42lbbv5c.yt12654.xyz Open in urlscan Pro
156.251.181.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://65543.asia/
Effective URL:
https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C
Submission: On July 04 via api (July 4th 2024, 10:07:53 pm UTC) from BE — Scanned from DE

Summary HTTP 25 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 25 HTTP transactions. The main IP is 156.251.181.7, located in United States and belongs to CNSERVERS, US. The main domain is 42lbbv5c.yt12654.xyz.
TLS certificate: Issued by R10 on June 7th 2024. Valid for: 3 months.

This is the only time 42lbbv5c.yt12654.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.150.65 172.67.150.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	156.251.181.7 156.251.181.7	40065 (CNSERVERS) (CNSERVERS)
1	159.75.57.35 159.75.57.35	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
7	13.32.20.60 13.32.20.60	16509 (AMAZON-02) (AMAZON-02)
1	52.219.36.247 52.219.36.247	16509 (AMAZON-02) (AMAZON-02)
1	2404:2280:1a4... 2404:2280:1a4:0:3::7f4	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	154.85.69.8 154.85.69.8	139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.)
1	58.217.250.111 58.217.250.111	137702 (CHINATELE...) (CHINATELECOM-JIANGSU-NANJING-IDC Nanjing)
1	43.152.29.77 43.152.29.77	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
25	9

1 172.67.150.65 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

65543.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 156.251.181.7 (United States)

ASN40065 (CNSERVERS, US)

nbdjxc.yt16671.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
42lbbv5c.yt12654.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.75.57.35 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

jquery-1305929544.cos.ap-guangzhou.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.32.20.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-20-60.fra56.r.cloudfront.net

accelerationpic.s3-accelerate.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.36.247 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com

accelerationpic.s3.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:2280:1a4:0:3::7f4 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

a.sinaimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.85.69.8 (Singapore, Singapore)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)

cdn.bootcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 58.217.250.111 (China)

ASN137702 (CHINATELECOM-JIANGSU-NANJING-IDC Nanjing, Jiangsu Province, P.R.China., CN)

accelerationimg-1305929544.cos.ap-shanghai.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.152.29.77 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

res.origin-safari.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	amazonaws.com accelerationpic.s3-accelerate.amazonaws.com indexpicimages.s3-accelerate.amazonaws.com Failed accelerationpic.s3.ap-southeast-1.amazonaws.com	851 KB
8	yt12654.xyz 42lbbv5c.yt12654.xyz	55 KB
2	myqcloud.com jquery-1305929544.cos.ap-guangzhou.myqcloud.com accelerationimg-1305929544.cos.ap-shanghai.myqcloud.com Failed	158 KB
2	yt16671.xyz nbdjxc.yt16671.xyz	4 KB
1	origin-safari.com res.origin-safari.com	2 MB
1	bootcdn.net cdn.bootcdn.net — Cisco Umbrella Rank: 99187	8 KB
1	sinaimg.cn a.sinaimg.cn — Cisco Umbrella Rank: 307736	518 KB
1	65543.asia 1 redirects 65543.asia	453 B
25	8

	Domain	Requested by
8	42lbbv5c.yt12654.xyz	nbdjxc.yt16671.xyz 42lbbv5c.yt12654.xyz
7	accelerationpic.s3-accelerate.amazonaws.com	42lbbv5c.yt12654.xyz
2	nbdjxc.yt16671.xyz	nbdjxc.yt16671.xyz
1	res.origin-safari.com	42lbbv5c.yt12654.xyz
1	cdn.bootcdn.net	42lbbv5c.yt12654.xyz
1	a.sinaimg.cn	42lbbv5c.yt12654.xyz
1	accelerationpic.s3.ap-southeast-1.amazonaws.com	42lbbv5c.yt12654.xyz
1	accelerationimg-1305929544.cos.ap-shanghai.myqcloud.com	42lbbv5c.yt12654.xyz
1	jquery-1305929544.cos.ap-guangzhou.myqcloud.com	42lbbv5c.yt12654.xyz
1	65543.asia	1 redirects
0	indexpicimages.s3-accelerate.amazonaws.com Failed	42lbbv5c.yt12654.xyz
25	11

This site contains links to these domains. Also see Links.

