www.fasaweb.com Open in urlscan Pro
156.235.248.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fasaweb.com/
Effective URL:
http://www.fasaweb.com/index.php
Submission: On May 19 via api (May 19th 2022, 8:37:12 am UTC) from IT — Scanned from IT

Summary HTTP 85 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 42 domains to perform 85 HTTP transactions. The main IP is 156.235.248.170, located in Hong Kong and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is www.fasaweb.com.

This is the only time www.fasaweb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	156.235.248.170 156.235.248.170	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
14	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 1	104.37.214.218 104.37.214.218	399195 (PEGTECHIN...) (PEGTECHINC-AP-04)
8	172.247.168.117 172.247.168.117	40065 (CNSERVERS) (CNSERVERS)
1	20.187.119.188 20.187.119.188	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	47.75.19.61 47.75.19.61	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	20.247.108.120 20.247.108.120	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.24.82.169 20.24.82.169	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	207.46.155.160 207.46.155.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	47.75.19.48 47.75.19.48	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 1	107.148.17.189 107.148.17.189	398823 (PEGTECHIN...) (PEGTECHINC-AP-02)
4	2a06:98c1:312... 2a06:98c1:3121::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 6	45.154.215.92 45.154.215.92	201106 (SPARTANHOST) (SPARTANHOST)
2	2606:4700:303... 2606:4700:3034::ac43:9715	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3120::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	104.143.94.110 104.143.94.110	() ()
1	2606:4700:303... 2606:4700:3038::6815:e97c	() ()
2 2	45.154.214.239 45.154.214.239	() ()
2	2606:4700:303... 2606:4700:3038::6815:ebaa	() ()
10	185.10.104.115 185.10.104.115	() ()
1	2408:872b:e02... 2408:872b:e02:101:6c::2	() ()
2	2606:4700::68... 2606:4700::6810:5614	() ()
85	18

4 156.235.248.170 (Hong Kong) 1 redirects

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

fasaweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.fasaweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.37.214.218 (United States) 1 redirects

ASN399195 (PEGTECHINC-AP-04, US)

user-redirect-url.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.247.168.117 (United States)

ASN40065 (CNSERVERS, US)

bdns-01.2ucg3ip5y.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.187.119.188 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

23797671.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.75.19.61 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

u0069.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u0065.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.247.108.120 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

17265111.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.24.82.169 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

19528681.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.46.155.160 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

22195976.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 47.75.19.48 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

mvfge3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
887634.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xvrrd7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.148.17.189 (United States) 1 redirects

ASN398823 (PEGTECHINC-AP-02, US)

kvexx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)

kvhuuu.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kvhsss.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acoossw.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gif.naigou1002.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.154.215.92 (Seattle, United States) 6 redirects

ASN201106 (SPARTANHOST, GB)

kvezz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kveaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kveww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kvecc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::ac43:9715 (United States)

ASN13335 (CLOUDFLARENET, US)

acoossu.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::a (United States)

ASN13335 (CLOUDFLARENET, US)

kvhccc.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.143.94.110 (None, ) 1 redirects

ASN- ()

kveii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:e97c (None, )

ASN- ()

kvhlll.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.154.214.239 (None, ) 2 redirects

ASN- ()

kvemm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:ebaa (None, )

ASN- ()

acoossf.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.10.104.115 (None, )

ASN- ()

pic.rmb.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:872b:e02:101:6c::2 (None, )

ASN- ()

s.pc.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7974	93 KB
10	bdstatic.com pic.rmb.bdstatic.com	10 MB
8	2ucg3ip5y.com bdns-01.2ucg3ip5y.com	71 KB
4	fasaweb.com 1 redirects fasaweb.com www.fasaweb.com	3 KB
2	jsdelivr.net cdn.jsdelivr.net	1 MB
2	acoossf.top acoossf.top	1 MB
2	kvemm.com 2 redirects kvemm.com	264 B
2	kvhccc.top kvhccc.top — Cisco Umbrella Rank: 718412	1 MB
2	kveaa.com 2 redirects kveaa.com — Cisco Umbrella Rank: 278137	263 B
2	acoossu.top acoossu.top — Cisco Umbrella Rank: 570442	1 MB
2	kvezz.com 2 redirects kvezz.com — Cisco Umbrella Rank: 266699	265 B
2	mvfge3.com mvfge3.com
1	naigou1002.top gif.naigou1002.top	129 KB
1	qq.com s.pc.qq.com	100 KB
1	acoossw.top acoossw.top	1 MB
1	kvecc.com 1 redirects kvecc.com	132 B
1	kvhlll.top kvhlll.top	1 MB
1	kveww.com 1 redirects kveww.com	133 B
1	kvhsss.top kvhsss.top	238 KB
1	kveii.com 1 redirects kveii.com	132 B
1	kvhuuu.top kvhuuu.top — Cisco Umbrella Rank: 842011	207 KB
1	kvexx.com 1 redirects kvexx.com — Cisco Umbrella Rank: 486157	133 B
1	xvrrd7.com xvrrd7.com
1	887634.com 887634.com	207 KB
1	22195976.com 22195976.com	175 KB
1	u0065.com u0065.com — Cisco Umbrella Rank: 767819	295 KB
1	19528681.com 19528681.com	66 KB
1	17265111.com 17265111.com — Cisco Umbrella Rank: 957155	93 KB
1	u0069.com u0069.com — Cisco Umbrella Rank: 502270
1	23797671.com 23797671.com	241 KB
1	user-redirect-url.com 1 redirects user-redirect-url.com	124 B
0	trdez9.com Failed trdez9.com Failed
0	apain2.com Failed apain2.com Failed
0	26558665.com Failed 26558665.com Failed
0	n0488.com Failed n0488.com Failed
0	u0053.com Failed u0053.com Failed
0	n0466.com Failed n0466.com Failed
0	u0057.com Failed u0057.com Failed
0	23991511.com Failed 23991511.com Failed
0	k68tkg.com Failed k68tkg.com Failed
0	wdwhyy.com Failed wdwhyy.com Failed
0	toutiaoimg.com Failed p26.toutiaoimg.com Failed
85	42

	Domain	Requested by
14	hm.baidu.com	www.fasaweb.com bdns-01.2ucg3ip5y.com
10	pic.rmb.bdstatic.com	bdns-01.2ucg3ip5y.com
8	bdns-01.2ucg3ip5y.com	www.fasaweb.com bdns-01.2ucg3ip5y.com
3	www.fasaweb.com	www.fasaweb.com
2	cdn.jsdelivr.net	bdns-01.2ucg3ip5y.com
2	acoossf.top	bdns-01.2ucg3ip5y.com
2	kvemm.com	2 redirects bdns-01.2ucg3ip5y.com
2	kvhccc.top	bdns-01.2ucg3ip5y.com
2	kveaa.com	2 redirects bdns-01.2ucg3ip5y.com
2	acoossu.top	bdns-01.2ucg3ip5y.com
2	kvezz.com	2 redirects bdns-01.2ucg3ip5y.com
2	mvfge3.com	bdns-01.2ucg3ip5y.com
1	gif.naigou1002.top	bdns-01.2ucg3ip5y.com
1	s.pc.qq.com	bdns-01.2ucg3ip5y.com
1	acoossw.top	bdns-01.2ucg3ip5y.com
1	kvecc.com	1 redirects
1	kvhlll.top	bdns-01.2ucg3ip5y.com
1	kveww.com	1 redirects bdns-01.2ucg3ip5y.com
1	kvhsss.top	bdns-01.2ucg3ip5y.com
1	kveii.com	1 redirects bdns-01.2ucg3ip5y.com
1	kvhuuu.top	bdns-01.2ucg3ip5y.com
1	kvexx.com	1 redirects
1	xvrrd7.com	bdns-01.2ucg3ip5y.com
1	887634.com	bdns-01.2ucg3ip5y.com
1	22195976.com	bdns-01.2ucg3ip5y.com
1	u0065.com	bdns-01.2ucg3ip5y.com
1	19528681.com	bdns-01.2ucg3ip5y.com
1	17265111.com	bdns-01.2ucg3ip5y.com
1	u0069.com	bdns-01.2ucg3ip5y.com
1	23797671.com	bdns-01.2ucg3ip5y.com
1	user-redirect-url.com	1 redirects
1	fasaweb.com	1 redirects
0	trdez9.com Failed	bdns-01.2ucg3ip5y.com
0	apain2.com Failed	bdns-01.2ucg3ip5y.com
0	26558665.com Failed	bdns-01.2ucg3ip5y.com
0	n0488.com Failed	bdns-01.2ucg3ip5y.com
0	u0053.com Failed	bdns-01.2ucg3ip5y.com
0	n0466.com Failed	bdns-01.2ucg3ip5y.com
0	u0057.com Failed	bdns-01.2ucg3ip5y.com
0	23991511.com Failed	bdns-01.2ucg3ip5y.com
0	k68tkg.com Failed	bdns-01.2ucg3ip5y.com
0	wdwhyy.com Failed	bdns-01.2ucg3ip5y.com
0	p26.toutiaoimg.com Failed	bdns-01.2ucg3ip5y.com
85	43

