www.btbcapitalgroupllc.com Open in urlscan Pro
156.246.238.163 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://btbcapitalgroupllc.com/
Effective URL:
http://www.btbcapitalgroupllc.com/
Submission: On August 13 via api (August 13th 2021, 3:01:18 pm UTC) from US

Summary HTTP 161 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 12 domains to perform 161 HTTP transactions. The main IP is 156.246.238.163, located in United States and belongs to PEGTECHINC-AP-02, US. The main domain is www.btbcapitalgroupllc.com.

This is the only time www.btbcapitalgroupllc.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	156.246.238.163 156.246.238.163	398823 (PEGTECHIN...) (PEGTECHINC-AP-02)
4	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	218.12.76.151 218.12.76.151	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	14.152.86.48 14.152.86.48	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	122.10.110.23 122.10.110.23	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	112.34.113.148 112.34.113.148	9808 (CMNET-GD ...) (CMNET-GD Guangdong Mobile Communication Co.Ltd.)
1	180.101.212.103 180.101.212.103	134770 (CHINANET-...) (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network)
1 6	122.10.4.142 122.10.4.142	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
9	216.83.56.239 216.83.56.239	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
1	47.110.95.121 47.110.95.121	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
10	61.184.225.14 61.184.225.14	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
8	211.137.95.103 211.137.95.103	9808 (CMNET-GD ...) (CMNET-GD Guangdong Mobile Communication Co.Ltd.)
8	47.246.43.228 47.246.43.228	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
16	2409:8c20:a17... 2409:8c20:a17:108::f0	56046 (CMNET-JIA...) (CMNET-JIANGSU-AP China Mobile communications corporation)
20 20	156.234.95.108 156.234.95.108	138195 (MOACKCOLT...) (MOACKCOLTD-AS-AP MOACK.Co.LTD)
20	2606:4700:303... 2606:4700:3038::6815:ea5d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	4.34.42.103 4.34.42.103	3356 (LEVEL3) (LEVEL3)
12	182.118.39.166 182.118.39.166	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1 3	2606:4700:303... 2606:4700:3034::ac43:c0fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	2606:4700:10:... 2606:4700:10::ac43:191e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
161	20

4 156.246.238.163 (United States) 1 redirects

ASN398823 (PEGTECHINC-AP-02, US)

btbcapitalgroupllc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.btbcapitalgroupllc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 218.12.76.151 (Beiyan, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.152.86.48 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

hmcdn.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.10.110.23 (Hong Kong)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

api-66j8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 112.34.113.148 (China)

ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.101.212.103 (China)

ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN)

api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 122.10.4.142 (Hong Kong) 1 redirects

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

api-66j82.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.83.56.239 (Hong Kong)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

66j807.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.110.95.121 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

cdn.dcloud.net.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 61.184.225.14 (Huangpu, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

61.184.225.14	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 211.137.95.103 (China)

ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN)

p5.toutiaoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 47.246.43.228 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

p3.toutiaoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2409:8c20:a17:108::f0 (China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)

p6.toutiaoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 156.234.95.108 (Central, Hong Kong) 20 redirects

ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR)

xs.imglolo.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:3038::6815:ea5d (United States)

ASN13335 (CLOUDFLARENET, US)

go.imgdidi.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 4.34.42.103 (Denver, United States)

ASN3356 (LEVEL3, US)

p9.toutiaoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 182.118.39.166 (Zhengzhou, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: hn.kd.ny.adsl

p26.toutiaoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:c0fe (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

xs.imgpipi.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 2606:4700:10::ac43:191e (United States)

ASN13335 (CLOUDFLARENET, US)

fmlb.netlbtu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mei.netlbtu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	netlbtu.com fmlb.netlbtu.com mei.netlbtu.com	26 MB
48	toutiaoimg.com p5.toutiaoimg.com p3.toutiaoimg.com p6.toutiaoimg.com p9.toutiaoimg.com p26.toutiaoimg.com	21 MB
20	imgdidi.xyz go.imgdidi.xyz	4 MB
20	imglolo.xyz 20 redirects xs.imglolo.xyz	5 KB
9	66j807.com 66j807.com	341 KB
8	baidu.com hm.baidu.com hmcdn.baidu.com push.zhanzhang.baidu.com api.share.baidu.com	47 KB
6	api-66j82.com 1 redirects api-66j82.com	49 KB
4	btbcapitalgroupllc.com 1 redirects btbcapitalgroupllc.com www.btbcapitalgroupllc.com	4 KB
3	imgpipi.xyz 1 redirects xs.imgpipi.xyz	1 MB
1	dcloud.net.cn cdn.dcloud.net.cn	546 B
1	api-66j8.com api-66j8.com	345 B
1	51.la js.users.51.la ia.51.la Failed	6 KB
161	12

	Domain	Requested by
36	fmlb.netlbtu.com	www.btbcapitalgroupllc.com 66j807.com
20	go.imgdidi.xyz	www.btbcapitalgroupllc.com
20	xs.imglolo.xyz	20 redirects
16	mei.netlbtu.com	www.btbcapitalgroupllc.com 66j807.com
16	p6.toutiaoimg.com	www.btbcapitalgroupllc.com 66j807.com
12	p26.toutiaoimg.com	www.btbcapitalgroupllc.com 66j807.com
9	66j807.com	api-66j82.com 66j807.com www.btbcapitalgroupllc.com
8	p3.toutiaoimg.com	www.btbcapitalgroupllc.com 66j807.com
8	p5.toutiaoimg.com	www.btbcapitalgroupllc.com 66j807.com
6	api-66j82.com	1 redirects www.btbcapitalgroupllc.com api-66j82.com
4	p9.toutiaoimg.com	www.btbcapitalgroupllc.com 66j807.com
4	hm.baidu.com	www.btbcapitalgroupllc.com
3	xs.imgpipi.xyz	1 redirects www.btbcapitalgroupllc.com
3	www.btbcapitalgroupllc.com	www.btbcapitalgroupllc.com
2	hmcdn.baidu.com	hm.baidu.com
1	cdn.dcloud.net.cn	66j807.com
1	api.share.baidu.com	www.btbcapitalgroupllc.com
1	push.zhanzhang.baidu.com	www.btbcapitalgroupllc.com
1	api-66j8.com	www.btbcapitalgroupllc.com
1	js.users.51.la	www.btbcapitalgroupllc.com
1	btbcapitalgroupllc.com	1 redirects
0	ia.51.la Failed	www.btbcapitalgroupllc.com
161	22

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-01` - `2022-08-02`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-04-19`	2 years	crt.sh
www.api-66j8.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
api-66j82.com R3	`2021-08-03` - `2021-11-01`	3 months	crt.sh
*.dcloud.net.cn RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-17` - `2022-08-18`	2 years	crt.sh
*.toutiaoimg.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-18` - `2022-08-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-12` - `2022-07-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.btbcapitalgroupllc.com/
Frame ID: 4DCF9BC38A111BACA44ABE2F1D6E6274
Requests: 11 HTTP requests in this frame

Frame: http://66j807.com:16678/?tt=1628866847874
Frame ID: B4798A2D639312F80D530A01A6639AED
Requests: 148 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://btbcapitalgroupllc.com/ HTTP 301
http://www.btbcapitalgroupllc.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

161
Requests

81 %
HTTPS

20 %
IPv6

12
Domains

22
Subdomains

20
IPs

4
Countries

54262 kB
Transfer

54817 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://btbcapitalgroupllc.com/ HTTP 301
http://www.btbcapitalgroupllc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

http://api-66j82.com/?tt=1628866844 HTTP 301
https://api-66j82.com/?tt=1628866844

Request Chain 40

http://xs.imglolo.xyz/2021/06/28/GxFp.gif HTTP 301
https://go.imgdidi.xyz/2021/06/28/GxFp.gif

Request Chain 42

http://xs.imglolo.xyz/2021/06/07/kJc.gif HTTP 301
https://go.imgdidi.xyz/2021/06/07/kJc.gif

Request Chain 47

http://xs.imglolo.xyz/2021/06/28/G0zh.gif HTTP 301
https://go.imgdidi.xyz/2021/06/28/G0zh.gif

Request Chain 48

http://xs.imglolo.xyz/2021/06/28/GceH.gif HTTP 301
https://go.imgdidi.xyz/2021/06/28/GceH.gif

Request Chain 49

http://xs.imglolo.xyz/2021/06/29/GdcM.gif HTTP 301
https://go.imgdidi.xyz/2021/06/29/GdcM.gif

Request Chain 50

http://xs.imglolo.xyz/2021/06/29/GgRu.gif HTTP 301
https://go.imgdidi.xyz/2021/06/29/GgRu.gif

Request Chain 54

http://xs.imgpipi.xyz/2021/06/06/7gq.gif HTTP 301
https://xs.imgpipi.xyz/2021/06/06/7gq.gif

Request Chain 55

http://xs.imglolo.xyz/2021/06/18/GYTI.gif HTTP 301
https://go.imgdidi.xyz/2021/06/18/GYTI.gif

Request Chain 61

http://xs.imglolo.xyz/2021/06/06/aAI.gif HTTP 301
https://go.imgdidi.xyz/2021/06/06/aAI.gif

Request Chain 63

http://xs.imglolo.xyz/2021/06/06/VBf.png HTTP 301
https://go.imgdidi.xyz/2021/06/06/VBf.png

Request Chain 70

http://xs.imglolo.xyz/2021/06/28/GuWj.gif HTTP 301
https://go.imgdidi.xyz/2021/06/28/GuWj.gif

Request Chain 103

http://xs.imglolo.xyz/2021/06/28/GxFp.gif HTTP 301
https://go.imgdidi.xyz/2021/06/28/GxFp.gif

Request Chain 104

http://xs.imglolo.xyz/2021/06/07/kJc.gif HTTP 301
https://go.imgdidi.xyz/2021/06/07/kJc.gif

Request Chain 108

http://xs.imglolo.xyz/2021/06/28/GceH.gif HTTP 301
https://go.imgdidi.xyz/2021/06/28/GceH.gif

Request Chain 109

http://xs.imglolo.xyz/2021/06/28/G0zh.gif HTTP 301
https://go.imgdidi.xyz/2021/06/28/G0zh.gif

Request Chain 110

http://xs.imgpipi.xyz/2021/06/06/7gq.gif HTTP 307
https://xs.imgpipi.xyz/2021/06/06/7gq.gif

Request Chain 111

http://xs.imglolo.xyz/2021/06/29/GdcM.gif HTTP 301
https://go.imgdidi.xyz/2021/06/29/GdcM.gif

Request Chain 112

http://xs.imglolo.xyz/2021/06/29/GgRu.gif HTTP 301
https://go.imgdidi.xyz/2021/06/29/GgRu.gif

Request Chain 115

http://xs.imglolo.xyz/2021/06/06/aAI.gif HTTP 301
https://go.imgdidi.xyz/2021/06/06/aAI.gif

Request Chain 116

http://xs.imglolo.xyz/2021/06/06/VBf.png HTTP 301
https://go.imgdidi.xyz/2021/06/06/VBf.png

Request Chain 117

http://xs.imglolo.xyz/2021/06/18/GYTI.gif HTTP 301
https://go.imgdidi.xyz/2021/06/18/GYTI.gif

Request Chain 122

http://xs.imglolo.xyz/2021/06/28/GuWj.gif HTTP 301
https://go.imgdidi.xyz/2021/06/28/GuWj.gif

161 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.btbcapitalgroupllc.com/
Redirect Chain

http://btbcapitalgroupllc.com/
http://www.btbcapitalgroupllc.com/

789 B
930 B

466ms
339ms

Document
text/html

156.246.238.163
PEGTECHINC-AP-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.btbcapitalgroupllc.com/
Protocol: HTTP/1.1
Server: 156.246.238.163 , United States, ASN398823 (PEGTECHINC-AP-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f8a904aabfbb25ac273c51ec68ff6cd2ba44ba5687e0b9b4572e01f7eabe44be

Request headers

Host: www.btbcapitalgroupllc.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Fri, 13 Aug 2021 15:00:34 GMT
Content-Type: text/html
Content-Length: 789
Connection: keep-alive

Redirect headers

Server: nginx
Date: Fri, 13 Aug 2021 15:00:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.btbcapitalgroupllc.com/

GET
H/1.1 200
OK tj.js Show response
www.btbcapitalgroupllc.com/ 364 B
520 B 185ms
185ms Script
application/x-javascript 156.246.238.163
PEGTECHINC-AP-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.btbcapitalgroupllc.com/tj.js
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: HTTP/1.1
Server: 156.246.238.163 , United States, ASN398823 (PEGTECHINC-AP-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e1341470551fa219d02df84ca277a28f9fdd5ac50a19a7fa5a56a25a4a7c311

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.btbcapitalgroupllc.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.btbcapitalgroupllc.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.btbcapitalgroupllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:34 GMT
Server: nginx
Connection: keep-alive
Content-Length: 364
Content-Type: application/x-javascript

GET
H/1.1 200
OK common.js Show response
www.btbcapitalgroupllc.com/ 4 KB
2 KB 366ms
336ms Script
application/x-javascript 156.246.238.163
PEGTECHINC-AP-02

General

Check archive.org

Show headers Download Go to

Full URL: http://www.btbcapitalgroupllc.com/common.js
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: HTTP/1.1
Server: 156.246.238.163 , United States, ASN398823 (PEGTECHINC-AP-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 056b3e1d5061a701e5138cc06d223f410c020dd81ad5d178a707c29ab737972c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.btbcapitalgroupllc.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.btbcapitalgroupllc.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.btbcapitalgroupllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:34 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 40 KB
15 KB 1373ms
670ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?91b0572403cfc247c9f4e6baa4fb8e2a

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9783a3fbf9d6d3a5fd1c1e369cb72bf0da543606021e751d904c7e46df60a96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://www.btbcapitalgroupllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:42 GMT
Content-Encoding: gzip
Server: apache
Etag: 98d5160be0d5d238e4faa74437ea29b8
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14353

GET
H/1.1 200
OK 21177075.js Show response
js.users.51.la/ 5 KB
6 KB 2024ms
355ms Script
application/javascript 218.12.76.151
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21177075.js
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.12.76.151 Beiyan, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: c675727e11ef027ed49a860230cfc190fc544dfe5113d4c67bb0bc977b92dcbf

Request headers

Referer: http://www.btbcapitalgroupllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

nginx-hit: 1
Date: Fri, 13 Aug 2021 15:00:43 GMT
via: CHN-HEshijiazhuang-AREACUCC1-CACHE23[4],CHN-HEshijiazhuang-AREACUCC1-CACHE64[0,TCP_HIT,2],CHN-SH-GLOBAL1-CACHE165[26],CHN-SH-GLOBAL1-CACHE94[0,TCP_HIT,24]
X-CCDN-CacheTTL: 86400
Age: 3679
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
request-id: 0000017B3FC996D894112D20EC7B0645
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length: 4898
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCScZuqY9xk7+IfGN8tn5/P8mEOlUS0gs
Last-Modified: Fri Aug 13 21:53:00 CST 2021
Server: openresty
ETag: "fb6592c056da636365c401d5ef27c167"
Content-Type: application/javascript;charset=UTF-8
version-id: G001117B3FC99340FFFF94134A7384F9
Accept-Ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 UrlChangeTracker.js Show response
hmcdn.baidu.com/static/tongji/plugins/ 19 KB
8 KB 1418ms
341ms Script
application/javascript 14.152.86.48
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
Requested by: Host: hm.baidu.com
URL: https://hm.baidu.com/hm.js?91b0572403cfc247c9f4e6baa4fb8e2a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 14.152.86.48 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 219ca04c2c4216075197593145192ce36933a316cdc66ddec79dd2d1335a4d76

Request headers

Referer: http://www.btbcapitalgroupllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 15:00:45 GMT
ohc-cache-hit: dg2ct69 [4], fzctcache69 [4]
ohc-response-time: 1 0 0 0 0 0
last-modified: Tue, 20 Oct 2020 09:42:15 GMT
server: JSP3/2.0.14
age: 458724
etag: W/"5f8eb0f7-4b3c"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-encoding: gzip

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 425ms
425ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=29049890&si=91b0572403cfc247c9f4e6baa4fb8e2a&v=1.2.82&lv=1&sn=59954&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.btbcapitalgroupllc.com%2F&tt=%E4%B8%9C%E6%B5%B7%E8%A7%88%E9%87%8A%E5%81%A5%E8%BA%AB%E4%BF%B1%E4%B9%90%E9%83%A8

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.btbcapitalgroupllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 15:00:44 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET go1
ia.51.la/ 0
0

GET
H2 200 common.php Show response
api-66j8.com/ 81 B
345 B 733ms
242ms XHR
application/json 122.10.110.23
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-66j8.com/common.php?val=6666j8888&t=0.4749142573181715?v=06043403223344395

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

122.10.110.23 , Hong Kong, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

d5d5829f8336c5e24b0f5774ce44b01c6192ecaa79ee9fe9e7b0b78fac471ea2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.btbcapitalgroupllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:00:44 GMT
server: nginx
strict-transport-security: max-age=31536000
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H/1.1 200
OK push.js Show response
push.zhanzhang.baidu.com/ 281 B
752 B 514ms
482ms Script
text/javascript 112.34.113.148
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to

Full URL: http://push.zhanzhang.baidu.com/push.js
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: HTTP/1.1
Server: 112.34.113.148 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: apache /
Resource Hash: 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

Referer: http://www.btbcapitalgroupllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
Server: apache
Etag: "4078521116"
Vary: Accept-Encoding
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 227
Expires: Sat, 13 Aug 2022 15:00:44 GMT

GET
H/1.1 200
OK s.gif
api.share.baidu.com/ 0
116 B 883ms
593ms Image
text/plain 180.101.212.103
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.share.baidu.com/s.gif?l=http://www.btbcapitalgroupllc.com/
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: HTTP/1.1
Server: 180.101.212.103 , China, ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.btbcapitalgroupllc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:45 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H2

200

/ Show response
api-66j82.com/ Frame B479
Redirect Chain

http://api-66j82.com/?tt=1628866844
https://api-66j82.com/?tt=1628866844

641 B
794 B

872ms
288ms

Document
text/html

122.10.4.142
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-66j82.com/?tt=1628866844

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

122.10.4.142 , Hong Kong, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

0f64375dee632053f24ea294a5d792ddd9566d1a3086887aa5cb89ef00c1a925

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: api-66j82.com
:scheme: https
:path: /?tt=1628866844
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.btbcapitalgroupllc.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.btbcapitalgroupllc.com/

Response headers

server: nginx
date: Fri, 13 Aug 2021 15:00:46 GMT
content-type: text/html
content-length: 641
last-modified: Thu, 20 May 2021 15:53:08 GMT
etag: "60a685e4-281"
strict-transport-security: max-age=31536000
accept-ranges: bytes

Redirect headers

Server: nginx
Date: Fri, 13 Aug 2021 15:00:46 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://api-66j82.com/?tt=1628866844
Strict-Transport-Security: max-age=31536000

GET
H2 200 jquery-3.5.1.min.js Show response
api-66j82.com/ Frame B479 87 KB
34 KB 555ms
554ms Script
application/javascript 122.10.4.142
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-66j82.com/jquery-3.5.1.min.js

Requested by

Host: api-66j82.com
URL: https://api-66j82.com/?tt=1628866844

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

122.10.4.142 , Hong Kong, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://api-66j82.com/?tt=1628866844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:00:47 GMT
content-encoding: gzip
last-modified: Wed, 12 May 2021 16:32:50 GMT
server: nginx
etag: W/"609c0332-15d86"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Sat, 14 Aug 2021 03:00:47 GMT

GET
H2 200 api.js Show response
api-66j82.com/ Frame B479 2 KB
1 KB 570ms
570ms Script
application/javascript 122.10.4.142
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-66j82.com/api.js

Requested by

Host: api-66j82.com
URL: https://api-66j82.com/?tt=1628866844

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

122.10.4.142 , Hong Kong, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

31c44de747843df2f0bf9445445190a6ec717837a8d8b8d6fa2baff23e7f42ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://api-66j82.com/?tt=1628866844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:00:47 GMT
content-encoding: gzip
last-modified: Sun, 25 Jul 2021 11:03:56 GMT
server: nginx
etag: W/"60fd451c-803"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000
expires: Sat, 14 Aug 2021 03:00:47 GMT

POST
H2 200 api.php Show response
api-66j82.com/ Frame B479 16 B
167 B 290ms
290ms XHR
text/html 122.10.4.142
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://api-66j82.com/api.php

Requested by

Host: api-66j82.com
URL: https://api-66j82.com/jquery-3.5.1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

122.10.4.142 , Hong Kong, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

e1487bee98ca245b7648961f0367e4355d2dbc4236996c973449f9f54a27e2bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Referer: https://api-66j82.com/?tt=1628866844
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:00:47 GMT
content-encoding: gzip
vary: Accept-Encoding
server: nginx
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8

GET
H2 200 loading.gif
api-66j82.com/ Frame B479 12 KB
12 KB 295ms
295ms Image
image/gif 122.10.4.142
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api-66j82.com/loading.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

122.10.4.142 , Hong Kong, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

nginx /

Resource Hash

9e075ecd6d4df0e289dda0525e9c1974d2d4534762c819e7bc04e693698e4efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://api-66j82.com/?tt=1628866844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:00:48 GMT
last-modified: Fri, 14 May 2021 12:34:25 GMT
server: nginx
etag: "609e6e51-306d"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12397
expires: Sun, 12 Sep 2021 15:00:48 GMT

GET
H/1.1 200
OK / Show response
66j807.com/ Frame B479 784 B
1015 B 526ms
258ms Document
text/html 216.83.56.239
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: http://66j807.com:16678/?tt=1628866847874
Requested by: Host: api-66j82.com
URL: https://api-66j82.com/api.js
Protocol: HTTP/1.1
Server: 216.83.56.239 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: de927404a5eb2225f3693bb7a66545041938bbf9a72d86ea55c1b7a1201933db

Request headers

Host: 66j807.com:16678
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Fri, 13 Aug 2021 15:00:50 GMT
Content-Type: text/html
Content-Length: 784
Last-Modified: Mon, 26 Jul 2021 11:44:30 GMT
Connection: keep-alive
ETag: "60fea01e-310"
Accept-Ranges: bytes

GET
H/1.1 200
OK index.3e73f18a.css
66j807.com/static/ Frame B479 93 KB
30 KB 254ms
253ms Stylesheet
text/css 216.83.56.239
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: http://66j807.com:16678/static/index.3e73f18a.css
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/?tt=1628866847874
Protocol: HTTP/1.1
Server: 216.83.56.239 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 22b1c5aff0a8a0413a4cfd4b88253647d628a41a143a78c3eede56b27c261efc

Request headers

Referer: http://66j807.com:16678/?tt=1628866847874
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 11:44:30 GMT
Server: nginx
ETag: W/"60fea01e-1727e"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 14 Aug 2021 03:00:51 GMT

