urlscan.io logo urlscan.io
SecurityTrails logo

xud7.vip Open in urlscan Pro
134.195.209.182  Public Scan

Go To Rescan Add Verdict Report
URL: http://xud7.vip/
Submission: On October 24 via api from BE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 33 HTTP transactions. The main IP is 134.195.209.182, located in Los Angeles, United States and belongs to MULTA-ASN1, US. The main domain is xud7.vip.
This is the only time xud7.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
19 134.195.209.182 35916 (MULTA-ASN1)
2 142.251.40.130 15169 (GOOGLE)
2 14.215.183.79 4134 (CHINANET-...)
4 142.251.40.194 15169 (GOOGLE)
1 142.250.80.34 15169 (GOOGLE)
2 142.251.32.97 15169 (GOOGLE)
1 142.251.40.228 15169 (GOOGLE)
33 8
19    134.195.209.182 (Los Angeles, United States)

ASN35916 (MULTA-ASN1, US)
xud7.vip
2    142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
pagead2.googlesyndication.com
2    14.215.183.79 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
hm.baidu.com
4    142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
ep1.adtrafficquality.google
2    142.251.32.97 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f1.1e100.net
ep2.adtrafficquality.google
1    142.251.40.228 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
19 xud7.vip
xud7.vip
508 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245
ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383
19 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 13307
12 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
195 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
0 google.cn Failed
translate.google.cn Failed
33 7
Domain Requested by
19 xud7.vip xud7.vip
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 hm.baidu.com xud7.vip
2 pagead2.googlesyndication.com xud7.vip
pagead2.googlesyndication.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
0 translate.google.cn Failed xud7.vip
33 8

This site contains links to these domains. Also see Links.

Domain
jialezi.net
xkx.me
mail.0du.win
Subject Issuer Validity Valid
*.g.doubleclick.net
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2024-07-08 -
2025-08-09		 a year crt.sh
adtrafficquality.google
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh

This page contains 7 frames:

Primary Page: http://xud7.vip/
Frame ID: 925F6053F1A26775588E3459FC4390E1
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241022/r20190131/zrt_lookup_fy2021.html
Frame ID: 45301ED30AB1EDDD774F0B1533991921
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2216966439537945&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1658400345&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=http%3A%2F%2Fxud7.vip%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aipaq=1&aiombap=1&aief=1&dt=1729729714862&bpp=3&bdt=750&idt=189&shv=r20241022&mjsv=m202410170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2050267406821&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087701%2C31088191%2C31088192%2C31088194%2C31088326%2C95341937%2C95344188%2C95345270%2C95335246%2C95344978&oid=2&pvsid=4101192588210363&tmod=1762542704&uas=0&nvt=1&fsapi=1&fc=1920&brdim=210%2C210%2C210%2C210%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=230
Frame ID: 9BFAA10B1B231AE443029D58DD7AB693
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2216966439537945&output=html&h=250&slotname=3324757751&adk=4112666640&adf=4241083410&pi=t.ma~as.3324757751&w=855&abgtt=1&lmt=1658400345&rafmt=12&format=855x250&url=http%3A%2F%2Fxud7.vip%2F&wgl=1&dt=1729729714865&bpp=2&bdt=753&idt=249&shv=r20241022&mjsv=m202410170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2050267406821&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=373&ady=349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087701%2C31088191%2C31088192%2C31088194%2C31088326%2C95341937%2C95344188%2C95345270%2C95335246%2C95344978&oid=2&pvsid=4101192588210363&tmod=1762542704&uas=0&nvt=1&fc=1920&brdim=210%2C210%2C210%2C210%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=Mo%7Com%7CeE%7Cp&abl=XS&pfx=0&fu=256&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=262
Frame ID: C31041B9A1C4619F6ACDBE20688130CD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2216966439537945&output=html&h=300&slotname=2408909219&adk=3087534070&adf=3418555885&pi=t.ma~as.2408909219&w=846&abgtt=1&lmt=1658400345&rafmt=12&format=846x300&url=http%3A%2F%2Fxud7.vip%2F&wgl=1&dt=1729729714867&bpp=1&bdt=755&idt=274&shv=r20241022&mjsv=m202410170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C855x250&nras=1&correlator=2050267406821&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=377&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087701%2C31088191%2C31088192%2C31088194%2C31088326%2C95341937%2C95344188%2C95345270%2C95335246%2C95344978&oid=2&pvsid=4101192588210363&tmod=1762542704&uas=0&nvt=1&fc=1920&brdim=210%2C210%2C210%2C210%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=256&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=279
Frame ID: 4006B0703CF2469517C138E5B49B9453
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: FD30B9915781FC32BC6AFD69E0C5D2EB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 785CF466D4FE4E7C778B12EE5F5E3F4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jaz Mail ~