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-02-21` - `2022-08-02`	5 months	crt.sh
2ucg3ip5y.com ZeroSSL RSA Domain Secure Site CA	`2022-04-01` - `2022-06-30`	3 months	crt.sh
23797671.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
u0069.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-03` - `2023-01-03`	a year	crt.sh
17265111.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
19528681.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
u0065.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-03` - `2023-01-03`	a year	crt.sh
22195976.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
mvfge3.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-30` - `2023-03-30`	a year	crt.sh
887634.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-30` - `2023-03-30`	a year	crt.sh
xvrrd7.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-30` - `2023-03-30`	a year	crt.sh
pic.rmb.bdstatic.com TrustAsia TLS RSA CA	`2022-01-21` - `2023-02-21`	a year	crt.sh
s.pc.qq.com DigiCert Secure Site CN CA G3	`2022-04-29` - `2023-05-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-27` - `2022-12-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.fasaweb.com/index.php
Frame ID: F129084664A40394B06CA6B0889B3FDB
Requests: 15 HTTP requests in this frame

Frame: https://bdns-01.2ucg3ip5y.com:668/
Frame ID: DABCDF2396B4BE411DCBCEF42C8804A5
Requests: 71 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

大兴安岭敝歉影视文化发展有限公司只精品99re66,在线看午夜福利片国产,欧美AV国产AV日本AV,日本成本人AV无码免费大兴安岭敝歉影视文化发展有限公司

Page URL History Show full URLs

http://fasaweb.com/ HTTP 301
http://www.fasaweb.com/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

85
Requests

54 %
HTTPS

32 %
IPv6

42
Domains

43
Subdomains

18
IPs

2
Countries

19319 kB
Transfer

22681 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fasaweb.com/ HTTP 301
http://www.fasaweb.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://user-redirect-url.com:33636/Moon/Visual_color.php HTTP 302
https://bdns-01.2ucg3ip5y.com:668/

Request Chain 26

https://kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif HTTP 301
https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif

Request Chain 27

https://kvezz.com/ff82ede81a5bf7b5ff047745ebd831ad.gif HTTP 301
https://acoossu.top/ff82ede81a5bf7b5ff047745ebd831ad.gif

Request Chain 28

https://kveaa.com/43127f8e1bc605e37441a8ff10543e0c.gif HTTP 301
https://kvhccc.top/43127f8e1bc605e37441a8ff10543e0c.gif

Request Chain 29

https://kvezz.com/4b9cdfaf554ebe52475a05daad91ef3c.gif HTTP 301
https://acoossu.top/4b9cdfaf554ebe52475a05daad91ef3c.gif

Request Chain 30

https://kveii.com/2f63247ac47b1dfb4d31a1a5cede5717.gif HTTP 301
https://kvhsss.top/2f63247ac47b1dfb4d31a1a5cede5717.gif

Request Chain 31

https://kveww.com/52ad51581676b141e04e969f79f7582f.gif HTTP 301
https://kvhlll.top/52ad51581676b141e04e969f79f7582f.gif

Request Chain 32

https://kvemm.com/506ecb037709bdebda4fc3847726ae97.gif HTTP 301
https://acoossf.top/506ecb037709bdebda4fc3847726ae97.gif

Request Chain 33

https://kvecc.com/97ab4072a2d10ceea776577416fae7c3.gif HTTP 301
https://acoossw.top/97ab4072a2d10ceea776577416fae7c3.gif

Request Chain 34

https://kvemm.com/e48970f4052a7ec9d8b871d168e2b2ab.gif HTTP 301
https://acoossf.top/e48970f4052a7ec9d8b871d168e2b2ab.gif

Request Chain 48

https://kveaa.com/c02f3c271713a2d3e35ad3f5a34688ee.gif HTTP 301
https://kvhccc.top/c02f3c271713a2d3e35ad3f5a34688ee.gif

85 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
www.fasaweb.com/
Redirect Chain

http://fasaweb.com/
http://www.fasaweb.com/index.php

3 KB
1 KB

900ms
216ms

Document
text/html

156.235.248.170
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fasaweb.com/index.php
Protocol: HTTP/1.1
Server: 156.235.248.170 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 3d5edb2832f7391587fea304e942a6613faa307462e4ad1e955acd503f3e1478

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 19 May 2022 08:37:01 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Thu, 19 May 2022 08:37:00 GMT
Location: http://www.fasaweb.com/index.php
Server: nginx

GET
H/1.1 200
OK common.js Show response
www.fasaweb.com/ 2 KB
1 KB 216ms
216ms Script
application/x-javascript 156.235.248.170
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fasaweb.com/common.js
Requested by: Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php
Protocol: HTTP/1.1
Server: 156.235.248.170 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 290c2e9b4bb935d34b0c9e8452eed9e538c8ad69b9438b5c6bdbe598c1f38c51

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:01 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.fasaweb.com/ 258 B
414 B 229ms
229ms Script
application/x-javascript 156.235.248.170
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fasaweb.com/tj.js
Requested by: Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php
Protocol: HTTP/1.1
Server: 156.235.248.170 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: nginx /
Resource Hash: 23acd0940f4f634f199f855cb03f272091227f3f869a45978be23cf9137428d7

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:01 GMT
Server: nginx
Connection: keep-alive
Content-Length: 258
Content-Type: application/x-javascript

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1740ms
345ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?8647bd41de5b190423c30fa8ee3779ce

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/common.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9ff719de8538fae6c12237e81ffcae739428920d4e371efb15c8617ef5e67fc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:03 GMT
Content-Encoding: gzip
Server: apache
Etag: 4c571df3dcf4c089d20a9b94793e8e38
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11137

GET
H2

200

/ Show response
bdns-01.2ucg3ip5y.com/ Frame DABC
Redirect Chain

https://user-redirect-url.com:33636/Moon/Visual_color.php
https://bdns-01.2ucg3ip5y.com:668/

78 KB
13 KB

687ms
215ms

Document
text/html

172.247.168.117
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:668/

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.247.168.117 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

d5f17ae5d18f084d6055e4e12f5f56f37259a901eecfe7391a3d8da00b7eb062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.fasaweb.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: max-age=10800
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 19 May 2022 08:37:04 GMT
expires: Thu, 19 May 2022 11:37:04 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding
x-proxy-cache: HIT

Redirect headers

content-type: text/html; charset=UTF-8
date: Thu, 19 May 2022 08:37:03 GMT
location: https://bdns-01.2ucg3ip5y.com:668/
server: nginx
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1762ms
379ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?79161fd1b3e6e759df0c63ca28d579db

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9d211fb273f19f5068f133e6cc35bc433fee41993023f8455dad400863473d29

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:03 GMT
Content-Encoding: gzip
Server: apache
Etag: a1daf633ffb0dbbf71d204a70728fea0
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11138

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1928ms
427ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?d609259d9dd56d81854d5ee9661b69e3

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

ed01e4ef683c92f8d6f7e90bcc53472c81c6fe9d4c87c914a62c6999e3d390a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:03 GMT
Content-Encoding: gzip
Server: apache
Etag: caf52110f3c89540c03f52f0f51b58b2
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11138

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1927ms
413ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?93da226c503dcf272c2529112cb7a112

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

1e92b4606fee73235b0e0709bcca5533e3338c62302a353556eac7caed926c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:03 GMT
Content-Encoding: gzip
Server: apache
Etag: 3144ed65aded96eac5542da09aa95609
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11143

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1944ms
416ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?b87775909ecbc1396394b9e86b6b068f

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

3c687ebab921b3a398588224e8f3db04e04c63eb14c4c05b81946a0c0db8e1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:03 GMT
Content-Encoding: gzip
Server: apache
Etag: c8a3c492e7b109548b1b9c92d7b42294
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11136

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1974ms
436ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?8c44c885fc53286a61656bebc6e35c20

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

99031684ec74d19b3d58dcc126d492cf5ad5b1a3c74cb08c9571686654c3a109

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:03 GMT
Content-Encoding: gzip
Server: apache
Etag: 1f533a512e6e6c5458188f6e95f0047f
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11140

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 366ms
366ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1832760965&si=79161fd1b3e6e759df0c63ca28d579db&v=1.2.93&lv=1&sn=25654&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.fasaweb.com%2Findex.php&tt=%E5%A4%A7%E5%85%B4%E5%AE%89%E5%B2%AD%E6%95%9D%E6%AD%89%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 08:37:04 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 345ms
344ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=167391544&si=93da226c503dcf272c2529112cb7a112&v=1.2.93&lv=1&sn=25654&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.fasaweb.com%2Findex.php&tt=%E5%A4%A7%E5%85%B4%E5%AE%89%E5%B2%AD%E6%95%9D%E6%AD%89%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 08:37:04 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 445ms
445ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1199131305&si=8647bd41de5b190423c30fa8ee3779ce&v=1.2.93&lv=1&sn=25654&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.fasaweb.com%2Findex.php&tt=%E5%A4%A7%E5%85%B4%E5%AE%89%E5%B2%AD%E6%95%9D%E6%AD%89%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 08:37:04 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 407ms
407ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1171211713&si=d609259d9dd56d81854d5ee9661b69e3&v=1.2.93&lv=1&sn=25655&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.fasaweb.com%2Findex.php&tt=%E5%A4%A7%E5%85%B4%E5%AE%89%E5%B2%AD%E6%95%9D%E6%AD%89%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 08:37:04 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 432ms
432ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1825639385&si=b87775909ecbc1396394b9e86b6b068f&v=1.2.93&lv=1&sn=25655&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.fasaweb.com%2Findex.php&tt=%E5%A4%A7%E5%85%B4%E5%AE%89%E5%B2%AD%E6%95%9D%E6%AD%89%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 08:37:04 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 jquery-2.2.4.min.js Show response
bdns-01.2ucg3ip5y.com/template/uuu/js/ Frame DABC 84 KB
29 KB 652ms
652ms Script
application/javascript 172.247.168.117
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:668/template/uuu/js/jquery-2.2.4.min.js

