06715e.x4oi9usn.live Open in urlscan Pro
18.167.74.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://06715a.com/
Effective URL:
https://06715e.x4oi9usn.live:16688/
Submission: On May 10 via api (May 10th 2024, 12:36:15 pm UTC) from BE — Scanned from DE

Summary HTTP 44 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 4 domains to perform 44 HTTP transactions. The main IP is 18.167.74.164, located in Hong Kong and belongs to AMAZON-02, US. The main domain is 06715e.x4oi9usn.live.
TLS certificate: Issued by R3 on May 5th 2024. Valid for: 3 months.

This is the only time 06715e.x4oi9usn.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	18.167.74.164 18.167.74.164	16509 (AMAZON-02) (AMAZON-02)
7	90.84.161.22 90.84.161.22	2285 (OCB_HONEY...) (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN)
15	223.121.15.24 223.121.15.24	58453 (CMI-INT-H...) (CMI-INT-HK China Mobile International Limited)
2	111.45.3.198 111.45.3.198	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
10	23.90.149.106 23.90.149.106	() ()
5	43.152.26.154 43.152.26.154	() ()
2	14.215.182.140 14.215.182.140	() ()
44	8

3 18.167.74.164 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-167-74-164.ap-east-1.compute.amazonaws.com

06715a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
06715e.x4oi9usn.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 90.84.161.22 (France)

ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR)

io1.c2.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
io3.c2.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 223.121.15.24 (Hong Kong)

ASN58453 (CMI-INT-HK China Mobile International Limited, HK)

io2.c2.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
io1.c2.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 111.45.3.198 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.90.149.106 (None, )

ASN- ()

io5.c2.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
io4.c2.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
io2.c2.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 43.152.26.154 (None, )

ASN- ()

io6.c1.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
io9.c1.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
io8.c1.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.215.182.140 (None, )

ASN- ()

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	ddcsdt.com io1.c2.ddcsdt.com io2.c2.ddcsdt.com io5.c2.ddcsdt.com io3.c2.ddcsdt.com io4.c2.ddcsdt.com io6.c1.ddcsdt.com io9.c1.ddcsdt.com io8.c1.ddcsdt.com	570 KB
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 10507	23 KB
2	x4oi9usn.live 06715e.x4oi9usn.live	6 KB
1	06715a.com 06715a.com	1 KB
44	4

	Domain	Requested by
18	io1.c2.ddcsdt.com	06715a.com 06715e.x4oi9usn.live io1.c2.ddcsdt.com
5	io4.c2.ddcsdt.com	06715e.x4oi9usn.live
4	io5.c2.ddcsdt.com	06715e.x4oi9usn.live
4	hm.baidu.com	06715a.com 06715e.x4oi9usn.live
3	io6.c1.ddcsdt.com	io1.c2.ddcsdt.com
3	io3.c2.ddcsdt.com	06715e.x4oi9usn.live io1.c2.ddcsdt.com
2	06715e.x4oi9usn.live	06715a.com
2	io2.c2.ddcsdt.com	06715a.com 06715e.x4oi9usn.live
1	io8.c1.ddcsdt.com	io1.c2.ddcsdt.com
1	io9.c1.ddcsdt.com	io1.c2.ddcsdt.com
1	06715a.com
44	11

This site contains no links.

Subject Issuer	Validity	Valid
06715.com R3	`2024-04-20` - `2024-07-19`	3 months	crt.sh
c2.ddcsdt.com R3	`2024-03-26` - `2024-06-24`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
5c7ppodn.live R3	`2024-05-05` - `2024-08-03`	3 months	crt.sh
c1.ddcsdt.com R3	`2024-03-26` - `2024-06-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://06715e.x4oi9usn.live:16688/
Frame ID: 0FFB2B54C3D17057DE63EEB8DA5FB289
Requests: 50 HTTP requests in this frame