Domain
accelerationkfyt.s3.us-west-1.amazonaws.com

Subject Issuer	Validity	Valid
yt18932.vip R10	`2024-06-07` - `2024-09-05`	3 months	crt.sh
*.cos.ap-guangzhou.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-04-10` - `2025-05-12`	a year	crt.sh
*.s3-accelerate.amazonaws.com Amazon RSA 2048 M01	`2023-12-19` - `2024-12-02`	a year	crt.sh
*.s3-ap-southeast-1.amazonaws.com Amazon RSA 2048 M01	`2024-01-31` - `2025-01-22`	a year	crt.sh
*.weibo.cn GeoTrust CN RSA CA G1	`2023-12-06` - `2025-01-03`	a year	crt.sh
*.bootcss.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-03` - `2025-02-02`	a year	crt.sh
*.cos.ap-shanghai.myqcloud.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-04-08` - `2025-05-10`	a year	crt.sh
res.origin-safari.com TrustAsia RSA DV TLS CA G2	`2024-05-03` - `2024-08-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C
Frame ID: C078FC586DCAF8A091FEED19698D4704
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

富强-民主

Page URL History Show full URLs

https://65543.asia/ HTTP 301
https://nbdjxc.yt16671.xyz:39002/?3TSDJK8C Page URL
https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C Page URL
https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

92 %
HTTPS

11 %
IPv6

8
Domains

11
Subdomains

9
IPs

3
Countries

4127 kB
Transfer

4189 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://accelerationkfyt.s3.us-west-1.amazonaws.com/chatlink.htm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://65543.asia/ HTTP 301
https://nbdjxc.yt16671.xyz:39002/?3TSDJK8C Page URL
https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C Page URL
https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://65543.asia/ HTTP 301
https://nbdjxc.yt16671.xyz:39002/?3TSDJK8C

25 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
nbdjxc.yt16671.xyz/
Redirect Chain

https://65543.asia/
https://nbdjxc.yt16671.xyz:39002/?3TSDJK8C

2 KB
1 KB

1231ms
294ms

Document
text/html

156.251.181.7
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://nbdjxc.yt16671.xyz:39002/?3TSDJK8C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

156.251.181.7 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

83d24215386cd36e1b755cfc21e05ca92ca370684447d04cc861c03c1064c34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Content-Encoding: gzip
Content-Length: 932
Content-Type: text/html
Date: Thu, 04 Jul 2024 22:07:41 GMT
Etag: W/"66792a9c-732"
Last-Modified: Mon, 24 Jun 2024 08:13:16 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Cache: BYPASS

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89e26df39c633723-FRA
content-type: text/html
date: Thu, 04 Jul 2024 22:07:40 GMT
location: https://nbdjxc.yt16671.xyz:39002?3TSDJK8C
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FiJvj2vusxIHzdYB8XJxPKWxM%2BR6GBbmzDiL2%2BWFBbjIV5UuwFYmwI5RdTfDQkMSelPyqXZ5xes8l%2Bbi2UyvoGc7QJuaFQQCCX2obzghWfJov7ZIDNaZpxJ2yhH"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H/1.1 200
OK and.js Show response
nbdjxc.yt16671.xyz/ 10 KB
3 KB 309ms
304ms Script
application/javascript 156.251.181.7
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://nbdjxc.yt16671.xyz:39002/and.js

Requested by

Host: nbdjxc.yt16671.xyz
URL: https://nbdjxc.yt16671.xyz:39002/?3TSDJK8C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

156.251.181.7 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

5c49d39280749ac37b2edc6f4495a3312472e2250ffaea96a5ac80ea1b305028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://nbdjxc.yt16671.xyz:39002/?3TSDJK8C
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:42 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 04 Jul 2024 12:37:56 GMT
Server: nginx
Etag: W/"668697a4-29c3"
Vary: Accept-Encoding
X-Cache: UPDATING
Content-Type: application/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=43200
Expires: Fri, 05 Jul 2024 10:07:42 GMT