GET
H/1.1 200
OK chunk-vendors.a612c202.js Show response
66j807.com/static/js/ Frame B479 478 KB
171 KB 514ms
419ms Script
application/javascript 216.83.56.239
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/?tt=1628866847874
Protocol: HTTP/1.1
Server: 216.83.56.239 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 14a519d3aa9546d520f2e24227a95fd7097b4b3d6a7b456bb4470846f32f7e19

Request headers

Referer: http://66j807.com:16678/?tt=1628866847874
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 11:44:30 GMT
Server: nginx
ETag: W/"60fea01e-776a4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 14 Aug 2021 03:00:51 GMT

GET
H/1.1 200
OK index.c1596bb9.js Show response
66j807.com/static/js/ Frame B479 78 KB
17 KB 577ms
298ms Script
application/javascript 216.83.56.239
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: http://66j807.com:16678/static/js/index.c1596bb9.js
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/?tt=1628866847874
Protocol: HTTP/1.1
Server: 216.83.56.239 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 3d6d923e3415171f7277fd0ca3a7f671b9e7fcf290b6ca59bb0a3806d3f78cd7

Request headers

Referer: http://66j807.com:16678/?tt=1628866847874
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:51 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 11:44:30 GMT
Server: nginx
ETag: W/"60fea01e-138e9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 14 Aug 2021 03:00:51 GMT

GET
H/1.1 200
OK shadow-grey.png
cdn.dcloud.net.cn/img/ Frame B479 136 B
546 B 909ms
299ms Image
image/png 47.110.95.121
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.dcloud.net.cn/img/shadow-grey.png
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/index.3e73f18a.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.110.95.121 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:55 GMT
Last-Modified: Thu, 06 Jun 2019 06:42:07 GMT
Server: nginx
ETag: "5cf8b5bf-88"
Content-Type: image/png
Cache-Control: max-age=7200
Connection: close
Accept-Ranges: bytes
Content-Length: 136
Expires: Fri, 13 Aug 2021 17:00:55 GMT

GET
H/1.1 200
OK pages-detail-art~pages-detail-vod~pages-index-index~pages-play-play~pages-search-search~pages-type-a~3bdb0e93.834aefff.js Show response
66j807.com/static/js/ Frame B479 56 KB
15 KB 324ms
324ms Script
application/javascript 216.83.56.239
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: http://66j807.com:16678/static/js/pages-detail-art~pages-detail-vod~pages-index-index~pages-play-play~pages-search-search~pages-type-a~3bdb0e93.834aefff.js
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/index.c1596bb9.js
Protocol: HTTP/1.1
Server: 216.83.56.239 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 6a80e45b7a2b267bd23c2d372f947eb93176c679a36e6c4072eb2e19df1793a3

Request headers

Referer: http://66j807.com:16678/?tt=1628866847874
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 11:44:30 GMT
Server: nginx
ETag: W/"60fea01e-e04a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 14 Aug 2021 03:00:56 GMT

GET
H/1.1 200
OK pages-index-index.2bbdc98d.js Show response
66j807.com/static/js/ Frame B479 6 KB
2 KB 267ms
266ms Script
application/javascript 216.83.56.239
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: http://66j807.com:16678/static/js/pages-index-index.2bbdc98d.js
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/index.c1596bb9.js
Protocol: HTTP/1.1
Server: 216.83.56.239 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: dad2a28b02b09ee6d09e562604a6d996948cbea12001a463473c274b828f24e8

Request headers

Referer: http://66j807.com:16678/?tt=1628866847874
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jul 2021 11:44:30 GMT
Server: nginx
ETag: W/"60fea01e-178e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 14 Aug 2021 03:00:56 GMT

GET
H/1.1 200
OK bg.37e4cb06.jpg
66j807.com/static/img/ Frame B479 49 KB
49 KB 251ms
251ms Image
image/jpeg 216.83.56.239
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://66j807.com:16678/static/img/bg.37e4cb06.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/?tt=1628866847874
Protocol: HTTP/1.1
Server: 216.83.56.239 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 2ab579e319c9bd48f5bec40a3f17f4e61aa3529b864383747f76ffaeef82acbd

Request headers

Referer: http://66j807.com:16678/?tt=1628866847874
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:56 GMT
Last-Modified: Mon, 26 Jul 2021 11:44:30 GMT
Server: nginx
ETag: "60fea01e-c3e9"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50153
Expires: Sun, 12 Sep 2021 15:00:56 GMT

OPTIONS
H/1.1 200
OK config
61.184.225.14/web.php/index/ Frame 0
0 664ms
333ms Preflight
text/html 61.184.225.14
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://61.184.225.14:16678/web.php/index/config
Protocol: HTTP/1.1
Server: 61.184.225.14 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://66j807.com:16678
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 13 Aug 2021 15:00:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Content-Encoding: gzip

OPTIONS
H/1.1 200
OK type
61.184.225.14/web.php/index/ Frame 0
0 693ms
352ms Preflight
text/html 61.184.225.14
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://61.184.225.14:16678/web.php/index/type
Protocol: HTTP/1.1
Server: 61.184.225.14 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://66j807.com:16678
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 13 Aug 2021 15:00:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Content-Encoding: gzip

OPTIONS
H/1.1 200
OK base
61.184.225.14/web.php/index/ Frame 0
0 927ms
342ms Preflight
text/html 61.184.225.14
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://61.184.225.14:16678/web.php/index/base
Protocol: HTTP/1.1
Server: 61.184.225.14 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://66j807.com:16678
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 13 Aug 2021 15:00:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Content-Encoding: gzip

POST
H/1.1 200
OK config Show response
61.184.225.14/web.php/index/ Frame B479 1 KB
2 KB 669ms
334ms XHR
text/html 61.184.225.14
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://61.184.225.14:16678/web.php/index/config
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: HTTP/1.1
Server: 61.184.225.14 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx /
Resource Hash: b1134b5f5dcd821ad06bd302c52d1cb7592d1ae1822476956909790ac6d82062

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 13 Aug 2021 15:00:57 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding

POST
H/1.1 200
OK type Show response
61.184.225.14/web.php/index/ Frame B479 64 KB
25 KB 988ms
347ms XHR
text/html 61.184.225.14
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://61.184.225.14:16678/web.php/index/type
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: HTTP/1.1
Server: 61.184.225.14 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx /
Resource Hash: 93f593a0cd794e735afc19970031bfcf7d9d3b2839362170d2590ed3e529beae

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 13 Aug 2021 15:00:58 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding

OPTIONS
H/1.1 200
OK tj
61.184.225.14/web.php/index/ Frame 0
0 997ms
334ms Preflight
text/html 61.184.225.14
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://61.184.225.14:16678/web.php/index/tj
Protocol: HTTP/1.1
Server: 61.184.225.14 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://66j807.com:16678
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 13 Aug 2021 15:00:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Content-Encoding: gzip

POST
H/1.1 200
OK base Show response
61.184.225.14/web.php/index/ Frame B479 45 KB
22 KB 749ms
338ms XHR
text/html 61.184.225.14
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://61.184.225.14:16678/web.php/index/base
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: HTTP/1.1
Server: 61.184.225.14 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx /
Resource Hash: 4b37c0bf0f875131a7df9cc7382a955ec5e647e5ef128b202caea7f788005e3d

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 13 Aug 2021 15:00:58 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding

POST
H/1.1 200
OK tj Show response
61.184.225.14/web.php/index/ Frame B479 528 B
975 B 684ms
340ms XHR
text/html 61.184.225.14
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://61.184.225.14:16678/web.php/index/tj
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: HTTP/1.1
Server: 61.184.225.14 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx /
Resource Hash: f7ea5a1ef191c0f662e87fe327cbf8dae1e555768808a94cc194cbf24dba19c1

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 13 Aug 2021 15:00:58 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding

GET
DATA 200
OK truncated
/ Frame B479 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK index
61.184.225.14/web.php/index/ Frame 0
0 676ms
345ms Preflight
text/html 61.184.225.14
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://61.184.225.14:16678/web.php/index/index
Protocol: HTTP/1.1
Server: 61.184.225.14 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://66j807.com:16678
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Fri, 13 Aug 2021 15:00:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding
Content-Encoding: gzip

POST
H/1.1 200
OK index Show response
61.184.225.14/web.php/index/ Frame B479 21 KB
13 KB 561ms
354ms XHR
text/html 61.184.225.14
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: http://61.184.225.14:16678/web.php/index/index
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: HTTP/1.1
Server: 61.184.225.14 Huangpu, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: nginx /
Resource Hash: bb271dcd82acd46f84ae6da36e1d91d0cfa53965e6a0b453f8083a4370ca983b

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Fri, 13 Aug 2021 15:00:58 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: x-requested-with, Referer,content-type,token,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Accept-Language, Origin, Accept-Encoding

GET
DATA 200
OK truncated
/ Frame B479 919 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25cc58a40625a60243345408d5da679a837026db3755a77c64381822c4cce2f3

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 08dc123ffc0c4ee1b0d5559f3afbf625
p5.toutiaoimg.com/origin/pgc-image/ Frame B479 49 KB
50 KB 2600ms
1046ms Image
image/png 211.137.95.103
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p5.toutiaoimg.com/origin/pgc-image/08dc123ffc0c4ee1b0d5559f3afbf625
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.137.95.103 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 33e37c34b13c74f5643fdcbfd36c72a20b21cbe26519a615b526cf1f00b5bbac

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:14:17 GMT
x-response-lb: image
x-tt-trace-tag: id=5
age: 2587602
nw-session-id: 2021071500141701019806507244205045-b11499a4-6551-4a4d-9ce1-a62b3bb731f201tt
x-powered-by: ImageX
x-response-cinfo: 86.106.103.4
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=4
x-length: 50023
content-length: 50023
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:14:17.095854737+08:00 29
last-modified: Wed, 14 Jul 2021 16:14:17 GMT
server: nginx
x-tt-logid: 2021071500141701019806507244205045
x-response-date: Thu, 15 Jul 2021 00:14:17 GMT
x-bdcdn-logid: cd44686264d8d81f6ce4abfbddea02a7
content-type: image/png
via: cache02.cdcm04
x-request-ip: 86.106.103.4
cache-control: max-age=31536000
x-tt-trace-host: 01fee7be28756c006a5243d3f642af7807bab649e39acb2b7cf699f3bfa2f5b5f61fe4a201ba6392a771a2fd488830567b2b329be8ce6bc0ac7b41f233cc9b398454a7014a30308ed558b98b447bf4d7bc3f8db2156b29710fe4abbb14dd54c43a8ae0468bc4649a123e29f1b04b374019
x-response-cache: edge_hit
timing-allow-origin: *

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame B479 40 KB
15 KB 1443ms
741ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?91b0572403cfc247c9f4e6baa4fb8e2a

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

74f95b23298bd39d90602f28ef25610010b7eea1dc1880d4477db89415b00d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:00:59 GMT
Content-Encoding: gzip
Server: apache
Etag: 96b0ebdfc376e59f53bcfe6341e61a3d
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14353

GET
H2 200 a7f950580bd042cd98cfd19ed42a04d9
p3.toutiaoimg.com/origin/pgc-image/ Frame B479 1 MB
1 MB 218ms
87ms Image
image/gif 47.246.43.228
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.toutiaoimg.com/origin/pgc-image/a7f950580bd042cd98cfd19ed42a04d9
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.228 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: e98f25b5a593bb1eb9a12cfadcd1cf2103c8bb7058ca7de552ca95d9e8516fa1

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:09:40 GMT
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 2587878
nw-session-id: 202107150009390101980650241A224C77-6734f8de-7dff-40f4-a7ba-b9496df313a303tt
x-powered-by: ImageX
x-cache: HIT TCP_HIT dirn:0:133914819
x-bdcdn-cache-status: TCP_MISS
x-swift-cachetime: 31531997
server-timing: cdn-cache;desc=HIT,edge;dur=4
x-length: 1261865
x-tt-trace-host: 0122a99480124070136c4f143338db216b84b45d349d8d81a79f3d661c00171dc7a7fe3670e8684b468f7b11b09e1b28949e0855e324c2addf9621928244748f3f45041eb9d69c0d84edc6ca8d83521f1f2d525bdec00e3cd47b20d292f915dc98
content-length: 1261865
via: cache10.l2ot7[0,0,200-0,H], cache28.l2ot7[1,0], cache28.l2ot7[2,0], cache1.de2[0,1,200-0,H], cache1.de2[4,0]
last-modified: Wed, 14 Jul 2021 16:09:40 GMT
server: Tengine
x-tt-logid: 202107150009390101980650241A224C77
x-response-date: Thu, 15 Jul 2021 00:09:40 GMT
ali-swift-global-savetime: 1626278980
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:09:40.043459388+08:00 45
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
timing-allow-origin: *, *
eagleid: 2ff62b9516288668587834048e
x-swift-savetime: Wed, 14 Jul 2021 17:16:23 GMT

GET
DATA 200
OK truncated
/ Frame B479 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e477960a5e72f53fc883f851ecf89c844f1ec6cdf4692140cc97012d3223dc7

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9864f34b6a84466c95d6c384cd3129b7
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 4 MB
4 MB 2056ms
246ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/9864f34b6a84466c95d6c384cd3129b7
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 91dec11b710df85794e8d3ea7bb25abcf11d0b5b5e414e5aa69f73df0d23c9f6

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:09:43 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 2587876
nw-session-id: 2021071500094301015108502119289467-5ffeca40-7ee3-4b71-8965-14e3cd6d7de602tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-SJZ-MP-03-12, HIT from KS-CLOUD-LY-CM-04-13, HIT from KS-CLOUD-NJ-CM-23-32
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=164
x-length: 3960990
x-tt-trace-host: 0122a99480124070136c4f143338db216baf6a47ba4141c99d366ad01ae878d992006e6250c0b64910355a30d9675aac62a4b285659876a92c5ceef210cd0739a27143f6ebae6f5233fa7978ab3cd429865730f3d5092bae15eec20d9241117a35d0e3e7f4cece0a164b609f973dc0535ec1021e6a3752b4a4eb60d80e2e32d6ee
content-length: 3960990
timing-allow-origin: *
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:09:43 GMT
server: nginx
x-tt-logid: 2021071500094301015108502119289467
x-response-date: Thu, 15 Jul 2021 00:09:43 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:09:43.40845263+08:00 136
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
x-response-cache: edge_hit
x-cdn-request-id: 5bf31c419a6e32f8edf959eca9e72288
expires: Thu, 14 Jul 2022 16:09:43 GMT

GET
H2

200

GxFp.gif
go.imgdidi.xyz/2021/06/28/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/28/GxFp.gif
https://go.imgdidi.xyz/2021/06/28/GxFp.gif

150 KB
151 KB

45ms
17ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/28/GxFp.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98206fd32ca94363fbedaf0416eb6e4d6b03b182ae763708dfd6756175b6d106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262565
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 153645
last-modified: Mon, 28 Jun 2021 09:47:22 GMT
server: cloudflare
etag: "60d99aaa-2582d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TojvfuFrebOacoClUqYnjxdW2eHUO3CRWXzhdHE9CIy%2FyDl3IQmpLOYuGj9H5FkY%2F9O1fbt8p4Z2I8iXb4GDBw9%2F9uIuxetVqV3i%2F6olku%2Bndv7fP5L0jlTejAXnbynH8y5IAAXAHIUTJgUCvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0f489a1dfcf-FRA
expires: Thu, 09 Sep 2021 14:04:55 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/28/GxFp.gif
Date: Fri, 13 Aug 2021 15:01:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2 200 0eca71cc20c4436db26678d5467c0469
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 191 KB
192 KB 3548ms
1738ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/0eca71cc20c4436db26678d5467c0469
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: fe1e6974ed03fe0e814143431c0fb928f07e961915a68ae0e033005581030a53

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 17:54:14 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 1976806
nw-session-id: 2021072201541501013109819637244863-7bf3952b-e568-4438-bbae-7abfe5b3d1cb01tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-NB-MP-02-12, HIT from KS-CLOUD-WX-CM-09-16, HIT from KS-CLOUD-NJ-CM-23-18
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=4
x-length: 195736
x-tt-trace-host: 01e054a13357ffe766e089b0b05a93fa34089494f224c30f9a16c10b1f387fcbaa103ef2d98d0706dcd6183d53238e9abae55f06fe85475d26508254edde95e1a7ae9a15e37d4aac092b2be6c44fdc162bab049b4be74fa68ce323fd031adf3d151184ae4070fc4c62bc08f3d8ebf77951
content-length: 195736
timing-allow-origin: *
accept-ranges: bytes
last-modified: Wed, 21 Jul 2021 17:54:15 GMT
server: nginx
x-tt-logid: 2021072201541501013109819637244863
x-response-date: Thu, 22 Jul 2021 01:54:15 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-22T01:54:15.387865828+08:00 34
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
x-response-cache: edge_hit
x-cdn-request-id: d9abc6e19c19b86a3b8052e208967d9a
expires: Thu, 21 Jul 2022 17:54:14 GMT

GET
H2

200

kJc.gif
go.imgdidi.xyz/2021/06/07/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/07/kJc.gif
https://go.imgdidi.xyz/2021/06/07/kJc.gif

488 KB
489 KB

48ms
23ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/07/kJc.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

316c5b1308bc0cc319b29d6395403b20d5e58ebd08f0d36fde81865c06d77001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262564
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 499724
last-modified: Mon, 07 Jun 2021 05:23:31 GMT
server: cloudflare
etag: "60bdad53-7a00c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kq8lQwO7QiRMUBOqSGJkKRLOmb0diG0oQBIlb2loebztS0tTtsvd9z4Ih8G%2BWKoyr7HWZ0r%2FBULiURlQy62iIP29xhPso0JP1DB06gO2lWW8AcnABBNYEhhAwaFcH1Mj1YrdQIrYHd9bF3A%2FTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0f489a4dfcf-FRA
expires: Thu, 09 Sep 2021 14:04:56 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/07/kJc.gif
Date: Fri, 13 Aug 2021 15:01:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2 200 e8308832e68e41ddb9aa2cc83a65dd87
p9.toutiaoimg.com/origin/pgc-image/ Frame B479 123 KB
124 KB 981ms
500ms Image
image/gif 4.34.42.103
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p9.toutiaoimg.com/origin/pgc-image/e8308832e68e41ddb9aa2cc83a65dd87
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.34.42.103 Denver, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 24e704ad1baa400d9b1d98285bcfd280d4f0617adf67de7e168155107266213a

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:00:59 GMT
x-response-lb: image
x-tt-trace-tag: id=00;cdn-cache=miss
nw-session-id: 20210804001524010150101086002565C3-ed034053-ffe5-4b95-a50b-2e984e80204301tt
x-powered-by: ImageX
x-cache: HIT from BC101_US-Colorado-Denver-1-cache-1(baishan)
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=4
x-length: 125579
x-tt-trace-host: 01e1b2ec6c0c691a9b6296d759f19711a7e6c68c37396e3505592bc857c3d0caa03bf7e057f6ef6dc84af98ede801194aac54b9907093975d0e0c2576a8f024b460d6634cbb9cd6fc94072c7ca4c0609e4dfa7567b40a8d11e7b87426803b04168
content-length: 125579
last-modified: Tue, 03 Aug 2021 16:15:24 GMT
server: nginx
x-tt-logid: 20210804001524010150101086002565C3
x-response-date: Wed, 04 Aug 2021 00:15:24 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-08-04T00:15:24.310901574+08:00 20
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *
x-ser: BC154_dx-lt-yd-jiangsu-huaian-8-cache-8, BC154_dx-lt-yd-jiangsu-huaian-8-cache-8, BC41_US-Michigan-chieago-1-cache-2, BC101_US-Colorado-Denver-1-cache-1

GET
H2 200 ff41370bf441464cbee74a07a1452b75
p5.toutiaoimg.com/origin/pgc-image/ Frame B479 410 KB
411 KB 1058ms
291ms Image
image/gif 211.137.95.103
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p5.toutiaoimg.com/origin/pgc-image/ff41370bf441464cbee74a07a1452b75
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.137.95.103 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 0b1592c4f54f440f3c10e02eb96037ae5a2987461f80b217cc963ce209305111

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:09:41 GMT
x-response-lb: image
x-tt-trace-tag: id=5
age: 2587878
nw-session-id: 202107150009410101510922274E25CF58-23836469-dc1f-4d5e-837c-d884c06d9d6c02tt
x-powered-by: ImageX
x-response-cinfo: 86.106.103.4
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=0
x-length: 419512
content-length: 419512
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:09:41.874175133+08:00 61
last-modified: Wed, 14 Jul 2021 16:09:41 GMT
server: nginx
x-tt-logid: 202107150009410101510922274E25CF58
x-response-date: Thu, 15 Jul 2021 00:09:41 GMT
x-bdcdn-logid: 0c3744cd1ae3be09f50bcf76e0f9929c
content-type: image/gif
via: cache02.cdcm04
x-request-ip: 86.106.103.4
cache-control: max-age=31536000
x-tt-trace-host: 0122a99480124070136c4f143338db216ba85e63a43604d20469421aa9ea9406817c67456e127b183d775c1bcc432578c6ad69ef0234fe535740b71444881e762069f193a38b3865a10c147c64f2afeca4d6d452afa6f37df208efd9137343e34c7139208ec5593033542c71d9e200f9d8
x-response-cache: edge_hit
timing-allow-origin: *

GET
H2 200 1d90115a50ad494d98b3155e2203240e
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 82 KB
83 KB 3548ms
1739ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/1d90115a50ad494d98b3155e2203240e
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 41c1645f9b2fec9dee8cb2fae29cb5e9408f23c9afa0940d2e221dc57efe3a61

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:08:58 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 2587921
nw-session-id: 20210715000857010131076159381F7470-0c70e27b-5132-4454-8222-0292a35d3e5803tt
x-powered-by: ImageX
x-cache-status: MISS from KS-CLOUD-HF-MP-63-15, HIT from KS-CLOUD-LY-CM-03-06, HIT from KS-CLOUD-NJ-CM-23-32
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=96
x-length: 84450
x-tt-trace-host: 01ecc10cc3aa98ba9ddd8bb8e1fedff263e85babdb1f7a5db12750f8d50d41718475df71d60cc9fb639128183c77c6bf9ad2f3a2a07a8b73742b461a6b0a88c0f4d5f8606f89fc7f3640833d795c6a3f695ee39ba4b8aa0e055e427881749e4b6d5609198fd8a1ce20d225ab77d4833f343a63d169bbd0b6b2b6bd8850fdb3a0c0
content-length: 84450
timing-allow-origin: *
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:08:57 GMT
server: nginx
x-tt-logid: 20210715000857010131076159381F7470
x-response-date: Thu, 15 Jul 2021 00:08:57 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:08:57.628690387+08:00 83
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
x-response-cache: edge_hit
x-cdn-request-id: 8f9ecf2f5abaecca8c9253878fa18554
expires: Thu, 14 Jul 2022 16:08:58 GMT