Frame: https://06715e.x4oi9usn.live:16688/iframe/1/3.html
Frame ID: E69C2EEA295E1F6C1DB765458F01D971
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://06715a.com/ Page URL
https://06715e.x4oi9usn.live:16688/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

44
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

11
Subdomains

8
IPs

3
Countries

600 kB
Transfer

2169 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://06715a.com/ Page URL
https://06715e.x4oi9usn.live:16688/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
06715a.com/ 2 KB
1 KB 1372ms
429ms Document
text/html 18.167.74.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://06715a.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.167.74.164 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-167-74-164.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d695925b59e9188aa3dd75abe1024f9b8ec994d40139ea7589ad3919dc3f589d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8 text/html; charset=utf-8
date: Fri, 10 May 2024 12:36:08 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 lazysizes-umd.min.js Show response
io1.c2.ddcsdt.com/static/label/ 8 KB
4 KB 176ms
61ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/lazysizes-umd.min.js

Requested by

Host: 06715a.com
URL: https://06715a.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715a.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE6[6],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,0],EU-GER-frankfurt-GLOBAL1-CACHE4[286],EU-GER-frankfurt-GLOBAL1-CACHE7[280,TCP_MISS,284]
age: 974349
alt-svc: h3=":443"; ma=2592000
content-length: 3501
last-modified: Fri, 26 Apr 2024 06:51:45 GMT
server: openresty
etag: W/"662b4f01-1ee0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 8d3303bf681823357252429650200258
x-ccdn-expires: 1617676
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Mon, 06 May 2024 05:56:58 GMT

GET
H2 200 label-com4.js Show response
io1.c2.ddcsdt.com/static/label/ 6 KB
3 KB 183ms
69ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/label-com4.js

Requested by

Host: 06715a.com
URL: https://06715a.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

7e1bb46307f9533bd884999a404c30df1de8ac6254b79b3337ae8342e95f082a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715a.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE6[12],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,0],EU-GER-frankfurt-GLOBAL1-CACHE5[281],EU-GER-frankfurt-GLOBAL1-CACHE14[278,TCP_MISS,281]
age: 795455
alt-svc: h3=":443"; ma=2592000
content-length: 2106
last-modified: Mon, 29 Apr 2024 08:23:03 GMT
server: openresty
etag: W/"662f58e7-174b"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 12375cece627e4ad05275713b39f9cee
x-ccdn-expires: 1796570
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Wed, 08 May 2024 07:38:33 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
io1.c2.ddcsdt.com/static/label/ 2 KB
1 KB 182ms
68ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/ls.unveilhooks.min.js

Requested by

Host: 06715a.com
URL: https://06715a.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715a.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE6[13],EU-GER-frankfurt-EDGE5-CACHE6[0,TCP_HIT,0],EU-GER-frankfurt-GLOBAL1-CACHE5[289],EU-GER-frankfurt-GLOBAL1-CACHE6[284,TCP_MISS,287]
age: 974349
alt-svc: h3=":443"; ma=2592000
content-length: 828
last-modified: Fri, 26 Apr 2024 06:51:45 GMT
server: openresty
etag: W/"662b4f01-750"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 0fd1afc5637794bc6bb9e513e6216a70
x-ccdn-expires: 1617676
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Mon, 06 May 2024 05:56:58 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
io1.c2.ddcsdt.com/static/label/ 91 KB
33 KB 191ms
77ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/jquery-1.10.2.min.js

Requested by

Host: 06715a.com
URL: https://06715a.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715a.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE6[13],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,0],EU-GER-frankfurt-GLOBAL1-CACHE2[292],EU-GER-frankfurt-GLOBAL1-CACHE2[289,TCP_MISS,291]
age: 974349
alt-svc: h3=":443"; ma=2592000
content-length: 33078
last-modified: Fri, 26 Apr 2024 06:51:45 GMT
server: openresty
etag: W/"662b4f01-16bac"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 440306ca244751e7f86b5fdcf2b13983
x-ccdn-expires: 1617676
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Mon, 06 May 2024 05:56:58 GMT

