5%B9%BF%E5%91%8A960X80%E4%B8%8B.gif
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.56.33.37 -, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:05 GMT
x-oss-request-id
62C0EAC9DA8A793634A91BD5
Content-MD5
g1a6H3uZ807exWCyvIwlCw==
Content-Disposition
inline;filename=%E8%89%B2%E7%AB%99%E5%B9%BF%E5%91%8A960X80%E4%B8%8B.gif
Connection
keep-alive
Content-Length
146033
x-oss-object-type
Normal
Last-Modified
Sat, 20 Nov 2021 06:41:13 GMT
Server
AliyunOSS
ETag
"8356BA1F7B99F34EDEC560B2BC8C250B"
Vary
Origin
Content-Type
image/gif
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
4885637058253428630
x-oss-server-time
2
8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/ Frame E993 		0
0
0xle6Gs65qR
si1.go2yd.com/get-image/ Frame E993 		139 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://si1.go2yd.com/get-image/0xle6Gs65qR
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:1980:8::5 , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
Tengine /
Resource Hash
b3e8b0b20b32071c827c56f3b9e57537175610f8f8e6c59439665e2e2d80d931

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ws-s2h-acc-level
1
date
Sun, 03 Jul 2022 01:03:05 GMT
last-modified
Thu, 10 Feb 2022 08:00:01 GMT
server
Tengine
content-md5
8WR6aziHwM0+7czI1ht5Dg==
age
1
etag
"f1647a6b3887c0cd3eedccc8d61b790e"
x-ws-request-id
62c0eac9_yatu3_4499-40368
content-type
image/gif
access-control-allow-origin
*
x-kss-request-id
1d1c290058c84bbdad5290984dd718ff
accept-ranges
bytes
content-length
142511
x-via
1.1 PSbjwjBGP2ks135:0 (Cdn Cache Server V2.0), 1.1 PSzjnbsxlb228:0 (Cdn Cache Server V2.0), 1.1 PSxgHKG8ce83:6 (Cdn Cache Server V2.0), 1.1 yatu5:13 (Cdn Cache Server V2.0)
x-application-context
application
5nsvlbvu0pe07105nsvlbvu0pe404103.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/07/ Frame E993 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/07/5nsvlbvu0pe07105nsvlbvu0pe404103.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8fd6dbaeae195ad0a8ecdc48d6224d48cd8e13059bdf5e8a87e839ecdd9f16d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8870
last-modified
Wed, 15 Jun 2022 23:10:41 GMT
server
cloudflare
etag
"e30e221d81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBwBkVDle7X3RSIFQlRMXGsCEiGVzNn%2Fdm2y5dQ%2FLS8GnLkMXH8tn3%2FSveVgtC9WKD6qC0Mb%2Fh7E9xyDdFE44QthD1rmXHyGOtfvXVopCvMvgqDig9kS6%2FPKfdD04HBJvRQe6KcjTdHIInNBIZDr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb306d9487773-LHR
cf-bgj
h2pri
tzl3b4rjjde0710tzl3b4rjjde414105.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/07/ Frame E993 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/07/tzl3b4rjjde0710tzl3b4rjjde414105.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4391e968b119b1a3536727621003f5f11a828d3c3228aaa3d37f6d522e7389d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8292
last-modified
Wed, 15 Jun 2022 23:10:41 GMT
server
cloudflare
etag
"9fab6e22d81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VslD5FnFRcyDNw6fZTRdInQhnQ4Tpr50tL1VshjIvBllnXUGUSDuCT%2FLmdLzzf%2F3ZzGTJH2PYAi6u%2Bp5Nm1JWLkg79eVW0q2prC%2BlXCf3VAW5EfmriwozzZGiPgNKj63wmzIN95LCc4Y1zijhik4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb3077a1a7773-LHR
cf-bgj
h2pri
50vwi2zqhxk071050vwi2zqhxk424107.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/07/ Frame E993 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/07/50vwi2zqhxk071050vwi2zqhxk424107.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c06526a356bb48d673265b1b835735f0449c1cdfdb78532151cb4602f339e025

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8708
last-modified
Wed, 15 Jun 2022 23:10:42 GMT
server
cloudflare
etag
"17f5f822d81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kgJbRc5fqbb4r%2FeS%2F34IsIU7bvWy6GkZ%2BvAJ6kA%2BRN4zxR%2Bsg2r%2FkuhgmZv6fq4T4bj%2B%2F%2Bb8a56Ur9C7SQmRgeC1LgqLweXUmAKRztUvZIFT7M4Fn0mp5FsWGNlCkToeRR3aMYqPqDvjOSEmjRCz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb3077a1c7773-LHR