GET
H2 200 144e8de43aab412683fc56c42b00aaf6
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 362 KB
364 KB 3447ms
1250ms Image
image/gif 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/144e8de43aab412683fc56c42b00aaf6
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: 73810d7a22f8e4a5a6bd1c762beb4f3bbdbf243258c8c747a02bba7c49eae470

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:01 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 2587584
nw-session-id: 2021071500143701015010109953283E17-fd4013f1-e392-40a8-93f1-be2d51450c9403tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT, edge;dur=9
x-length: 371053
x-tt-trace-host: 01fee7be28756c006a5243d3f642af7807d3e9560048f372efc8403870109b24e23b2c5081dc871a0a08851e613f94fc67f015cf36654828eb8c70eb77b74e22be3ccc0f3d004ed90be62bb4757d4f6b7ec8489629b5375aff82844b76f93fc06d2430100d0087190863be22d6926578ec
content-length: 371053
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[9],CHN-HAzhengzhou-AREACUCC1-CACHE35[0,TCP_HIT,2],CHN-TJ-GLOBAL1-CACHE64[29],CHN-TJ-GLOBAL1-CACHE97[26,TCP_MISS,29]
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:14:37 GMT
server: openresty
x-tt-logid: 2021071500143701015010109953283E17
x-response-date: Thu, 15 Jul 2021 00:14:37 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:14:37.647659046+08:00 77
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H3-29

200

G0zh.gif
go.imgdidi.xyz/2021/06/28/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/28/G0zh.gif
https://go.imgdidi.xyz/2021/06/28/G0zh.gif

111 KB
111 KB

31ms
19ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/28/G0zh.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2063e84e19642d186b9322d46c8d86a4557050aabdbba94c574fde7d65ff1125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262563
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 113263
last-modified: Mon, 28 Jun 2021 09:48:09 GMT
server: cloudflare
etag: "60d99ad9-1ba6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIjLvEsF6H0K7gwnZO%2B%2FesDW2qKVUX7nHl0uIptPgOx573mx%2BYaY%2FGFEcu4t%2F4z9I5u3%2BP9fcKsJidlm5WdtQdE4lvlMul6xDq%2FBgHzbqvaDF0zdkqymWOTbTV%2FRwtIgwZTqxmO5xW4RWoOevQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0f69fc7434b-FRA
expires: Thu, 09 Sep 2021 14:04:57 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/28/G0zh.gif
Date: Fri, 13 Aug 2021 15:01:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H3-29

200

GceH.gif
go.imgdidi.xyz/2021/06/28/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/28/GceH.gif
https://go.imgdidi.xyz/2021/06/28/GceH.gif

114 KB
115 KB

15ms
13ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/28/GceH.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

211bf2d5f6326603f61ee374c9950d30f623d0977aeba8763652367776c0b437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262562
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 116990
last-modified: Mon, 28 Jun 2021 09:48:38 GMT
server: cloudflare
etag: "60d99af6-1c8fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MSlc8TgqSWzt7GmxMSEdr%2BICE8TVzVsDhorDnde2HqpFrN4AGK%2Fhdj1Gfp9b0%2FeX4KDa5BMXaPGky5AtEX8lp2Z0%2B4OfK1RpuR3YeAp8ccveFnjQd%2BzVHtNFl%2FiVjUBUuY3upHOYR4pFzRvQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0f69fc5434b-FRA
expires: Thu, 09 Sep 2021 14:04:58 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/28/GceH.gif
Date: Fri, 13 Aug 2021 15:01:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H3-29

200

GdcM.gif
go.imgdidi.xyz/2021/06/29/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/29/GdcM.gif
https://go.imgdidi.xyz/2021/06/29/GdcM.gif

192 KB
193 KB

36ms
36ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/29/GdcM.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

625efaaa7b4d875cf8cf3b555b0646b76e0e0e1ab179e1a60aab5e989e862d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262562
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 196808
last-modified: Tue, 29 Jun 2021 09:19:28 GMT
server: cloudflare
etag: "60dae5a0-300c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZp95N1WvN1GDWHNnsxXUC8iENhF3y4XjK9zM9V9H%2F%2Bjb75haiccZFIKyjG2J3Mw8oB%2F%2BbDSpIxnT868uXAtvI2sX6qeK8oTkm5yinY%2BqqytvLP2fJQ3Vg22k8sH7N1qpuD1QcfCSGXZt9o0Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0f69fdd434b-FRA
expires: Thu, 09 Sep 2021 14:04:58 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/29/GdcM.gif
Date: Fri, 13 Aug 2021 15:01:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H3-29

200

GgRu.gif
go.imgdidi.xyz/2021/06/29/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/29/GgRu.gif
https://go.imgdidi.xyz/2021/06/29/GgRu.gif

265 KB
265 KB

38ms
38ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/29/GgRu.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae0f62590201afe0d30fc3646b5e2a220f7d0dace46b44079a97fdd4e434891b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262561
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 271176
last-modified: Tue, 29 Jun 2021 09:19:54 GMT
server: cloudflare
etag: "60dae5ba-42348"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNpjXQjFL1eW8wTzArAKlxIb3L%2BiTtfCqUtFX%2FSc2MSEGQKcNw08t3fp5ypHB6tJWT6n2G4Vhvyh364pkEStJ5A92ZtAkQvv5UnnhiqjSmZSWkyS3LNWXj918L2qP0%2FV4RkGiPEQtXJh64PdUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0f6affc434b-FRA
expires: Thu, 09 Sep 2021 14:04:58 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/29/GgRu.gif
Date: Fri, 13 Aug 2021 15:01:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2 200 4d4f48e85b254402b13c4b388a0abbff
p3.toutiaoimg.com/origin/pgc-image/ Frame B479 19 KB
20 KB 59ms
59ms Image
image/jpeg 47.246.43.228
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.toutiaoimg.com/origin/pgc-image/4d4f48e85b254402b13c4b388a0abbff
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.228 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 4ba3b1f7f95575c09f9243190d8e6d782d4e269435075d18d5f13e93750ce18d

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 18:01:07 GMT
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 2581193
nw-session-id: 202107150022430101351500375A1E42B8-6cffd152-7561-4f4e-893b-5aaf11ceb08b03tt
x-powered-by: ImageX
x-cache: HIT TCP_HIT dirn:0:7237713
x-bdcdn-cache-status: TCP_HIT
x-swift-cachetime: 29785372
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-length: 19495
x-tt-trace-host: 015fa46176102a63b701676c8288d130e2766f71601a49cf6a063bffb3f9157f57b571075036f3551a30fb16341354a4b90c8e29eb4cfe8cccc9b18610dc593d8a7d13bc16582f4912674af4e40b76168da6a3e3b05b5f602623d03329764c4917
content-length: 19495
via: cache7.l2de2[0,0,200-0,H], cache4.l2de2[1,0], cache4.l2de2[1,0], cache4.de2[0,0,200-0,H], cache1.de2[2,0]
last-modified: Wed, 14 Jul 2021 16:22:43 GMT
server: Tengine
x-tt-logid: 202107150022430101351500375A1E42B8
x-response-date: Thu, 15 Jul 2021 00:22:43 GMT
ali-swift-global-savetime: 1626285667
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:22:43.823207251+08:00 14
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
timing-allow-origin: *, *
eagleid: 2ff62b9516288668602888148e
x-swift-savetime: Wed, 04 Aug 2021 00:18:15 GMT

GET
H2 200 d3ac4293bd7048d0a1adeab23452fc39
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 20 KB
21 KB 1678ms
940ms Image
image/jpeg 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/d3ac4293bd7048d0a1adeab23452fc39
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: 8a70fed1772ebe04aa2baa08566ae87091ac2d61f43c9cbb203eef535ab0452c

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:01 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 860548
nw-session-id: 20210803235832010135150037521C9C00-fc82445f-a2d1-4037-9de1-e5aa83c53c4003tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT, edge;dur=6
x-length: 20295
x-tt-trace-host: 01c98da05ab111839d1213048bc657e29619eb5a0112fcb6d2ca8d7fcdde53f110780ed8dddd590201b06a380bd7c6925bda576480776c584fad91c6ade96161e7f0078ecc1a13a62f91be7f41a9a0779ebc0fc5037c1345002e532698e2564bb5df796ddb19b1387a9a4726f58406ec23
content-length: 20295
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[6],CHN-HAzhengzhou-AREACUCC1-CACHE62[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE110[28],CHN-TJ-GLOBAL1-CACHE102[25,TCP_MISS,26]
accept-ranges: bytes
last-modified: Tue, 03 Aug 2021 15:58:32 GMT
server: openresty
x-tt-logid: 20210803235832010135150037521C9C00
x-response-date: Tue, 03 Aug 2021 23:58:32 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2021-08-03T23:58:32.371403452+08:00 62
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H2 200 c265d657afc94dc5b6e32fed5992362f
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 16 KB
17 KB 1706ms
1705ms Image
image/jpeg 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/c265d657afc94dc5b6e32fed5992362f
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: ad0c17a72d6f307a36e57b91a0538e1d8367a6805f49bedabb26fd5f5974873a

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:58:32 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 860547
nw-session-id: 202108032358320101940981994B1FBCB1-a4304824-0eea-4278-8b40-7203f30d12e801tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-HF-MP-61-19, HIT from KS-CLOUD-WH-CM-03-10, HIT from KS-CLOUD-NJ-CM-23-05
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=49
x-length: 16314
x-tt-trace-host: 01f589afee2af59ab8efba88409c9b7744001484426a09425f29e8fdcd74e8ef82fb2eab4a34c26b127c42d27ef142fd0bee1e58058e198a727239d0e62ae04d22723e4c92c8002cdc65e7ea232e64c82603970e04aaaaf8d5cd71073454d5d38eac13e3fca48f2bbcc96dcc356759804bf61b49d703c815a7286444256b22203f
content-length: 16314
timing-allow-origin: *
accept-ranges: bytes
last-modified: Tue, 03 Aug 2021 15:58:32 GMT
server: nginx
x-tt-logid: 202108032358320101940981994B1FBCB1
x-response-date: Tue, 03 Aug 2021 23:58:32 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2021-08-03T23:58:32.853399283+08:00 46
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
x-cdn-request-id: 7b559702906d0b027d573ef0dd2f9555
expires: Wed, 03 Aug 2022 15:58:32 GMT

GET
H2

200

7gq.gif
xs.imgpipi.xyz/2021/06/06/ Frame B479
Redirect Chain

http://xs.imgpipi.xyz/2021/06/06/7gq.gif
https://xs.imgpipi.xyz/2021/06/06/7gq.gif

582 KB
583 KB

46ms
22ms

Image
image/gif

2606:4700:3034::ac43:c0fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xs.imgpipi.xyz/2021/06/06/7gq.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:c0fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e63897e0d38447d330299baf3446102a6f69e1e543401146114400d854050fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521108
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 595964
last-modified: Sun, 06 Jun 2021 10:46:19 GMT
server: cloudflare
etag: "60bca77b-917fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYJYTtWXaZyZAWSvRHIg1fr21B7HdnnFbQhapevQkmD1JUNler37xWAy0PJzY2k%2Bln6Rp%2FZrtqJhDyhlj21SpX%2BES0kR0GS4PIP67fpvD%2FED7zlr11zn7ZR%2B0iQ0WmCCVYSR6l4R57wTS2lFfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0f699810610-FRA
expires: Mon, 06 Sep 2021 14:15:52 GMT

Redirect headers

Date: Fri, 13 Aug 2021 15:01:00 GMT
Connection: keep-alive
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 521110
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CHXhJvLt7AGHQ86JUwVzb2UcALkcPMTbVHXPytPlKU5noPnYYA71KGQdcw%2Bc0uce5KYiRCpXlZa4bRkXLeFYrw1GWfQESOOJT3e%2B1g6%2BTGki%2Bwh0f3BuQWN9mAQU%2FTGVUIUcI7T8NTzx%2Fq%2BcA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/html
location: https://xs.imgpipi.xyz/2021/06/06/7gq.gif
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
strict-transport-security: max-age=31536000
CF-RAY: 67e2d0f64f4d2b16-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29

200

GYTI.gif
go.imgdidi.xyz/2021/06/18/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/18/GYTI.gif
https://go.imgdidi.xyz/2021/06/18/GYTI.gif

583 KB
584 KB

39ms
39ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/18/GYTI.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b15722000c8f6496a002692cb99b7bd6d66f49a5c89824c4238934db50e38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 515735
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 597091
last-modified: Fri, 18 Jun 2021 10:24:10 GMT
server: cloudflare
etag: "60cc744a-91c63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsGbDb%2B4%2BaZVV9UcFqoPoeI3lmLXYw742ikG3hCEO0ALp3cwtN6HT6QKfyL6AZzWrc3AjO7d%2F147uDlPcvbtZjyKDXrcNYgfuN%2Bt4so86VHZar%2FwvDHMDBclDplP4OCFyt0gSNs0TFWLAQi%2BsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0f8be7c434b-FRA
expires: Mon, 06 Sep 2021 15:45:25 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/18/GYTI.gif
Date: Fri, 13 Aug 2021 15:01:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2 200 5174f3ada70d4d8ca7d7324d44d0ccaa
p3.toutiaoimg.com/origin/pgc-image/ Frame B479 383 KB
384 KB 61ms
61ms Image
image/gif 47.246.43.228
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.toutiaoimg.com/origin/pgc-image/5174f3ada70d4d8ca7d7324d44d0ccaa
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.228 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 055ca0e89e99137c70f52f4a882f991292a972e92fbf2ba5d92462cc89f8008f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:15:57 GMT
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 1820703
nw-session-id: 202107232115080101980621715F1DF069-eedb6e1c-0048-4306-8688-ab43fcc5d39202tt
x-powered-by: ImageX
x-cache: HIT TCP_HIT dirn:10:275865777
x-bdcdn-cache-status: TCP_HIT
x-swift-cachetime: 31535166
server-timing: cdn-cache;desc=HIT,edge;dur=3
x-length: 391953
x-tt-trace-host: 0149c4e79e37a353e574b1866ba4441c0491fce05185ce578705430e07dd1344ef722771fe63e8a9385a6977b136537f5dca384b60844589b5137f90fd28c475bd2810b08a56ea75201969281369d6fcca31a5cfefe459eea30fecb54a8a42bd97
content-length: 391953
via: cache38.l2ot7[0,0,200-0,H], cache53.l2ot7[0,0], cache53.l2ot7[1,0], cache11.de2[0,0,200-0,H], cache1.de2[3,0]
last-modified: Fri, 23 Jul 2021 13:15:08 GMT
server: Tengine
x-tt-logid: 202107232115080101980621715F1DF069
x-response-date: Fri, 23 Jul 2021 21:15:08 GMT
ali-swift-global-savetime: 1627046157
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-23T21:15:08.30115542+08:00 103
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
timing-allow-origin: *, *
eagleid: 2ff62b9516288668606131108e
x-swift-savetime: Fri, 23 Jul 2021 13:29:51 GMT

GET
H2 200 f5a31f358e88444aac2e51d6002d389f
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 547 KB
549 KB 1589ms
1589ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/f5a31f358e88444aac2e51d6002d389f
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 5a90ff3bf6a32e7d9e86f0111c11851a0ece5f89713d45e096a706d330582637

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:14:14 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 2587606
nw-session-id: 20210715001417010150100227272896DC-7c31b6a3-9e43-4dd9-a42e-73d014084abf03tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-FZ-MP-02-19, HIT from KS-CLOUD-CS-CM-16-04, HIT from KS-CLOUD-NJ-CM-23-18
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=64
x-length: 560319
x-tt-trace-host: 01fee7be28756c006a5243d3f642af780797b47ad15fad57fc232bcdd0e184c47986a5d9b600fa4bc9c23ece99eb8ecd95d5fc304da279fa918648dae6e618ac378d110918c74440d16af832820db27f17d9bdc6644316028509dcf57754237d677db80aa803f18e6dbda7c4e5bf4ed5dae07eac15c05bd9893e5bc3baf02d8b2e
content-length: 560319
timing-allow-origin: *
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:14:17 GMT
server: nginx
x-tt-logid: 20210715001417010150100227272896DC
x-response-date: Thu, 15 Jul 2021 00:14:17 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:14:17.077446624+08:00 59
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
x-response-cache: edge_hit
x-cdn-request-id: e0e5d639917f8fe66c87e2a85f0b0d58
expires: Thu, 14 Jul 2022 16:14:14 GMT

GET
H/1.1 200
OK appTitle.740e8d1a.png
66j807.com/static/img/ Frame B479 27 KB
28 KB 258ms
257ms Image
image/png 216.83.56.239
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://66j807.com:16678/static/img/appTitle.740e8d1a.png
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: HTTP/1.1
Server: 216.83.56.239 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 19a519b9d0d71ce213e2c6fcdc4fcc7a951c33a876aea9b1617fd27b0a89b4f4

Request headers

Referer: http://66j807.com:16678/?tt=1628866847874
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:01:00 GMT
Last-Modified: Mon, 26 Jul 2021 11:44:30 GMT
Server: nginx
ETag: "60fea01e-6d0d"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27917
Expires: Sun, 12 Sep 2021 15:01:00 GMT

GET
H2 200 290299ed48d84c7b99d8fbd8a96a254c
p3.toutiaoimg.com/origin/pgc-image/ Frame B479 182 KB
183 KB 64ms
63ms Image
image/gif 47.246.43.228
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.toutiaoimg.com/origin/pgc-image/290299ed48d84c7b99d8fbd8a96a254c
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.228 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: b349c187657aac001daafe636bf8c97f2c81c13f526886cb3fc9bafc0b8cb6df

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:15:13 GMT
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 859547
nw-session-id: 20210804001309010194098219022073DE-c7e70150-e525-4637-8cba-6be90747a36403tt
x-powered-by: ImageX
x-cache: HIT TCP_HIT dirn:10:93270763
x-bdcdn-cache-status: TCP_HIT
x-swift-cachetime: 31526858
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-length: 186342
x-tt-trace-host: 017fdbcca7fd16da951b363231b52079a44213d24536a7e881717125843a8ce60571e7354d3c1299981b309200c4774a70a3207a50b2ea80936cddb0c4d3505c6fe44bdea0481b8dc4ef7c59fda00ed00250e224c7253934baac8a80f751f42706
content-length: 186342
via: cache6.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.l2de2[1,0], cache7.de2[0,0,200-0,H], cache1.de2[2,0]
last-modified: Tue, 03 Aug 2021 16:13:09 GMT
server: Tengine
x-tt-logid: 20210804001309010194098219022073DE
x-response-date: Wed, 04 Aug 2021 00:13:09 GMT
ali-swift-global-savetime: 1628007313
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-08-04T00:13:09.509348411+08:00 29
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
eagleid: 2ff62b9516288668606201139e
x-swift-savetime: Tue, 03 Aug 2021 18:47:35 GMT

GET
H2 200 bf220e6f48ae46039fe64958d40e829f
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 1001 KB
1003 KB 1582ms
1581ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/bf220e6f48ae46039fe64958d40e829f
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: a8be1fe1bc8d750fd534173dc8f6a1819417dd78f3dbff13411a34a1bced7122

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:45:51 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 1347309
nw-session-id: 2021072908455101019409819841309966-6c1bbcb4-3763-43f0-86d6-caa1c870152101tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-HUZ-MP-01-11, HIT from KS-CLOUD-NC-CM-05-08, HIT from KS-CLOUD-NJ-CM-23-18
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=294
x-length: 1025485
x-tt-trace-host: 014385e574af237cc504ed5e939485fadbf504a6101ca27ec3caf56dbd19df3c6589785fcdf608c063f018a8e243c165f741bb34df0b80837fb213ad7774001889dc717c5b5bef67398c76d0e85ad9533e14ff4628b8c93423a196d55c55f3cb169a7727a155d6cde5d20a0508fdcb641e28bab4890d22d123f8cd90cbd8159265
content-length: 1025485
timing-allow-origin: *
accept-ranges: bytes
last-modified: Thu, 29 Jul 2021 00:45:51 GMT
server: nginx
x-tt-logid: 2021072908455101019409819841309966
x-response-date: Thu, 29 Jul 2021 08:45:51 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-29T08:45:51.359390342+08:00 173
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
imagex-fmt: gif2gif
x-response-cache: edge_hit
x-cdn-request-id: 9ad6a600e66de5d0dac8a6438cfa5ecb
expires: Fri, 29 Jul 2022 00:45:51 GMT

GET
H3-29

200

aAI.gif
go.imgdidi.xyz/2021/06/06/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/06/aAI.gif
https://go.imgdidi.xyz/2021/06/06/aAI.gif

12 KB
12 KB

14ms
14ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/06/aAI.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1aefacddc6a696855eebc3754f39280b93f27d6fe52ea95102d24938e9c0850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262560
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11956
last-modified: Sun, 06 Jun 2021 12:40:12 GMT
server: cloudflare
etag: "60bcc22c-2eb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDcQb1c704XFen5Okryc1VOy0NxKg3reXpBgDwLDx2kR6tovg8zOc2LsRG6SmAENwSkybGgjPOn4ZRB4oua2qstvmi1peqdmq6HwW8YTMNawoQaYli7rASbO8GxrlFb%2B1nNYdyGGE%2F8wX1m1Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0f8be8d434b-FRA
expires: Thu, 09 Sep 2021 14:05:00 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/06/aAI.gif
Date: Fri, 13 Aug 2021 15:01:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2 200 71f069409fa34058a472600a06b12dfa
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 294 KB
295 KB 918ms
311ms Image
image/gif 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/71f069409fa34058a472600a06b12dfa
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: db5b221211a87ced643383afeac89d1ef82bedf136c7652ced7d851d8fb2e7ca

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:01 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 2587594
nw-session-id: 202107150014270101960510295220D525-822fd832-e3ba-4f8a-8a46-408f9dd4db8c03tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT, edge;dur=4
x-length: 301020
x-tt-trace-host: 01c6214a75f2dfcae4319ae7d5e1f0d04d1f1ee86f263de3a0c1a7d63fd9b0b2722f1e6a7240afc9d7765e72152c383b5e1e059cc722e2ab79d60edc6c9111394c5a40fc2c56332239c3deb51776995a3b4a54f97be1aa1de08d6e3dee4b0c4cb40f976b6eeebb3a066bbbd5a432d4ca7d
content-length: 301020
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[4],CHN-HAzhengzhou-AREACUCC1-CACHE8[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE73[8],CHN-TJ-GLOBAL1-CACHE8[0,TCP_HIT,7]
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:14:27 GMT
server: openresty
x-tt-logid: 202107150014270101960510295220D525
x-response-date: Thu, 15 Jul 2021 00:14:27 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:14:27.060019274+08:00 51
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H3-29

200

VBf.png
go.imgdidi.xyz/2021/06/06/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/06/VBf.png
https://go.imgdidi.xyz/2021/06/06/VBf.png