GET
H2 200 c2236ed7c756deca.js Show response
io2.c2.ddcsdt.com/upload/script/05/ 7 KB
4 KB 178ms
91ms Script
application/javascript 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/05/c2236ed7c756deca.js

Requested by

Host: 06715a.com
URL: https://06715a.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

8da0eee3c161d2de1ce498654ce6be77e8179f93e30e0957858761c35d30c2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715a.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE12[50],EU-GER-frankfurt-EDGE2-CACHE1[46,TCP_MISS,47],EU-FRA-paris-GLOBAL1-CACHE12[4],EU-FRA-paris-GLOBAL1-CACHE25[0,TCP_HIT,1]
age: 1
alt-svc: h3=":443"; ma=2592000
content-length: 2940
last-modified: Sun, 05 May 2024 15:57:24 GMT
server: openresty
etag: W/"6637ac64-1ca8"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 85a33472c20111f2e5b540a50fae10e6
x-ccdn-expires: 2196745
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Sun, 12 May 2024 22:48:33 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 773ms
334ms Script
application/javascript 111.45.3.198
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?edd94c426599867ca8045d6c570422a5

Requested by

Host: 06715a.com
URL: https://06715a.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

52bc794aecb92d16656507b2681cad751466496a2a31b4d24cc81c92930cf17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715a.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 10 May 2024 12:36:09 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: fee07f7987e204529d9fa2441506e419
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11260

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 307ms
306ms Image
image/gif 111.45.3.198
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1790762633&si=edd94c426599867ca8045d6c570422a5&v=1.3.0&lv=1&sn=31480&r=0&ww=1600&u=https%3A%2F%2F06715a.com%2F&tt=%E7%99%BE%E5%BA%A6%E4%B8%80%E4%B8%8B

Requested by

Host: 06715a.com
URL: https://06715a.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715a.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 10 May 2024 12:36:10 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 Primary Request / Show response
06715e.x4oi9usn.live/ 4 KB
2 KB 1081ms
339ms Document
text/html 18.167.74.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://06715e.x4oi9usn.live:16688/
Requested by: Host: 06715a.com
URL: https://06715a.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.167.74.164 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-167-74-164.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dd59f49b2c60c83552d9b5097a65904eacec7d87da0d0bd9d3a86c5c8930bb10

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://06715a.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8 text/html; charset=utf-8
date: Fri, 10 May 2024 12:36:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 lazysizes-umd.min.js Show response
io1.c2.ddcsdt.com/static/label/ 8 KB
4 KB 143ms
47ms Script
application/javascript 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/lazysizes-umd.min.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE12[4],EU-GER-frankfurt-EDGE2-CACHE7[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE11[10],EU-FRA-paris-GLOBAL1-CACHE7[0,TCP_HIT,3]
age: 1302262
alt-svc: h3=":443"; ma=2592000
content-length: 3501
last-modified: Wed, 24 Apr 2024 02:32:22 GMT
server: openresty
etag: W/"66286f36-1ee0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 88781a565c0b24b9cf4420dd2deaa1d0
x-ccdn-expires: 1289744
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 02 May 2024 10:48:35 GMT

GET
H2 200 label-com4.js Show response
io1.c2.ddcsdt.com/static/label/ 6 KB
3 KB 144ms
49ms Script
application/javascript 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/label-com4.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