Page URL History Show full URLs

  1. http://xud7.vip/ HTTP 307
    https://xud7.vip/ HTTP 307
    http://xud7.vip/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /semantic(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • prism\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

36 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

734 kB
Transfer

1157 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xud7.vip/ HTTP 307
    https://xud7.vip/ HTTP 307
    http://xud7.vip/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
xud7.vip/
Redirect Chain
  • http://xud7.vip/
  • https://xud7.vip/
  • http://xud7.vip/
13 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
c712c08b3762b5dd6b7a22b3ab7bcbe1ebef88fb68e4a95a7cca110d37d13b03

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Length
12860
Content-Type
text/html; charset=UTF-8
Date
Thu, 24 Oct 2024 00:28:34 GMT
ETag
W/"323c-182205d0e51"
Keep-Alive
timeout=5
Last-Modified
Thu, 21 Jul 2022 10:45:45 GMT

Redirect headers

Location
http://xud7.vip/
Non-Authoritative-Reason
HttpsUpgrades
style3.css
xud7.vip/css2/ 		45 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/css2/style3.css
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
be9faad4e9263e9dcbbe5041e4d55d9943141a56ba38f3bed7341ead42a26bf6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Cache-Control
public, max-age=3600
ETag
W/"b5a1-17c70674ced"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
46497
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
text/css; charset=UTF-8
prism.current.min.css
xud7.vip/css2/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/css2/prism.current.min.css
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
1156dba06a689e7491cc528f6125e6df9856a190b848b4ed538ba25e82d50854

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Cache-Control
public, max-age=3600
ETag
W/"d7f-17c70674ced"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3455
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
text/css; charset=UTF-8
jquery.min.js
xud7.vip/js/ 		82 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/js/jquery.min.js
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Cache-Control
public, max-age=3600
ETag
W/"1499c-17c70674ccd"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84380
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
application/javascript; charset=UTF-8
semantic.min.js
xud7.vip/js/ 		256 KB
256 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/js/semantic.min.js
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
2e5c2989d47f6fcdd4a354be8ead44a319838d9acfebb3cbe3699b2fc3dcfa37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Cache-Control
public, max-age=3600
ETag
W/"3fedb-17c70674cd1"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
261851
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
application/javascript; charset=UTF-8
socket.io.min.js
xud7.vip/js/ 		64 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/js/socket.io.min.js
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
2acea7e1a972709e4c463eabc05eca6676b9895e841e21f4b8f14f9617bbcb24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Cache-Control
public, max-age=3600
ETag
W/"fe11-17c70674cd1"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65041
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
application/javascript; charset=UTF-8
clipboard.min.js
xud7.vip/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/js/clipboard.min.js
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
404b016f5c9a369726eec56a280c93478da17a52ed0f1fee116838330772ec70

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Cache-Control
public, max-age=3600
ETag
W/"2296-17c70674cd1"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8854
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
application/javascript; charset=UTF-8
app3.js
xud7.vip/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/js/app3.js
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
be45a90278b5af684bc889d56d790a100f775f1ea9ef850c6d1df686352fb570