33 KB
34 KB

20ms
20ms

Image
image/png

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/06/VBf.png

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c71d24380d0a49f48ab58507f93b1c0b9cac0235d7f1170368580e8f1951db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262559
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34257
last-modified: Sun, 06 Jun 2021 12:39:47 GMT
server: cloudflare
etag: "60bcc213-85d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6D8uA0ia9BpPgbZnVz3IfmNkNtw7NQT8k7WzJmRH4CK6NZh1bCfRHrs6G9RZ115ZgJsKB51c091OTLu5%2FiJqmHtuTS9ubFXYiOxBQ56t5vsVoY7BSfFhWLgYkjAfN%2ByT%2Bv3CkSt6uiUArBIJSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67e2d0f8deca434b-FRA
expires: Thu, 09 Sep 2021 14:05:01 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/06/VBf.png
Date: Fri, 13 Aug 2021 15:01:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2 200 6f6d320d39894a7286d90afb57758c74
p5.toutiaoimg.com/origin/pgc-image/ Frame B479 105 KB
106 KB 278ms
278ms Image
image/gif 211.137.95.103
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p5.toutiaoimg.com/origin/pgc-image/6f6d320d39894a7286d90afb57758c74
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.137.95.103 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: f3f7bf3269f97735f15e6ec9e80616320b2c9d02886ce471059c5790520d5497

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:14:17 GMT
x-response-lb: image
x-tt-trace-tag: id=5
age: 2587605
nw-session-id: 20210715001417010135150027521ED744-d43d24fa-70fc-4dd4-9cf7-936412b8b55f03tt
x-powered-by: ImageX
x-response-cinfo: 86.106.103.4
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=37
x-length: 107936
content-length: 107936
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:14:17.047595316+08:00 34
last-modified: Wed, 14 Jul 2021 16:14:17 GMT
server: nginx
x-tt-logid: 20210715001417010135150027521ED744
x-response-date: Thu, 15 Jul 2021 00:14:17 GMT
x-bdcdn-logid: f32138e65d472d8581fabd81d2febdf6
content-type: image/gif
via: cache02.cdcm04
x-request-ip: 86.106.103.4
cache-control: max-age=31536000
x-tt-trace-host: 01fee7be28756c006a5243d3f642af7807188a1134271256c7a50a4792c228a84624b331214476cae9d82918b242454bc6278a432f4c919c3239d9b8327e65fd897359ece76c2fc5d458ed0408045e9d0a960f88f3c723b963b0ec3a2545b291a3a6048a46ec045f1343f44f1bd731018d
x-response-cache: edge_hit
timing-allow-origin: *

GET
H2 200 c80044a465ce4a2cb1e4564315f1360a
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 28 KB
29 KB 1548ms
1250ms Image
image/jpeg 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/c80044a465ce4a2cb1e4564315f1360a
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: a3c91b5ed2bdfe21c26d749708e0cc37b5ae7898a4c83f75569fbe0ef17fac69

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:01 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 2071731
nw-session-id: 202107202331530101511032305127CC10-7373b684-773f-4118-9b99-1b9525dfada403tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT, edge;dur=7
x-length: 29133
x-tt-trace-host: 01de2322fcb804fbbaf465a7cee55e452562c44c9ea6133fbc81cea547fb5721e22be98010173eb1fa2782d25af02c48cd51b2b3f95e570d0edd3bf63d1959ccc5290afe42d79fe07c8597b9d35d25dee281efeb5e6ac27f12fb66cde560def7be53f97b6fecc4a9d798e3454c68eecebf
content-length: 29133
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[7],CHN-HAzhengzhou-AREACUCC1-CACHE58[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE28[2],CHN-TJ-GLOBAL1-CACHE58[0,TCP_HIT,1]
accept-ranges: bytes
last-modified: Tue, 20 Jul 2021 15:31:53 GMT
server: openresty
x-tt-logid: 202107202331530101511032305127CC10
x-response-date: Tue, 20 Jul 2021 23:31:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2021-07-20T23:31:53.743766859+08:00 16
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H2 200 ef92baa00e0645889f2e66081650da45
p9.toutiaoimg.com/origin/pgc-image/ Frame B479 31 KB
32 KB 3614ms
3614ms Image
image/png 4.34.42.103
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p9.toutiaoimg.com/origin/pgc-image/ef92baa00e0645889f2e66081650da45
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.34.42.103 Denver, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: b9e513c573f712515a178470ec306859a3b8964f193fa52c84bf4a06d4130039

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
x-response-lb: image
x-tt-trace-tag: id=00;cdn-cache=miss
nw-session-id: 2021071500085801019806502236222599-6023dd04-64d9-405c-8c14-72c2ed4bd86d01tt
x-powered-by: ImageX
x-cache: HIT from BC101_US-Colorado-Denver-1-cache-1(baishan)
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=0
x-length: 32209
x-tt-trace-host: 0122a99480124070136c4f143338db216beb7da18b27a354d24a7e322bb8a5e6df66c15d3df365c13f85e4cf91514ee20365e4e12214cd6d1e47efed35a1bf76d9965a5c10ed27a26ff8850534c69a6b1afcf177ff55665ec8c96ed208b671322f
content-length: 32209
last-modified: Wed, 14 Jul 2021 16:08:58 GMT
server: nginx
x-tt-logid: 2021071500085801019806502236222599
x-response-date: Thu, 15 Jul 2021 00:08:58 GMT
content-type: image/png
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:08:58.316586981+08:00 68
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
timing-allow-origin: *
x-ser: BC169_dx-lt-yd-jiangsu-zhenjiang-3-cache-13, BC113_US-Washington-seattle-1-cache-3, BC101_US-Colorado-Denver-1-cache-1

GET
H2 200 28ba0ec89d824635a36a9a330cd3050d
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 713 KB
714 KB 1231ms
950ms Image
image/gif 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/28ba0ec89d824635a36a9a330cd3050d
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: 36350bb85a1c7f1ed3f5e49c2f5467415cac81930099a6b39585ab7f6a9d2701

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:01 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 2587923
nw-session-id: 202107150008580101980650242C21FEF5-1f1c3c3b-c694-4914-9a52-488e9ac6a7cb01tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache;desc=HIT, edge;dur=7
x-length: 729912
x-tt-trace-host: 0122a99480124070136c4f143338db216b22c57417aa240c1b201140958ab1657320509c1c57485d705e8879dad4c40220488c83d5df561157cfba73c0fa265ede45aceabc7d83756ba9e0c7ce6ce001b74faf9ec63afc18e4e2b2baab6951df99c404d6deee45b2d0f63098a1afaeaa49
content-length: 729912
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[7],CHN-HAzhengzhou-AREACUCC1-CACHE12[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE43[113],CHN-TJ-GLOBAL1-CACHE12[110,TCP_MISS,111]
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:08:58 GMT
server: openresty
x-tt-logid: 202107150008580101980650242C21FEF5
x-response-date: Thu, 15 Jul 2021 00:08:58 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:08:58.214408595+08:00 91
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H2 200 5b025657aeed4690b6f7de84badbe2f4
p5.toutiaoimg.com/origin/pgc-image/ Frame B479 52 KB
53 KB 265ms
264ms Image
image/png 211.137.95.103
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p5.toutiaoimg.com/origin/pgc-image/5b025657aeed4690b6f7de84badbe2f4
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.137.95.103 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 7a77708159e24de7053d3dfb658bf8c716e36c70b015428132fe21e6b6c6b2b1

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:14:39 GMT
x-response-lb: image
x-tt-trace-tag: id=5
age: 2587881
nw-session-id: 202107150009400101510830851D27A812-ebeefb9c-9036-438e-97f1-9c86c3b526ef01tt
x-powered-by: ImageX
x-response-cinfo: 86.106.103.4
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=4
x-length: 53301
content-length: 53301
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:09:40.56863724+08:00 42
last-modified: Wed, 14 Jul 2021 16:09:40 GMT
server: nginx
x-tt-logid: 202107150009400101510830851D27A812
x-response-date: Thu, 15 Jul 2021 00:09:40 GMT
x-bdcdn-logid: 9edf5b05d73e7fc996f7e973f616255a
content-type: image/png
via: cache02.cdcm04
x-request-ip: 86.106.103.4
cache-control: max-age=31536000
x-tt-trace-host: 01c6214a75f2dfcae4319ae7d5e1f0d04d3ee730d988afeed4754aad640a6ac26f9a3d8f5eb9536f4040ec058b3affaf4a140ae4b10990cf1dbdb2a5ef42e9e4949b7bb7674cf36e66c7028a94de49963d1bb2825ef8826d03d76b8118cc50e61ed0c13faad0f590496861934e307ed7c7
x-response-cache: edge_hit
timing-allow-origin: *

GET
H2 200 a315a15fb6d2423c90a11169c6aac432
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 1 MB
1 MB 1250ms
1249ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/a315a15fb6d2423c90a11169c6aac432
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: daf0178045eb88cfc25591f42eefd265288902ee57518d53e4398744d2b2ae21

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:06:35 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 860065
nw-session-id: 2021080400063601015010108652258CAD-df7fb11f-bcf7-4164-beb9-f1b2b86a6d0f03tt
x-powered-by: ImageX
x-cache-status: MISS from KS-CLOUD-CS-MP-02-09, HIT from KS-CLOUD-LIS-CM-11-14, HIT from KS-CLOUD-NJ-CM-23-21
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=168
x-length: 1070691
x-tt-trace-host: 01d4042b8b79aa72fc1f416256da0286216d9728008943434d4a0a64d7137bea53432134a95b6de072e467737a0720856fa283c9eb0aec531e7c094766f1c2afdf85f8545f4a8a8909e8c4ccb6d1b509e884537cc1cefec04fa96bd054b649b9b139f57a1527ffaa82cb53ad65c9f54f95
content-length: 1070691
timing-allow-origin: *
accept-ranges: bytes
last-modified: Tue, 03 Aug 2021 16:06:36 GMT
server: nginx
x-tt-logid: 2021080400063601015010108652258CAD
x-response-date: Wed, 04 Aug 2021 00:06:36 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-08-04T00:06:36.445007219+08:00 90
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
imagex-fmt: gif2gif
x-response-cache: edge_hit
x-cdn-request-id: 830e3dd989570e8b16e8d366f672a783
expires: Wed, 03 Aug 2022 16:06:35 GMT

GET
H3-29

200

GuWj.gif
go.imgdidi.xyz/2021/06/28/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/28/GuWj.gif
https://go.imgdidi.xyz/2021/06/28/GuWj.gif

55 KB
55 KB

26ms
25ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/28/GuWj.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcaee4aba126ff63685fc1fee32d2debb77e7e1f63c1610b378da9656e0e26bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 372367
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 56089
last-modified: Mon, 28 Jun 2021 09:46:36 GMT
server: cloudflare
etag: "60d99a7c-db19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvz5opFfn9dfzNBUNeIe3%2FRG6YvdVyQTEbUpJDRsdMpZvGN4%2BbjdN5jT%2FzJPNPkyl0NET4WT2lgsqN%2FFd9YL%2FgJRaY4Ukgk%2BZkAEW9HThX44%2FWCOh1YrfKvIFyfIJ22L8Ol%2BlSzM6aRVcz4xtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fafd3c434b-FRA
expires: Wed, 08 Sep 2021 07:34:54 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/28/GuWj.gif
Date: Fri, 13 Aug 2021 15:01:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2 200 kbp3hzplcrw0605kbp3hzplcrw0112213.jpg
fmlb.netlbtu.com/upload/vod/2020/08-05/06/ Frame B479 10 KB
10 KB 337ms
311ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/08-05/06/kbp3hzplcrw0605kbp3hzplcrw0112213.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02145dd80a860160fa849cb90e8e7c96524a227fade5d3a80401d7e8631bcbf2

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Aug 2020 22:05:01 GMT
server: cloudflare
etag: "6967d4dab6ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
cf-polished: qual=85, origFmt=jpeg, origSize=11200
content-disposition: inline; filename="kbp3hzplcrw0605kbp3hzplcrw0112213.webp"
accept-ranges: bytes
cf-ray: 67e2d0fa2c020742-FRA
content-length: 10434
cf-bgj: imgq:85,h2pri

GET
H2 200 sjym4goqv2a0712sjym4goqv2a4618964.jpg
fmlb.netlbtu.com/upload/vod/2019/11-08/07/ Frame B479 10 KB
10 KB 20ms
19ms Image
image/jpeg 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-08/07/sjym4goqv2a0712sjym4goqv2a4618964.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97a7b487a4c39de4e36e26b617c72b32ca18f0154886f7d0e53b030d01333df2

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 23:12:46 GMT
server: cloudflare
age: 5702
etag: "b65e15dec095d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
cf-polished: origSize=10774, status=webp_bigger
accept-ranges: bytes
cf-ray: 67e2d0faad050742-FRA
content-length: 10168
cf-bgj: imgq:85,h2pri

GET
H2 200 au5cd0br5hw1206au5cd0br5hw0133680.jpg
fmlb.netlbtu.com/upload/vod/2020/05-01/12/ Frame B479 7 KB
8 KB 312ms
311ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/05-01/12/au5cd0br5hw1206au5cd0br5hw0133680.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79aac821b1f5af796748d64c2d61734376d4ae41bb43a0c951c41872095f8bed

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 01 May 2020 04:06:01 GMT
server: cloudflare
etag: "ff8292d36d1fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
cf-polished: qual=85, origFmt=jpeg, origSize=8407
content-disposition: inline; filename="au5cd0br5hw1206au5cd0br5hw0133680.webp"
accept-ranges: bytes
cf-ray: 67e2d0faad090742-FRA
content-length: 7662
cf-bgj: imgq:85,h2pri

GET
H2 200 ypnfy2gf5eq0454ypnfy2gf5eq1112762.jpg
fmlb.netlbtu.com/upload/vod/2019/11-08/04/ Frame B479 10 KB
10 KB 466ms
466ms Image
image/jpeg 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-08/04/ypnfy2gf5eq0454ypnfy2gf5eq1112762.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 330c43adfb5013cf4c3aaa76d205c49ab0368f77a4d701b8286531140944b420

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Nov 2019 20:54:11 GMT
server: cloudflare
etag: "7cb76c81ad95d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0faad0a0742-FRA
content-length: 9859

GET
H2 200 bny2dvrzxmh0845bny2dvrzxmh0321696.jpg
fmlb.netlbtu.com/upload/vod/2019/11-08/08/ Frame B479 7 KB
7 KB 315ms
315ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-08/08/bny2dvrzxmh0845bny2dvrzxmh0321696.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffe76172449dada552a926f70e224522fb3a543826d962049f9325f76096020a

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 08 Nov 2019 00:45:03 GMT
server: cloudflare
etag: "2104fc2cd95d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
cf-polished: qual=85, origFmt=jpeg, origSize=9292
content-disposition: inline; filename="bny2dvrzxmh0845bny2dvrzxmh0321696.webp"
accept-ranges: bytes
cf-ray: 67e2d0faad1b0742-FRA
content-length: 7174
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cc3262.jpg
fmlb.netlbtu.com/images/2021/7/2/ Frame B479 65 KB
65 KB 24ms
18ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fmlb.netlbtu.com/images/2021/7/2/cc3262.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6847f07c12d6a153debec01638c6d3007452ba73352f20d19b959ff0a4f155a3

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:01:01 GMT
CF-Cache-Status: HIT
Age: 5802
Cf-Polished: qual=85, origFmt=jpeg, origSize=124295
Content-Disposition: inline; filename="cc3262.webp"
Connection: keep-alive
Content-Length: 66134
Last-Modified: Thu, 01 Jul 2021 02:43:00 GMT
Server: cloudflare
ETag: "eaaca9ce226ed71:0"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 67e2d0fb2c5242cf-FRA
Cf-Bgj: imgq:85,h2pri

GET
H2 200 ca1ef8ca55da4549abc1f475b9aad623
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 23 KB
24 KB 1181ms
1179ms Image
image/gif 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/ca1ef8ca55da4549abc1f475b9aad623
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: bb527cec7aa68ab0ddbfc7f17904e229d67aae3749e981e92ffec392562d7461

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:01 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 2587881
nw-session-id: 20210715000940010131074174121D06E8-f4fa1f10-4907-4381-9c90-6641390881f302tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache;desc=HIT, edge;dur=4
x-length: 23779
x-tt-trace-host: 0122a99480124070136c4f143338db216b69b5f35a3b14123a448f9a9f45d38ac4cd965ecf91f0a7cad7780fc1fab8cfecf30f4372b8198c283c257651742530fd28c7cfaef164ab79caf90302b19ef3ea1f7327acc5b5150738fbd62cae54bb04f03701994be7f2a7a32a6cb22fd40a1d
content-length: 23779
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[4],CHN-HAzhengzhou-AREACUCC1-CACHE2[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE32[54],CHN-TJ-GLOBAL1-CACHE2[51,TCP_MISS,53]
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:09:40 GMT
server: openresty
x-tt-logid: 20210715000940010131074174121D06E8
x-response-date: Thu, 15 Jul 2021 00:09:40 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:09:40.380056092+08:00 19
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H2 200 l41yorbl0tr0602l41yorbl0tr1431908.jpg
fmlb.netlbtu.com/upload/vod/2020/05-01/06/ Frame B479 7 KB
7 KB 21ms
19ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/05-01/06/l41yorbl0tr0602l41yorbl0tr1431908.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b27156b5a991afccaafa154a985133a9e3fd2893f30435b969774170b01f39e7

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 7145
cf-polished: qual=85, origFmt=jpeg, origSize=8543
content-disposition: inline; filename="l41yorbl0tr0602l41yorbl0tr1431908.webp"
content-length: 7262
last-modified: Thu, 30 Apr 2020 22:02:14 GMT
server: cloudflare
etag: "1aaebe13b1fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fb2e2a0742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 aqxcxmvlbwc0003aqxcxmvlbwc2231356.jpg
fmlb.netlbtu.com/upload/vod/2020/05-01/00/ Frame B479 10 KB
10 KB 312ms
310ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/05-01/00/aqxcxmvlbwc0003aqxcxmvlbwc2231356.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47afcdc59638e8a64eff4e8601e252bee1651dcc406d3ddd29d6dee0de401bfa

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 30 Apr 2020 16:03:22 GMT
server: cloudflare
etag: "952ed7df81fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
cf-polished: qual=85, origFmt=jpeg, origSize=10852
content-disposition: inline; filename="aqxcxmvlbwc0003aqxcxmvlbwc2231356.webp"
accept-ranges: bytes
cf-ray: 67e2d0fb2e2c0742-FRA
content-length: 9998
cf-bgj: imgq:85,h2pri

GET
H2 200 n0uplx50geb1605n0uplx50geb44585.jpg
fmlb.netlbtu.com/upload/vod/2019/11-12/16/ Frame B479 7 KB
7 KB 17ms
15ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-12/16/n0uplx50geb1605n0uplx50geb44585.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d0af56b35cfe4e74d284fced77c0f8dced5224b29e20611c1d00a158c72e8b

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 3281
cf-polished: qual=85, origFmt=jpeg, origSize=8071
content-disposition: inline; filename="n0uplx50geb1605n0uplx50geb44585.webp"
content-length: 7206
last-modified: Tue, 12 Nov 2019 08:05:44 GMT
server: cloudflare
etag: "5462b4fb2f99d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fb2e2d0742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 lgkz0c50fw11802lgkz0c50fw11229946.jpg
fmlb.netlbtu.com/upload/vod/2020/04-30/18/ Frame B479 10 KB
11 KB 475ms
473ms Image
image/jpeg 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/04-30/18/lgkz0c50fw11802lgkz0c50fw11229946.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fef58ca8fb71456a8f1ccf0069548c13576e3815d0eeaf11119f553709aabf5

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: MISS
last-modified: Thu, 30 Apr 2020 10:02:12 GMT
server: cloudflare
etag: "e2e7706bd61ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fb2e2e0742-FRA
content-length: 10687

GET
H2 200 h2i4enk0rvw1815h2i4enk0rvw058752.jpg
fmlb.netlbtu.com/upload/vod/2020/08-04/18/ Frame B479 10 KB
10 KB 306ms
304ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/08-04/18/h2i4enk0rvw1815h2i4enk0rvw058752.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 136d9ecd346dba673743a279a674bdf1bca68d52cba099b47eeaac178d719a2f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Aug 2020 10:15:05 GMT
server: cloudflare
etag: "15cf911f486ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
cf-polished: qual=85, origFmt=jpeg, origSize=10381
content-disposition: inline; filename="h2i4enk0rvw1815h2i4enk0rvw058752.webp"
accept-ranges: bytes
cf-ray: 67e2d0fb2e300742-FRA
content-length: 10218
cf-bgj: imgq:85,h2pri

GET
H2 200 lukrwpgmh2h0607lukrwpgmh2h16887.jpg
fmlb.netlbtu.com/upload/vod/2021/05-19/06/ Frame B479 6 KB
6 KB 26ms
24ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2021/05-19/06/lukrwpgmh2h0607lukrwpgmh2h16887.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af0945bda34a9142310bd00b1ce69674d6732f75a5ec3fc7c6d5cdf391a86fc

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 50
cf-polished: qual=85, origFmt=jpeg, origSize=8195
content-disposition: inline; filename="lukrwpgmh2h0607lukrwpgmh2h16887.webp"
content-length: 5942
last-modified: Tue, 18 May 2021 22:07:16 GMT
server: cloudflare
etag: "d631a329324cd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fb2e320742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 b3f894f2dd974b5eaf65037fbb737bb7
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 21 KB
22 KB 900ms
899ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/b3f894f2dd974b5eaf65037fbb737bb7
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 9465c33dba0c4a8f1f8e2f22db7f1c3060182c41654f96672794a99f89c119e3

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:15:51 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 859509
nw-session-id: 202108040015510101510850402425DA4D-9cb9ce28-c147-4aee-a6c4-c23240264db101tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-SJZ-MP-01-05, HIT from KS-CLOUD-WZ-CM-11-03, HIT from KS-CLOUD-NJ-CM-23-08
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=20
x-length: 21558
x-tt-trace-host: 01715b14ed1d9ca7cc17f0a7ebc77aef12f827751fb6c8cc30fd12c5e4a54615a3bfbf423ad2d02c347255894970ff1a5ebec5dced9787f53d214528ba574f940399a6e6a35c819c6d22d860f8e0c3c6b7366c58c9177a588ccc97a631d800980882b527be13720a02e780f302af9074a001b773eaabb8651ee4fe9825ce1cf5ca
content-length: 21558
timing-allow-origin: *
accept-ranges: bytes
last-modified: Tue, 03 Aug 2021 16:15:51 GMT
server: nginx
x-tt-logid: 202108040015510101510850402425DA4D
x-response-date: Wed, 04 Aug 2021 00:15:51 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-08-04T00:15:51.895138174+08:00 13
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
imagex-fmt: gif2gif
x-response-cache: edge_hit
x-cdn-request-id: 788711ead001ebeb5d2a78ea2e079180
expires: Wed, 03 Aug 2022 16:15:51 GMT