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.247.168.117 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bdns-01.2ucg3ip5y.com:668/
Origin: https://bdns-01.2ucg3ip5y.com:668
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:04 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 20:54:50 GMT
server: nginx
etag: W/"6243721a-14e4a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Thu, 19 May 2022 11:37:04 GMT
cache-control: max-age=10800
strict-transport-security: max-age=31536000
x-proxy-cache: HIT

GET
H2 200 style.css
bdns-01.2ucg3ip5y.com/template/uuu/css/ Frame DABC 34 KB
10 KB 2195ms
2194ms Stylesheet
text/css 172.247.168.117
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:668/template/uuu/css/style.css

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.247.168.117 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

524b95237ff243a0f3e3fc956644c474532d969c9dbded95d311b8222fab732b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:04 GMT
content-encoding: gzip
last-modified: Sat, 09 Apr 2022 09:46:49 GMT
server: nginx
etag: W/"62515609-8720"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
expires: Thu, 19 May 2022 11:37:04 GMT
cache-control: max-age=10800
strict-transport-security: max-age=31536000
x-proxy-cache: HIT

GET
H2 200 home.js Show response
bdns-01.2ucg3ip5y.com/static/js/ Frame DABC 37 KB
9 KB 2207ms
2206ms Script
application/javascript 172.247.168.117
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:668/static/js/home.js

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.247.168.117 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:04 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 06:28:32 GMT
server: nginx
etag: W/"61249190-95a5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Thu, 19 May 2022 11:37:04 GMT
cache-control: max-age=10800
strict-transport-security: max-age=31536000
x-proxy-cache: HIT

GET
H/1.1 200
OK fc5f8f35bf85493ea246e853f22a90ac.gif
23797671.com/ Frame DABC 423 KB
241 KB 1167ms
565ms Image
image/gif 20.187.119.188
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://23797671.com/fc5f8f35bf85493ea246e853f22a90ac.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.187.119.188 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 6f5f34ff6d19a3cbe65f139c78194cbccda07fbb05ac2c3a036e18aed00f4721

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 May 2022 10:02:39 GMT
Server: WAF/2.4-12.1
ETag: W/"627cdb3f-69b6f"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK b2c421156ece440593f727ba76b8b357.gif
u0069.com/ Frame DABC 712 KB
0 1438ms
334ms Image
image/gif 47.75.19.61
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0069.com/b2c421156ece440593f727ba76b8b357.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.61 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Thu, 19 May 2022 08:37:08 GMT
x-oss-request-id: 628601B49DB5783533AFEF51
Last-Modified: Sun, 15 May 2022 15:44:35 GMT
Server: AliyunOSS
Content-MD5: Ai30YsWSJf6yoN2Yzp/XoQ==
ETag: "022DF462C59225FEB2A0DD98CE9FD7A1"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 9124519372634757098
Content-Length: 837142
x-oss-server-time: 1

GET
H/1.1 200
OK c0049f41fc404819bcd918f80d4c9761.gif
17265111.com/ Frame DABC 292 KB
93 KB 1110ms
520ms Image
image/gif 20.247.108.120
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17265111.com/c0049f41fc404819bcd918f80d4c9761.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.247.108.120 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: e95a0b1c3ca9617a58f0960113ef5003cfed0e5ed27b5552ea279700b21b5595

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Apr 2022 07:04:21 GMT
Server: WAF/2.4-12.1
ETag: W/"624be9f5-49195"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 4330001170814199849e05ede0591479.gif
19528681.com/ Frame DABC 363 KB
66 KB 1104ms
534ms Image
image/gif 20.24.82.169
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://19528681.com/4330001170814199849e05ede0591479.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.24.82.169 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: c55c53826cd97374c03743b9cbf0f58d74d979b9b8937cc1184de41e6e4c8634

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Apr 2022 07:04:45 GMT
Server: WAF/2.4-12.1
ETag: W/"624bea0d-5adc2"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 4429872489554f928ed00f753a2e861f.gif
u0065.com/ Frame DABC 294 KB
295 KB 1234ms
271ms Image
image/gif 47.75.19.61
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0065.com/4429872489554f928ed00f753a2e861f.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.61 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 2831683ce0da4d0ad746e3bda04a793359efa0974f4f3b3cbd96e4f03b5658b9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Thu, 19 May 2022 08:37:07 GMT
x-oss-request-id: 628601B3F27FBE36332F62EB
Last-Modified: Thu, 12 May 2022 10:02:07 GMT
Server: AliyunOSS
Content-MD5: LTTGBugKUKOqnWKwNPaKww==
ETag: "2D34C606E80A50A3AA9D62B034F68AC3"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8658416386803430996
Content-Length: 301526
x-oss-server-time: 1

GET
H2 200 783604ed441441b0858c7bc152ea65be.gif
22195976.com/ Frame DABC 413 KB
175 KB 829ms
265ms Image
image/gif 207.46.155.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://22195976.com/783604ed441441b0858c7bc152ea65be.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.46.155.160 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: e629e56d036cf130188ca4ed5b3ab79518a96fe7865624d0909ad9cb5f189d83

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:07 GMT
content-encoding: gzip
last-modified: Thu, 12 May 2022 10:00:48 GMT
server: WAF/2.4-12.1
etag: W/"627cdad0-673fa"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/gif

GET
H/1.1 200
OK 6be38f3c13a24b99a71a5fbd75f597dd.gif
mvfge3.com/ Frame DABC 566 KB
0 1843ms
336ms Image
image/gif 47.75.19.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mvfge3.com/6be38f3c13a24b99a71a5fbd75f597dd.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.48 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Thu, 19 May 2022 08:37:08 GMT
x-oss-request-id: 628601B49DB5783337D8F151
Last-Modified: Fri, 13 May 2022 09:07:57 GMT
Server: AliyunOSS
Content-MD5: MaLIswTGC6AUkSG6JHOJRA==
ETag: "31A2C8B304C60BA0149121BA24738944"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 16488962262824940500
Content-Length: 679154
x-oss-server-time: 2

GET
H/1.1 200
OK 2c1d35393d99418982582a216f828e94.gif
887634.com/ Frame DABC 207 KB
207 KB 1626ms
298ms Image
image/gif 47.75.19.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://887634.com/2c1d35393d99418982582a216f828e94.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.48 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 851942c977429b4502f25a3787848be30dc5e31e484fa4d08fe4b428810b6aa7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Thu, 19 May 2022 08:37:08 GMT
x-oss-request-id: 628601B4F27FBE30302D64EB
Last-Modified: Mon, 02 May 2022 13:30:34 GMT
Server: AliyunOSS
Content-MD5: +3bc5rUMzCNR9eVHrQswYA==
ETag: "FB76DCE6B50CCC2351F5E547AD0B3060"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 5383602285382841369
Content-Length: 211681
x-oss-server-time: 1

GET
H/1.1 200
OK 60c5adf73e9f4f5ead733b6fbd553ad3.gif
xvrrd7.com/ Frame DABC 687 KB
0 1750ms
345ms Image
image/gif 47.75.19.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xvrrd7.com/60c5adf73e9f4f5ead733b6fbd553ad3.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.48 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Thu, 19 May 2022 08:37:08 GMT
x-oss-request-id: 628601B423C054313744E4CE
Last-Modified: Tue, 26 Apr 2022 08:47:59 GMT
Server: AliyunOSS
Content-MD5: F9cna+xR3mEjhUiS9dHU7A==
ETag: "17D7276BEC51DE6123854892F5D1D4EC"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 808789839217959962
Content-Length: 724869
x-oss-server-time: 1

GET
H2

200

0385a02384cf8bb1f4b429d18548cbd7.gif
kvhuuu.top/ Frame DABC
Redirect Chain

https://kvexx.com/0385a02384cf8bb1f4b429d18548cbd7.gif
https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif

206 KB
207 KB

129ms
47ms

Image
image/gif

2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2458050
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 211127
last-modified: Wed, 20 Apr 2022 12:41:47 GMT
server: cloudflare
etag: "625fff8b-338b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmQ0lQnSjacEKdOrJ%2BHXxzHF%2BIM2Tl4ETgPxj9OISGhGnrW1uXWpsB7GkU9WrYFcqgkwCc7d0lBbGGf7bL%2FsGqfjJRy%2Bu4UNVIEviz5HZ8z9mes%2B0Jbl4pnzu3opMP2p1wA2qBXDDsCZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 70db8246e8c65a37-MXP
expires: Fri, 20 May 2022 21:49:38 GMT

Redirect headers

location: https://kvhuuu.top/0385a02384cf8bb1f4b429d18548cbd7.gif
date: Thu, 19 May 2022 08:37:08 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

ff82ede81a5bf7b5ff047745ebd831ad.gif
acoossu.top/ Frame DABC
Redirect Chain

https://kvezz.com/ff82ede81a5bf7b5ff047745ebd831ad.gif
https://acoossu.top/ff82ede81a5bf7b5ff047745ebd831ad.gif

502 KB
503 KB

118ms
46ms

Image
image/gif

2606:4700:3034::ac43:9715
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoossu.top/ff82ede81a5bf7b5ff047745ebd831ad.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Server: 2606:4700:3034::ac43:9715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754e73a6a2a86f8533f15bf92061610fa505787bce36a52c9e1944b44ae15364