GET
H/1.1 200
OK index.html Show response
42lbbv5c.yt12654.xyz/5885/ 9 KB
4 KB 912ms
304ms Document
text/html 156.251.181.7
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C

Requested by

Host: nbdjxc.yt16671.xyz
URL: https://nbdjxc.yt16671.xyz:39002/and.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

156.251.181.7 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

e55230f13d3e686d05f7677ec4aa5707743e60e130332c9eca0323f1c459691f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://nbdjxc.yt16671.xyz:39002/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 04 Jul 2024 22:07:43 GMT
Etag: W/"6683f410-2451"
Last-Modified: Tue, 02 Jul 2024 12:35:28 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: UPDATING

GET
H/1.1 200
OK index.css
42lbbv5c.yt12654.xyz/css/ 2 KB
982 B 295ms
293ms Stylesheet
text/css 156.251.181.7
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://42lbbv5c.yt12654.xyz:39002/css/index.css
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 156.251.181.7 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: d7f26b7cca2c4477bdbedcf1982816a2f3282929289779d04cbb25aa2da87138

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 20:45:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2024 20:45:38 GMT
Server: nginx
Etag: W/"66606c78-73b"
Vary: Accept-Encoding
X-Cache: HIT, policy, disk
Content-Type: text/css
Cache-Control: max-age=43200
Content-Length: 651
Expires: Fri, 05 Jul 2024 08:45:38 GMT

GET
H/1.1 200
OK jquery-3.5.1.min.js
jquery-1305929544.cos.ap-guangzhou.myqcloud.com/ 87 KB
88 KB 2289ms
362ms Script
text/javascript 159.75.57.35
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to

Full URL: https://jquery-1305929544.cos.ap-guangzhou.myqcloud.com/jquery-3.5.1.min.js
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.75.57.35 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:45 GMT
x-cos-hash-crc64ecma: 4110229572790551004
Last-Modified: Mon, 01 Jul 2024 06:44:29 GMT
Server: tencent-cos
ETag: "dc5e7f18c8d36ac1d3d4753a87c98d0a"
Content-Type: text/javascript
x-cos-request-id: NjY4NzFkMzFfOGZlYzRjMGJfMTkyY2NfNDgyYTgwOA==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 89476

GET
H/1.1 200
OK vsharetool.js Show response
42lbbv5c.yt12654.xyz/js/ 46 KB
19 KB 313ms
311ms Script
application/javascript 156.251.181.7
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://42lbbv5c.yt12654.xyz:39002/js/vsharetool.js
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 156.251.181.7 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 75a61aa26c2d465deffacc8b7736367d041ce7f1bd7283734e2c44b583713662

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 20:45:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2024 20:45:38 GMT
Server: nginx
Etag: W/"66607079-b7d6"
Vary: Accept-Encoding
X-Cache: HIT, policy, disk
Content-Type: application/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=43200
Expires: Fri, 05 Jul 2024 08:45:38 GMT

GET
H/1.1 200
OK qrcode.min.js Show response
42lbbv5c.yt12654.xyz/js/ 19 KB
8 KB 601ms
306ms Script
application/javascript 156.251.181.7
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://42lbbv5c.yt12654.xyz:39002/js/qrcode.min.js
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 156.251.181.7 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 20:45:38 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Jul 2024 20:45:38 GMT
Server: nginx
Etag: W/"66606c7b-4dd7"
Vary: Accept-Encoding
X-Cache: HIT, policy, disk
Content-Type: application/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=43200
Expires: Fri, 05 Jul 2024 08:45:38 GMT