cf-bgj
h2pri
aq2ggndddp50710aq2ggndddp5434109.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/07/ Frame E993 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/07/aq2ggndddp50710aq2ggndddp5434109.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c960caab8447062e4aea39180109f2f38b6aadb4a32aef83ff6dc904b1c89fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9498
last-modified
Wed, 15 Jun 2022 23:10:43 GMT
server
cloudflare
etag
"1c38823d81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4huhIU56%2Bfyu2XTYeM3BAuOzVA%2BBWnzlW1yGAvI7u%2Bj4D6i4r7Zl4V4E00%2B1ThCGfyYfhMaofPKyHP6nTfna5dti6W%2FPmU5fxjvUpAUkHn9G07HzsXS6A444la9qKhtdwl5rKUEVhfu46Q7wBOxN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb3077a1d7773-LHR
cf-bgj
h2pri
hyedobskdlh0710hyedobskdlh444111.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/07/ Frame E993 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/07/hyedobskdlh0710hyedobskdlh444111.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c467e669a28f967ab974b6455d46896fe7c8c67dd10a3f9e4970cb8446f03b39

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12914
last-modified
Wed, 15 Jun 2022 23:10:44 GMT
server
cloudflare
etag
"a291024d81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hIrzN9rk1W6WdvmmhqSf6kABt5jEsgq7Qtx%2BBb4rtjKY43kWK68fA1woWkZYJdAAq7uGXBB8BJi%2BfAZxhxNQltwmFC4GSfOFkxygP3ewcDaP6MK32jU3OqHH3B%2BYPZnlyxKPGkacjJlVW4PiNDyn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb3077a207773-LHR
cf-bgj
h2pri
qslj0rgnbmu0710qslj0rgnbmu454113.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/07/ Frame E993 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/07/qslj0rgnbmu0710qslj0rgnbmu454113.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
642166152e4074bc5a1b201b8b25c4e7144644dbc67c836ad446dc2324752ce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3784
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9333
last-modified
Wed, 15 Jun 2022 23:10:45 GMT
server
cloudflare
etag
"90939324d81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G1Zpr1xpYIX%2B2uZZbYm98L7vLOb9PfQC99expQCxEuwyPp49bETz0zD6vNqEQSdAbGfnB45BuHvBqTmddrm3im4eB6MJxmdUidY5k56XC7XVA3cqCHFM4AsCpO%2B%2Fujr6im5DxggfqUQuewkwLdcC"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb3077a217773-LHR
cf-bgj
h2pri
0yFUidjGHhQ
si1.go2yd.com/get-image/ Frame E993 		118 KB
119 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://si1.go2yd.com/get-image/0yFUidjGHhQ
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:1980:8::5 , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
KS3 /
Resource Hash
649a3df45cf01aea3bd959614665909f5e36a0dbfcf297334c69c94b579abbc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ws-s2h-acc-level
1
date
Sun, 03 Jul 2022 01:03:05 GMT
last-modified
Mon, 28 Feb 2022 07:36:54 GMT
server
KS3
content-md5
cvRF5mND4o2SpYjNeFjy3A==
age
1
etag
"72f445e66343e28d92a588cd7858f2dc"
x-ws-request-id
62c0eac9_yatu3_4499-40369
content-type
image/gif
access-control-allow-origin
*
x-kss-request-id
647e03fef8e34889be3154b8eb63696b
accept-ranges
bytes
content-length
121040
x-via
1.1 PSbjwjBGP2ks135:8 (Cdn Cache Server V2.0), 1.1 PSzjnbsxsy229:12 (Cdn Cache Server V2.0), 1.1 PSxgHKG8ad82:5 (Cdn Cache Server V2.0), 1.1 yatu5:5 (Cdn Cache Server V2.0)
x-application-context
application
skpxwjwcv5r0656skpxwjwcv5r403987.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/06/ Frame E993 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/06/skpxwjwcv5r0656skpxwjwcv5r403987.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecfda41891e80f916d38397d2090cd2eb32ce747c2a923e7d0147852974c979c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10059
last-modified
Wed, 15 Jun 2022 22:56:41 GMT
server
cloudflare
etag