7e1bb46307f9533bd884999a404c30df1de8ac6254b79b3337ae8342e95f082a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE12[5],EU-GER-frankfurt-EDGE2-CACHE15[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE21[2],EU-FRA-paris-GLOBAL1-CACHE30[0,TCP_HIT,2]
age: 795083
alt-svc: h3=":443"; ma=2592000
content-length: 2106
last-modified: Mon, 29 Apr 2024 08:23:03 GMT
server: openresty
etag: W/"662f58e7-174b"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 5dce32830c5104cdf9460557bd02e094
x-ccdn-expires: 1796923
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Wed, 08 May 2024 07:38:36 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
io1.c2.ddcsdt.com/static/label/ 2 KB
1 KB 154ms
58ms Script
application/javascript 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/ls.unveilhooks.min.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE12[6],EU-GER-frankfurt-EDGE2-CACHE6[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE30[3],EU-FRA-paris-GLOBAL1-CACHE6[0,TCP_HIT,2]
age: 1302262
alt-svc: h3=":443"; ma=2592000
content-length: 828
last-modified: Wed, 24 Apr 2024 02:32:22 GMT
server: openresty
etag: W/"66286f36-750"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 5876dc30863fc773f5cd849a7575065d
x-ccdn-expires: 1289744
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 02 May 2024 10:48:36 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
io1.c2.ddcsdt.com/static/label/ 91 KB
33 KB 142ms
46ms Script
application/javascript 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/jquery-1.10.2.min.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE12[3],EU-GER-frankfurt-EDGE2-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE5[3],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,2]
age: 1302436
alt-svc: h3=":443"; ma=2592000
content-length: 33078
last-modified: Wed, 24 Apr 2024 02:32:22 GMT
server: openresty
etag: W/"66286f36-16bac"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 443496adf7b894c3fbf5c06f537e6b26
x-ccdn-expires: 1289570
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 02 May 2024 10:48:36 GMT

GET
H2 200 d66497b19cfe3dc9.js Show response
io5.c2.ddcsdt.com/upload/script/05/ 46 KB
15 KB 983ms
888ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io5.c2.ddcsdt.com/upload/script/05/d66497b19cfe3dc9.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

6d900a51e83307e3cb8000a346b84356a1d94068dea83657394e09d5f8a889df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[845],EU-GER-frankfurt-EDGE4-CACHE2[841,TCP_MISS,843],EU-GER-frankfurt-GLOBAL1-CACHE1[561],EU-GER-frankfurt-GLOBAL1-CACHE12[556,TCP_MISS,560]
age: 1
x-ccdn-origin-time: 556
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-b984"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: baaf1b89a86a156d7f7a51a8bfd69948
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 54912df7295624e4.js Show response
io5.c2.ddcsdt.com/upload/script/05/ 114 KB
14 KB 733ms
638ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io5.c2.ddcsdt.com/upload/script/05/54912df7295624e4.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

ef1b4258712b39ecb74ecb6097d73459175544d89aa4187a37a379f2afa05b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[588],EU-GER-frankfurt-EDGE4-CACHE2[581,TCP_MISS,586],EU-GER-frankfurt-GLOBAL1-CACHE2[579],EU-GER-frankfurt-GLOBAL1-CACHE14[575,TCP_MISS,577]
age: 1
x-ccdn-origin-time: 575
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-1c758"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 064bbda2e466d757eebb65a99a830238
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 40d736c278200800.js Show response
io1.c2.ddcsdt.com/upload/script/05/ 51 KB
8 KB 830ms
735ms Script
application/javascript 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/05/40d736c278200800.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

a18f0a7c0003cdb2f74c140f0a8746522f4991816a0013f9867bccd727633661

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE12[679],EU-GER-frankfurt-EDGE2-CACHE15[673,TCP_MISS,677],EU-FRA-paris-GLOBAL1-CACHE15[607],EU-FRA-paris-GLOBAL1-CACHE14[604,TCP_MISS,607]
age: 1
x-ccdn-origin-time: 604
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-cc7c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 5c66292bd811eb8bdc78cb41515c6b2b
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 7783a2d7a2b1cda2.js Show response
io3.c2.ddcsdt.com/upload/script/05/ 28 KB
7 KB 1070ms
622ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io3.c2.ddcsdt.com/upload/script/05/7783a2d7a2b1cda2.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