GET
H/1.1 200
OK yy006.bac
accelerationpic.s3-accelerate.amazonaws.com/ 10 KB
11 KB 397ms
268ms Image
binary/octet-stream 13.32.20.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accelerationpic.s3-accelerate.amazonaws.com/yy006.bac
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.20.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-20-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0238cc90522a942ba9d4c788814208e8854a2c4162d1939e72ca688f19114a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:44 GMT
Via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
Last-Modified: Sat, 22 Jun 2024 20:14:59 GMT
Server: AmazonS3
x-amz-request-id: G9XMETKQYMMMPR7B
X-Amz-Cf-Pop: FRA56-C2
ETag: "65cdd3664a9241d2e43caa6c4f0689eb"
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10265
x-amz-id-2: oBJ3MA+N+yj/5uas0+0+vGNPF45gaKibY+YZmZuYn/l417yI2q6JNvtvMfJqkYBKuHKsYrTVPUU=
X-Amz-Cf-Id: fw0HduHj2JCXpkZlwV3K16jEsFdbt6PIkiiiZWNl3bo6rYizNOFazw==

GET
H/1.1 200
OK yy001.bac
accelerationpic.s3-accelerate.amazonaws.com/ 62 KB
62 KB 391ms
263ms Image
binary/octet-stream 13.32.20.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accelerationpic.s3-accelerate.amazonaws.com/yy001.bac
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.20.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-20-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f70dace9b4b2daa9dde94520490f92c7f2a817edd023b10baac4edbceb802d94

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:44 GMT
Via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
Last-Modified: Tue, 25 Jun 2024 16:17:07 GMT
Server: AmazonS3
x-amz-request-id: G9XYXTMPV6KC49KW
X-Amz-Cf-Pop: FRA56-C2
ETag: "7659e5767391187e9e6f57d05768d80f"
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63049
x-amz-id-2: fWsYGsRH1j4P4+/67O6J1DoPJK8qd0KPfl4++kEgNDHcv+KuMmKBWkELDeSlADr67baBkR3qXp0=
X-Amz-Cf-Id: 4syISb6X6XXVSax3JHX_BdSkzcWc_cu3ivpvYNhVR8yR0w_Mqk3yVQ==

GET
H/1.1 200
OK yy003.bac
accelerationpic.s3-accelerate.amazonaws.com/ 343 KB
344 KB 697ms
697ms Image
binary/octet-stream 13.32.20.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accelerationpic.s3-accelerate.amazonaws.com/yy003.bac
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.20.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-20-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d410c12b0ae09ef3fa19336c41c706a38998828eb78445d45f7b875e64b8a588

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:45 GMT
Via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
Last-Modified: Sat, 22 Jun 2024 20:14:57 GMT
Server: AmazonS3
x-amz-request-id: C62XE99DZ01FMK68
X-Amz-Cf-Pop: FRA56-C2
ETag: "55b829e9bbf0ae3e9dde553ff357128d"
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 351489
x-amz-id-2: IYzofO/4/iGLBsttfl+57dJHJxcir9n+lNmyUVpvr9ttlX+ff42jWjlgiyRhHXBDztn+ztNh+Cc=
X-Amz-Cf-Id: ZcDEcYdBZ7-sIO5j2-cCjucFlxQXu6GEHtFv5irNwInlYCi_ZYPfiQ==

GET
H/1.1 200
OK yy004.bac
accelerationpic.s3-accelerate.amazonaws.com/ 227 KB
227 KB 216ms
216ms Image
binary/octet-stream 13.32.20.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accelerationpic.s3-accelerate.amazonaws.com/yy004.bac
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.20.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-20-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02ba536b4ed0aaece8eb43a0efb5b4aca1bb899d0b3e0b9e2dc6e27d84d64ea0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:44 GMT
Via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
Last-Modified: Sat, 22 Jun 2024 20:14:58 GMT
Server: AmazonS3
x-amz-request-id: G9XREDNZ3E6MM12X
X-Amz-Cf-Pop: FRA56-C2
ETag: "67ffe65de77543e2c7313b3903c9c3c4"
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 232044
x-amz-id-2: s4LIc3GY7TDhO1zHBjprLyPq14TJctAzDgN+mIh1WLRSREmZupLpMlnc1IKXbdxKiomrWyL12Vo=
X-Amz-Cf-Id: XctENavZRTkiVledKgob_4HXVt-sGExt6aK7XJSykza4jovXLMCeLA==