GET
H2 200 gvyd4eup1ol0605gvyd4eup1ol0512221.jpg
fmlb.netlbtu.com/upload/vod/2020/08-05/06/ Frame B479 8 KB
8 KB 322ms
321ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/08-05/06/gvyd4eup1ol0605gvyd4eup1ol0512221.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce79f65ae52a71d397e353695253cab20c154ab80cb79f828bd0fa006b3aa4f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Aug 2020 22:05:05 GMT
server: cloudflare
etag: "0712d4fab6ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
cf-polished: qual=85, origFmt=jpeg, origSize=9006
content-disposition: inline; filename="gvyd4eup1ol0605gvyd4eup1ol0512221.webp"
accept-ranges: bytes
cf-ray: 67e2d0fb2e340742-FRA
content-length: 8418
cf-bgj: imgq:85,h2pri

GET
H2 200 jtpbf3usklb2215jtpbf3usklb484633.jpg
fmlb.netlbtu.com/upload/vod/2019/11-13/22/ Frame B479 10 KB
10 KB 313ms
311ms Image
image/jpeg 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-13/22/jtpbf3usklb2215jtpbf3usklb484633.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8abb48ab9425c3a23787358acd90788a66091d962b4fc5f9776578f603f50fc

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Nov 2019 14:15:48 GMT
server: cloudflare
etag: "bc4cead82c9ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
cf-polished: origSize=10925, status=webp_bigger
accept-ranges: bytes
cf-ray: 67e2d0fb2e350742-FRA
content-length: 10368
cf-bgj: imgq:85,h2pri

GET
H2 200 q0q2q103tf11814q0q2q103tf1318516.jpg
fmlb.netlbtu.com/upload/vod/2020/08-04/18/ Frame B479 8 KB
8 KB 307ms
305ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/08-04/18/q0q2q103tf11814q0q2q103tf1318516.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e19f30f1f5c24ffc6e2242e21bf68810d7ebe03adf10b9d87f67e3faad863793

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 04 Aug 2020 10:14:31 GMT
server: cloudflare
etag: "adc841b486ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
cf-polished: qual=85, origFmt=jpeg, origSize=8832
content-disposition: inline; filename="q0q2q103tf11814q0q2q103tf1318516.webp"
accept-ranges: bytes
cf-ray: 67e2d0fb2e360742-FRA
content-length: 7902
cf-bgj: imgq:85,h2pri

GET
H2 200 fsxkl0y5ufs0354fsxkl0y5ufs057733.jpg
fmlb.netlbtu.com/upload/vod/2019/11-08/03/ Frame B479 13 KB
13 KB 476ms
475ms Image
image/jpeg 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-08/03/fsxkl0y5ufs0354fsxkl0y5ufs057733.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65714b34744212952acd94c0643fe14e5d4f2da390a19cac3ac7bd944b9bd4f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Nov 2019 19:54:05 GMT
server: cloudflare
etag: "3f2f371ca595d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fb2e370742-FRA
content-length: 13440

GET
H/1.1 200
OK cc8108.jpg
fmlb.netlbtu.com/images/2021/8/10/ Frame B479 81 KB
81 KB 19ms
18ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fmlb.netlbtu.com/images/2021/8/10/cc8108.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b91ef8beba543454b115ea4a46a1d297bb74144f9aa2abf2e2e6fac21e1d8b8

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:01:01 GMT
CF-Cache-Status: HIT
Age: 6758
Cf-Polished: qual=85, origFmt=jpeg, origSize=117250
Content-Disposition: inline; filename="cc8108.webp"
Connection: keep-alive
Content-Length: 82710
Last-Modified: Mon, 09 Aug 2021 03:38:44 GMT
Server: cloudflare
ETag: "3c135ed08cd71:0"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 67e2d0fb5d2242cf-FRA
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK 1.jpg
fmlb.netlbtu.com/20210730/kiIXmBl0/ Frame B479 8 KB
9 KB 19ms
19ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fmlb.netlbtu.com/20210730/kiIXmBl0/1.jpg
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 037fadfa69ccdcef8e73d1dc11a53ee9c143cf42a12171bd85546a51568b877b

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:01:01 GMT
CF-Cache-Status: HIT
Age: 705
Cf-Polished: qual=85, origFmt=jpeg, origSize=9734
Content-Disposition: inline; filename="1.webp"
Connection: keep-alive
Content-Length: 8350
Last-Modified: Sat, 31 Jul 2021 00:53:43 GMT
Server: cloudflare
ETag: "86b583a685d71:0"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 67e2d0fb7db142cf-FRA
Cf-Bgj: imgq:85,h2pri

GET
H2 200 6flcW.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 445 KB
446 KB 33ms
18ms Image
image/gif 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/6flcW.gif
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d8a577e499f7f040e4777de6318f44acab2c63ea9ef5838c0d0b82daea42132

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 17:08:18 GMT
server: cloudflare
age: 1408
etag: "2452e3a2a3ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 67e2d0fbbf640742-FRA
content-length: 455908
cf-bgj: imgq:85,h2pri

GET
H2 200 081616-232-2.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 1 MB
1 MB 309ms
309ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/081616-232-2.gif
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31bd4e7a719f0265a7489bfa1f036de150fa05db7c9b4d6a6a5b58169f2abe5c

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 21 Nov 2019 09:37:12 GMT
server: cloudflare
etag: "1f47a5404fa0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
cf-polished: origFmt=gif, origSize=1931106
content-disposition: inline; filename="081616-232-2.webp"
accept-ranges: bytes
cf-ray: 67e2d0fbefe80742-FRA
content-length: 1321472
cf-bgj: imgq:85,h2pri

GET
H2 200 14553099.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 620 KB
621 KB 21ms
21ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/14553099.gif
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 811f6deabb9be47e719d2677427539b9b5eb3bbf6e18528b14781d536138093f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 4839
cf-polished: origFmt=gif, origSize=811241
content-disposition: inline; filename="14553099.webp"
content-length: 634664
last-modified: Thu, 21 Nov 2019 09:41:13 GMT
server: cloudflare
etag: "39ff2bd04fa0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fc18960742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1810572.jpg.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 2 MB
2 MB 732ms
731ms Image
image/gif 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/1810572.jpg.gif
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647003c50427e348bff7e1d228709847a3df3533831804471b0d08d78aecae9c

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Nov 2019 23:55:13 GMT
server: cloudflare
etag: "2916519e6b9ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fc49160742-FRA
content-length: 2063905

GET
H2 200 tumblr_naelsbQyU81sf1opfo1_400.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 517 KB
517 KB 316ms
316ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/tumblr_naelsbQyU81sf1opfo1_400.gif
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adce0881229ec3424a979cbff4316c20f1c49b734cee844d102eb2eee8f916e8

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 21 Nov 2019 09:04:52 GMT
server: cloudflare
etag: "c14262bc4aa0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
cf-polished: origFmt=gif, origSize=620674
content-disposition: inline; filename="tumblr_naelsbQyU81sf1opfo1_400.webp"
accept-ranges: bytes
cf-ray: 67e2d0fded090742-FRA
content-length: 528958
cf-bgj: imgq:85,h2pri

GET
H2 200 tumblr_mexjwcUizm1s04gyzo1_500.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 857 KB
858 KB 339ms
338ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/tumblr_mexjwcUizm1s04gyzo1_500.gif
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 958864c416f93861b8500b6dc36a574494a8cf6644d0b63601dfc2762bb7801d

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 21 Nov 2019 09:18:19 GMT
server: cloudflare
etag: "4fba8e9d4ca0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
cf-polished: origFmt=gif, origSize=983947
content-disposition: inline; filename="tumblr_mexjwcUizm1s04gyzo1_500.webp"
accept-ranges: bytes
cf-ray: 67e2d0ffe9d30742-FRA
content-length: 877218
cf-bgj: imgq:85,h2pri

GET
H2 200 glcfvn.gif
mei.netlbtu.com/upload/art/gif/20200726/ Frame B479 5 MB
5 MB 328ms
328ms Image
image/gif 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/20200726/glcfvn.gif
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad618ef928d0bd57f5baf8f725e0e995987c8d4f50298e50838e4e5ea2cfe4f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 26 Jul 2020 01:08:09 GMT
server: cloudflare
etag: "99d2fe39e962d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
cf-polished: origSize=5483626, status=input_too_large
accept-ranges: bytes
cf-ray: 67e2d1009b6d0742-FRA
content-length: 5477547
cf-bgj: imgq:85,h2pri

GET
H2 200 sdmm-057.gif
mei.netlbtu.com/upload/art/gif/20200726/ Frame B479 2 MB
2 MB 309ms
309ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/20200726/sdmm-057.gif
Requested by: Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923c834dff077f279fded26a97b1dc179332a9cadba612b102359e0d765565ce

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 26 Jul 2020 01:00:15 GMT
server: cloudflare
etag: "1e5a751fe862d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
cf-polished: origFmt=gif, origSize=3081740
content-disposition: inline; filename="sdmm-057.webp"
accept-ranges: bytes
cf-ray: 67e2d100ab910742-FRA
content-length: 2103086
cf-bgj: imgq:85,h2pri

GET
H2 200 a7f950580bd042cd98cfd19ed42a04d9
p3.toutiaoimg.com/origin/pgc-image/ Frame B479 1 MB
1 MB 59ms
59ms Image
image/gif 47.246.43.228
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.toutiaoimg.com/origin/pgc-image/a7f950580bd042cd98cfd19ed42a04d9
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.228 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: e98f25b5a593bb1eb9a12cfadcd1cf2103c8bb7058ca7de552ca95d9e8516fa1

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:09:40 GMT
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 2587879
nw-session-id: 202107150009390101980650241A224C77-6734f8de-7dff-40f4-a7ba-b9496df313a303tt
x-powered-by: ImageX
x-cache: HIT TCP_MEM_HIT dirn:0:133914819
x-bdcdn-cache-status: TCP_MISS
x-swift-cachetime: 31531997
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-length: 1261865
x-tt-trace-host: 0122a99480124070136c4f143338db216b84b45d349d8d81a79f3d661c00171dc7a7fe3670e8684b468f7b11b09e1b28949e0855e324c2addf9621928244748f3f45041eb9d69c0d84edc6ca8d83521f1f2d525bdec00e3cd47b20d292f915dc98
content-length: 1261865
via: cache10.l2ot7[0,0,200-0,H], cache28.l2ot7[1,0], cache28.l2ot7[2,0], cache1.de2[0,0,200-0,H], cache1.de2[1,0]
last-modified: Wed, 14 Jul 2021 16:09:40 GMT
server: Tengine
x-tt-logid: 202107150009390101980650241A224C77
x-response-date: Thu, 15 Jul 2021 00:09:40 GMT
ali-swift-global-savetime: 1626278980
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:09:40.043459388+08:00 45
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
timing-allow-origin: *, *
eagleid: 2ff62b9516288668590374711e
x-swift-savetime: Wed, 14 Jul 2021 17:16:23 GMT

GET
H2 200 e8308832e68e41ddb9aa2cc83a65dd87
p9.toutiaoimg.com/origin/pgc-image/ Frame B479 123 KB
124 KB 362ms
361ms Image
image/gif 4.34.42.103
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p9.toutiaoimg.com/origin/pgc-image/e8308832e68e41ddb9aa2cc83a65dd87
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.34.42.103 Denver, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 24e704ad1baa400d9b1d98285bcfd280d4f0617adf67de7e168155107266213a

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:00:59 GMT
x-response-lb: image
x-tt-trace-tag: id=00;cdn-cache=miss
nw-session-id: 20210804001524010150101086002565C3-ed034053-ffe5-4b95-a50b-2e984e80204301tt
x-powered-by: ImageX
x-cache: HIT from BC101_US-Colorado-Denver-1-cache-1(baishan)
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=4
x-length: 125579
x-tt-trace-host: 01e1b2ec6c0c691a9b6296d759f19711a7e6c68c37396e3505592bc857c3d0caa03bf7e057f6ef6dc84af98ede801194aac54b9907093975d0e0c2576a8f024b460d6634cbb9cd6fc94072c7ca4c0609e4dfa7567b40a8d11e7b87426803b04168
content-length: 125579
last-modified: Tue, 03 Aug 2021 16:15:24 GMT
server: nginx
x-tt-logid: 20210804001524010150101086002565C3
x-response-date: Wed, 04 Aug 2021 00:15:24 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-08-04T00:15:24.310901574+08:00 20
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *
x-ser: BC154_dx-lt-yd-jiangsu-huaian-8-cache-8, BC154_dx-lt-yd-jiangsu-huaian-8-cache-8, BC41_US-Michigan-chieago-1-cache-2, BC101_US-Colorado-Denver-1-cache-1

GET
H2 200 UrlChangeTracker.js Show response
hmcdn.baidu.com/static/tongji/plugins/ Frame B479 19 KB
8 KB 345ms
342ms Script
application/javascript 14.152.86.48
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
Requested by: Host: hm.baidu.com
URL: https://hm.baidu.com/hm.js?91b0572403cfc247c9f4e6baa4fb8e2a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 14.152.86.48 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 219ca04c2c4216075197593145192ce36933a316cdc66ddec79dd2d1335a4d76

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 13 Aug 2021 15:01:02 GMT
ohc-cache-hit: dg2ct69 [4], fzctcache69 [4]
ohc-response-time: 1 0 0 0 0 1
last-modified: Tue, 20 Oct 2020 09:42:15 GMT
server: JSP3/2.0.14
age: 458741
etag: W/"5f8eb0f7-4b3c"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-encoding: gzip

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame B479 43 B
299 B 442ms
441ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1615226144&si=91b0572403cfc247c9f4e6baa4fb8e2a&v=1.2.82&lv=1&sn=59970&r=0&ww=1600&ct=!!&u=http%3A%2F%2F66j807.com%3A16678%2F%3Ftt%3D1628866847874%23%2F&tt=66j8%E5%BD%B1%E8%A7%86

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Aug 2021 15:01:02 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H3-29

200

GxFp.gif
go.imgdidi.xyz/2021/06/28/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/28/GxFp.gif
https://go.imgdidi.xyz/2021/06/28/GxFp.gif

150 KB
151 KB

21ms
21ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/28/GxFp.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98206fd32ca94363fbedaf0416eb6e4d6b03b182ae763708dfd6756175b6d106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262566
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 153645
last-modified: Mon, 28 Jun 2021 09:47:22 GMT
server: cloudflare
etag: "60d99aaa-2582d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb%2BnDTCvfo7gSNIk2nLu46DF4l7bhANwbcK%2F5d00TFFMccdgnSuPbFk1Kl8RGfpK7VUjGH2Qe%2FlAk4FrEBAqz2YlrPH6i9dtD%2Fc76ABYg0cA8gqGrNfmI6lXm2Hf6PbelKrlCCKJeMGxuR9NaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fb2ddf434b-FRA
expires: Thu, 09 Sep 2021 14:04:55 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/28/GxFp.gif
Date: Fri, 13 Aug 2021 15:01:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H3-29

200

kJc.gif
go.imgdidi.xyz/2021/06/07/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/07/kJc.gif
https://go.imgdidi.xyz/2021/06/07/kJc.gif

488 KB
489 KB

16ms
16ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/07/kJc.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

316c5b1308bc0cc319b29d6395403b20d5e58ebd08f0d36fde81865c06d77001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262564
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 499724
last-modified: Mon, 07 Jun 2021 05:23:31 GMT
server: cloudflare
etag: "60bdad53-7a00c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgvB40v7VKrU0%2FqDPkZuz4gMVo%2BY8FpCASosJ27o%2BDZAn5cJxevWGgW7kka36EruNR2NqNiirMzS4iOVU1anUcJKW9yNnjiqd8NTTEmWOwqNb7qrmO7F12jy89YfANBXsZExfDGHQ2zEHv4KTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0f89e12434b-FRA
expires: Thu, 09 Sep 2021 14:04:56 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/07/kJc.gif
Date: Fri, 13 Aug 2021 15:01:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2 200 4d4f48e85b254402b13c4b388a0abbff
p3.toutiaoimg.com/origin/pgc-image/ Frame B479 19 KB
19 KB 59ms
59ms Image
image/jpeg 47.246.43.228
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.toutiaoimg.com/origin/pgc-image/4d4f48e85b254402b13c4b388a0abbff
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.228 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 4ba3b1f7f95575c09f9243190d8e6d782d4e269435075d18d5f13e93750ce18d

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 18:01:07 GMT
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 2581193
nw-session-id: 202107150022430101351500375A1E42B8-6cffd152-7561-4f4e-893b-5aaf11ceb08b03tt
x-powered-by: ImageX
x-cache: HIT TCP_MEM_HIT dirn:0:7237713
x-bdcdn-cache-status: TCP_HIT
x-swift-cachetime: 29785372
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-length: 19495
x-tt-trace-host: 015fa46176102a63b701676c8288d130e2766f71601a49cf6a063bffb3f9157f57b571075036f3551a30fb16341354a4b90c8e29eb4cfe8cccc9b18610dc593d8a7d13bc16582f4912674af4e40b76168da6a3e3b05b5f602623d03329764c4917
content-length: 19495
via: cache7.l2de2[0,0,200-0,H], cache4.l2de2[1,0], cache4.l2de2[1,0], cache4.de2[0,0,200-0,H], cache1.de2[1,0]
last-modified: Wed, 14 Jul 2021 16:22:43 GMT
server: Tengine
x-tt-logid: 202107150022430101351500375A1E42B8
x-response-date: Thu, 15 Jul 2021 00:22:43 GMT
ali-swift-global-savetime: 1626285667
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:22:43.823207251+08:00 14
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
timing-allow-origin: *, *
eagleid: 2ff62b9516288668603498306e
x-swift-savetime: Wed, 04 Aug 2021 00:18:15 GMT

GET
H2 200 08dc123ffc0c4ee1b0d5559f3afbf625
p5.toutiaoimg.com/origin/pgc-image/ Frame B479 49 KB
50 KB 265ms
265ms Image
image/png 211.137.95.103
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p5.toutiaoimg.com/origin/pgc-image/08dc123ffc0c4ee1b0d5559f3afbf625
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.137.95.103 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 33e37c34b13c74f5643fdcbfd36c72a20b21cbe26519a615b526cf1f00b5bbac

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:14:17 GMT
x-response-lb: image
x-tt-trace-tag: id=5
age: 2587603
nw-session-id: 2021071500141701019806507244205045-b11499a4-6551-4a4d-9ce1-a62b3bb731f201tt
x-powered-by: ImageX
x-response-cinfo: 86.106.103.4
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=4
x-length: 50023
content-length: 50023
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:14:17.095854737+08:00 29
last-modified: Wed, 14 Jul 2021 16:14:17 GMT
server: nginx
x-tt-logid: 2021071500141701019806507244205045
x-response-date: Thu, 15 Jul 2021 00:14:17 GMT
x-bdcdn-logid: 94b9653292098e94b7898884b5d14d06
content-type: image/png
via: cache02.cdcm04
x-request-ip: 86.106.103.4
cache-control: max-age=31536000
x-tt-trace-host: 01fee7be28756c006a5243d3f642af7807bab649e39acb2b7cf699f3bfa2f5b5f61fe4a201ba6392a771a2fd488830567b2b329be8ce6bc0ac7b41f233cc9b398454a7014a30308ed558b98b447bf4d7bc3f8db2156b29710fe4abbb14dd54c43a8ae0468bc4649a123e29f1b04b374019
x-response-cache: edge_hit
timing-allow-origin: *

GET
H2 200 ff41370bf441464cbee74a07a1452b75
p5.toutiaoimg.com/origin/pgc-image/ Frame B479 410 KB
411 KB 265ms
265ms Image
image/gif 211.137.95.103
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p5.toutiaoimg.com/origin/pgc-image/ff41370bf441464cbee74a07a1452b75
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.137.95.103 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 0b1592c4f54f440f3c10e02eb96037ae5a2987461f80b217cc963ce209305111

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:09:41 GMT
x-response-lb: image
x-tt-trace-tag: id=5
age: 2587879
nw-session-id: 202107150009410101510922274E25CF58-23836469-dc1f-4d5e-837c-d884c06d9d6c02tt
x-powered-by: ImageX
x-response-cinfo: 86.106.103.4
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=0
x-length: 419512
content-length: 419512
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:09:41.874175133+08:00 61
last-modified: Wed, 14 Jul 2021 16:09:41 GMT
server: nginx
x-tt-logid: 202107150009410101510922274E25CF58
x-response-date: Thu, 15 Jul 2021 00:09:41 GMT
x-bdcdn-logid: daa1dd58d64db0f6a612af12902cd543
content-type: image/gif
via: cache02.cdcm04
x-request-ip: 86.106.103.4
cache-control: max-age=31536000
x-tt-trace-host: 0122a99480124070136c4f143338db216ba85e63a43604d20469421aa9ea9406817c67456e127b183d775c1bcc432578c6ad69ef0234fe535740b71444881e762069f193a38b3865a10c147c64f2afeca4d6d452afa6f37df208efd9137343e34c7139208ec5593033542c71d9e200f9d8
x-response-cache: edge_hit
timing-allow-origin: *

GET
H3-29

200

GceH.gif
go.imgdidi.xyz/2021/06/28/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/28/GceH.gif
https://go.imgdidi.xyz/2021/06/28/GceH.gif

114 KB
115 KB

14ms
13ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/28/GceH.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

211bf2d5f6326603f61ee374c9950d30f623d0977aeba8763652367776c0b437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262564
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 116990
last-modified: Mon, 28 Jun 2021 09:48:38 GMT
server: cloudflare
etag: "60d99af6-1c8fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGDm%2FIcwIOiwrQA%2BBftno%2FXXsNc%2BTmTtdTgQYqM34wyehPm2Q9%2BvAtDsFRP99kMCdcjP0M40xh1ESE0YJi8ydVH9YDpkHrl3XJ12R5DXxrvhKgoeFH6hh%2FGymVaujrxYgdh%2FL37XTFChJ1rDAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d1040cc8434b-FRA
expires: Thu, 09 Sep 2021 14:04:58 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/28/GceH.gif
Date: Fri, 13 Aug 2021 15:01:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2

200

G0zh.gif
go.imgdidi.xyz/2021/06/28/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/28/G0zh.gif
https://go.imgdidi.xyz/2021/06/28/G0zh.gif

111 KB
111 KB

16ms
14ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/28/G0zh.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2063e84e19642d186b9322d46c8d86a4557050aabdbba94c574fde7d65ff1125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262565
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 113263
last-modified: Mon, 28 Jun 2021 09:48:09 GMT
server: cloudflare
etag: "60d99ad9-1ba6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXzfZB2HwfTe9O4iVbnSP0KRUs4VgHPNJBX9Ds%2F1u0Cqps5VlhoD4n%2B5eMSBr%2BEZzSYnrauCqFouJbYs8AdXq%2FNYNXi8skgnKU99Jfzes9%2BG5vyh624Gk8he877iR3xr8Pm9T%2BL2l0x4O9PflQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d1054d97dfcf-FRA
expires: Thu, 09 Sep 2021 14:04:57 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/28/G0zh.gif
Date: Fri, 13 Aug 2021 15:01:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H3-29