72b8290aa11145813746fbb847627fcaf15abe524445b17cf63c262a855c0dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE5[570],EU-GER-frankfurt-EDGE5-CACHE4[565,TCP_MISS,568],EU-GER-frankfurt-GLOBAL1-CACHE9[564],EU-GER-frankfurt-GLOBAL1-CACHE4[561,TCP_MISS,562]
age: 1
x-ccdn-origin-time: 561
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-70e4"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: c205d26e51f8ef615b2a994179d345cb
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:14 GMT

GET
H2 200 565a893bcd2e0637.js Show response
io1.c2.ddcsdt.com/upload/script/05/ 80 KB
10 KB 816ms
733ms Script
application/javascript 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/05/565a893bcd2e0637.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

d491e84f31a59a863983c0b6ccf88f791d7305ac596f79e17e05b74b69ba769c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE12[638],EU-GER-frankfurt-EDGE2-CACHE1[632,TCP_MISS,633],EU-FRA-paris-GLOBAL1-CACHE7[614],EU-FRA-paris-GLOBAL1-CACHE2[611,TCP_MISS,613]
age: 1
x-ccdn-origin-time: 611
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-13e00"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: cf58739c1b7cc6ee7afba31904910d3b
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 9f0c74affc6b5bbf.js Show response
io1.c2.ddcsdt.com/upload/script/05/ 117 KB
9 KB 821ms
737ms Script
application/javascript 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/05/9f0c74affc6b5bbf.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

463fa4edf2ecefe2e8f6b3d9f126efa0c9cd6e6ec7d0242e5cc0a74d363421be

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE12[683],EU-GER-frankfurt-EDGE2-CACHE8[680,TCP_MISS,682],EU-FRA-paris-GLOBAL1-CACHE26[615],EU-FRA-paris-GLOBAL1-CACHE26[611,TCP_MISS,613]
age: 1
x-ccdn-origin-time: 611
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-1d5f8"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: de4829950d26af3d66b3d553b4232ae9
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 3daaa40690ef5c42.js Show response
io5.c2.ddcsdt.com/upload/script/05/ 43 KB
8 KB 693ms
610ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io5.c2.ddcsdt.com/upload/script/05/3daaa40690ef5c42.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

d2be58031d25d867b04d511d9803a8be2c366ea3f343a998c67d09466fd46b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[567],EU-GER-frankfurt-EDGE4-CACHE1[562,TCP_MISS,565],EU-GER-frankfurt-GLOBAL1-CACHE7[559],EU-GER-frankfurt-GLOBAL1-CACHE4[556,TCP_MISS,559]
age: 1
x-ccdn-origin-time: 556
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-ad7c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: d2674309c3c13ecfd093c02a0c509c0a
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 eea3bbabd4c0eb1e.js Show response
io5.c2.ddcsdt.com/upload/script/05/ 98 KB
13 KB 718ms
637ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io5.c2.ddcsdt.com/upload/script/05/eea3bbabd4c0eb1e.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

f4c147e862882d5f2a63b007f542509fccded44ce40bb6d1ca18ec03da379eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[584],EU-GER-frankfurt-EDGE4-CACHE2[580,TCP_MISS,582],EU-GER-frankfurt-GLOBAL1-CACHE12[576],EU-GER-frankfurt-GLOBAL1-CACHE2[572,TCP_MISS,575]
age: 1
x-ccdn-origin-time: 572
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-18608"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 35c5d728e034ceac627e1039a8b5f47a
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 d60a0d1c02fb45c0.js Show response
io1.c2.ddcsdt.com/upload/script/05/ 54 KB
8 KB 815ms
734ms Script
application/javascript 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/05/d60a0d1c02fb45c0.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