GET
H/1.1 200
OK yy005.bac
accelerationpic.s3-accelerate.amazonaws.com/ 120 KB
120 KB 739ms
738ms Image
binary/octet-stream 13.32.20.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accelerationpic.s3-accelerate.amazonaws.com/yy005.bac
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.20.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-20-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16ff1303b6987cddd1879d6ac4cc3b9cd75ea6c8e7ad60c591e5315827e4e510

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:45 GMT
Via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
Last-Modified: Sat, 22 Jun 2024 20:14:58 GMT
Server: AmazonS3
x-amz-request-id: C62SJPQDNB7SZQQ9
X-Amz-Cf-Pop: FRA56-C2
ETag: "d9e92c693e4bcf9f8f4d3de4a3ec1bba"
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122473
x-amz-id-2: pdd8yMe3WXOH7c2FzJCXvoNqvPoKYXncSCowh+CvFHBl4/qw/jLsQjFRFV9+WTeFld2JX/viLCs=
X-Amz-Cf-Id: Bpn866JXhYyZ2wrWoDuSh9Ijd--7o-eD8zto7cMpjQPPcAS-iANv3Q==

GET
H/1.1 200
OK yy002.bac
accelerationpic.s3-accelerate.amazonaws.com/ 59 KB
60 KB 222ms
221ms Image
binary/octet-stream 13.32.20.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accelerationpic.s3-accelerate.amazonaws.com/yy002.bac
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.20.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-20-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0250825f48fa3e0bf07c9e1765e1c7b8f36ceb6e48c7e2544e4470b01e0df8aa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:46 GMT
Via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
Last-Modified: Tue, 25 Jun 2024 16:17:06 GMT
Server: AmazonS3
x-amz-request-id: EX3CM8YQ3VVJ4270
X-Amz-Cf-Pop: FRA56-C2
ETag: "42a4849a9f1657cbb614931a6d759e89"
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Content-Type: binary/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60497
x-amz-id-2: CjbEdfO2qq/VkMnEMLf0B6P51WiZ4SgVyF8snTjRFEE40GZErxb2O/eduHtG5JOgSpVQh7eIkbA=
X-Amz-Cf-Id: 4fFOYbKulIWaKHkQ8H90hIkqZH3olDYf8gTtLHsvsUid7_0Fs4bl2g==

GET xinren.webp
accelerationimg-1305929544.cos.ap-shanghai.myqcloud.com/ 0
0

GET 87c0715ca89fa.js
indexpicimages.s3-accelerate.amazonaws.com/ 0
0

GET
H/1.1 200
OK Primary Request index.html Show response
42lbbv5c.yt12654.xyz/5885/pc/ 8 KB
3 KB 292ms
291ms Document
text/html 156.251.181.7
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C

Requested by

Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

156.251.181.7 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

c8053e04e8cc0dcbdbdf587c1f8250271ca2912e344cb409981a4a3223d11860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://42lbbv5c.yt12654.xyz:39002/5885/index.html?channelCode=3TSDJK8C
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 04 Jul 2024 22:07:46 GMT
Etag: W/"668131d7-1e54"
Last-Modified: Sun, 30 Jun 2024 10:22:15 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache: UPDATING

GET
H/1.1 200
OK slogn01.png
accelerationpic.s3.ap-southeast-1.amazonaws.com/ 16 KB
16 KB 986ms
345ms Image
image/png 52.219.36.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accelerationpic.s3.ap-southeast-1.amazonaws.com/slogn01.png
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.219.36.247 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fd23fe0774f8ffc4a26fb83605500671d222f74a9277a5640bf39bc13c3884b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:48 GMT
Last-Modified: Sun, 23 Jun 2024 08:05:21 GMT
Server: AmazonS3
x-amz-request-id: XYF8SCZQ1XQ2SECK
ETag: "4976d6c9c0c3073373924943042b8b56"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 16003
x-amz-id-2: S0p4wsbc7Oerpc8j3n2PVweEPMRyfKIfC+A9P8z2kH/2ZAGSPKDqqdo7i3fgu+fK8GdBaVGQ2rM=