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Cache-Control
public, max-age=3600
ETag
W/"1b15-17c70674cd1"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6933
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
application/javascript; charset=UTF-8
prism.js
xud7.vip/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/js/prism.js
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
5b52e6e5cf1de17c99992476df728ae34cb83b46228952af07f36055bda9883a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Cache-Control
public, max-age=3600
ETag
W/"1b95-17c70674cd1"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7061
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
application/javascript; charset=UTF-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
64d4075bb92020e2c4b79e4ba0b94c362a82c946be086afdd34da93389ea2ab5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

content-encoding
br
etag
337014726070110824
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:28:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 24 Oct 2024 00:28:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52937
x-xss-protection
0
server
cafe
logo.png
xud7.vip/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xud7.vip/images/logo.png
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
802a895f8753dc0257de6e54952ad8871432f314b55614175cb0aa3b2828a6a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Cache-Control
public, max-age=3600
ETag
W/"1652-17c70674ce1"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5714
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
image/png
empty-box.gif
xud7.vip/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xud7.vip/images/empty-box.gif
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
efc6990a7d1d15fc515ad695d96f9558cfd1e5a208a0cfa5d18e6e25b5dde72d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Cache-Control
public, max-age=3600
ETag
W/"1fe5-17c70674ce1"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8165
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
image/gif
ori.png
xud7.vip/images/ 		304 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xud7.vip/images/ori.png
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
a82a127ce6e3d6316d43243c4b0f54c0ca3c163c3ec0486b31775b075b194fd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Cache-Control
public, max-age=3600
ETag
W/"130-17c70674ce1"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
304
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
image/png
element.js
translate.google.cn/translate_a/ 		0
0
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?fa032d6bff41af754e55e51731a2cf18
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
95fb916557c69db393f8a31ac2cbe4b6c1ad390f8507b4ba93903a8413662d79
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
b162a29dfb28d66cd9cc39441817e94a
Content-Length
11292
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Thu, 24 Oct 2024 00:28:35 GMT
Content-Type
application/javascript
Server
apache
tbs.webp
xud7.vip/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://xud7.vip/images/tbs.webp
Requested by
Host: xud7.vip
URL: http://xud7.vip/css2/style3.css
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bde706e7a7ea43d9f09d3a4a7464e679dc156ddd99296af9e879338c829481c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/css2/style3.css

Response headers

Cache-Control
public, max-age=3600
ETag
W/"d5a-17c70674ce1"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3418
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
image/webp
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410170101/ 		432 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410170101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
18d5a532be8968bba0978e86076a81a471d7e10ce7ad8963dc1dc320a86c743e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

content-encoding
br
etag
12522042857250377664
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:28:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 24 Oct 2024 00:28:34 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147056
x-xss-protection
0
server
cafe
/
xud7.vip/socket.io/ 		101 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/socket.io/?EIO=3&transport=polling&t=1729729714876-0
Requested by
Host: xud7.vip
URL: http://xud7.vip/js/socket.io.min.js
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
c65999f38b1c3a69eacf771054673935078dc3479290f700534f4f248e2efc67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Access-Control-Allow-Origin
*
Content-Length
101
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:34 GMT
Content-Type
application/octet-stream
Connection
keep-alive
/
xud7.vip/socket.io/ 		5 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/socket.io/?EIO=3&transport=polling&t=1729729714960-1&sid=qmgruupKBwGjD3WIAAAg
Requested by
Host: xud7.vip
URL: http://xud7.vip/js/socket.io.min.js
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Access-Control-Allow-Origin
*
Content-Length
5
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:35 GMT
Content-Type
application/octet-stream
Connection
keep-alive
/
xud7.vip/socket.io/ 		2 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/socket.io/?EIO=3&transport=polling&t=1729729715042-2&sid=qmgruupKBwGjD3WIAAAg
Requested by
Host: xud7.vip
URL: http://xud7.vip/js/socket.io.min.js
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type
text/plain;charset=UTF-8
Referer
http://xud7.vip/