200

7gq.gif
xs.imgpipi.xyz/2021/06/06/ Frame B479
Redirect Chain

http://xs.imgpipi.xyz/2021/06/06/7gq.gif
https://xs.imgpipi.xyz/2021/06/06/7gq.gif

582 KB
583 KB

81ms
70ms

Image
image/gif

2606:4700:3034::ac43:c0fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xs.imgpipi.xyz/2021/06/06/7gq.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:c0fe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e63897e0d38447d330299baf3446102a6f69e1e543401146114400d854050fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 521110
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 595964
last-modified: Sun, 06 Jun 2021 10:46:19 GMT
server: cloudflare
etag: "60bca77b-917fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qz%2Fi4GSxscXwv48lH1Jh5fFw3IEyJo3rhRqXyMJByk9PniBUMaaPUjw4U1Ss1B9DDx3m94AgUFptHdpBEijhspdMvUH7Vxpz7imF1RnSorz6To1HmQ3GpIxovcc3uSdYnRf8tXeMWijndSb4hg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d1031b142b41-FRA
expires: Mon, 06 Sep 2021 14:15:52 GMT

Redirect headers

Location: https://xs.imgpipi.xyz/2021/06/06/7gq.gif
Non-Authoritative-Reason: HSTS

GET
H2

200

GdcM.gif
go.imgdidi.xyz/2021/06/29/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/29/GdcM.gif
https://go.imgdidi.xyz/2021/06/29/GdcM.gif

192 KB
193 KB

21ms
20ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/29/GdcM.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

625efaaa7b4d875cf8cf3b555b0646b76e0e0e1ab179e1a60aab5e989e862d76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262564
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 196808
last-modified: Tue, 29 Jun 2021 09:19:28 GMT
server: cloudflare
etag: "60dae5a0-300c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2Bpl6csbGpGnaCKrAik5rsyDLnUQKm4KNf%2BZTlFc8PgQR0hhtAjTe7%2FyVTvJDjdLumq%2BOrOcYEa0GkckPfTO1eTagAYyionxMuQfd5XTQDXjmcmAJK7rvoZO8WOBGJmlw2gQ6%2FsI0JUkYN8Z9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d1054d98dfcf-FRA
expires: Thu, 09 Sep 2021 14:04:58 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/29/GdcM.gif
Date: Fri, 13 Aug 2021 15:01:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H3-29

200

GgRu.gif
go.imgdidi.xyz/2021/06/29/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/29/GgRu.gif
https://go.imgdidi.xyz/2021/06/29/GgRu.gif

265 KB
265 KB

40ms
40ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/29/GgRu.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae0f62590201afe0d30fc3646b5e2a220f7d0dace46b44079a97fdd4e434891b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262564
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 271176
last-modified: Tue, 29 Jun 2021 09:19:54 GMT
server: cloudflare
etag: "60dae5ba-42348"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0R6NBEyTt9SyW6tCiZAyBD5rQ%2BDDoevkz0kAQm0PHhvR0VsnH9lLP3TpgQCBePtqj%2BHTYqlB8wnCe%2Ff7OlfTbDiMD3bfmJiAUDJPI%2BsQk81Q4xZis1NPcPHhKx%2FFWP4ih3dbAi1n95vkcF2ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d105b9a3434b-FRA
expires: Thu, 09 Sep 2021 14:04:58 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/29/GgRu.gif
Date: Fri, 13 Aug 2021 15:01:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2 200 5174f3ada70d4d8ca7d7324d44d0ccaa
p3.toutiaoimg.com/origin/pgc-image/ Frame B479 383 KB
383 KB 59ms
59ms Image
image/gif 47.246.43.228
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.toutiaoimg.com/origin/pgc-image/5174f3ada70d4d8ca7d7324d44d0ccaa
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.228 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 055ca0e89e99137c70f52f4a882f991292a972e92fbf2ba5d92462cc89f8008f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Jul 2021 13:15:57 GMT
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 1820703
nw-session-id: 202107232115080101980621715F1DF069-eedb6e1c-0048-4306-8688-ab43fcc5d39202tt
x-powered-by: ImageX
x-cache: HIT TCP_MEM_HIT dirn:10:275865777
x-bdcdn-cache-status: TCP_HIT
x-swift-cachetime: 31535166
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-length: 391953
x-tt-trace-host: 0149c4e79e37a353e574b1866ba4441c0491fce05185ce578705430e07dd1344ef722771fe63e8a9385a6977b136537f5dca384b60844589b5137f90fd28c475bd2810b08a56ea75201969281369d6fcca31a5cfefe459eea30fecb54a8a42bd97
content-length: 391953
via: cache38.l2ot7[0,0,200-0,H], cache53.l2ot7[0,0], cache53.l2ot7[1,0], cache11.de2[0,0,200-0,H], cache1.de2[1,0]
last-modified: Fri, 23 Jul 2021 13:15:08 GMT
server: Tengine
x-tt-logid: 202107232115080101980621715F1DF069
x-response-date: Fri, 23 Jul 2021 21:15:08 GMT
ali-swift-global-savetime: 1627046157
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-23T21:15:08.30115542+08:00 103
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
timing-allow-origin: *, *
eagleid: 2ff62b9516288668607171435e
x-swift-savetime: Fri, 23 Jul 2021 13:29:51 GMT

GET
H2 200 290299ed48d84c7b99d8fbd8a96a254c
p3.toutiaoimg.com/origin/pgc-image/ Frame B479 182 KB
182 KB 58ms
58ms Image
image/gif 47.246.43.228
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.toutiaoimg.com/origin/pgc-image/290299ed48d84c7b99d8fbd8a96a254c
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.246.43.228 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: b349c187657aac001daafe636bf8c97f2c81c13f526886cb3fc9bafc0b8cb6df

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:15:13 GMT
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 859547
nw-session-id: 20210804001309010194098219022073DE-c7e70150-e525-4637-8cba-6be90747a36403tt
x-powered-by: ImageX
x-cache: HIT TCP_MEM_HIT dirn:10:93270763
x-bdcdn-cache-status: TCP_HIT
x-swift-cachetime: 31526858
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-length: 186342
x-tt-trace-host: 017fdbcca7fd16da951b363231b52079a44213d24536a7e881717125843a8ce60571e7354d3c1299981b309200c4774a70a3207a50b2ea80936cddb0c4d3505c6fe44bdea0481b8dc4ef7c59fda00ed00250e224c7253934baac8a80f751f42706
content-length: 186342
via: cache6.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.l2de2[1,0], cache7.de2[0,0,200-0,H], cache1.de2[1,0]
last-modified: Tue, 03 Aug 2021 16:13:09 GMT
server: Tengine
x-tt-logid: 20210804001309010194098219022073DE
x-response-date: Wed, 04 Aug 2021 00:13:09 GMT
ali-swift-global-savetime: 1628007313
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-08-04T00:13:09.509348411+08:00 29
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
eagleid: 2ff62b9516288668607261454e
x-swift-savetime: Tue, 03 Aug 2021 18:47:35 GMT

GET
H3-29

200

aAI.gif
go.imgdidi.xyz/2021/06/06/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/06/aAI.gif
https://go.imgdidi.xyz/2021/06/06/aAI.gif

12 KB
12 KB

20ms
19ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/06/aAI.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1aefacddc6a696855eebc3754f39280b93f27d6fe52ea95102d24938e9c0850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262563
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 11956
last-modified: Sun, 06 Jun 2021 12:40:12 GMT
server: cloudflare
etag: "60bcc22c-2eb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5clRmOy1aNCT%2BKhQbUC3scWe8V9WuPBH4XJAXEH%2ByACoLIhORP1lR4zQYDuXpyARv2SYTM%2BpNgGZKPwK1%2B8I2yS0ArhsInoUvOqluvFvafCxFZV2d6U1wiXXjxCi21WsuA0mx320NTLMw%2Figg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d105c9f4434b-FRA
expires: Thu, 09 Sep 2021 14:05:00 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/06/aAI.gif
Date: Fri, 13 Aug 2021 15:01:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H3-29

200

VBf.png
go.imgdidi.xyz/2021/06/06/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/06/VBf.png
https://go.imgdidi.xyz/2021/06/06/VBf.png

33 KB
34 KB

18ms
17ms

Image
image/png

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/06/VBf.png

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c71d24380d0a49f48ab58507f93b1c0b9cac0235d7f1170368580e8f1951db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 262562
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34257
last-modified: Sun, 06 Jun 2021 12:39:47 GMT
server: cloudflare
etag: "60bcc213-85d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=korYbq7l9gy4C2sF68pUCeoE7I%2FMc4RSs%2FG3yDhxKpzmTgVf0NpflYwHHQEmPCPwL265T2mOxPFZKg6kz9ngeX383Io38WiiaX6UQ5%2Fc0seYoGKQkbrpwWY4sZ5Igty7ec9ZLHaG2xkoX2yQzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 67e2d1060ace434b-FRA
expires: Thu, 09 Sep 2021 14:05:01 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/06/VBf.png
Date: Fri, 13 Aug 2021 15:01:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H3-29

200

GYTI.gif
go.imgdidi.xyz/2021/06/18/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/18/GYTI.gif
https://go.imgdidi.xyz/2021/06/18/GYTI.gif

583 KB
584 KB

43ms
42ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/18/GYTI.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b15722000c8f6496a002692cb99b7bd6d66f49a5c89824c4238934db50e38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 515738
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 597091
last-modified: Fri, 18 Jun 2021 10:24:10 GMT
server: cloudflare
etag: "60cc744a-91c63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a8BM8CZSaspa4WtWclBltGcBzGuvahy91L%2FmY%2BagP42%2FlQWKQny0nx6NJndT%2FR0vsYdnavjt5V7zKa3P67fXjzO4tdUyYhf5L5pFBy%2Bh25ccXEhVvQouSx9Qd1YQKTp4D8ic5KZ%2FA5s9MvMBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d1062b29434b-FRA
expires: Mon, 06 Sep 2021 15:45:25 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/18/GYTI.gif
Date: Fri, 13 Aug 2021 15:01:02 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2 200 6f6d320d39894a7286d90afb57758c74
p5.toutiaoimg.com/origin/pgc-image/ Frame B479 105 KB
106 KB 263ms
263ms Image
image/gif 211.137.95.103
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p5.toutiaoimg.com/origin/pgc-image/6f6d320d39894a7286d90afb57758c74
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.137.95.103 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: f3f7bf3269f97735f15e6ec9e80616320b2c9d02886ce471059c5790520d5497

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:14:17 GMT
x-response-lb: image
x-tt-trace-tag: id=5
age: 2587606
nw-session-id: 20210715001417010135150027521ED744-d43d24fa-70fc-4dd4-9cf7-936412b8b55f03tt
x-powered-by: ImageX
x-response-cinfo: 86.106.103.4
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=37
x-length: 107936
content-length: 107936
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:14:17.047595316+08:00 34
last-modified: Wed, 14 Jul 2021 16:14:17 GMT
server: nginx
x-tt-logid: 20210715001417010135150027521ED744
x-response-date: Thu, 15 Jul 2021 00:14:17 GMT
x-bdcdn-logid: b193c42405e187c22c07ea166cec4c92
content-type: image/gif
via: cache02.cdcm04
x-request-ip: 86.106.103.4
cache-control: max-age=31536000
x-tt-trace-host: 01fee7be28756c006a5243d3f642af7807188a1134271256c7a50a4792c228a84624b331214476cae9d82918b242454bc6278a432f4c919c3239d9b8327e65fd897359ece76c2fc5d458ed0408045e9d0a960f88f3c723b963b0ec3a2545b291a3a6048a46ec045f1343f44f1bd731018d
x-response-cache: edge_hit
timing-allow-origin: *

GET
H/1.1 200
OK appTitle.740e8d1a.png
66j807.com/static/img/ Frame B479 27 KB
28 KB 253ms
253ms Image
image/png 216.83.56.239
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://66j807.com:16678/static/img/appTitle.740e8d1a.png
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: HTTP/1.1
Server: 216.83.56.239 , Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 19a519b9d0d71ce213e2c6fcdc4fcc7a951c33a876aea9b1617fd27b0a89b4f4

Request headers

Referer: http://66j807.com:16678/?tt=1628866847874
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:01:02 GMT
Last-Modified: Mon, 26 Jul 2021 11:44:30 GMT
Server: nginx
ETag: "60fea01e-6d0d"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27917
Expires: Sun, 12 Sep 2021 15:01:02 GMT

GET
H2 200 5b025657aeed4690b6f7de84badbe2f4
p5.toutiaoimg.com/origin/pgc-image/ Frame B479 52 KB
53 KB 263ms
263ms Image
image/png 211.137.95.103
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p5.toutiaoimg.com/origin/pgc-image/5b025657aeed4690b6f7de84badbe2f4
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 211.137.95.103 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 7a77708159e24de7053d3dfb658bf8c716e36c70b015428132fe21e6b6c6b2b1

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:14:39 GMT
x-response-lb: image
x-tt-trace-tag: id=5
age: 2587881
nw-session-id: 202107150009400101510830851D27A812-ebeefb9c-9036-438e-97f1-9c86c3b526ef01tt
x-powered-by: ImageX
x-response-cinfo: 86.106.103.4
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=4
x-length: 53301
content-length: 53301
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:09:40.56863724+08:00 42
last-modified: Wed, 14 Jul 2021 16:09:40 GMT
server: nginx
x-tt-logid: 202107150009400101510830851D27A812
x-response-date: Thu, 15 Jul 2021 00:09:40 GMT
x-bdcdn-logid: 75903e9c0e0e565724304e06260ef6ff
content-type: image/png
via: cache02.cdcm04
x-request-ip: 86.106.103.4
cache-control: max-age=31536000
x-tt-trace-host: 01c6214a75f2dfcae4319ae7d5e1f0d04d3ee730d988afeed4754aad640a6ac26f9a3d8f5eb9536f4040ec058b3affaf4a140ae4b10990cf1dbdb2a5ef42e9e4949b7bb7674cf36e66c7028a94de49963d1bb2825ef8826d03d76b8118cc50e61ed0c13faad0f590496861934e307ed7c7
x-response-cache: edge_hit
timing-allow-origin: *

GET
H2 200 sjym4goqv2a0712sjym4goqv2a4618964.jpg
fmlb.netlbtu.com/upload/vod/2019/11-08/07/ Frame B479 10 KB
10 KB 21ms
21ms Image
image/jpeg 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-08/07/sjym4goqv2a0712sjym4goqv2a4618964.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97a7b487a4c39de4e36e26b617c72b32ca18f0154886f7d0e53b030d01333df2

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 23:12:46 GMT
server: cloudflare
age: 5702
etag: "b65e15dec095d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
cf-polished: origSize=10774, status=webp_bigger
accept-ranges: bytes
cf-ray: 67e2d0fadd760742-FRA
content-length: 10168
cf-bgj: imgq:85,h2pri

GET
H3-29

200

GuWj.gif
go.imgdidi.xyz/2021/06/28/ Frame B479
Redirect Chain

http://xs.imglolo.xyz/2021/06/28/GuWj.gif
https://go.imgdidi.xyz/2021/06/28/GuWj.gif

55 KB
55 KB

14ms
14ms

Image
image/gif

2606:4700:3038::6815:ea5d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdidi.xyz/2021/06/28/GuWj.gif

Requested by

Host: www.btbcapitalgroupllc.com
URL: http://www.btbcapitalgroupllc.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:ea5d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcaee4aba126ff63685fc1fee32d2debb77e7e1f63c1610b378da9656e0e26bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:03 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 372369
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 56089
last-modified: Mon, 28 Jun 2021 09:46:36 GMT
server: cloudflare
etag: "60d99a7c-db19"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKTNtMI39DOn%2B%2FO27zl0LCgzflikOQYBDW%2FBZjGnngaUfKfxVRyi11Lz8APZLGHPR8P0BnJwEMcTUUlI5ZzF%2BHg0rSDX0gknm0uk6y2CD1nuAXZNXW9%2FpDutxD7IKrcG2tXs%2F6ZxU%2FUb6eSeJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d1074e88434b-FRA
expires: Wed, 08 Sep 2021 07:34:54 GMT

Redirect headers

Location: https://go.imgdidi.xyz/2021/06/28/GuWj.gif
Date: Fri, 13 Aug 2021 15:01:03 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Strict-Transport-Security: max-age=31536000
Content-Type: text/html

GET
H2 200 n0uplx50geb1605n0uplx50geb44585.jpg
fmlb.netlbtu.com/upload/vod/2019/11-12/16/ Frame B479 7 KB
7 KB 18ms
17ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-12/16/n0uplx50geb1605n0uplx50geb44585.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91d0af56b35cfe4e74d284fced77c0f8dced5224b29e20611c1d00a158c72e8b

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 3281
cf-polished: qual=85, origFmt=jpeg, origSize=8071
content-disposition: inline; filename="n0uplx50geb1605n0uplx50geb44585.webp"
content-length: 7206
last-modified: Tue, 12 Nov 2019 08:05:44 GMT
server: cloudflare
etag: "5462b4fb2f99d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fb3e720742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 l41yorbl0tr0602l41yorbl0tr1431908.jpg
fmlb.netlbtu.com/upload/vod/2020/05-01/06/ Frame B479 7 KB
7 KB 13ms
12ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/05-01/06/l41yorbl0tr0602l41yorbl0tr1431908.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b27156b5a991afccaafa154a985133a9e3fd2893f30435b969774170b01f39e7

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 7145
cf-polished: qual=85, origFmt=jpeg, origSize=8543
content-disposition: inline; filename="l41yorbl0tr0602l41yorbl0tr1431908.webp"
content-length: 7262
last-modified: Thu, 30 Apr 2020 22:02:14 GMT
server: cloudflare
etag: "1aaebe13b1fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fb5e9a0742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 lukrwpgmh2h0607lukrwpgmh2h16887.jpg
fmlb.netlbtu.com/upload/vod/2021/05-19/06/ Frame B479 6 KB
6 KB 16ms
16ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2021/05-19/06/lukrwpgmh2h0607lukrwpgmh2h16887.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4af0945bda34a9142310bd00b1ce69674d6732f75a5ec3fc7c6d5cdf391a86fc

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 50
cf-polished: qual=85, origFmt=jpeg, origSize=8195
content-disposition: inline; filename="lukrwpgmh2h0607lukrwpgmh2h16887.webp"
content-length: 5942
last-modified: Tue, 18 May 2021 22:07:16 GMT
server: cloudflare
etag: "d631a329324cd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fb5eb00742-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cc3262.jpg
fmlb.netlbtu.com/images/2021/7/2/ Frame B479 65 KB
65 KB 14ms
14ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fmlb.netlbtu.com/images/2021/7/2/cc3262.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6847f07c12d6a153debec01638c6d3007452ba73352f20d19b959ff0a4f155a3

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:01:02 GMT
CF-Cache-Status: HIT
Age: 5803
Cf-Polished: qual=85, origFmt=jpeg, origSize=124295
Content-Disposition: inline; filename="cc3262.webp"
Connection: keep-alive
Content-Length: 66134
Last-Modified: Thu, 01 Jul 2021 02:43:00 GMT
Server: cloudflare
ETag: "eaaca9ce226ed71:0"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 67e2d104eb6642cf-FRA
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK cc8108.jpg
fmlb.netlbtu.com/images/2021/8/10/ Frame B479 81 KB
81 KB 23ms
22ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fmlb.netlbtu.com/images/2021/8/10/cc8108.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b91ef8beba543454b115ea4a46a1d297bb74144f9aa2abf2e2e6fac21e1d8b8

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:01:02 GMT
CF-Cache-Status: HIT
Age: 6759
Cf-Polished: qual=85, origFmt=jpeg, origSize=117250
Content-Disposition: inline; filename="cc8108.webp"
Connection: keep-alive
Content-Length: 82710
Last-Modified: Mon, 09 Aug 2021 03:38:44 GMT
Server: cloudflare
ETag: "3c135ed08cd71:0"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 67e2d104fba942cf-FRA
Cf-Bgj: imgq:85,h2pri

GET
H/1.1 200
OK 1.jpg
fmlb.netlbtu.com/20210730/kiIXmBl0/ Frame B479 8 KB
9 KB 25ms
25ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fmlb.netlbtu.com/20210730/kiIXmBl0/1.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: HTTP/1.1
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 037fadfa69ccdcef8e73d1dc11a53ee9c143cf42a12171bd85546a51568b877b

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 13 Aug 2021 15:01:02 GMT
CF-Cache-Status: HIT
Age: 706
Cf-Polished: qual=85, origFmt=jpeg, origSize=9734
Content-Disposition: inline; filename="1.webp"
Connection: keep-alive
Content-Length: 8350
Last-Modified: Sat, 31 Jul 2021 00:53:43 GMT
Server: cloudflare
ETag: "86b583a685d71:0"
Vary: Accept
Content-Type: image/webp
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 67e2d1052c5a42cf-FRA
Cf-Bgj: imgq:85,h2pri

GET
H2 200 6flcW.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 445 KB
446 KB 29ms
29ms Image
image/gif 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/6flcW.gif
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d8a577e499f7f040e4777de6318f44acab2c63ea9ef5838c0d0b82daea42132

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 17:08:18 GMT
server: cloudflare
age: 1409
etag: "2452e3a2a3ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 67e2d1053fa10742-FRA
content-length: 455908
cf-bgj: imgq:85,h2pri

GET
H2 200 kbp3hzplcrw0605kbp3hzplcrw0112213.jpg
fmlb.netlbtu.com/upload/vod/2020/08-05/06/ Frame B479 10 KB
10 KB 15ms
14ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/08-05/06/kbp3hzplcrw0605kbp3hzplcrw0112213.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02145dd80a860160fa849cb90e8e7c96524a227fade5d3a80401d7e8631bcbf2

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 0
cf-polished: qual=85, origFmt=jpeg, origSize=11200
content-disposition: inline; filename="kbp3hzplcrw0605kbp3hzplcrw0112213.webp"
content-length: 10434
last-modified: Tue, 04 Aug 2020 22:05:01 GMT
server: cloudflare
etag: "6967d4dab6ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fc18a10742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 14553099.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 620 KB
621 KB 25ms
23ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/14553099.gif
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 811f6deabb9be47e719d2677427539b9b5eb3bbf6e18528b14781d536138093f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
cf-cache-status: HIT
age: 4840
cf-polished: origFmt=gif, origSize=811241
content-disposition: inline; filename="14553099.webp"
content-length: 634664
last-modified: Thu, 21 Nov 2019 09:41:13 GMT
server: cloudflare
etag: "39ff2bd04fa0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d1054ff10742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 au5cd0br5hw1206au5cd0br5hw0133680.jpg
fmlb.netlbtu.com/upload/vod/2020/05-01/12/ Frame B479 7 KB
8 KB 11ms
11ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/05-01/12/au5cd0br5hw1206au5cd0br5hw0133680.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79aac821b1f5af796748d64c2d61734376d4ae41bb43a0c951c41872095f8bed