GET
H/1.1 200
OK 192.webp
42lbbv5c.yt12654.xyz/5885/pc/ 4 KB
4 KB 319ms
318ms Image
image/webp 156.251.181.7
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://42lbbv5c.yt12654.xyz:39002/5885/pc/192.webp

Requested by

Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

156.251.181.7 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

f43a23ef84948df00dbf825995ed4c63a969ca145510fbe63a29cef0d3b55ca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:46 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 01 Jul 2024 12:34:50 GMT
Server: nginx
Etag: "6682a26a-ed4"
X-Cache: UPDATING
Content-Type: image/webp
Accept-Ranges: bytes
Content-Length: 3796

GET
H/1.1 200
OK kf.js
42lbbv5c.yt12654.xyz/5885/pc/ 11 KB
11 KB 302ms
300ms Image
application/javascript 156.251.181.7
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://42lbbv5c.yt12654.xyz:39002/5885/pc/kf.js

Requested by

Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

156.251.181.7 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

06962e3482fb361b4b756cd61a3e1293054ea351b9327a2770a1b31b448e842b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:46 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Last-Modified: Sat, 22 Jun 2024 20:06:39 GMT
Server: nginx
Etag: W/"66772ecf-2b79"
Vary: Accept-Encoding
X-Cache: UPDATING
Content-Type: application/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=43200
Expires: Fri, 05 Jul 2024 10:07:46 GMT

GET
H2 200 18weibo_login.png
a.sinaimg.cn/mintra/pic/2112130400/ 516 KB
518 KB 1484ms
120ms Image
image/png 2404:2280:1a4:0:3::7f4
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.sinaimg.cn/mintra/pic/2112130400/18weibo_login.png
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2404:2280:1a4:0:3::7f4 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b7a512189ccb4fa667962b05cd2d77361a421e0288dbe9639efb1754bdb08692

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 03 Jun 2024 12:22:11 GMT
via: http/1.1 cnc.guangzhou.union.67 (ApacheTrafficServer/6.2.1 [cHs f ]), cache35.l2us1[0,0,200-0,H], cache24.l2us1[2,0], ens-cache2.es5[0,0,200-0,H], ens-cache3.es5[1,0]
x-requestid: f1393e68-2406-0304-5605-5ca7213e04cc
age: 2713536
x-via-edge: 1717417331764b743b5a3b8321f0a3eaacdde
x-swift-cachetime: 31181009
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-requester: GRPS000000ANONYMOUSE
x-swift-savetime: Fri, 07 Jun 2024 14:58:42 GMT
content-length: 528461
x-via-cdn: f=aliyun,s=ens-cache3.es5,c=2001:1b60:2:240:3247::10;f=sinaedge,s=ctc.guangzhou.union.184.nb.sinaedge.com,c=163.181.67.183;f=Edge,s=cnc.guangzhou.union.67,c=10.31.50.184
edge-copy-time: 1717361766622
last-modified: Mon, 13 Dec 2021 08:00:20 GMT
server: Tengine
etag: "7444a18830b59f882c587767b16612c7"-
access-control-max-age: 31536000
x-filesize: 528461
content-type: image/png
x-amz-meta-crc32: 196DD8D8
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
cache-control: max-age=31536000
ali-swift-global-savetime: 1717417331
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: Origin, Content-Type, Accept, Range, Content-Length
eagleid: a3b5319717201308679111743e

GET
H2 200 qrcode.min.js Show response
cdn.bootcdn.net/ajax/libs/qrcodejs/1.0.0/ 19 KB
8 KB 990ms
478ms Script
text/javascript 154.85.69.8
LDPL-AS-AP LEGEND...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bootcdn.net/ajax/libs/qrcodejs/1.0.0/qrcode.min.js
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.85.69.8 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 04 Jul 2024 22:07:47 GMT
pragma: no-cache
date: Thu, 04 Jul 2024 22:07:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-ser: BC217_lt-henan-nanyang-1-cache-14, BC8_US-Georgia-atlanta-1-cache-2, BC5_DE-Frankfurt-Frankfurt-11-cache-1