"b3d72e2db81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdnDCS%2BhR16dWF6toJE4cP3HU9UIL3OwQjwBkyL8KZ%2FWvbcfMMPkZFIuiIDNfWVj3Q7hKyuwN5Rk7iFWNEPIgIcCeT8mn5XZ7li6RMMx1dJIOdRx8JrbWo6DQAWrAYW7fEFbwjdPmNGgRTwRDrhh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb3087b437773-LHR
cf-bgj
h2pri
cykpw0rzlso0656cykpw0rzlso433989.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/06/ Frame E993 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/06/cykpw0rzlso0656cykpw0rzlso433989.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dec8c45c039d2e01f5e4bd878229b590529cf84777bb85240832badc16d19e82

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9130
last-modified
Wed, 15 Jun 2022 22:56:43 GMT
server
cloudflare
etag
"a5c7692eb81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ruxoBvwgMtXBqHep%2BU6y%2BegCbdFi7kB1QJL5HzZ%2BJ7cHkpnEiJnLznqIZByDqxU7L3YGCoQ5BvL7iexoP5MTQNgiBvcHPreoufiLZfjQLrYcOVkCmOzeVsEysBiy8jII0kmLmY9ukfSI%2BEGJDil"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb3087b457773-LHR
cf-bgj
h2pri
4mtdimlenb506564mtdimlenb5453991.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/06/ Frame E993 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/06/4mtdimlenb506564mtdimlenb5453991.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4d635d66ee1fdaf00daa3e60686dd0536e40233c7a03bcf1811303693ad1f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9229
last-modified
Wed, 15 Jun 2022 22:56:45 GMT
server
cloudflare
etag
"fe5ba2fb81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21ZGhjUfqnUy7Lwnrm9pwMLhvpu7qTtnTz%2BTik7u6Y8RaxnYQie8gimIR28Byf4aXVbCR%2FljLhoyG9oUTQlYiTjozn9qwq71OsmNaBwfqzg0tbMdJunCv%2Bmbncso3HEYs4qn84osN0WmHI%2BSWb0g"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb3087b467773-LHR
cf-bgj
h2pri
shz0jaiqyk40656shz0jaiqyk4463993.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/06/ Frame E993 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/06/shz0jaiqyk40656shz0jaiqyk4463993.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee5295698b0b2b6adb87ff1359af8f96f66649f49bcdbf3750e2796a362badfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6033
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11779
last-modified
Wed, 15 Jun 2022 22:56:46 GMT
server
cloudflare
etag
"5e4e4430b81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPfs%2FU0tSMTdfa62wo5k33w0bm9MJUy939y8A9yDjxbaF%2BfEOeKdJyZ39iL%2Br%2F0Lsak5A0dNygzGgov15goKxIgmFFOvFC1iHQYY0JCl4blWajtuxMjvoUKLJRqAskvwRJwZ%2BoJTqGx6sQPKG6Sn"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb3087b477773-LHR
cf-bgj
h2pri
ebdmxwenqk00656ebdmxwenqk0473995.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/06/ Frame E993 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/06/ebdmxwenqk00656ebdmxwenqk0473995.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0d673ae5edbe28327f2d44ef4c56fd89a9b8db2bc5b7d7849086da76652c331

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10516
last-modified
Wed, 15 Jun 2022 22:56:47 GMT
server
cloudflare
etag
"1735cc30b81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeMO4txUs1LF8xVD93U%2BIQmQ%2Fdcw9L1JidxW38kw6mL1vHIDWGiOZmY1AVbw2H%2Bg6Aa%2FZZdib%2FKeJsd3jbDqSSrTPg6Yi58684Iv4fX%2F4SozQtN33es7TpvNfh9vZlc9yxff18LqQdlWrw8Klu8F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb3087b487773-LHR
cf-bgj
h2pri
f4etuaqeptt0656f4etuaqeptt493997.jpg
fmlb.netlbtu.com/upload/vod/2022/06-16/06/ Frame E993 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-16/06/f4etuaqeptt0656f4etuaqeptt493997.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3d8c87b5aaa5680b9baca5104c674c6cb49905db819d3575b27d8d1abc2ea0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6033
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10797
last-modified
Wed, 15 Jun 2022 22:56:49 GMT
server
cloudflare
etag
"8b64fd31b81d81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0M1nT8Mue%2BZzNaDJ8i%2FQtC2YKzhdPEwXzRFYxD0IWTdWPwSW1r8b9ZJscv0Lv%2B1ZPQNJnlOIShaqwehEwdyLRKWnVxoqUGc%2FxuHubDzYHqw%2FTHAE86%2FRS9uvwZltKtXzm9xUfQmz0hL1bj0m2%2BN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb3087b497773-LHR