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 0
cf-polished: qual=85, origFmt=jpeg, origSize=8407
content-disposition: inline; filename="au5cd0br5hw1206au5cd0br5hw0133680.webp"
content-length: 7662
last-modified: Fri, 01 May 2020 04:06:01 GMT
server: cloudflare
etag: "ff8292d36d1fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fc99fe0742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bny2dvrzxmh0845bny2dvrzxmh0321696.jpg
fmlb.netlbtu.com/upload/vod/2019/11-08/08/ Frame B479 7 KB
7 KB 22ms
21ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-08/08/bny2dvrzxmh0845bny2dvrzxmh0321696.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffe76172449dada552a926f70e224522fb3a543826d962049f9325f76096020a

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 0
cf-polished: qual=85, origFmt=jpeg, origSize=9292
content-disposition: inline; filename="bny2dvrzxmh0845bny2dvrzxmh0321696.webp"
content-length: 7174
last-modified: Fri, 08 Nov 2019 00:45:03 GMT
server: cloudflare
etag: "2104fc2cd95d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fcaa0c0742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 h2i4enk0rvw1815h2i4enk0rvw058752.jpg
fmlb.netlbtu.com/upload/vod/2020/08-04/18/ Frame B479 10 KB
10 KB 13ms
13ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/08-04/18/h2i4enk0rvw1815h2i4enk0rvw058752.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 136d9ecd346dba673743a279a674bdf1bca68d52cba099b47eeaac178d719a2f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 0
cf-polished: qual=85, origFmt=jpeg, origSize=10381
content-disposition: inline; filename="h2i4enk0rvw1815h2i4enk0rvw058752.webp"
content-length: 10218
last-modified: Tue, 04 Aug 2020 10:15:05 GMT
server: cloudflare
etag: "15cf911f486ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fd1b480742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 q0q2q103tf11814q0q2q103tf1318516.jpg
fmlb.netlbtu.com/upload/vod/2020/08-04/18/ Frame B479 8 KB
8 KB 14ms
12ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/08-04/18/q0q2q103tf11814q0q2q103tf1318516.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e19f30f1f5c24ffc6e2242e21bf68810d7ebe03adf10b9d87f67e3faad863793

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 0
cf-polished: qual=85, origFmt=jpeg, origSize=8832
content-disposition: inline; filename="q0q2q103tf11814q0q2q103tf1318516.webp"
content-length: 7902
last-modified: Tue, 04 Aug 2020 10:14:31 GMT
server: cloudflare
etag: "adc841b486ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fd1b530742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 aqxcxmvlbwc0003aqxcxmvlbwc2231356.jpg
fmlb.netlbtu.com/upload/vod/2020/05-01/00/ Frame B479 10 KB
10 KB 12ms
11ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/05-01/00/aqxcxmvlbwc0003aqxcxmvlbwc2231356.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47afcdc59638e8a64eff4e8601e252bee1651dcc406d3ddd29d6dee0de401bfa

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 0
cf-polished: qual=85, origFmt=jpeg, origSize=10852
content-disposition: inline; filename="aqxcxmvlbwc0003aqxcxmvlbwc2231356.webp"
content-length: 9998
last-modified: Thu, 30 Apr 2020 16:03:22 GMT
server: cloudflare
etag: "952ed7df81fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fd1b580742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 jtpbf3usklb2215jtpbf3usklb484633.jpg
fmlb.netlbtu.com/upload/vod/2019/11-13/22/ Frame B479 10 KB
10 KB 17ms
16ms Image
image/jpeg 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-13/22/jtpbf3usklb2215jtpbf3usklb484633.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8abb48ab9425c3a23787358acd90788a66091d962b4fc5f9776578f603f50fc

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Nov 2019 14:15:48 GMT
server: cloudflare
age: 0
etag: "bc4cead82c9ad51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
cf-polished: origSize=10925, status=webp_bigger
accept-ranges: bytes
cf-ray: 67e2d0fd1b620742-FRA
content-length: 10368
cf-bgj: imgq:85,h2pri

GET
H2 200 gvyd4eup1ol0605gvyd4eup1ol0512221.jpg
fmlb.netlbtu.com/upload/vod/2020/08-05/06/ Frame B479 8 KB
8 KB 13ms
13ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/08-05/06/gvyd4eup1ol0605gvyd4eup1ol0512221.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce79f65ae52a71d397e353695253cab20c154ab80cb79f828bd0fa006b3aa4f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
age: 0
cf-polished: qual=85, origFmt=jpeg, origSize=9006
content-disposition: inline; filename="gvyd4eup1ol0605gvyd4eup1ol0512221.webp"
content-length: 8418
last-modified: Tue, 04 Aug 2020 22:05:05 GMT
server: cloudflare
etag: "0712d4fab6ad61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fd3b950742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 ypnfy2gf5eq0454ypnfy2gf5eq1112762.jpg
fmlb.netlbtu.com/upload/vod/2019/11-08/04/ Frame B479 10 KB
10 KB 16ms
15ms Image
image/jpeg 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-08/04/ypnfy2gf5eq0454ypnfy2gf5eq1112762.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 330c43adfb5013cf4c3aaa76d205c49ab0368f77a4d701b8286531140944b420

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 20:54:11 GMT
server: cloudflare
age: 0
etag: "7cb76c81ad95d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fd9c550742-FRA
content-length: 9859

GET
H2 200 081616-232-2.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 1 MB
1 MB 25ms
25ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/081616-232-2.gif
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31bd4e7a719f0265a7489bfa1f036de150fa05db7c9b4d6a6a5b58169f2abe5c

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
cf-cache-status: HIT
age: 1
cf-polished: origFmt=gif, origSize=1931106
content-disposition: inline; filename="081616-232-2.webp"
content-length: 1321472
last-modified: Thu, 21 Nov 2019 09:37:12 GMT
server: cloudflare
etag: "1f47a5404fa0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d10578550742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 lgkz0c50fw11802lgkz0c50fw11229946.jpg
fmlb.netlbtu.com/upload/vod/2020/04-30/18/ Frame B479 10 KB
11 KB 12ms
12ms Image
image/jpeg 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2020/04-30/18/lgkz0c50fw11802lgkz0c50fw11229946.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fef58ca8fb71456a8f1ccf0069548c13576e3815d0eeaf11119f553709aabf5

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Apr 2020 10:02:12 GMT
server: cloudflare
age: 0
etag: "e2e7706bd61ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fe1d9f0742-FRA
content-length: 10687

GET
H2 200 fsxkl0y5ufs0354fsxkl0y5ufs057733.jpg
fmlb.netlbtu.com/upload/vod/2019/11-08/03/ Frame B479 13 KB
13 KB 13ms
13ms Image
image/jpeg 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2019/11-08/03/fsxkl0y5ufs0354fsxkl0y5ufs057733.jpg
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65714b34744212952acd94c0643fe14e5d4f2da390a19cac3ac7bd944b9bd4f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:01 GMT
cf-cache-status: HIT
last-modified: Thu, 07 Nov 2019 19:54:05 GMT
server: cloudflare
age: 0
etag: "3f2f371ca595d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d0fe2da40742-FRA
content-length: 13440

GET
H2 200 tumblr_naelsbQyU81sf1opfo1_400.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 517 KB
517 KB 25ms
25ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/tumblr_naelsbQyU81sf1opfo1_400.gif
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adce0881229ec3424a979cbff4316c20f1c49b734cee844d102eb2eee8f916e8

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
cf-cache-status: HIT
age: 0
cf-polished: origFmt=gif, origSize=620674
content-disposition: inline; filename="tumblr_naelsbQyU81sf1opfo1_400.webp"
content-length: 528958
last-modified: Thu, 21 Nov 2019 09:04:52 GMT
server: cloudflare
etag: "c14262bc4aa0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d105786a0742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 71f069409fa34058a472600a06b12dfa
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 294 KB
295 KB 738ms
736ms Image
image/gif 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/71f069409fa34058a472600a06b12dfa
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: db5b221211a87ced643383afeac89d1ef82bedf136c7652ced7d851d8fb2e7ca

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:02 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 2587595
nw-session-id: 202107150014270101960510295220D525-822fd832-e3ba-4f8a-8a46-408f9dd4db8c03tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT, edge;dur=3
x-length: 301020
x-tt-trace-host: 01c6214a75f2dfcae4319ae7d5e1f0d04d1f1ee86f263de3a0c1a7d63fd9b0b2722f1e6a7240afc9d7765e72152c383b5e1e059cc722e2ab79d60edc6c9111394c5a40fc2c56332239c3deb51776995a3b4a54f97be1aa1de08d6e3dee4b0c4cb40f976b6eeebb3a066bbbd5a432d4ca7d
content-length: 301020
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[3],CHN-HAzhengzhou-AREACUCC1-CACHE8[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE73[8],CHN-TJ-GLOBAL1-CACHE8[0,TCP_HIT,7]
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:14:27 GMT
server: openresty
x-tt-logid: 202107150014270101960510295220D525
x-response-date: Thu, 15 Jul 2021 00:14:27 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:14:27.060019274+08:00 51
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H2 200 d3ac4293bd7048d0a1adeab23452fc39
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 20 KB
21 KB 818ms
818ms Image
image/jpeg 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/d3ac4293bd7048d0a1adeab23452fc39
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: 8a70fed1772ebe04aa2baa08566ae87091ac2d61f43c9cbb203eef535ab0452c

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:02 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 860549
nw-session-id: 20210803235832010135150037521C9C00-fc82445f-a2d1-4037-9de1-e5aa83c53c4003tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT, edge;dur=3
x-length: 20295
x-tt-trace-host: 01c98da05ab111839d1213048bc657e29619eb5a0112fcb6d2ca8d7fcdde53f110780ed8dddd590201b06a380bd7c6925bda576480776c584fad91c6ade96161e7f0078ecc1a13a62f91be7f41a9a0779ebc0fc5037c1345002e532698e2564bb5df796ddb19b1387a9a4726f58406ec23
content-length: 20295
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[3],CHN-HAzhengzhou-AREACUCC1-CACHE62[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE110[28],CHN-TJ-GLOBAL1-CACHE102[25,TCP_MISS,26]
accept-ranges: bytes
last-modified: Tue, 03 Aug 2021 15:58:32 GMT
server: openresty
x-tt-logid: 20210803235832010135150037521C9C00
x-response-date: Tue, 03 Aug 2021 23:58:32 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2021-08-03T23:58:32.371403452+08:00 62
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H2 200 c265d657afc94dc5b6e32fed5992362f
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 16 KB
17 KB 465ms
464ms Image
image/jpeg 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/c265d657afc94dc5b6e32fed5992362f
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: ad0c17a72d6f307a36e57b91a0538e1d8367a6805f49bedabb26fd5f5974873a

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 15:58:32 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 860549
nw-session-id: 202108032358320101940981994B1FBCB1-a4304824-0eea-4278-8b40-7203f30d12e801tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-HF-MP-61-19, HIT from KS-CLOUD-WH-CM-03-10, HIT from KS-CLOUD-NJ-CM-23-05
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=49
x-length: 16314
x-tt-trace-host: 01f589afee2af59ab8efba88409c9b7744001484426a09425f29e8fdcd74e8ef82fb2eab4a34c26b127c42d27ef142fd0bee1e58058e198a727239d0e62ae04d22723e4c92c8002cdc65e7ea232e64c82603970e04aaaaf8d5cd71073454d5d38eac13e3fca48f2bbcc96dcc356759804bf61b49d703c815a7286444256b22203f
content-length: 16314
timing-allow-origin: *
accept-ranges: bytes
last-modified: Tue, 03 Aug 2021 15:58:32 GMT
server: nginx
x-tt-logid: 202108032358320101940981994B1FBCB1
x-response-date: Tue, 03 Aug 2021 23:58:32 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2021-08-03T23:58:32.853399283+08:00 46
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
imagex-fmt: jpeg2jpeg
x-response-cache: edge_hit
x-cdn-request-id: 74098109296c442b9d91c527dbba31d5
expires: Wed, 03 Aug 2022 15:58:32 GMT

GET
H2 200 b3f894f2dd974b5eaf65037fbb737bb7
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 21 KB
22 KB 464ms
463ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/b3f894f2dd974b5eaf65037fbb737bb7
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 9465c33dba0c4a8f1f8e2f22db7f1c3060182c41654f96672794a99f89c119e3

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:15:51 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 859510
nw-session-id: 202108040015510101510850402425DA4D-9cb9ce28-c147-4aee-a6c4-c23240264db101tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-SJZ-MP-01-05, HIT from KS-CLOUD-WZ-CM-11-03, HIT from KS-CLOUD-NJ-CM-23-08
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=20
x-length: 21558
x-tt-trace-host: 01715b14ed1d9ca7cc17f0a7ebc77aef12f827751fb6c8cc30fd12c5e4a54615a3bfbf423ad2d02c347255894970ff1a5ebec5dced9787f53d214528ba574f940399a6e6a35c819c6d22d860f8e0c3c6b7366c58c9177a588ccc97a631d800980882b527be13720a02e780f302af9074a001b773eaabb8651ee4fe9825ce1cf5ca
content-length: 21558
timing-allow-origin: *
accept-ranges: bytes
last-modified: Tue, 03 Aug 2021 16:15:51 GMT
server: nginx
x-tt-logid: 202108040015510101510850402425DA4D
x-response-date: Wed, 04 Aug 2021 00:15:51 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-08-04T00:15:51.895138174+08:00 13
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
imagex-fmt: gif2gif
x-response-cache: edge_hit
x-cdn-request-id: 689fd754f9223617ca69c9e1120bfb89
expires: Wed, 03 Aug 2022 16:15:51 GMT

GET
H2 200 0eca71cc20c4436db26678d5467c0469
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 191 KB
192 KB 251ms
250ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/0eca71cc20c4436db26678d5467c0469
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: fe1e6974ed03fe0e814143431c0fb928f07e961915a68ae0e033005581030a53

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 17:54:14 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 1976808
nw-session-id: 2021072201541501013109819637244863-7bf3952b-e568-4438-bbae-7abfe5b3d1cb01tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-NB-MP-02-12, HIT from KS-CLOUD-WX-CM-09-16, HIT from KS-CLOUD-NJ-CM-23-18
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=4
x-length: 195736
x-tt-trace-host: 01e054a13357ffe766e089b0b05a93fa34089494f224c30f9a16c10b1f387fcbaa103ef2d98d0706dcd6183d53238e9abae55f06fe85475d26508254edde95e1a7ae9a15e37d4aac092b2be6c44fdc162bab049b4be74fa68ce323fd031adf3d151184ae4070fc4c62bc08f3d8ebf77951
content-length: 195736
timing-allow-origin: *
accept-ranges: bytes
last-modified: Wed, 21 Jul 2021 17:54:15 GMT
server: nginx
x-tt-logid: 2021072201541501013109819637244863
x-response-date: Thu, 22 Jul 2021 01:54:15 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-22T01:54:15.387865828+08:00 34
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
x-response-cache: edge_hit
x-cdn-request-id: e7467b39d56033bf2993a6204a9e844f
expires: Thu, 21 Jul 2022 17:54:14 GMT

GET
H2 200 1d90115a50ad494d98b3155e2203240e
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 82 KB
83 KB 249ms
249ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/1d90115a50ad494d98b3155e2203240e
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 41c1645f9b2fec9dee8cb2fae29cb5e9408f23c9afa0940d2e221dc57efe3a61

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:08:58 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 2587923
nw-session-id: 20210715000857010131076159381F7470-0c70e27b-5132-4454-8222-0292a35d3e5803tt
x-powered-by: ImageX
x-cache-status: MISS from KS-CLOUD-HF-MP-63-15, HIT from KS-CLOUD-LY-CM-03-06, HIT from KS-CLOUD-NJ-CM-23-32
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=96
x-length: 84450
x-tt-trace-host: 01ecc10cc3aa98ba9ddd8bb8e1fedff263e85babdb1f7a5db12750f8d50d41718475df71d60cc9fb639128183c77c6bf9ad2f3a2a07a8b73742b461a6b0a88c0f4d5f8606f89fc7f3640833d795c6a3f695ee39ba4b8aa0e055e427881749e4b6d5609198fd8a1ce20d225ab77d4833f343a63d169bbd0b6b2b6bd8850fdb3a0c0
content-length: 84450
timing-allow-origin: *
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:08:57 GMT
server: nginx
x-tt-logid: 20210715000857010131076159381F7470
x-response-date: Thu, 15 Jul 2021 00:08:57 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:08:57.628690387+08:00 83
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
x-response-cache: edge_hit
x-cdn-request-id: 82853730b81601f80b295788b18fc59d
expires: Thu, 14 Jul 2022 16:08:58 GMT

GET
H2 200 tumblr_mexjwcUizm1s04gyzo1_500.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 857 KB
858 KB 24ms
23ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/tumblr_mexjwcUizm1s04gyzo1_500.gif
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 958864c416f93861b8500b6dc36a574494a8cf6644d0b63601dfc2762bb7801d

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:02 GMT
cf-cache-status: HIT
age: 0
cf-polished: origFmt=gif, origSize=983947
content-disposition: inline; filename="tumblr_mexjwcUizm1s04gyzo1_500.webp"
content-length: 877218
last-modified: Thu, 21 Nov 2019 09:18:19 GMT
server: cloudflare
etag: "4fba8e9d4ca0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d105989e0742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 f5a31f358e88444aac2e51d6002d389f
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 547 KB
549 KB 257ms
256ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/f5a31f358e88444aac2e51d6002d389f
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 5a90ff3bf6a32e7d9e86f0111c11851a0ece5f89713d45e096a706d330582637

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:14:14 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 2587608
nw-session-id: 20210715001417010150100227272896DC-7c31b6a3-9e43-4dd9-a42e-73d014084abf03tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-FZ-MP-02-19, HIT from KS-CLOUD-CS-CM-16-04, HIT from KS-CLOUD-NJ-CM-23-18
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=64
x-length: 560319
x-tt-trace-host: 01fee7be28756c006a5243d3f642af780797b47ad15fad57fc232bcdd0e184c47986a5d9b600fa4bc9c23ece99eb8ecd95d5fc304da279fa918648dae6e618ac378d110918c74440d16af832820db27f17d9bdc6644316028509dcf57754237d677db80aa803f18e6dbda7c4e5bf4ed5dae07eac15c05bd9893e5bc3baf02d8b2e
content-length: 560319
timing-allow-origin: *
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:14:17 GMT
server: nginx
x-tt-logid: 20210715001417010150100227272896DC
x-response-date: Thu, 15 Jul 2021 00:14:17 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:14:17.077446624+08:00 59
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
x-response-cache: edge_hit
x-cdn-request-id: 601eed9a7dc1e409058d4d566b40a6cd
expires: Thu, 14 Jul 2022 16:14:14 GMT

GET
H2 200 c80044a465ce4a2cb1e4564315f1360a
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 28 KB
29 KB 460ms
459ms Image
image/jpeg 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/c80044a465ce4a2cb1e4564315f1360a
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: a3c91b5ed2bdfe21c26d749708e0cc37b5ae7898a4c83f75569fbe0ef17fac69

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:02 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 2071732
nw-session-id: 202107202331530101511032305127CC10-7373b684-773f-4118-9b99-1b9525dfada403tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT, edge;dur=4
x-length: 29133
x-tt-trace-host: 01de2322fcb804fbbaf465a7cee55e452562c44c9ea6133fbc81cea547fb5721e22be98010173eb1fa2782d25af02c48cd51b2b3f95e570d0edd3bf63d1959ccc5290afe42d79fe07c8597b9d35d25dee281efeb5e6ac27f12fb66cde560def7be53f97b6fecc4a9d798e3454c68eecebf
content-length: 29133
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[4],CHN-HAzhengzhou-AREACUCC1-CACHE58[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE28[2],CHN-TJ-GLOBAL1-CACHE58[0,TCP_HIT,1]
accept-ranges: bytes
last-modified: Tue, 20 Jul 2021 15:31:53 GMT
server: openresty
x-tt-logid: 202107202331530101511032305127CC10
x-response-date: Tue, 20 Jul 2021 23:31:53 GMT
content-type: image/jpeg
access-control-allow-origin: *
nw-session-trace: 2021-07-20T23:31:53.743766859+08:00 16
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H2 200 ca1ef8ca55da4549abc1f475b9aad623
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 23 KB
24 KB 455ms
454ms Image
image/gif 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/ca1ef8ca55da4549abc1f475b9aad623
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: bb527cec7aa68ab0ddbfc7f17904e229d67aae3749e981e92ffec392562d7461

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:02 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 2587882
nw-session-id: 20210715000940010131074174121D06E8-f4fa1f10-4907-4381-9c90-6641390881f302tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache;desc=HIT, edge;dur=3
x-length: 23779
x-tt-trace-host: 0122a99480124070136c4f143338db216b69b5f35a3b14123a448f9a9f45d38ac4cd965ecf91f0a7cad7780fc1fab8cfecf30f4372b8198c283c257651742530fd28c7cfaef164ab79caf90302b19ef3ea1f7327acc5b5150738fbd62cae54bb04f03701994be7f2a7a32a6cb22fd40a1d
content-length: 23779
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[3],CHN-HAzhengzhou-AREACUCC1-CACHE2[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE32[54],CHN-TJ-GLOBAL1-CACHE2[51,TCP_MISS,53]
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:09:40 GMT
server: openresty
x-tt-logid: 20210715000940010131074174121D06E8
x-response-date: Thu, 15 Jul 2021 00:09:40 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:09:40.380056092+08:00 19
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H2 200 sdmm-057.gif
mei.netlbtu.com/upload/art/gif/20200726/ Frame B479 2 MB
2 MB 22ms
21ms Image
image/webp 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/20200726/sdmm-057.gif
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923c834dff077f279fded26a97b1dc179332a9cadba612b102359e0d765565ce

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:03 GMT
cf-cache-status: HIT
age: 0
cf-polished: origFmt=gif, origSize=3081740
content-disposition: inline; filename="sdmm-057.webp"
content-length: 2103086
last-modified: Sun, 26 Jul 2020 01:00:15 GMT
server: cloudflare
etag: "1e5a751fe862d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d105a8ce0742-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 glcfvn.gif
mei.netlbtu.com/upload/art/gif/20200726/ Frame B479 5 MB
5 MB 14ms
13ms Image
image/gif 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/20200726/glcfvn.gif
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dad618ef928d0bd57f5baf8f725e0e995987c8d4f50298e50838e4e5ea2cfe4f