Response headers

Access-Control-Allow-Origin
http://xud7.vip
Content-Length
2
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:35 GMT
Content-Type
text/html
Connection
keep-alive
Access-Control-Allow-Credentials
true
/
xud7.vip/socket.io/ 		108 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/socket.io/?EIO=3&transport=polling&t=1729729715043-3&sid=qmgruupKBwGjD3WIAAAg
Requested by
Host: xud7.vip
URL: http://xud7.vip/js/socket.io.min.js
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
d50af96aedb49a3a9cbd24f896152be5fe8eb518b416684dda22c76b7cf734a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Access-Control-Allow-Origin
*
Content-Length
108
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:35 GMT
Content-Type
application/octet-stream
Connection
keep-alive
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241022/r20190131/ Frame 4530 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241022/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xud7.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
1761
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 23:59:14 GMT
etag
13108003645644964576
expires
Wed, 06 Nov 2024 23:59:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9BFA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2216966439537945&output=html&adk=1812271804&adf=3025194257&abgtt=1&lmt=1658400345&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=http%3A%2F%2Fxud7.vip%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiict=1&aipaq=1&aiombap=1&aief=1&dt=1729729714862&bpp=3&bdt=750&idt=189&shv=r20241022&mjsv=m202410170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2050267406821&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087701%2C31088191%2C31088192%2C31088194%2C31088326%2C95341937%2C95344188%2C95345270%2C95335246%2C95344978&oid=2&pvsid=4101192588210363&tmod=1762542704&uas=0&nvt=1&fsapi=1&fc=1920&brdim=210%2C210%2C210%2C210%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=230
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xud7.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:28:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C310 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2216966439537945&output=html&h=250&slotname=3324757751&adk=4112666640&adf=4241083410&pi=t.ma~as.3324757751&w=855&abgtt=1&lmt=1658400345&rafmt=12&format=855x250&url=http%3A%2F%2Fxud7.vip%2F&wgl=1&dt=1729729714865&bpp=2&bdt=753&idt=249&shv=r20241022&mjsv=m202410170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=2050267406821&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=373&ady=349&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087701%2C31088191%2C31088192%2C31088194%2C31088326%2C95341937%2C95344188%2C95345270%2C95335246%2C95344978&oid=2&pvsid=4101192588210363&tmod=1762542704&uas=0&nvt=1&fc=1920&brdim=210%2C210%2C210%2C210%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=Mo%7Com%7CeE%7Cp&abl=XS&pfx=0&fu=256&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=262
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xud7.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:28:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4006 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2216966439537945&output=html&h=300&slotname=2408909219&adk=3087534070&adf=3418555885&pi=t.ma~as.2408909219&w=846&abgtt=1&lmt=1658400345&rafmt=12&format=846x300&url=http%3A%2F%2Fxud7.vip%2F&wgl=1&dt=1729729714867&bpp=1&bdt=755&idt=274&shv=r20241022&mjsv=m202410170101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C855x250&nras=1&correlator=2050267406821&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=377&ady=1039&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31087701%2C31088191%2C31088192%2C31088194%2C31088326%2C95341937%2C95344188%2C95345270%2C95335246%2C95344978&oid=2&pvsid=4101192588210363&tmod=1762542704&uas=0&nvt=1&fc=1920&brdim=210%2C210%2C210%2C210%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7Cm%7CEe%7Cp&abl=XS&pfx=0&fu=256&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=279
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xud7.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:28:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