adb53e11d8f9e4b388129dcf144aef10d874bae33a3aba1f63cbbad51d7547ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE12[642],EU-GER-frankfurt-EDGE2-CACHE15[636,TCP_MISS,639],EU-FRA-paris-GLOBAL1-CACHE22[625],EU-FRA-paris-GLOBAL1-CACHE18[621,TCP_MISS,624]
age: 1
x-ccdn-origin-time: 621
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-d6e4"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: a6cf888a4eba81c27b7a8459c2125968
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 91f69f54e93edf01.js Show response
io4.c2.ddcsdt.com/upload/script/05/ 40 KB
6 KB 694ms
613ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.c2.ddcsdt.com/upload/script/05/91f69f54e93edf01.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

d25e62b82c91279e058d94c746f3a24b9bb706f827b5fc55ad961d086b274524

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[567],EU-GER-frankfurt-EDGE4-CACHE2[562,TCP_MISS,566],EU-GER-frankfurt-GLOBAL1-CACHE4[561],EU-GER-frankfurt-GLOBAL1-CACHE3[556,TCP_MISS,559]
age: 1
x-ccdn-origin-time: 556
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-9e3c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: c4e5034de8ed7e0bb38900b508628eb9
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 da46fdf1940e27bb.js Show response
io4.c2.ddcsdt.com/upload/script/05/ 39 KB
7 KB 710ms
629ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.c2.ddcsdt.com/upload/script/05/da46fdf1940e27bb.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

9cfc9da2793bed78e967ecbc31dcc4706bf1900720c99b9d31d974153901c445

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[582],EU-GER-frankfurt-EDGE4-CACHE1[578,TCP_MISS,581],EU-GER-frankfurt-GLOBAL1-CACHE4[570],EU-GER-frankfurt-GLOBAL1-CACHE5[566,TCP_MISS,569]
age: 1
x-ccdn-origin-time: 566
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-9cf4"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 7eb2ac2bc9bcbab1a7e1e1f40d0948d4
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 1239fcf3beb774d3.js Show response
io4.c2.ddcsdt.com/upload/script/05/ 55 KB
8 KB 702ms
621ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.c2.ddcsdt.com/upload/script/05/1239fcf3beb774d3.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

b30b3c7e69aaf69e1658cbd36bc042b789c29e5b12754c67505a6f493a8d59ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[577],EU-GER-frankfurt-EDGE4-CACHE2[575,TCP_MISS,577],EU-GER-frankfurt-GLOBAL1-CACHE6[572],EU-GER-frankfurt-GLOBAL1-CACHE5[569,TCP_MISS,571]
age: 1
x-ccdn-origin-time: 569
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-db94"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 25940379ac06871a250ff0f142626a13
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 52d68bfdd3b82833.js Show response
io4.c2.ddcsdt.com/upload/script/05/ 74 KB
13 KB 685ms
606ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.c2.ddcsdt.com/upload/script/05/52d68bfdd3b82833.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

a078dc0011aa80cd27270fa2b60c252c17d0c6682894281d1e7d25af67cfdcb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[562],EU-GER-frankfurt-EDGE4-CACHE1[559,TCP_MISS,561],EU-GER-frankfurt-GLOBAL1-CACHE1[556],EU-GER-frankfurt-GLOBAL1-CACHE3[551,TCP_MISS,554]
age: 1
x-ccdn-origin-time: 551
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-12774"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 625d6ae1b0dcd15744a8d16cd83ca870
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 1091355708839f58.js Show response
io4.c2.ddcsdt.com/upload/script/05/ 41 KB
8 KB 690ms
611ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io4.c2.ddcsdt.com/upload/script/05/1091355708839f58.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

be986a394a4553d924a5284232716a6dc93b5791ab4c60c427b3847847eeacd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[567],EU-GER-frankfurt-EDGE4-CACHE2[561,TCP_MISS,564],EU-GER-frankfurt-GLOBAL1-CACHE5[559],EU-GER-frankfurt-GLOBAL1-CACHE10[555,TCP_MISS,557]
age: 1
x-ccdn-origin-time: 555
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-a224"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: d21633496b307d8ed66a790023558f73
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 522f02a87f0d164b.js Show response
io3.c2.ddcsdt.com/upload/script/05/ 94 KB
11 KB 817ms
385ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io3.c2.ddcsdt.com/upload/script/05/522f02a87f0d164b.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