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 35484
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 513789
last-modified: Mon, 02 May 2022 19:22:05 GMT
server: cloudflare
etag: "62702f5d-7d6fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTliQoMfTlnrbEQ2nDCz7DX%2BeM%2BZ66tcPiB15R2K40vF1WB6GI30YV7GiztdTYKeoJXv9uLc7lNPvH3O5LGtM%2BoPvHB3KBOP%2FHuOudHd1z7nbXsdnxBCL1h4nJk1tPgjAF36yOaEEdE2mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70db82474a7d3762-MXP
expires: Fri, 17 Jun 2022 22:45:44 GMT

Redirect headers

location: https://acoossu.top/ff82ede81a5bf7b5ff047745ebd831ad.gif
date: Thu, 19 May 2022 08:37:08 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

43127f8e1bc605e37441a8ff10543e0c.gif
kvhccc.top/ Frame DABC
Redirect Chain

https://kveaa.com/43127f8e1bc605e37441a8ff10543e0c.gif
https://kvhccc.top/43127f8e1bc605e37441a8ff10543e0c.gif

1 MB
1 MB

189ms
44ms

Image
image/gif

2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhccc.top/43127f8e1bc605e37441a8ff10543e0c.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfafe3e166fb868cb0355b2e3d36bf3dc8de3f988ee8c39d7e718dbdac8ce4a0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 101608
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1243179
last-modified: Fri, 21 Jan 2022 10:03:53 GMT
server: cloudflare
etag: "61ea8509-12f82b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dd0J12xb2eTqhVxmwPl2VYxMNtNxZQlQEtDgY3FqAx%2FXu%2FXuPUGf6CX0lUjqgcgooYwlQCAMsiVC5RRQ9SXd5wYhfnZ6RnORS1HJisT5EZPlcbsX36nie3%2BNrP7NvRLj3vOGpvQmv963"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70db8247bd3b59dd-MXP
expires: Fri, 17 Jun 2022 04:23:40 GMT

Redirect headers

location: https://kvhccc.top/43127f8e1bc605e37441a8ff10543e0c.gif
date: Thu, 19 May 2022 08:37:08 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

4b9cdfaf554ebe52475a05daad91ef3c.gif
acoossu.top/ Frame DABC
Redirect Chain

https://kvezz.com/4b9cdfaf554ebe52475a05daad91ef3c.gif
https://acoossu.top/4b9cdfaf554ebe52475a05daad91ef3c.gif

582 KB
583 KB

148ms
76ms

Image
image/gif

2606:4700:3034::ac43:9715
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoossu.top/4b9cdfaf554ebe52475a05daad91ef3c.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Server: 2606:4700:3034::ac43:9715 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e63897e0d38447d330299baf3446102a6f69e1e543401146114400d854050fb

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172775
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 595964
last-modified: Tue, 26 Oct 2021 18:02:46 GMT
server: cloudflare
etag: "617842c6-917fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KmW36WrTxA6uOQ7Eb4LVknqu%2BHE9SQ2FIVWAQGUAW73KSc%2FVq3NFpbw9vfrGdjNQ5cdoBlZ2HbMi5mxUYUonsFo8p0zNGv9Q1tyqoUcpM1WspL7pfln%2B0YsGtu326BeU9SMbaezt9R5L0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70db82474a813762-MXP
expires: Thu, 16 Jun 2022 08:37:33 GMT

Redirect headers

location: https://acoossu.top/4b9cdfaf554ebe52475a05daad91ef3c.gif
date: Thu, 19 May 2022 08:37:08 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

2f63247ac47b1dfb4d31a1a5cede5717.gif
kvhsss.top/ Frame DABC
Redirect Chain

https://kveii.com/2f63247ac47b1dfb4d31a1a5cede5717.gif
https://kvhsss.top/2f63247ac47b1dfb4d31a1a5cede5717.gif

237 KB
238 KB

262ms
64ms

Image
image/gif

2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhsss.top/2f63247ac47b1dfb4d31a1a5cede5717.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 406b2f32818b522b4e5c2f7f5de504b89ca9a4e8b3cdfe823f2c16cd6542c807

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1800279
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 242675
last-modified: Wed, 23 Mar 2022 06:37:17 GMT
server: cloudflare
etag: "623ac01d-3b3f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynA0c59SkBl7wZazvq66JihzV8HhLkvJvXNSlRhNIceh2z2%2F8PvkcBGMD1np4OljREK7Y%2B4JluJcLnpSdDeT9k8OlcJwFjk2WyMlvJpbXn6wUJ1BpRWDTS2eoy9OPEQPs%2FJJM2eB1AWz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 70db824b8d06d795-MRS
expires: Sat, 28 May 2022 12:32:30 GMT

Redirect headers

location: https://kvhsss.top/2f63247ac47b1dfb4d31a1a5cede5717.gif
date: Thu, 19 May 2022 08:37:08 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

52ad51581676b141e04e969f79f7582f.gif
kvhlll.top/ Frame DABC
Redirect Chain

https://kveww.com/52ad51581676b141e04e969f79f7582f.gif
https://kvhlll.top/52ad51581676b141e04e969f79f7582f.gif

1 MB
1 MB

169ms
46ms

Image
image/gif

2606:4700:3038::6815:e97c

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhlll.top/52ad51581676b141e04e969f79f7582f.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Server: 2606:4700:3038::6815:e97c -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a4f131884413555900ad6642a89688deae3b91e879733a6ede890608ba6b02

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60558
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1196314
last-modified: Mon, 02 May 2022 18:18:53 GMT
server: cloudflare
etag: "6270208d-12411a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnjptWiJT7gCpKoaEyg57JCAFOUHqfyPO39fEGmO5%2FfymSnJxnde2ba%2B9l%2FV1m4JKiFdPI5fVKojAgAqFzvcILyT6PUzMsH11bUHLLqQAUYBwP3ZFsdG03o7oAvsNZOrEiZVDt4bZi7b"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70db824e9c60733c-MRS
expires: Fri, 17 Jun 2022 15:47:51 GMT

Redirect headers

location: https://kvhlll.top/52ad51581676b141e04e969f79f7582f.gif
date: Thu, 19 May 2022 08:37:09 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

506ecb037709bdebda4fc3847726ae97.gif
acoossf.top/ Frame DABC
Redirect Chain

https://kvemm.com/506ecb037709bdebda4fc3847726ae97.gif
https://acoossf.top/506ecb037709bdebda4fc3847726ae97.gif

470 KB
471 KB

208ms
41ms

Image
image/gif

2606:4700:3038::6815:ebaa

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoossf.top/506ecb037709bdebda4fc3847726ae97.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Server: 2606:4700:3038::6815:ebaa -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ba244d8035d4e99190c03c9f8f01b27f3ddafbddddba1a69bb99a09266b5eedc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 480777
last-modified: Thu, 17 Mar 2022 15:46:34 GMT
server: cloudflare
etag: "623357da-75609"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YG8YAI%2F4mghbsIC76cXLvlfbNqS1RxsACalc%2BuwKjM3%2FE5ldisTU0HxTyo9PfFrQ8atZcXnHI9U4DMHnQBE3nhypL5FL9cz%2B3Trid9v9WuULZps7SH01BF15MzunDnoGLihetpH1utxgLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70db82529988739b-MRS
expires: Sat, 18 Jun 2022 02:51:15 GMT

Redirect headers

location: https://acoossf.top/506ecb037709bdebda4fc3847726ae97.gif
date: Thu, 19 May 2022 08:37:09 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

97ab4072a2d10ceea776577416fae7c3.gif
acoossw.top/ Frame DABC
Redirect Chain

https://kvecc.com/97ab4072a2d10ceea776577416fae7c3.gif
https://acoossw.top/97ab4072a2d10ceea776577416fae7c3.gif

1 MB
1 MB

194ms
44ms

Image
image/gif

2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoossw.top/97ab4072a2d10ceea776577416fae7c3.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4b0af5ea20219fe6a01ce9d0af29c168566849ccc647a35a924b1e37968e61

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31042
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1049600
last-modified: Thu, 06 Jan 2022 10:01:39 GMT
server: cloudflare
etag: "61d6be03-100400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNF7s%2FWf8MdY6w9in9AOwRd%2FgAX4Oybt%2BQbn5gOzoSRXaBKK82gnBP5kZMP%2F6cZpHYrVQb65VhNCk7pNZDpWcqMw1ZP%2BNzQV2BA4iETmRO%2BpQVSDRCrSGZm6%2FVSqL0H6WS4qV5XJ92Eyvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70db82505984e907-MXP
expires: Fri, 17 Jun 2022 23:59:47 GMT

Redirect headers

location: https://acoossw.top/97ab4072a2d10ceea776577416fae7c3.gif
date: Thu, 19 May 2022 08:37:09 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

e48970f4052a7ec9d8b871d168e2b2ab.gif
acoossf.top/ Frame DABC
Redirect Chain

https://kvemm.com/e48970f4052a7ec9d8b871d168e2b2ab.gif
https://acoossf.top/e48970f4052a7ec9d8b871d168e2b2ab.gif

944 KB
945 KB

245ms
79ms

Image
image/gif

2606:4700:3038::6815:ebaa

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoossf.top/e48970f4052a7ec9d8b871d168e2b2ab.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Server: 2606:4700:3038::6815:ebaa -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: a37eaf9f04a634f3e85dcd7353eb1fa224ddefa8d1e04b65a946b3cebf97ea75