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:03 GMT
cf-cache-status: HIT
last-modified: Sun, 26 Jul 2020 01:08:09 GMT
server: cloudflare
age: 1
etag: "99d2fe39e962d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
cf-polished: origSize=5483626, status=input_too_large
accept-ranges: bytes
cf-ray: 67e2d105c9080742-FRA
content-length: 5477547
cf-bgj: imgq:85,h2pri

GET
H2 200 9864f34b6a84466c95d6c384cd3129b7
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 4 MB
4 MB 491ms
490ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/9864f34b6a84466c95d6c384cd3129b7
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 91dec11b710df85794e8d3ea7bb25abcf11d0b5b5e414e5aa69f73df0d23c9f6

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 16:09:43 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 2587879
nw-session-id: 2021071500094301015108502119289467-5ffeca40-7ee3-4b71-8965-14e3cd6d7de602tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-SJZ-MP-03-12, HIT from KS-CLOUD-LY-CM-04-13, HIT from KS-CLOUD-NJ-CM-23-32
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=164
x-length: 3960990
x-tt-trace-host: 0122a99480124070136c4f143338db216baf6a47ba4141c99d366ad01ae878d992006e6250c0b64910355a30d9675aac62a4b285659876a92c5ceef210cd0739a27143f6ebae6f5233fa7978ab3cd429865730f3d5092bae15eec20d9241117a35d0e3e7f4cece0a164b609f973dc0535ec1021e6a3752b4a4eb60d80e2e32d6ee
content-length: 3960990
timing-allow-origin: *
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:09:43 GMT
server: nginx
x-tt-logid: 2021071500094301015108502119289467
x-response-date: Thu, 15 Jul 2021 00:09:43 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:09:43.40845263+08:00 136
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
x-response-cache: edge_hit
x-cdn-request-id: 0097b221b020d20228cf05c68d77cc36
expires: Thu, 14 Jul 2022 16:09:43 GMT

GET
H2 200 28ba0ec89d824635a36a9a330cd3050d
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 713 KB
714 KB 329ms
329ms Image
image/gif 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/28ba0ec89d824635a36a9a330cd3050d
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: 36350bb85a1c7f1ed3f5e49c2f5467415cac81930099a6b39585ab7f6a9d2701

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:03 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 2587925
nw-session-id: 202107150008580101980650242C21FEF5-1f1c3c3b-c694-4914-9a52-488e9ac6a7cb01tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_MISS
server-timing: cdn-cache;desc=HIT, edge;dur=4
x-length: 729912
x-tt-trace-host: 0122a99480124070136c4f143338db216b22c57417aa240c1b201140958ab1657320509c1c57485d705e8879dad4c40220488c83d5df561157cfba73c0fa265ede45aceabc7d83756ba9e0c7ce6ce001b74faf9ec63afc18e4e2b2baab6951df99c404d6deee45b2d0f63098a1afaeaa49
content-length: 729912
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[4],CHN-HAzhengzhou-AREACUCC1-CACHE12[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE43[113],CHN-TJ-GLOBAL1-CACHE12[110,TCP_MISS,111]
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:08:58 GMT
server: openresty
x-tt-logid: 202107150008580101980650242C21FEF5
x-response-date: Thu, 15 Jul 2021 00:08:58 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:08:58.214408595+08:00 91
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H2 200 144e8de43aab412683fc56c42b00aaf6
p26.toutiaoimg.com/origin/pgc-image/ Frame B479 362 KB
364 KB 407ms
406ms Image
image/gif 182.118.39.166
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/origin/pgc-image/144e8de43aab412683fc56c42b00aaf6
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 182.118.39.166 Zhengzhou, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: openresty / ImageX
Resource Hash: 73810d7a22f8e4a5a6bd1c762beb4f3bbdbf243258c8c747a02bba7c49eae470

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

nginx-hit: 1
date: Fri, 13 Aug 2021 15:01:03 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 2587586
nw-session-id: 2021071500143701015010109953283E17-fd4013f1-e392-40a8-93f1-be2d51450c9403tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT, edge;dur=7
x-length: 371053
x-tt-trace-host: 01fee7be28756c006a5243d3f642af7807d3e9560048f372efc8403870109b24e23b2c5081dc871a0a08851e613f94fc67f015cf36654828eb8c70eb77b74e22be3ccc0f3d004ed90be62bb4757d4f6b7ec8489629b5375aff82844b76f93fc06d2430100d0087190863be22d6926578ec
content-length: 371053
via: CHN-HAzhengzhou-AREACUCC1-CACHE25[7],CHN-HAzhengzhou-AREACUCC1-CACHE35[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE64[29],CHN-TJ-GLOBAL1-CACHE97[26,TCP_MISS,29]
accept-ranges: bytes
last-modified: Wed, 14 Jul 2021 16:14:37 GMT
server: openresty
x-tt-logid: 2021071500143701015010109953283E17
x-response-date: Thu, 15 Jul 2021 00:14:37 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:14:37.647659046+08:00 77
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H2 200 bf220e6f48ae46039fe64958d40e829f
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 1001 KB
1003 KB 404ms
403ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/bf220e6f48ae46039fe64958d40e829f
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: a8be1fe1bc8d750fd534173dc8f6a1819417dd78f3dbff13411a34a1bced7122

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Jul 2021 00:45:51 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 1347311
nw-session-id: 2021072908455101019409819841309966-6c1bbcb4-3763-43f0-86d6-caa1c870152101tt
x-powered-by: ImageX
x-cache-status: HIT from KS-CLOUD-HUZ-MP-01-11, HIT from KS-CLOUD-NC-CM-05-08, HIT from KS-CLOUD-NJ-CM-23-18
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=294
x-length: 1025485
x-tt-trace-host: 014385e574af237cc504ed5e939485fadbf504a6101ca27ec3caf56dbd19df3c6589785fcdf608c063f018a8e243c165f741bb34df0b80837fb213ad7774001889dc717c5b5bef67398c76d0e85ad9533e14ff4628b8c93423a196d55c55f3cb169a7727a155d6cde5d20a0508fdcb641e28bab4890d22d123f8cd90cbd8159265
content-length: 1025485
timing-allow-origin: *
accept-ranges: bytes
last-modified: Thu, 29 Jul 2021 00:45:51 GMT
server: nginx
x-tt-logid: 2021072908455101019409819841309966
x-response-date: Thu, 29 Jul 2021 08:45:51 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-07-29T08:45:51.359390342+08:00 173
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
imagex-fmt: gif2gif
x-response-cache: edge_hit
x-cdn-request-id: e0a8180edadd31f3a211f50c0161808c
expires: Fri, 29 Jul 2022 00:45:51 GMT

GET
H2 200 a315a15fb6d2423c90a11169c6aac432
p6.toutiaoimg.com/origin/pgc-image/ Frame B479 1 MB
1 MB 497ms
496ms Image
image/gif 2409:8c20:a17:108::f0
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p6.toutiaoimg.com/origin/pgc-image/a315a15fb6d2423c90a11169c6aac432
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2409:8c20:a17:108::f0 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: nginx / ImageX
Resource Hash: daf0178045eb88cfc25591f42eefd265288902ee57518d53e4398744d2b2ae21

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:06:35 GMT
x-response-lb: image
x-tt-trace-tag: id=06;cdn-cache=hit;type=static
age: 860067
nw-session-id: 2021080400063601015010108652258CAD-df7fb11f-bcf7-4164-beb9-f1b2b86a6d0f03tt
x-powered-by: ImageX
x-cache-status: MISS from KS-CLOUD-CS-MP-02-09, HIT from KS-CLOUD-LIS-CM-11-14, HIT from KS-CLOUD-NJ-CM-23-21
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=168
x-length: 1070691
x-tt-trace-host: 01d4042b8b79aa72fc1f416256da0286216d9728008943434d4a0a64d7137bea53432134a95b6de072e467737a0720856fa283c9eb0aec531e7c094766f1c2afdf85f8545f4a8a8909e8c4ccb6d1b509e884537cc1cefec04fa96bd054b649b9b139f57a1527ffaa82cb53ad65c9f54f95
content-length: 1070691
timing-allow-origin: *
accept-ranges: bytes
last-modified: Tue, 03 Aug 2021 16:06:36 GMT
server: nginx
x-tt-logid: 2021080400063601015010108652258CAD
x-response-date: Wed, 04 Aug 2021 00:06:36 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-08-04T00:06:36.445007219+08:00 90
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
imagex-fmt: gif2gif
x-response-cache: edge_hit
x-cdn-request-id: 9fdb631e01b30ed81c3a9869dcc1a1c0
expires: Wed, 03 Aug 2022 16:06:35 GMT

GET
H2 200 1810572.jpg.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame B479 2 MB
2 MB 14ms
14ms Image
image/gif 2606:4700:10::ac43:191e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mei.netlbtu.com/upload/art/gif/gfdt/1810572.jpg.gif
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:191e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647003c50427e348bff7e1d228709847a3df3533831804471b0d08d78aecae9c

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:03 GMT
cf-cache-status: HIT
last-modified: Mon, 18 Nov 2019 23:55:13 GMT
server: cloudflare
age: 2
etag: "2916519e6b9ed51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 67e2d1071c360742-FRA
content-length: 2063905

GET
H2 200 ef92baa00e0645889f2e66081650da45
p9.toutiaoimg.com/origin/pgc-image/ Frame B479 31 KB
32 KB 842ms
842ms Image
image/png 4.34.42.103
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p9.toutiaoimg.com/origin/pgc-image/ef92baa00e0645889f2e66081650da45
Requested by: Host: 66j807.com
URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.34.42.103 Denver, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: b9e513c573f712515a178470ec306859a3b8964f193fa52c84bf4a06d4130039

Request headers

Referer: http://66j807.com:16678/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 15:01:07 GMT
x-response-lb: image
x-tt-trace-tag: id=00;cdn-cache=miss
nw-session-id: 2021071500085801019806502236222599-6023dd04-64d9-405c-8c14-72c2ed4bd86d01tt
x-powered-by: ImageX
x-cache: HIT from BC101_US-Colorado-Denver-1-cache-1(baishan)
x-bdcdn-cache-status: TCP_HIT
server-timing: inner; dur=0
x-length: 32209
x-tt-trace-host: 0122a99480124070136c4f143338db216beb7da18b27a354d24a7e322bb8a5e6df66c15d3df365c13f85e4cf91514ee20365e4e12214cd6d1e47efed35a1bf76d9965a5c10ed27a26ff8850534c69a6b1afcf177ff55665ec8c96ed208b671322f
content-length: 32209
last-modified: Wed, 14 Jul 2021 16:08:58 GMT
server: nginx
x-tt-logid: 2021071500085801019806502236222599
x-response-date: Thu, 15 Jul 2021 00:08:58 GMT
content-type: image/png
access-control-allow-origin: *
nw-session-trace: 2021-07-15T00:08:58.316586981+08:00 68
cache-control: max-age=31536000
x-response-cinfo: 86.106.103.4
x-response-cache: edge_hit
timing-allow-origin: *
x-ser: BC169_dx-lt-yd-jiangsu-zhenjiang-3-cache-13, BC113_US-Washington-seattle-1-cache-3, BC101_US-Colorado-Denver-1-cache-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ia.51.la
URL: http://ia.51.la/go1?id=21177075&rt=1628866843797&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1628866843797&tt=%25E4%25B8%259C%25E6%25B5%25B7%25E8%25A7%2588%25E9%2587%258A%25E5%2581%25A5%25E8%25BA%25AB%25E4%25BF%25B1%25E4%25B9%2590%25E9%2583%25A8&kw=&cu=http%253A%252F%252Fwww.btbcapitalgroupllc.com%252F&pu=

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.btbcapitalgroupllc.com/common.js(Line 6) Message: 1
console-api	log	URL: http://www.btbcapitalgroupllc.com/common.js(Line 44) Message: 2
console-api	log	URL: http://www.btbcapitalgroupllc.com/common.js(Line 49) Message: 0*DIVshowcloneshengxiaon
console-api	log	URL: http://www.btbcapitalgroupllc.com/common.js(Line 49) Message: 1*STYLE
console-api	log	URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js(Line 7) Message: [system] App Launch
console-api	log	URL: http://66j807.com:16678/static/js/chunk-vendors.a612c202.js(Line 7) Message: [system] App Show

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66j807.com
api-66j8.com
api-66j82.com
api.share.baidu.com
btbcapitalgroupllc.com
cdn.dcloud.net.cn
fmlb.netlbtu.com
go.imgdidi.xyz
hm.baidu.com
hmcdn.baidu.com
ia.51.la
js.users.51.la
mei.netlbtu.com
p26.toutiaoimg.com
p3.toutiaoimg.com
p5.toutiaoimg.com
p6.toutiaoimg.com
p9.toutiaoimg.com
push.zhanzhang.baidu.com
www.btbcapitalgroupllc.com
xs.imglolo.xyz
xs.imgpipi.xyz
ia.51.la
103.235.46.191
112.34.113.148
122.10.110.23
122.10.4.142
14.152.86.48
156.234.95.108
156.246.238.163
180.101.212.103
182.118.39.166
211.137.95.103
216.83.56.239
218.12.76.151
2409:8c20:a17:108::f0
2606:4700:10::ac43:191e
2606:4700:3034::ac43:c0fe
2606:4700:3038::6815:ea5d
4.34.42.103
47.110.95.121
47.246.43.228
61.184.225.14
02145dd80a860160fa849cb90e8e7c96524a227fade5d3a80401d7e8631bcbf2
037fadfa69ccdcef8e73d1dc11a53ee9c143cf42a12171bd85546a51568b877b
055ca0e89e99137c70f52f4a882f991292a972e92fbf2ba5d92462cc89f8008f
056b3e1d5061a701e5138cc06d223f410c020dd81ad5d178a707c29ab737972c
0b1592c4f54f440f3c10e02eb96037ae5a2987461f80b217cc963ce209305111
0ccf8dd29c61715a6364ea9ec36d32c295e82ca837488590130c51cee298b7d3
0f64375dee632053f24ea294a5d792ddd9566d1a3086887aa5cb89ef00c1a925
0fef58ca8fb71456a8f1ccf0069548c13576e3815d0eeaf11119f553709aabf5
136d9ecd346dba673743a279a674bdf1bca68d52cba099b47eeaac178d719a2f
14a519d3aa9546d520f2e24227a95fd7097b4b3d6a7b456bb4470846f32f7e19
19a519b9d0d71ce213e2c6fcdc4fcc7a951c33a876aea9b1617fd27b0a89b4f4
1c71d24380d0a49f48ab58507f93b1c0b9cac0235d7f1170368580e8f1951db2
1e1341470551fa219d02df84ca277a28f9fdd5ac50a19a7fa5a56a25a4a7c311
2063e84e19642d186b9322d46c8d86a4557050aabdbba94c574fde7d65ff1125
211bf2d5f6326603f61ee374c9950d30f623d0977aeba8763652367776c0b437
219ca04c2c4216075197593145192ce36933a316cdc66ddec79dd2d1335a4d76
22b1c5aff0a8a0413a4cfd4b88253647d628a41a143a78c3eede56b27c261efc
24e704ad1baa400d9b1d98285bcfd280d4f0617adf67de7e168155107266213a
25cc58a40625a60243345408d5da679a837026db3755a77c64381822c4cce2f3
2ab579e319c9bd48f5bec40a3f17f4e61aa3529b864383747f76ffaeef82acbd
2e477960a5e72f53fc883f851ecf89c844f1ec6cdf4692140cc97012d3223dc7
316c5b1308bc0cc319b29d6395403b20d5e58ebd08f0d36fde81865c06d77001
31bd4e7a719f0265a7489bfa1f036de150fa05db7c9b4d6a6a5b58169f2abe5c
31c44de747843df2f0bf9445445190a6ec717837a8d8b8d6fa2baff23e7f42ad
330c43adfb5013cf4c3aaa76d205c49ab0368f77a4d701b8286531140944b420
33e37c34b13c74f5643fdcbfd36c72a20b21cbe26519a615b526cf1f00b5bbac
36350bb85a1c7f1ed3f5e49c2f5467415cac81930099a6b39585ab7f6a9d2701
3d6d923e3415171f7277fd0ca3a7f671b9e7fcf290b6ca59bb0a3806d3f78cd7
41c1645f9b2fec9dee8cb2fae29cb5e9408f23c9afa0940d2e221dc57efe3a61
47afcdc59638e8a64eff4e8601e252bee1651dcc406d3ddd29d6dee0de401bfa
4af0945bda34a9142310bd00b1ce69674d6732f75a5ec3fc7c6d5cdf391a86fc
4b37c0bf0f875131a7df9cc7382a955ec5e647e5ef128b202caea7f788005e3d
4ba3b1f7f95575c09f9243190d8e6d782d4e269435075d18d5f13e93750ce18d
4ce79f65ae52a71d397e353695253cab20c154ab80cb79f828bd0fa006b3aa4f
53b15722000c8f6496a002692cb99b7bd6d66f49a5c89824c4238934db50e38e
5a90ff3bf6a32e7d9e86f0111c11851a0ece5f89713d45e096a706d330582637
625efaaa7b4d875cf8cf3b555b0646b76e0e0e1ab179e1a60aab5e989e862d76
647003c50427e348bff7e1d228709847a3df3533831804471b0d08d78aecae9c
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6847f07c12d6a153debec01638c6d3007452ba73352f20d19b959ff0a4f155a3
6a80e45b7a2b267bd23c2d372f947eb93176c679a36e6c4072eb2e19df1793a3
73810d7a22f8e4a5a6bd1c762beb4f3bbdbf243258c8c747a02bba7c49eae470
74f95b23298bd39d90602f28ef25610010b7eea1dc1880d4477db89415b00d1b
79aac821b1f5af796748d64c2d61734376d4ae41bb43a0c951c41872095f8bed
7a77708159e24de7053d3dfb658bf8c716e36c70b015428132fe21e6b6c6b2b1
811f6deabb9be47e719d2677427539b9b5eb3bbf6e18528b14781d536138093f
8a70fed1772ebe04aa2baa08566ae87091ac2d61f43c9cbb203eef535ab0452c
8b91ef8beba543454b115ea4a46a1d297bb74144f9aa2abf2e2e6fac21e1d8b8
8e63897e0d38447d330299baf3446102a6f69e1e543401146114400d854050fb
91d0af56b35cfe4e74d284fced77c0f8dced5224b29e20611c1d00a158c72e8b
91dec11b710df85794e8d3ea7bb25abcf11d0b5b5e414e5aa69f73df0d23c9f6
923c834dff077f279fded26a97b1dc179332a9cadba612b102359e0d765565ce
93f593a0cd794e735afc19970031bfcf7d9d3b2839362170d2590ed3e529beae
9465c33dba0c4a8f1f8e2f22db7f1c3060182c41654f96672794a99f89c119e3
958864c416f93861b8500b6dc36a574494a8cf6644d0b63601dfc2762bb7801d
9783a3fbf9d6d3a5fd1c1e369cb72bf0da543606021e751d904c7e46df60a96d
97a7b487a4c39de4e36e26b617c72b32ca18f0154886f7d0e53b030d01333df2
98206fd32ca94363fbedaf0416eb6e4d6b03b182ae763708dfd6756175b6d106
9d8a577e499f7f040e4777de6318f44acab2c63ea9ef5838c0d0b82daea42132
9e075ecd6d4df0e289dda0525e9c1974d2d4534762c819e7bc04e693698e4efe
a3c91b5ed2bdfe21c26d749708e0cc37b5ae7898a4c83f75569fbe0ef17fac69
a8abb48ab9425c3a23787358acd90788a66091d962b4fc5f9776578f603f50fc
a8be1fe1bc8d750fd534173dc8f6a1819417dd78f3dbff13411a34a1bced7122
ad0c17a72d6f307a36e57b91a0538e1d8367a6805f49bedabb26fd5f5974873a
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
adce0881229ec3424a979cbff4316c20f1c49b734cee844d102eb2eee8f916e8
ae0f62590201afe0d30fc3646b5e2a220f7d0dace46b44079a97fdd4e434891b
b1134b5f5dcd821ad06bd302c52d1cb7592d1ae1822476956909790ac6d82062
b27156b5a991afccaafa154a985133a9e3fd2893f30435b969774170b01f39e7
b349c187657aac001daafe636bf8c97f2c81c13f526886cb3fc9bafc0b8cb6df
b65714b34744212952acd94c0643fe14e5d4f2da390a19cac3ac7bd944b9bd4f
b9e513c573f712515a178470ec306859a3b8964f193fa52c84bf4a06d4130039
bb271dcd82acd46f84ae6da36e1d91d0cfa53965e6a0b453f8083a4370ca983b
bb527cec7aa68ab0ddbfc7f17904e229d67aae3749e981e92ffec392562d7461
c675727e11ef027ed49a860230cfc190fc544dfe5113d4c67bb0bc977b92dcbf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1aefacddc6a696855eebc3754f39280b93f27d6fe52ea95102d24938e9c0850
d5d5829f8336c5e24b0f5774ce44b01c6192ecaa79ee9fe9e7b0b78fac471ea2
dad2a28b02b09ee6d09e562604a6d996948cbea12001a463473c274b828f24e8
dad618ef928d0bd57f5baf8f725e0e995987c8d4f50298e50838e4e5ea2cfe4f
daf0178045eb88cfc25591f42eefd265288902ee57518d53e4398744d2b2ae21
db5b221211a87ced643383afeac89d1ef82bedf136c7652ced7d851d8fb2e7ca
dcaee4aba126ff63685fc1fee32d2debb77e7e1f63c1610b378da9656e0e26bd
de927404a5eb2225f3693bb7a66545041938bbf9a72d86ea55c1b7a1201933db
e1487bee98ca245b7648961f0367e4355d2dbc4236996c973449f9f54a27e2bb
e19f30f1f5c24ffc6e2242e21bf68810d7ebe03adf10b9d87f67e3faad863793
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e98f25b5a593bb1eb9a12cfadcd1cf2103c8bb7058ca7de552ca95d9e8516fa1
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f3f7bf3269f97735f15e6ec9e80616320b2c9d02886ce471059c5790520d5497
f7ea5a1ef191c0f662e87fe327cbf8dae1e555768808a94cc194cbf24dba19c1
f8a904aabfbb25ac273c51ec68ff6cd2ba44ba5687e0b9b4572e01f7eabe44be
fe1e6974ed03fe0e814143431c0fb928f07e961915a68ae0e033005581030a53
ffe76172449dada552a926f70e224522fb3a543826d962049f9325f76096020a

www.btbcapitalgroupllc.com Open in urlscan Pro 156.246.238.163 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

81 %HTTPS

20 %IPv6

12 Domains

22 Subdomains

20 IPs

4 Countries

54262 kBTransfer

54817 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.btbcapitalgroupllc.com Open in urlscan Pro
156.246.238.163 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

81 %
HTTPS

20 %
IPv6

12
Domains

22
Subdomains

20
IPs

4
Countries

54262 kB
Transfer

54817 kB
Size

0
Cookies

161 HTTP transactions
3 data transactions