xud7.vip/socket.io/ 		4 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/socket.io/?EIO=3&transport=polling&t=1729729715162-4&sid=qmgruupKBwGjD3WIAAAg
Requested by
Host: xud7.vip
URL: http://xud7.vip/js/socket.io.min.js
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Access-Control-Allow-Origin
*
Content-Length
4
Keep-Alive
timeout=5
Date
Thu, 24 Oct 2024 00:28:35 GMT
Content-Type
application/octet-stream
Connection
keep-alive
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=79A84D8A84F52C83&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-ca&lo=0&rnd=1930800546&si=fa032d6bff41af754e55e51731a2cf18&v=1.3.2&lv=1&sn=64461&r=0&ww=1600&u=http%3A%2F%2Fxud7.vip%2F&tt=Jaz%20Mail%20~
Requested by
Host: xud7.vip
URL: http://xud7.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Thu, 24 Oct 2024 00:28:35 GMT
Content-Type
image/gif
Server
apache
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241022&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410170101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
6f66c4dd8b8c4bfd1424735a10b279a396ba4864ddb2df391023f2251ac26ce3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12920
date
Thu, 24 Oct 2024 00:28:36 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
logo.png
xud7.vip/images/ 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
http://xud7.vip/images/logo.png
Protocol
HTTP/1.1
Server
134.195.209.182 Los Angeles, United States, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
/
Resource Hash
802a895f8753dc0257de6e54952ad8871432f314b55614175cb0aa3b2828a6a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=3600
Content-Length
5714
ETag
W/"1652-17c70674ce1"
Date
Thu, 24 Oct 2024 00:28:34 GMT
Last-Modified
Mon, 11 Oct 2021 17:29:50 GMT
Content-Type
image/png
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410170101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f1.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
http://xud7.vip/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:28:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:28:36 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame FD30 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.32.97 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xud7.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1760
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Oct 2024 23:59:16 GMT
expires
Thu, 24 Oct 2024 00:49:16 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 785C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.228 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GlpI0qc26j1AsD387UPGOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://xud7.vip/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-GlpI0qc26j1AsD387UPGOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:28:36 GMT
expires
Thu, 24 Oct 2024 00:28:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
translate.google.cn
URL
https://translate.google.cn/translate_a/element.js?cb=googleTranslateElementInit
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241022&jk=4101192588210363&bg=!AgGlAU7NAAbl67hexes7ADQBe5WfONcFCvcih5E6Ro-5fNuqNHsGCJAD8DgLgd23apD5pXMNxQFojRioQ5d4fMXrDOKUAgAAAEtSAAAAAmgBB34ANsnCjSYTMEylEs1wDAxnzZp1J8q1hneNJYp4dN5CBpWBGnTFanbFfxGMStAeAnwYCwOmGWIjDpkCk0N64vR3ovKGUGeLw1C09awMB0jGfC0em6AnHp5_1ypw3fhP4gZDUbuNgadhYnbYKXrigZX2rOzfd9DET8j_TOW1z_t1jfSuvI4mXMPEDjRpRCMA27bFrOlOjITPMveEW7VtlkLwHZrqJZ1_QwEui_5J925sYWFJdmDR7pwkefH890xu3_14PvDTUvEYz0sRxssMGXU85ukYIx3PS6QuGqSfTgtcECYZNFaPop8dU8J0DMTryQaJzPv5yVS_yCBrvbBqtWt6LhWHJbcuPL8CJKws6DyOEuRS7YlzOZ9mFYnPvd5JjUyp0F-Z60dolsHK_64gUIqvm071GaWqdjNY7GmBS1lyP_v4fcIRU__7cxuNxc4GhUQEpelVPN1t5IBj9hqpvJKOAqX6oj1rDDen85lCoGMrilTFuVtpMb3giaP6GD6oBGYoeZ5mzgQxrBssJ2WGVe9b4FO3PHNJQcBL-Tmp6YZ_F87VQIca969pHMFarQixw5S5C5UYxnzVuZoo_mGz-LhqrluI6usuuCvTjAXjZHhUurofBQDDx2DvSDQ6lWtEJCTBt8YIQ_mKNjNeRLweNrs1uQDOoYQLFlCfup7tI2J9dwQLsz0pHx5loIsV2C7mrwEyGjg8QcZA-MjGksVmDPC-4hIUUAF6fjy_MojQpWyp6Jafi3IRqLoO0HQ1rz3Qll8Fa2mSy3UG6JhidkrcsbtJS29oJjLdJSoAxhyAVHeL6hV-nsAg37Py-ZhqXmnTtE_II_Efdi2bewoOcxSn__-J26OnrW5sfpVkOPWaln2A8far1TgJu0Jfn-wthI5HnoQd6vuwQ9ikbE5OvSVmCs3trE4SZ5Z18ka4Zt2ZHtr_we5vGai7LCdf1T6Nsp_A