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 128622
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 966741
last-modified: Sat, 12 Mar 2022 15:18:45 GMT
server: cloudflare
etag: "622cb9d5-ec055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3RXujd%2Ffann78pmX9302K%2B%2F2G79Dzb4K%2FlygUjAhl%2FBhiMCLUPD0iF%2Fv4RYG49Y2teAXi%2B1Cx21ARqu%2BTXCXqF0RBjhZ0C%2BUnLIWzocSeb3UjvMq%2FwSU6OhPVtVwSJ7bmllo3Itxhykxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70db8252998a739b-MRS
expires: Thu, 16 Jun 2022 20:53:28 GMT

Redirect headers

location: https://acoossf.top/e48970f4052a7ec9d8b871d168e2b2ab.gif
date: Thu, 19 May 2022 08:37:09 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 af737e86fc083a958d9f25203333f0be.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 1 MB
1 MB 1931ms
44ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/af737e86fc083a958d9f25203333f0be.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ohc-file-size: 1495356
date: Thu, 19 May 2022 08:37:10 GMT
content-md5: r3N+hvwIOpWNnyUgMzPwvg==
age: 1110919
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1495356
ohc-cache-hit: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache98 [3], qdix186 [3]
last-modified: Fri, 06 May 2022 10:47:15 GMT
server: JSP3/2.0.14
etag: "af737e86fc083a958d9f25203333f0be"
x-bce-request-id: d14e2ad0-00b0-4c97-9534-aa37a0c0a353
content-type: image/gif
x-bce-debug-id: VyfsrtB6pKklruJoY5XqVkNzOSLZEOV8kX4u9xPUC5mVHgj1VZoEIpLew4sCXQMKRw7pmf/oPHOITfztiUVRLg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 93757181
expires: Mon, 09 May 2022 10:49:35 GMT

GET
H2 200 c345c325b2dd601744e2fdf749337f8e.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 2 MB
2 MB 1629ms
289ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/c345c325b2dd601744e2fdf749337f8e.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 01e6d867c83b80e6e0dcacb7c4d09ea7118bb3cce0e8bf20457a54f3e172777e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ohc-file-size: 1794526
date: Thu, 19 May 2022 08:37:10 GMT
content-md5: w0XDJbLdYBdE4v33STN/jg==
age: 1568700
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1794526
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache95 [1], bdix60 [2]
last-modified: Sun, 01 May 2022 03:30:05 GMT
server: JSP3/2.0.14
etag: "c345c325b2dd601744e2fdf749337f8e"
x-bce-request-id: adaa1f50-8d3c-4ac7-b915-9466b76a575c
content-type: image/gif
x-bce-debug-id: WHetv8N6VAcklqxAqe0sA9PEsMBXirt/tJJfLgNaT3Qnmw8KZpo5/7mctf3iawBHlpDatImjAMNLV9M0ZSJBog==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1886000088
expires: Wed, 04 May 2022 03:31:20 GMT

GET
H2 200 1646786_1645724589.jpg
s.pc.qq.com/tousu/img/20220225/ Frame DABC 100 KB
100 KB 2802ms
247ms Image
image/jpeg 2408:872b:e02:101:6c::2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pc.qq.com/tousu/img/20220225/1646786_1645724589.jpg
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2408:872b:e02:101:6c::2 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: 02f64eb8a8e43e033ed45d337711379d1a836188728b7911a8b281d421a6d991

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sat, 07 May 2022 11:53:22 GMT
x-cos-hash-crc64ecma: 9779877219317636932
last-modified: Thu, 24 Feb 2022 17:43:12 GMT
server: tencent-cos
etag: "548c90aeca6eb15b303826032afdbd30"
content-type: image/jpeg
x-cos-request-id: NjI3NjVkYjJfNjczNTJjMGJfMjU2MjlfMWVkN2I2OQ==
x-cache-lookup: Cache Hit
x-nws-log-uuid: 15851603065655882957
accept-ranges: bytes
content-length: 102186

GET
H2 200 3e2a08c45f216f23995e08dc45ed0e86.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 1 MB
1 MB 1314ms
465ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/3e2a08c45f216f23995e08dc45ed0e86.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: ffdceb96ee4670386b85d0e2389496569d7e5e9f16844c2f26e9656482a8f12f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ohc-file-size: 1411145
date: Thu, 19 May 2022 08:37:10 GMT
content-md5: PioIxF8hbyOZXgjcRe0Ohg==
age: 1569295
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1411145
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache81 [3], suzix81 [3]
last-modified: Sun, 01 May 2022 03:41:04 GMT
server: JSP3/2.0.14
etag: "3e2a08c45f216f23995e08dc45ed0e86"
x-bce-request-id: 02123f8f-4130-46fa-a825-541eba966c7c
content-type: image/gif
x-bce-debug-id: OKFcA/RKPIsudFaT7NV5aYBX30R1159L1yEeMa3qR/fSYOggbGE68e0hm8mOKs/iBjveOcPvAW9/s51HmcGsPA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 2708999633
expires: Wed, 04 May 2022 03:44:56 GMT

GET
H2 200 357e6e06560206a5ecf7fce325137c74.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 2 MB
2 MB 1265ms
466ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/357e6e06560206a5ecf7fce325137c74.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: ca2a8b8169cef019be237b08e6e3e075934d76d733aa9937a0cfaca96c5dda23

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ohc-file-size: 2283193
date: Thu, 19 May 2022 08:37:10 GMT
content-md5: NX5uBlYCBqXs9/zjJRN8dA==
age: 194884
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 2283193
ohc-cache-hit: fra01-sys-jomo6.fra01.baidu.com [2], zhuzuncache80 [2], suzix80 [1]
last-modified: Wed, 30 Mar 2022 10:51:24 GMT
server: JSP3/2.0.14
etag: "357e6e06560206a5ecf7fce325137c74"
x-bce-request-id: e4148958-ca00-4947-bd45-ee2147bad017
content-type: image/gif
x-bce-debug-id: cTBuekd7WVm1UOkt9+LgSxkVFun7QneZpzwqRmyRqeZcXqn94bEI6HFx9hwUawTJ1WGajQdt0c4wi19kByAF8g==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3864824590
expires: Mon, 02 May 2022 10:51:27 GMT

GET
H2 200 6217e697e5bcdcf05bce5b844cda6ddc.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 1007 KB
1009 KB 1023ms
466ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/6217e697e5bcdcf05bce5b844cda6ddc.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: d0f2fe7b11ea4b5daae1619e4c8307b7df14866c79f6ded60ba0401bf8350d46

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ohc-file-size: 1031440
date: Thu, 19 May 2022 08:37:10 GMT
content-md5: Yhfml+W83PBbzluETNpt3A==
age: 197804
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1031440
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache142 [1], czix190 [1]
last-modified: Mon, 21 Feb 2022 15:50:19 GMT
server: JSP3/2.0.14
etag: "6217e697e5bcdcf05bce5b844cda6ddc"
x-bce-request-id: ac8a8cb4-467e-4c11-a210-5fbc303f905e
content-type: image/gif
x-bce-debug-id: XC5yZChdhhchAbUAj5hgejRi/IlMbYjjPS90JFdWyWF57r3NzeDJxytNT5BKHDjg0xztQPDLfzhRrA19mT5cTw==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3262800787
expires: Mon, 25 Apr 2022 15:50:36 GMT

GET
H2 200 8ad03d2715b2723dcf6bbc454634a53d.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 233 KB
234 KB 665ms
466ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/8ad03d2715b2723dcf6bbc454634a53d.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: aee23690176001a85989514d82f7a668f5a6ff0c3161ab49fba0bdc76cf9b773

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ohc-file-size: 238977
date: Thu, 19 May 2022 08:37:10 GMT
content-md5: itA9JxWycj3Pa7xFRjSlPQ==
age: 267952
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 238977
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache149 [3], xaix221 [1]
last-modified: Wed, 30 Mar 2022 10:33:32 GMT
server: JSP3/2.0.14
etag: "8ad03d2715b2723dcf6bbc454634a53d"
x-bce-request-id: 1113340f-39e6-454b-b535-ef8ca2b94d16
content-type: image/gif
x-bce-debug-id: qlC8o+vP6/XnPiQSEqEy8VuQWIrdWj26kPjdII8qDNJ5+M1CQTfRK2FkWDclgmpGaUfaWrHH8cZZpxUWbzLHEg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3883531014
expires: Mon, 02 May 2022 10:50:14 GMT

GET
H2 200 loading.svg
bdns-01.2ucg3ip5y.com/template/@mitaoxz_4hu//images/ Frame DABC 506 B
739 B 1286ms
1283ms Image
image/svg+xml 172.247.168.117
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdns-01.2ucg3ip5y.com:668/template/@mitaoxz_4hu//images/loading.svg

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.247.168.117 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:07 GMT
last-modified: Tue, 29 Mar 2022 21:16:10 GMT
server: nginx
etag: "6243771a-1fa"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
expires: Thu, 19 May 2022 11:37:07 GMT
cache-control: max-age=10800
accept-ranges: bytes
content-length: 506
x-proxy-cache: HIT

GET
H2 200 0d38476bae9ce2a19e7baf47c0305e96.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 208 KB
209 KB 422ms
421ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/0d38476bae9ce2a19e7baf47c0305e96.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 1f79e978236e81f405e186385cb24d1e71352a7f1c7ad15fa59d4d7cd14a67ec