GET
H/1.1 200
OK xinren.webp
accelerationimg-1305929544.cos.ap-shanghai.myqcloud.com/ 70 KB
70 KB 1629ms
256ms Image
image/webp 58.217.250.111
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accelerationimg-1305929544.cos.ap-shanghai.myqcloud.com/xinren.webp
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 58.217.250.111 , China, ASN137702 (CHINATELECOM-JIANGSU-NANJING-IDC Nanjing, Jiangsu Province, P.R.China., CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: ea14daf787a93143a31c09945e5a7c1e7ac0e402121a1367cc7f426775b020ee

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:48 GMT
x-cos-hash-crc64ecma: 3205958345644967259
Last-Modified: Sat, 22 Jun 2024 18:11:35 GMT
Server: tencent-cos
ETag: "c4feeb0fefa82ae2e76d072696175a17"
Content-Type: image/webp
x-cos-request-id: NjY4NzFkMzNfOTI2ZDE2MGJfMTUyNzdfNGE2NzNiNQ==
Content-Disposition: attachment
Connection: keep-alive
Accept-Ranges: bytes
x-cos-force-download: true
Content-Length: 71168

GET
H2 206 bg.mp4.js
res.origin-safari.com/assets/ying/ 2 MB
2 MB 1424ms
38ms Media
application/javascript 43.152.29.77
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL

https://res.origin-safari.com/assets/ying/bg.mp4.js

Requested by

Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.152.29.77 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),

Reverse DNS

Software

Lego Server /

Resource Hash

8651b15777cdf52561b2792da1acb5cdff19a4cd4111fb93ea532688828a8cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://42lbbv5c.yt12654.xyz:39002/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 12:10:23 GMT
strict-transport-security: max-age=63072000;includeSubDomains
x-cache-lookup: Cache Hit
last-modified: Sun, 23 Jun 2024 03:13:33 GMT
server: Lego Server
etag: "667792dd-2789a2"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
Content-Range: bytes 0-2591137/2591138
cache-control: public, max-age=60
x-nws-log-uuid: 18205271460100382175
Content-Length: 2591138

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b302559c4c8b45daf37d3216c4e98c8fc57ccf9203997c6b2a7a9276e7fa3c2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK ios.gif
accelerationpic.s3-accelerate.amazonaws.com/ 10 KB
11 KB 228ms
227ms Image
image/gif 13.32.20.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accelerationpic.s3-accelerate.amazonaws.com/ios.gif
Requested by: Host: 42lbbv5c.yt12654.xyz
URL: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.20.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-20-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5d8aa81fccb3a0d128bc074ee8ab4b5b768f6490c78cd86d098ad43fc9154f53

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:48 GMT
Via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
Last-Modified: Sun, 23 Jun 2024 09:49:06 GMT
Server: AmazonS3
x-amz-request-id: XYF25EM7FNBD8WH5
X-Amz-Cf-Pop: FRA56-C2
ETag: "d5302b7b4202b222e891dbc0b63067f1"
x-amz-server-side-encryption: AES256
X-Cache: Miss from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10454
x-amz-id-2: z8+XphW18g4Fxb1lurfWllQHTo/75Vz5gojPGCY9a59xXG+itIKcBC9QkOR7SRS8QZKo4kZhaxg=
X-Amz-Cf-Id: ipcjn-8Kp-T0xk6KeRNWI7GSe6tKU5bMnAL8QS_iZbECg3UMuzyCZA==

GET
H/1.1 200
OK favicon.ico
42lbbv5c.yt12654.xyz/ 4 KB
4 KB 291ms
290ms Other
image/x-icon 156.251.181.7
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://42lbbv5c.yt12654.xyz:39002/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

156.251.181.7 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

7e52499274d61b185cf6fac54ffc8eddcb599eb3cf478bdc6e17a3ba42c2da99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://42lbbv5c.yt12654.xyz:39002/5885/pc/index.html?channelCode=3TSDJK8C
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 04 Jul 2024 22:07:49 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 07 Jun 2024 23:45:48 GMT
Server: nginx
Etag: "66639bac-10be"
X-Cache: BYPASS
Content-Type: image/x-icon
Accept-Ranges: bytes
Content-Length: 4286