cf-bgj
h2pri
c333d9318beb5b59bc7fd1dbe71ed7f3.gif
pic.rmb.bdstatic.com/bjh/ Frame E993 		0
0
2493e04580cf099c7502fc9b84e305f4.gif
pic.rmb.bdstatic.com/bjh/ Frame E993 		0
0
24f8d711ff99c1b9e8eda597e520496d.gif
pic.rmb.bdstatic.com/bjh/ Frame E993 		0
0
hrjsgl4z2zu1749hrjsgl4z2zu234805.jpg
fmlb.netlbtu.com/upload/vod/2021/06-22/17/ Frame E993 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2021/06-22/17/hrjsgl4z2zu1749hrjsgl4z2zu234805.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3902944ff2193b944b3517358758e80458e2c7204ec8f806bd57d3a118a97a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7479
last-modified
Tue, 22 Jun 2021 09:49:23 GMT
server
cloudflare
etag
"377b64e14b67d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HA55f31n%2FPswOS8G3%2FJ3PWeH1SgdjKeVNnXAZ%2BmuButGSaERc5PKXdvuK2xydtPoMFWQSPz2uh2WJtqnDHaQznEVr8aqCMAWbv%2FPsI9jMCPFpa3vVadE5cArvrFhngr2N2YEHpmfzl%2BLmTeh1G9W"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb30b4c68753d-LHR
cf-bgj
h2pri
qoj500cjhlz1749qoj500cjhlz234804.jpg
fmlb.netlbtu.com/upload/vod/2021/06-22/17/ Frame E993 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2021/06-22/17/qoj500cjhlz1749qoj500cjhlz234804.jpg
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8703be69f698878af7458880641dda1c242e7d1634f0cd80c49633b49fa5bdfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 01:03:05 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12683
last-modified
Tue, 22 Jun 2021 09:49:23 GMT
server
cloudflare
etag
"3c6851e14b67d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnWuYs8WdlfH2spZg%2FdUz3NRDMQxGncW313wKwcPzx1cKPMFiizYWcBg%2FC7gbK4D5vgf4f5nCH7vLmINgdcVSP9s8fvciN%2FY5wcmbhWlAeFaDgF3%2FUQmFrrLdFzUXeh2qWPvjw%2FjFmiQBSUnLtI5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
724bb30b4c6c753d-LHR
cf-bgj
h2pri
aaa.js
www.ddys032.top/template/m1938pc/ads/ Frame E993 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ddys032.top/template/m1938pc/ads/aaa.js
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
HTTP/1.1
Server
104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:04 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Content-Length
1163
Content-Type
text/html
21276283.js
js.users.51.la/ Frame E993 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/21276283.js
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.17.102.110 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
openresty /
Resource Hash
e037eddfb14fe53349ee931874c18b7983dda619c9bd11f4575d634a9f9bfd0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:04 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=360000
Access-Control-Allow-Credentials
true
Connection
keep-alive
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1820072924&si=4be25e0e0c8202825fbfdc4be5300eb4&v=1.2.94&lv=1&sn=19848&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.saficoo.net%2Findex.php&tt=%E8%8E%B1%E8%8A%9C%E7%BA%B1%E8%B9%BF%E5%AE%B6%E5%B1%85%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: www.saficoo.net
URL: http://www.saficoo.net/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.saficoo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Jul 2022 01:03:03 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
Bz701y70142740403
www.9aijavbus.org/WZfn/z-14107-Y-x/tah/ Frame E993 		48 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.9aijavbus.org:4704/WZfn/z-14107-Y-x/tah/Bz701y70142740403
Requested by
Host: www.saficoo.net
URL: http://www.saficoo.net/index.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.34.232 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ebf0829271b6502a221eb6fc96f3203e573db9b399f24a064bbd874c448182d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 01:03:05 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