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ohc-file-size: 212947
date: Thu, 19 May 2022 08:37:10 GMT
content-md5: DThHa66c4qGee69HwDBelg==
age: 203307
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 212947
ohc-cache-hit: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache75 [1], czix163 [1]
last-modified: Mon, 21 Feb 2022 15:38:31 GMT
server: JSP3/2.0.14
etag: "0d38476bae9ce2a19e7baf47c0305e96"
x-bce-request-id: bba1a649-2288-4c6b-8563-1009945e1c73
content-type: image/gif
x-bce-debug-id: zpPJDTwuSpkn3q9JwCADRRFd0Q97ggfDuz/NRzrste6kO3JCa5cjHMQMBFWK1eMCMP8yV1OeKTQj9ohF37XH6w==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 2313097327
expires: Mon, 25 Apr 2022 15:38:38 GMT

GET 8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/ Frame DABC 0
0

GET 46d70b0eb9f54d0795230bd70b3799ab.gif
wdwhyy.com/ Frame DABC 0
0

GET
H/1.1 200
OK fa118fbc3ed54401b2c143027e76c8fd.gif
mvfge3.com/ Frame DABC 187 KB
0 381ms
380ms Image
image/gif 47.75.19.48
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mvfge3.com/fa118fbc3ed54401b2c143027e76c8fd.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.48 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Thu, 19 May 2022 08:37:11 GMT
x-oss-request-id: 628601B7D14BBC3231D1F800
Last-Modified: Fri, 13 May 2022 09:07:17 GMT
Server: AliyunOSS
Content-MD5: BTYbL7YO2dJkx7O9MjB71g==
ETag: "05361B2FB60ED9D264C7B3BD32307BD6"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 12678337091472265782
Content-Length: 229133
x-oss-server-time: 2

GET 72c3494fb7ac48f79d0f838453c5580b.gif
k68tkg.com/ Frame DABC 0
0

GET
H2

200

c02f3c271713a2d3e35ad3f5a34688ee.gif
kvhccc.top/ Frame DABC
Redirect Chain

https://kveaa.com/c02f3c271713a2d3e35ad3f5a34688ee.gif
https://kvhccc.top/c02f3c271713a2d3e35ad3f5a34688ee.gif

58 KB
58 KB

80ms
79ms

Image
image/gif

2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhccc.top/c02f3c271713a2d3e35ad3f5a34688ee.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f6614b5b9b3359f7dd8e245144279188b9bfceccfa327d6cff2e54d8730c7a8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44502
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59323
last-modified: Tue, 01 Mar 2022 12:52:18 GMT
server: cloudflare
etag: "621e1702-e7bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7%2FUEkr9GMFj4M7ekqUjZHPr4GQiYhVOcDYyCV0UFLDVImXfMRqepb7VHP7tvXq9VyBCsGDAo%2BLVOATUAtH8%2B9J7jYxTq5fsDBWR4Bn46I1duDWX%2FUxLAE8JcsZolwzGHGuSbF71OlJG"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 70db825a0fc859dd-MXP
expires: Fri, 17 Jun 2022 20:15:29 GMT

Redirect headers

location: https://kvhccc.top/c02f3c271713a2d3e35ad3f5a34688ee.gif
date: Thu, 19 May 2022 08:37:11 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 loading.svg
bdns-01.2ucg3ip5y.com/template/@mitaoxz_4hu/images/ Frame DABC 506 B
739 B 1286ms
1284ms Image
image/svg+xml 172.247.168.117
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdns-01.2ucg3ip5y.com:668/template/@mitaoxz_4hu/images/loading.svg

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.247.168.117 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:07 GMT
last-modified: Tue, 29 Mar 2022 21:16:10 GMT
server: nginx
etag: "6243771a-1fa"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
expires: Thu, 19 May 2022 11:37:07 GMT
cache-control: max-age=10800
accept-ranges: bytes
content-length: 506
x-proxy-cache: HIT

GET
H2 200 c4aec2fc715ed9100d40a15aa4b82c28.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 182 KB
183 KB 513ms
512ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/c4aec2fc715ed9100d40a15aa4b82c28.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: b349c187657aac001daafe636bf8c97f2c81c13f526886cb3fc9bafc0b8cb6df

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ohc-file-size: 186342
date: Thu, 19 May 2022 08:37:11 GMT
content-md5: xK7C/HFe2RANQKFapLgsKA==
age: 203302
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 186342
ohc-cache-hit: fra01-sys-jomo2.fra01.baidu.com [2], zhuzuncache97 [1], xaix97 [1]
last-modified: Thu, 17 Mar 2022 10:05:44 GMT
server: JSP3/2.0.14
etag: "c4aec2fc715ed9100d40a15aa4b82c28"
x-bce-request-id: 9d74c0e7-4b6e-4341-9536-cb5fd9e03d5d
content-type: image/gif
x-bce-debug-id: 34vEsqaBKhGzVMC3Wqw7Vi1BTbyMfdb/MpuH65T0SNraZFIe4vc6gedQZF7rCbTKqnkdMb8D76wcLjJ4wime3w==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1158258736
expires: Thu, 19 May 2022 10:05:47 GMT

GET
H2 200 1da62db7a3fca4f1b284612aabb89564.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 608 KB
609 KB 513ms
512ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/1da62db7a3fca4f1b284612aabb89564.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 122f22f589e3fd270116b7be282835a61cee9ef5cd6eda75866bc9018271b9e5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ohc-file-size: 622451
date: Thu, 19 May 2022 08:37:11 GMT
content-md5: HaYtt6P8pPGyhGEqq7iVZA==
age: 195697
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 622451
ohc-cache-hit: fra01-sys-jomo4.fra01.baidu.com [2], zhuzuncache124 [1], bdix200 [1]
last-modified: Thu, 17 Mar 2022 10:05:22 GMT
server: JSP3/2.0.14
etag: "1da62db7a3fca4f1b284612aabb89564"
x-bce-request-id: 258b9cc1-b077-4b9e-ad56-b56c45649b0f
content-type: image/gif
x-bce-debug-id: +FYid3x/AZWHbRxto8TpfxBI09VYIgvNEKV9TDTi1XD/RiG2XelAzxtGdyZqZa10Hmd8Wxo0rPaIXDVlt59vWw==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1078488734
expires: Thu, 19 May 2022 10:05:25 GMT

GET
H2 200 1241242.gif
gif.naigou1002.top/GIF/ Frame DABC 128 KB
129 KB 531ms
42ms Image
image/gif 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.naigou1002.top/GIF/1241242.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcae9a5a0fca0a4535db37603f61e3f28ae856e73ce894c5da9570460e70d5c5

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:11 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2373542
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 131573
last-modified: Fri, 09 Jul 2021 04:50:33 GMT
server: cloudflare
etag: "60e7d599-201f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zg2kRB%2F7mybNYhaQLI0Mq0L4vXyLX0w%2FUvp5t6je%2FJecFaOAmKoaHUPbv2ES5zaE%2BI6z2lremWCA%2FxUlmlwLc6QnWeJHAWYE5%2F1WqeJfBRdONmKXa9ByluJNDtQu07WfTSlo69e5N6dR6ubJHR7LUeI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 70db825c8d543750-MXP
expires: Sat, 21 May 2022 21:18:08 GMT

GET
H2 200 112.ww
cdn.jsdelivr.net/gh/re341/ipad@main/ Frame DABC 1 MB
1 MB 387ms
89ms Image
application/octet-stream 2606:4700::6810:5614

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/re341/ipad@main/112.ww

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a1dae3e6252e4cc2d7d8ef59a9b8b7484fd5e4a10f7276e975c3654f6c9391c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4467
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1127941
x-served-by: cache-fra19149-FRA, cache-iad-kiad7000061-IAD
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"113605-HX8syPKxflKeUtK/RZS+Khk07yU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3tYXizoNV%2FnBN22RdAGOVLiKRah%2FEDNsVXVf%2FGML9K%2B%2BdlhhDU%2F7e%2BFzEsMOogb%2FWGxuo2Q4EHqHCTd657hV0C%2BLukrdkY4rmpcVnvEryK0K1trzKvl1HQvTFfBa7BVIDCjile9J8Croq446rEQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 70db825cab763763-MXP

GET
H2 200 b25a0b228054ad47210d907bb49882cb.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 995 KB
996 KB 185ms
184ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/b25a0b228054ad47210d907bb49882cb.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 04247a05b62423345c279293b64a09af8b9e90dce2b80c478b09d0ab4a0f126b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

ohc-file-size: 1018535
date: Thu, 19 May 2022 08:37:11 GMT
content-md5: sloLIoBUrUchDZB7tJiCyw==
age: 267987
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1018535
ohc-cache-hit: fra01-sys-jomo5.fra01.baidu.com [2], zhuzuncache80 [1], bdix80 [2]
last-modified: Mon, 11 Apr 2022 07:42:26 GMT
server: JSP3/2.0.14
etag: "b25a0b228054ad47210d907bb49882cb"
x-bce-request-id: d497ef04-db6d-4855-b729-f85e902eabe9
content-type: image/gif
x-bce-debug-id: jscYFQRDFlVs8Ovlm68ob44cJUHWYDIJhRHJpEkYMS06UGr1FR2D/s7AMpl4In2ctL25m5ikEl5unSVyPgL/uQ==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1348030184
expires: Sat, 14 May 2022 07:42:39 GMT

GET
H2 200 7.ww
cdn.jsdelivr.net/gh/re341/ipad@main/ Frame DABC 252 KB
253 KB 179ms
56ms Image
application/octet-stream 2606:4700::6810:5614