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| $ function| jQuery function| io function| Clipboard function| getParameterByName function| change object| _self object| Prism object| _hmt object| adsbygoogle function| googleTranslateElementInit object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| a object| $customShortId object| $shortId object| $mailSuffix string| $customTheme string| $placeholder_old string| $placeholder_new object| $mailsuffixContaienr object| $indexContaienr object| $maillist function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| _bdhm_loaded_fa032d6bff41af754e55e51731a2cf18 object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
xud7.vip/ Name: io
Value: qmgruupKBwGjD3WIAAAg
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 79A84D8A84F52C83
.xud7.vip/ Name: Hm_lvt_fa032d6bff41af754e55e51731a2cf18
Value: 1729729716
.xud7.vip/ Name: Hm_lpvt_fa032d6bff41af754e55e51731a2cf18
Value: 1729729716
.xud7.vip/ Name: HMACCOUNT
Value: 79A84D8A84F52C83

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
hm.baidu.com
pagead2.googlesyndication.com
translate.google.cn
www.google.com
xud7.vip
ep1.adtrafficquality.google
translate.google.cn
134.195.209.182
14.215.183.79
142.250.80.34
142.251.32.97
142.251.40.130
142.251.40.194
142.251.40.228
1156dba06a689e7491cc528f6125e6df9856a190b848b4ed538ba25e82d50854
18d5a532be8968bba0978e86076a81a471d7e10ce7ad8963dc1dc320a86c743e
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
25d989b3ed89abc5bb5a814c257dc57619d7f45908013cd08aa508c22e4f6a0a
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2acea7e1a972709e4c463eabc05eca6676b9895e841e21f4b8f14f9617bbcb24
2e5c2989d47f6fcdd4a354be8ead44a319838d9acfebb3cbe3699b2fc3dcfa37
404b016f5c9a369726eec56a280c93478da17a52ed0f1fee116838330772ec70
5b52e6e5cf1de17c99992476df728ae34cb83b46228952af07f36055bda9883a
64d4075bb92020e2c4b79e4ba0b94c362a82c946be086afdd34da93389ea2ab5
6f66c4dd8b8c4bfd1424735a10b279a396ba4864ddb2df391023f2251ac26ce3
802a895f8753dc0257de6e54952ad8871432f314b55614175cb0aa3b2828a6a5
95fb916557c69db393f8a31ac2cbe4b6c1ad390f8507b4ba93903a8413662d79
a82a127ce6e3d6316d43243c4b0f54c0ca3c163c3ec0486b31775b075b194fd0
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
bde706e7a7ea43d9f09d3a4a7464e679dc156ddd99296af9e879338c829481c1
be45a90278b5af684bc889d56d790a100f775f1ea9ef850c6d1df686352fb570
be9faad4e9263e9dcbbe5041e4d55d9943141a56ba38f3bed7341ead42a26bf6
c65999f38b1c3a69eacf771054673935078dc3479290f700534f4f248e2efc67
c712c08b3762b5dd6b7a22b3ab7bcbe1ebef88fb68e4a95a7cca110d37d13b03
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d50af96aedb49a3a9cbd24f896152be5fe8eb518b416684dda22c76b7cf734a9
efc6990a7d1d15fc515ad695d96f9558cfd1e5a208a0cfa5d18e6e25b5dde72d
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99