access-control-allow-methods
GET, PATCH, POST, PUT, DELETE, OPTIONS
p3p
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
access-control-allow-origin
*
cache-control
no-cache
content-type
text/html; charset=utf-8
access-control-allow-headers
AuthToken, Authorization, Origin, Content-Type, Accept, X-Requested-With
content-length
165
expires
-1
hm.js
hm.baidu.com/ Frame E993 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?c5041fd097b4558235a48bad96ad14bd
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
8c8a2bc11b73e2714e2da8f8cda9b959bbd4bb9ab25e39aa2e6c76b70659a5d6
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:04 GMT
Content-Encoding
gzip
Server
apache
Etag
abd40bac2f3ed5763cdae4d9e260976f
Strict-Transport-Security
max-age=172800
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11294
nvasv
marjorienice.com/hitxnjvt/nvasv1ihr0aidlqu8djfr/1779/ Frame E993 		0
0
nvasv
marjorienice.com/hitxnjvt/nvasv1ihr0aidlqu4djfr/1779/ Frame E993 		0
0
video-play.png
www.ddys032.top/template/m1938pc/images/ Frame E993 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ddys032.top/template/m1938pc/images/video-play.png
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/template/m1938pc/css/zui.css
Protocol
HTTP/1.1
Server
104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/template/m1938pc/css/zui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:04 GMT
Last-Modified
Fri, 07 May 2021 10:47:37 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"661634652e43d71:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1567
video-mask.png
www.ddys032.top/template/m1938pc/images/ Frame E993 		107 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ddys032.top/template/m1938pc/images/video-mask.png
Requested by
Host: www.ddys032.top
URL: http://www.ddys032.top/template/m1938pc/css/zui.css
Protocol
HTTP/1.1
Server
104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ddys032.top/template/m1938pc/css/zui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 01:03:04 GMT
Last-Modified
Fri, 07 May 2021 10:47:34 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"66c95632e43d71:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
107
go1
ia.51.la/ Frame E993 		0
0
hm.js
hm.baidu.com/ Frame E993 		0
0
hm.gif
hm.baidu.com/ Frame E993 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xox9325.com
URL
https://xox9325.com/e0d6aae10b4142538ebf41524c5162fe.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/a82047b0c42a3d4707d251820bc2ea04.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/c0efb3b3baa0c0676d5d1836220cd3b1.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/c345c325b2dd601744e2fdf749337f8e.gif
Domain
i.loli.net
URL
https://i.loli.net/2021/11/17/U7DLakzcdv4Agwi.gif
Domain
p26.toutiaoimg.com
URL
https://p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/c333d9318beb5b59bc7fd1dbe71ed7f3.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/2493e04580cf099c7502fc9b84e305f4.gif
Domain
pic.rmb.bdstatic.com
URL
https://pic.rmb.bdstatic.com/bjh/24f8d711ff99c1b9e8eda597e520496d.gif
Domain
marjorienice.com
URL
https://marjorienice.com/hitxnjvt/nvasv1ihr0aidlqu8djfr/1779/nvasv
Domain
marjorienice.com
URL
https://marjorienice.com/hitxnjvt/nvasv1ihr0aidlqu4djfr/1779/nvasv
Domain
ia.51.la
URL
http://ia.51.la/go1?id=21276283&rt=1656810184863&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1656810184863&tt=%25E5%25AE%2585%25E7%2594%25B7%25E5%25BD%25B1%25E8%25A7%2586-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A4%25BE%25E5%258C%25BA-%25E5%25AE%2585%25E7%2594%25B7%25E8%25B5%2584%25E6%25BA%2590%25E7%25BD%2591-%25E6%2597%25A5%25E9%259F%25A9%25E7%25B2%25BE%25E5%2593%2581-%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fwww.ddys032.top%252F&pu=http%253A%252F%252Fwww.saficoo.net%252F