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/re341/ipad@main/7.ww

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c808633ff4d4c025ae4151460a6ab81b58837bc03584b7037b4ef2034cc8676c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:11 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 39521
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 257689
x-served-by: cache-fra19150-FRA, cache-itm18828-ITM
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"3ee99-CRPcEsk3jZ1bxq7v26BC+tT5Xoo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9%2FPSvXEDF49O4pJoD6wJMueYNztkqSrsMO2HgVY7Vi55sDuMHQelIhPxYhj1KqkQA4QC2dUkyoZBzK6IsGw3w30COx53omTsd5LYhfP78krbz4p0BWkfsJe3C8ULvuaeCpQIDtEEd%2FOAyklkIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 70db825cab7a3763-MXP

GET f837aebf395f4a0f9dc0a5d3cb9bb04c.gif
23991511.com/ Frame DABC 0
0

GET d5d2abfb61f1445caed1c95cec4a0c6d.png
u0057.com/ Frame DABC 0
0

GET eaca3035f9744176a037419ce8fa581d.png
n0466.com/ Frame DABC 0
0

GET c6370440258b480995c3df55fb7c9529.png
u0053.com/ Frame DABC 0
0

GET 133e0326005748ce8cd1d0f7a64e97cc.png
n0488.com/ Frame DABC 0
0

GET 1b848b7c80944f708d3091a71f77ed7f.png
26558665.com/ Frame DABC 0
0

GET c3f9ac4b6a2e4b8ba71741c1ba19d325.gif
mvfge3.com/ Frame DABC 0
0

GET d1a90fe3585445f8917937856528b9f7.gif
apain2.com/ Frame DABC 0
0

GET 3cc55d97bc5d428e8e20be4ef7dbd32f.gif
trdez9.com/ Frame DABC 0
0

GET b5cbbc77f8d217ceccb5b1ca44208554.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 0
0

GET 71bae233ea1e379c74b3b0c30a05abd5.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 0
0

GET 0565518c535dd6a9f6344aa1220c33ab.gif
pic.rmb.bdstatic.com/bjh/ Frame DABC 0
0

GET 840f21556bd72cccbee97235c1998380.png
kvemm.com/ Frame DABC 0
0

GET 3ca54e54cb46a2d8884a5e32d43fdb14.png
kveii.com/ Frame DABC 0
0

GET 2d9e99d0532fbc12eded53b70c20d64d.gif
kveww.com/ Frame DABC 0
0

GET d246feb7694ab58d49f44d67d0474a95.png
kvezz.com/ Frame DABC 0
0

GET d37fed4b710b97c22f89ab7d90f36637.png
kveaa.com/ Frame DABC 0
0

GET d8766c5ff8e42ad5dafb8044a9ffd1e1.gif
kvezz.com/ Frame DABC 0
0

GET c40d951e9ca7d27f1ecbeb5fd7c9285b.jpg
kveii.com/ Frame DABC 0
0

GET 0d9faeb4ff7cc165c9a131eada7474a1.gif
kvemm.com/ Frame DABC 0
0

GET 3967008_1645780244.jpg
s.pc.qq.com/tousu/img/20220225/ Frame DABC 0
0

GET
H2 200 common.js Show response
bdns-01.2ucg3ip5y.com/template/uuu/js/ Frame DABC 5 KB
2 KB 219ms
219ms Script
application/javascript 172.247.168.117
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:668/template/uuu/js/common.js

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.247.168.117 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

8a58208960c108855338d4fa896c2ace79802387d106ffb014aa0a75930f31ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:36:52 GMT
content-encoding: gzip
last-modified: Thu, 19 May 2022 08:07:07 GMT
server: nginx
etag: W/"6244a95c-131a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Thu, 19 May 2022 10:37:07 GMT
cache-control: max-age=7200
strict-transport-security: max-age=31536000
x-proxy-cache: HIT

GET
H2 200 base.js Show response
bdns-01.2ucg3ip5y.com/template/uuu/js/ Frame DABC 18 KB
5 KB 1291ms
1291ms Script
application/javascript 172.247.168.117
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:668/template/uuu/js/base.js

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.247.168.117 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

13b8cb080e2780d82f7137960cf93d560a22baa2c79d9e9625356640f58fc479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 08:37:07 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 14:59:34 GMT
server: nginx
etag: W/"624efc56-49b4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Thu, 19 May 2022 11:37:07 GMT
cache-control: max-age=10800
strict-transport-security: max-age=31536000
x-proxy-cache: HIT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 434ms
434ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1529145359&si=8c44c885fc53286a61656bebc6e35c20&v=1.2.93&lv=1&sn=25655&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.fasaweb.com%2Findex.php&tt=%E5%A4%A7%E5%85%B4%E5%AE%89%E5%B2%AD%E6%95%9D%E6%AD%89%E5%BD%B1%E8%A7%86%E6%96%87%E5%8C%96%E5%8F%91%E5%B1%95%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.fasaweb.com
URL: http://www.fasaweb.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: http://www.fasaweb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 May 2022 08:37:04 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame DABC 29 KB
11 KB 438ms
438ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f38e40a2861736d44674d607010fd3f0

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

242ccde84af358abf531e2ae4bd7742ead0fe24920309f4d0792a956e311cf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:07 GMT
Content-Encoding: gzip
Server: apache
Etag: a1f285915f98c6a0dc061fd2b33f0c8f
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11140

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame DABC 29 KB
11 KB 419ms
418ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?4e02454c8c7915ec76bfff5d6609eebd

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:668/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

df39d29a29e9a2cbf81c3024a499ecc2aa69e5d5ed67f340e5cc33ad95eb6d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:668/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Thu, 19 May 2022 08:37:07 GMT
Content-Encoding: gzip
Server: apache
Etag: e849e0eef6a1482c525e4872ee727b0d
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11138

GET
DATA 200
OK truncated
/ Frame DABC 2 KB
2 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e

Request headers

Referer
Origin: https://bdns-01.2ucg3ip5y.com:668
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET hm.gif
hm.baidu.com/ Frame DABC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: p26.toutiaoimg.com
URL: https://p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image

Domain: wdwhyy.com
URL: https://wdwhyy.com/46d70b0eb9f54d0795230bd70b3799ab.gif

Domain: k68tkg.com
URL: https://k68tkg.com/72c3494fb7ac48f79d0f838453c5580b.gif

Domain: 23991511.com
URL: https://23991511.com/f837aebf395f4a0f9dc0a5d3cb9bb04c.gif

Domain: u0057.com
URL: https://u0057.com/d5d2abfb61f1445caed1c95cec4a0c6d.png

Domain: n0466.com
URL: https://n0466.com/eaca3035f9744176a037419ce8fa581d.png

Domain: u0053.com
URL: https://u0053.com/c6370440258b480995c3df55fb7c9529.png

Domain: n0488.com
URL: https://n0488.com/133e0326005748ce8cd1d0f7a64e97cc.png

Domain: 26558665.com
URL: https://26558665.com/1b848b7c80944f708d3091a71f77ed7f.png

Domain: mvfge3.com
URL: https://mvfge3.com/c3f9ac4b6a2e4b8ba71741c1ba19d325.gif

Domain: apain2.com
URL: https://apain2.com/d1a90fe3585445f8917937856528b9f7.gif

Domain: trdez9.com
URL: https://trdez9.com/3cc55d97bc5d428e8e20be4ef7dbd32f.gif

Domain: pic.rmb.bdstatic.com
URL: https://pic.rmb.bdstatic.com/bjh/b5cbbc77f8d217ceccb5b1ca44208554.gif

Domain: pic.rmb.bdstatic.com
URL: https://pic.rmb.bdstatic.com/bjh/71bae233ea1e379c74b3b0c30a05abd5.gif

Domain: pic.rmb.bdstatic.com
URL: https://pic.rmb.bdstatic.com/bjh/0565518c535dd6a9f6344aa1220c33ab.gif

Domain: kvemm.com
URL: https://kvemm.com/840f21556bd72cccbee97235c1998380.png

Domain: kveii.com
URL: https://kveii.com/3ca54e54cb46a2d8884a5e32d43fdb14.png

Domain: kveww.com
URL: https://kveww.com/2d9e99d0532fbc12eded53b70c20d64d.gif

Domain: kvezz.com
URL: https://kvezz.com/d246feb7694ab58d49f44d67d0474a95.png

Domain: kveaa.com
URL: https://kveaa.com/d37fed4b710b97c22f89ab7d90f36637.png

Domain: kvezz.com
URL: https://kvezz.com/d8766c5ff8e42ad5dafb8044a9ffd1e1.gif

Domain: kveii.com
URL: https://kveii.com/c40d951e9ca7d27f1ecbeb5fd7c9285b.jpg

Domain: kvemm.com
URL: https://kvemm.com/0d9faeb4ff7cc165c9a131eada7474a1.gif

Domain: s.pc.qq.com
URL: https://s.pc.qq.com/tousu/img/20220225/3967008_1645780244.jpg

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1503212700&si=4e02454c8c7915ec76bfff5d6609eebd&su=http%3A%2F%2Fwww.fasaweb.com%2F&v=1.2.93&lv=1&sn=25658&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fbdns-01.2ucg3ip5y.com%3A668%2F&tt=%E8%A7%86%E8%89%B2

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1047136712&si=f38e40a2861736d44674d607010fd3f0&su=http%3A%2F%2Fwww.fasaweb.com%2F&v=1.2.93&lv=1&sn=25658&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fbdns-01.2ucg3ip5y.com%3A668%2F&tt=%E8%A7%86%E8%89%B2