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: accelerationimg-1305929544.cos.ap-shanghai.myqcloud.com
URL: https://accelerationimg-1305929544.cos.ap-shanghai.myqcloud.com/xinren.webp

Domain: indexpicimages.s3-accelerate.amazonaws.com
URL: https://indexpicimages.s3-accelerate.amazonaws.com/87c0715ca89fa.js

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42lbbv5c.yt12654.xyz
65543.asia
a.sinaimg.cn
accelerationimg-1305929544.cos.ap-shanghai.myqcloud.com
accelerationpic.s3-accelerate.amazonaws.com
accelerationpic.s3.ap-southeast-1.amazonaws.com
cdn.bootcdn.net
indexpicimages.s3-accelerate.amazonaws.com
jquery-1305929544.cos.ap-guangzhou.myqcloud.com
nbdjxc.yt16671.xyz
res.origin-safari.com
accelerationimg-1305929544.cos.ap-shanghai.myqcloud.com
indexpicimages.s3-accelerate.amazonaws.com
13.32.20.60
154.85.69.8
156.251.181.7
159.75.57.35
172.67.150.65
2404:2280:1a4:0:3::7f4
43.152.29.77
52.219.36.247
58.217.250.111
0250825f48fa3e0bf07c9e1765e1c7b8f36ceb6e48c7e2544e4470b01e0df8aa
02ba536b4ed0aaece8eb43a0efb5b4aca1bb899d0b3e0b9e2dc6e27d84d64ea0
06962e3482fb361b4b756cd61a3e1293054ea351b9327a2770a1b31b448e842b
16ff1303b6987cddd1879d6ac4cc3b9cd75ea6c8e7ad60c591e5315827e4e510
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
5c49d39280749ac37b2edc6f4495a3312472e2250ffaea96a5ac80ea1b305028
5d8aa81fccb3a0d128bc074ee8ab4b5b768f6490c78cd86d098ad43fc9154f53
75a61aa26c2d465deffacc8b7736367d041ce7f1bd7283734e2c44b583713662
7b302559c4c8b45daf37d3216c4e98c8fc57ccf9203997c6b2a7a9276e7fa3c2
7e52499274d61b185cf6fac54ffc8eddcb599eb3cf478bdc6e17a3ba42c2da99
83d24215386cd36e1b755cfc21e05ca92ca370684447d04cc861c03c1064c34e
8651b15777cdf52561b2792da1acb5cdff19a4cd4111fb93ea532688828a8cb6
b7a512189ccb4fa667962b05cd2d77361a421e0288dbe9639efb1754bdb08692
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
c8053e04e8cc0dcbdbdf587c1f8250271ca2912e344cb409981a4a3223d11860
d0238cc90522a942ba9d4c788814208e8854a2c4162d1939e72ca688f19114a9
d410c12b0ae09ef3fa19336c41c706a38998828eb78445d45f7b875e64b8a588
d7f26b7cca2c4477bdbedcf1982816a2f3282929289779d04cbb25aa2da87138
e55230f13d3e686d05f7677ec4aa5707743e60e130332c9eca0323f1c459691f
ea14daf787a93143a31c09945e5a7c1e7ac0e402121a1367cc7f426775b020ee
f43a23ef84948df00dbf825995ed4c63a969ca145510fbe63a29cef0d3b55ca9
f70dace9b4b2daa9dde94520490f92c7f2a817edd023b10baac4edbceb802d94
fd23fe0774f8ffc4a26fb83605500671d222f74a9277a5640bf39bc13c3884b5

42lbbv5c.yt12654.xyz Open in urlscan Pro 156.251.181.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

92 %HTTPS

11 %IPv6

8 Domains

11 Subdomains

9 IPs

3 Countries

4127 kBTransfer

4189 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

42lbbv5c.yt12654.xyz Open in urlscan Pro
156.251.181.7 Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

92 %
HTTPS

11 %
IPv6

8
Domains

11
Subdomains

9
IPs

3
Countries

4127 kB
Transfer

4189 kB
Size

0
Cookies

25 HTTP transactions
2 data transactions