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?bfe6b26f78903861e446f74e1a2f35ef
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1184&et=0&ja=0&ln=en-us&lo=0&rnd=241833395&si=c5041fd097b4558235a48bad96ad14bd&su=http%3A%2F%2Fwww.saficoo.net%2F&v=1.2.94&lv=1&sn=19850&r=0&ww=1584&ct=!!&u=http%3A%2F%2Fwww.ddys032.top%2F&tt=%E5%AE%85%E7%94%B7%E5%BD%B1%E8%A7%86-%E5%AE%85%E7%94%B7%E7%A4%BE%E5%8C%BA-%E5%AE%85%E7%94%B7%E8%B5%84%E6%BA%90%E7%BD%91-%E6%97%A5%E9%9F%A9%E7%B2%BE%E5%93%81-%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%E5%A4%A7%E5%85%A8

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| titlestr function| setFrame object| _hmt boolean| _bdhm_loaded_4be25e0e0c8202825fbfdc4be5300eb4 object| mini_tangram_log_42itey

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 209764A8A71F9C10
.www.saficoo.net/ Name: Hm_lvt_4be25e0e0c8202825fbfdc4be5300eb4
Value: 1656810183
.www.saficoo.net/ Name: Hm_lpvt_4be25e0e0c8202825fbfdc4be5300eb4
Value: 1656810183

1 Console Messages

Source Level URL
Text
network error URL: http://www.ddys032.top/template/m1938pc/ads/aaa.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acoossu.top
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com
fadacaitp.com
fmlb.netlbtu.com
hm.baidu.com
i.loli.net
ia.51.la
js.users.51.la
kvezz.com
kvheee.top
kvhooo.top
kzeaa.com
kzerr.com
marjorienice.com
p26.toutiaoimg.com
pic.rmb.bdstatic.com
saficoo.net
si1.go2yd.com
taiwtp1.com
www.9aijavbus.org
www.ddys032.top
www.saficoo.net
xox9325.com
hm.baidu.com
i.loli.net
ia.51.la
marjorienice.com
p26.toutiaoimg.com
pic.rmb.bdstatic.com
xox9325.com
103.235.46.191
104.143.94.110
104.252.181.78
14.17.102.110
154.23.117.87
20.187.120.53
220.128.218.220
2606:1980:8::5
2606:4700:3034::ac43:9715
2606:4700:3035::6815:210c
2606:4700:3038::6815:eac6
2606:4700:3038::6815:ebad
45.154.215.92
47.243.34.232
47.56.33.37
67.198.205.125
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
3ec3f55f76ee1f29f890643d1682caf56fca75bafac14e8ac35248f1ff74a32a
5e3473c5a974705b59872614b21e3a20c570c18425388a45a03335c4cc2094c0
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
642166152e4074bc5a1b201b8b25c4e7144644dbc67c836ad446dc2324752ce2
649a3df45cf01aea3bd959614665909f5e36a0dbfcf297334c69c94b579abbc0
70434238eaacea0d6a2403b267625956f4304bcdeef485225e33a7a3ad496082
7c960caab8447062e4aea39180109f2f38b6aadb4a32aef83ff6dc904b1c89fc
8703be69f698878af7458880641dda1c242e7d1634f0cd80c49633b49fa5bdfc
88e686882e64a0e199c79bd83b7102885b67242b5d0b49a1f37674c0bb3ddd8e
8c8a2bc11b73e2714e2da8f8cda9b959bbd4bb9ab25e39aa2e6c76b70659a5d6
a4391e968b119b1a3536727621003f5f11a828d3c3228aaa3d37f6d522e7389d
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
b3e8b0b20b32071c827c56f3b9e57537175610f8f8e6c59439665e2e2d80d931
b718543d317024c097735be8ab9059533044d9457e0cd5703a76b52f6c1ae8f8
bd4d635d66ee1fdaf00daa3e60686dd0536e40233c7a03bcf1811303693ad1f5
c06526a356bb48d673265b1b835735f0449c1cdfdb78532151cb4602f339e025
c467e669a28f967ab974b6455d46896fe7c8c67dd10a3f9e4970cb8446f03b39
c921f138ba1bcf5600161866732131f3b3de3704c6dbadec52e186aab60e5625
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
caf430453a6973b82b1f51a1cfca5ce65ac2ce5b0e354be296e332c91d98e4bc
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d673ae5edbe28327f2d44ef4c56fd89a9b8db2bc5b7d7849086da76652c331
d3902944ff2193b944b3517358758e80458e2c7204ec8f806bd57d3a118a97a4
dec8c45c039d2e01f5e4bd878229b590529cf84777bb85240832badc16d19e82
e037eddfb14fe53349ee931874c18b7983dda619c9bd11f4575d634a9f9bfd0f
e3d8c87b5aaa5680b9baca5104c674c6cb49905db819d3575b27d8d1abc2ea0f
ebf0829271b6502a221eb6fc96f3203e573db9b399f24a064bbd874c448182d3
ecfda41891e80f916d38397d2090cd2eb32ce747c2a923e7d0147852974c979c
ee5295698b0b2b6adb87ff1359af8f96f66649f49bcdbf3750e2796a362badfb
f1eb3044b464fb4b4b8f3e081295bc19cc4cddc9361adb34ad7fb73b93b25de6
f8fd6dbaeae195ad0a8ecdc48d6224d48cd8e13059bdf5e8a87e839ecdd9f16d