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.fasaweb.com/	1970-01-20 11:54:45	Name: Hm_lvt_79161fd1b3e6e759df0c63ca28d579db Value: 1652949424
.www.fasaweb.com/	1969-12-31 23:59:59	Name: Hm_lpvt_79161fd1b3e6e759df0c63ca28d579db Value: 1652949424
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: AF82B3D85B22ED7F
.www.fasaweb.com/	1970-01-20 11:54:45	Name: Hm_lvt_93da226c503dcf272c2529112cb7a112 Value: 1652949424
.www.fasaweb.com/	1969-12-31 23:59:59	Name: Hm_lpvt_93da226c503dcf272c2529112cb7a112 Value: 1652949424
.www.fasaweb.com/	1970-01-20 11:54:45	Name: Hm_lvt_8647bd41de5b190423c30fa8ee3779ce Value: 1652949424
.www.fasaweb.com/	1969-12-31 23:59:59	Name: Hm_lpvt_8647bd41de5b190423c30fa8ee3779ce Value: 1652949424
.www.fasaweb.com/	1970-01-20 11:54:45	Name: Hm_lvt_d609259d9dd56d81854d5ee9661b69e3 Value: 1652949425
.www.fasaweb.com/	1969-12-31 23:59:59	Name: Hm_lpvt_d609259d9dd56d81854d5ee9661b69e3 Value: 1652949425
.www.fasaweb.com/	1970-01-20 11:54:45	Name: Hm_lvt_b87775909ecbc1396394b9e86b6b068f Value: 1652949425
.www.fasaweb.com/	1969-12-31 23:59:59	Name: Hm_lpvt_b87775909ecbc1396394b9e86b6b068f Value: 1652949425
.www.fasaweb.com/	1970-01-20 11:54:45	Name: Hm_lvt_8c44c885fc53286a61656bebc6e35c20 Value: 1652949425
.www.fasaweb.com/	1969-12-31 23:59:59	Name: Hm_lpvt_8c44c885fc53286a61656bebc6e35c20 Value: 1652949425

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://bdns-01.2ucg3ip5y.com:668/ Message: Mixed Content: The page at 'https://bdns-01.2ucg3ip5y.com:668/' was loaded over HTTPS, but requested an insecure element 'http://gif.naigou1002.top/GIF/1241242.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bdns-01.2ucg3ip5y.com:668/(Line 968) Message: Mixed Content: The page at 'https://bdns-01.2ucg3ip5y.com:668/' was loaded over HTTPS, but requested an insecure element 'http://gif.naigou1002.top/GIF/1241242.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17265111.com
19528681.com
22195976.com
23797671.com
23991511.com
26558665.com
887634.com
acoossf.top
acoossu.top
acoossw.top
apain2.com
bdns-01.2ucg3ip5y.com
cdn.jsdelivr.net
fasaweb.com
gif.naigou1002.top
hm.baidu.com
k68tkg.com
kveaa.com
kvecc.com
kveii.com
kvemm.com
kveww.com
kvexx.com
kvezz.com
kvhccc.top
kvhlll.top
kvhsss.top
kvhuuu.top
mvfge3.com
n0466.com
n0488.com
p26.toutiaoimg.com
pic.rmb.bdstatic.com
s.pc.qq.com
trdez9.com
u0053.com
u0057.com
u0065.com
u0069.com
user-redirect-url.com
wdwhyy.com
www.fasaweb.com
xvrrd7.com
23991511.com
26558665.com
apain2.com
hm.baidu.com
k68tkg.com
kveaa.com
kveii.com
kvemm.com
kveww.com
kvezz.com
mvfge3.com
n0466.com
n0488.com
p26.toutiaoimg.com
pic.rmb.bdstatic.com
s.pc.qq.com
trdez9.com
u0053.com
u0057.com
wdwhyy.com
103.235.46.191
104.143.94.110
104.37.214.218
107.148.17.189
156.235.248.170
172.247.168.117
185.10.104.115
20.187.119.188
20.24.82.169
20.247.108.120
207.46.155.160
2408:872b:e02:101:6c::2
2606:4700:3034::ac43:9715
2606:4700:3038::6815:e97c
2606:4700:3038::6815:ebaa
2606:4700::6810:5614
2a06:98c1:3120::a
2a06:98c1:3121::a
45.154.214.239
45.154.215.92
47.75.19.48
47.75.19.61
01e6d867c83b80e6e0dcacb7c4d09ea7118bb3cce0e8bf20457a54f3e172777e
02f64eb8a8e43e033ed45d337711379d1a836188728b7911a8b281d421a6d991
04247a05b62423345c279293b64a09af8b9e90dce2b80c478b09d0ab4a0f126b
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
122f22f589e3fd270116b7be282835a61cee9ef5cd6eda75866bc9018271b9e5
13b8cb080e2780d82f7137960cf93d560a22baa2c79d9e9625356640f58fc479
1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311
1e92b4606fee73235b0e0709bcca5533e3338c62302a353556eac7caed926c8e
1f79e978236e81f405e186385cb24d1e71352a7f1c7ad15fa59d4d7cd14a67ec
23acd0940f4f634f199f855cb03f272091227f3f869a45978be23cf9137428d7
242ccde84af358abf531e2ae4bd7742ead0fe24920309f4d0792a956e311cf37
2831683ce0da4d0ad746e3bda04a793359efa0974f4f3b3cbd96e4f03b5658b9
290c2e9b4bb935d34b0c9e8452eed9e538c8ad69b9438b5c6bdbe598c1f38c51
3c687ebab921b3a398588224e8f3db04e04c63eb14c4c05b81946a0c0db8e1fa
3d5edb2832f7391587fea304e942a6613faa307462e4ad1e955acd503f3e1478
406b2f32818b522b4e5c2f7f5de504b89ca9a4e8b3cdfe823f2c16cd6542c807
524b95237ff243a0f3e3fc956644c474532d969c9dbded95d311b8222fab732b
5e4b0af5ea20219fe6a01ce9d0af29c168566849ccc647a35a924b1e37968e61
6e5d5a54f87917acb45b64a2708004f72dcae06a1626336a01c290c0dfba5aa2
6f5f34ff6d19a3cbe65f139c78194cbccda07fbb05ac2c3a036e18aed00f4721
6f6614b5b9b3359f7dd8e245144279188b9bfceccfa327d6cff2e54d8730c7a8
754e73a6a2a86f8533f15bf92061610fa505787bce36a52c9e1944b44ae15364
851942c977429b4502f25a3787848be30dc5e31e484fa4d08fe4b428810b6aa7
8a58208960c108855338d4fa896c2ace79802387d106ffb014aa0a75930f31ff
8e63897e0d38447d330299baf3446102a6f69e1e543401146114400d854050fb
99031684ec74d19b3d58dcc126d492cf5ad5b1a3c74cb08c9571686654c3a109
9d211fb273f19f5068f133e6cc35bc433fee41993023f8455dad400863473d29
9ff719de8538fae6c12237e81ffcae739428920d4e371efb15c8617ef5e67fc1
a1dae3e6252e4cc2d7d8ef59a9b8b7484fd5e4a10f7276e975c3654f6c9391c8
a37eaf9f04a634f3e85dcd7353eb1fa224ddefa8d1e04b65a946b3cebf97ea75
aee23690176001a85989514d82f7a668f5a6ff0c3161ab49fba0bdc76cf9b773
b349c187657aac001daafe636bf8c97f2c81c13f526886cb3fc9bafc0b8cb6df
ba244d8035d4e99190c03c9f8f01b27f3ddafbddddba1a69bb99a09266b5eedc
bfafe3e166fb868cb0355b2e3d36bf3dc8de3f988ee8c39d7e718dbdac8ce4a0
c55c53826cd97374c03743b9cbf0f58d74d979b9b8937cc1184de41e6e4c8634
c808633ff4d4c025ae4151460a6ab81b58837bc03584b7037b4ef2034cc8676c
ca2a8b8169cef019be237b08e6e3e075934d76d733aa9937a0cfaca96c5dda23
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f2fe7b11ea4b5daae1619e4c8307b7df14866c79f6ded60ba0401bf8350d46
d5f17ae5d18f084d6055e4e12f5f56f37259a901eecfe7391a3d8da00b7eb062
d6a4f131884413555900ad6642a89688deae3b91e879733a6ede890608ba6b02
df39d29a29e9a2cbf81c3024a499ecc2aa69e5d5ed67f340e5cc33ad95eb6d70
e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a
e629e56d036cf130188ca4ed5b3ab79518a96fe7865624d0909ad9cb5f189d83
e95a0b1c3ca9617a58f0960113ef5003cfed0e5ed27b5552ea279700b21b5595
ed01e4ef683c92f8d6f7e90bcc53472c81c6fe9d4c87c914a62c6999e3d390a1
f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
fcae9a5a0fca0a4535db37603f61e3f28ae856e73ce894c5da9570460e70d5c5
ffdceb96ee4670386b85d0e2389496569d7e5e9f16844c2f26e9656482a8f12f

www.fasaweb.com Open in urlscan Pro 156.235.248.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

85 Requests

54 %HTTPS

32 %IPv6

42 Domains

43 Subdomains

18 IPs

2 Countries

19319 kBTransfer

22681 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fasaweb.com Open in urlscan Pro
156.235.248.170 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

54 %
HTTPS

32 %
IPv6

42
Domains

43
Subdomains

18
IPs

2
Countries

19319 kB
Transfer

22681 kB
Size

13
Cookies

85 HTTP transactions
1 data transactions