0f603319b1e3db7bdebc6c5394fd4806509cd9be6fb9fc5581e76d3c3a59de7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE5[290],EU-GER-frankfurt-EDGE5-CACHE2[286,TCP_MISS,288],EU-GER-frankfurt-GLOBAL1-CACHE7[282],EU-GER-frankfurt-GLOBAL1-CACHE2[280,TCP_MISS,282]
age: 1
x-ccdn-origin-time: 280
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-178ec"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: f5100b44c28959dc7fb16d17b189070b
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 5f6f1b19b7dd4bf6.js Show response
io2.c2.ddcsdt.com/upload/script/05/ 249 KB
31 KB 694ms
611ms Script
application/javascript 23.90.149.106

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/05/5f6f1b19b7dd4bf6.js

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.90.149.106 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

a9caa3fba522801b641559cb408ecf0f2d2029c3a3df291a63d96cf8f7fb4a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 10 May 2024 12:36:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE4-CACHE1[566],EU-GER-frankfurt-EDGE4-CACHE2[561,TCP_MISS,563],EU-GER-frankfurt-GLOBAL1-CACHE6[282],EU-GER-frankfurt-GLOBAL1-CACHE2[279,TCP_MISS,281]
age: 1
x-ccdn-origin-time: 279
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 10 May 2024 11:22:20 GMT
server: openresty
etag: W/"663e036c-3e338"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 9678f299a01e51954ef5eaf5212eb9f5
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 0
expires: Fri, 17 May 2024 12:36:13 GMT

GET
H2 200 14430f87e139e240f5b48500f18fca Show response
io6.c1.ddcsdt.com/upload/epy/img/202310/e4/ 112 KB
112 KB 346ms
46ms XHR
application/octet-stream 43.152.26.154

General

Check archive.org

Show headers Download Go to

Full URL

https://io6.c1.ddcsdt.com/upload/epy/img/202310/e4/14430f87e139e240f5b48500f18fca

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

43.152.26.154 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

d4614e6253f57d4e1aed7c39258408c8668b36969d858d46ea041e99d55c808e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 03:31:14 GMT
strict-transport-security: max-age=63072000;includeSubDomains
x-cache-lookup: Cache Hit
last-modified: Thu, 05 Oct 2023 03:26:49 GMT
server: nginx
etag: "651e2cf9-1bf54"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=25920000
x-nws-log-uuid: 4115259624223430437
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
content-length: 114516

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 849ms
338ms Script
application/javascript 14.215.182.140

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?7bf9ea6d872c7c95640e19cf91a3506f

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.182.140 -, , ASN (),

Reverse DNS

Software

apache /

Resource Hash

9c345077d1e5caafc738ffc4beb2ac95362a5ecb34bb3cea71aa07a0f3cb443d

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 10 May 2024 12:36:14 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: d61daa12c7dbc0209b56c534f8d22c93
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11265

GET
DATA 200
OK truncated
/ 112 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 703930c58abaa720ee7573050418c47d9b948ee58877bf340adb748fce532537

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 3.html
06715e.x4oi9usn.live/iframe/1/ Frame E69C 17 KB
4 KB 339ms
339ms Document
text/html 18.167.74.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://06715e.x4oi9usn.live:16688/iframe/1/3.html
Requested by: Host: 06715a.com
URL: https://06715a.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.167.74.164 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-167-74-164.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://06715e.x4oi9usn.live:16688/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8 text/html; charset=utf-8
date: Fri, 10 May 2024 12:36:14 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 93507d3b24b69717285d51187c40b3
io9.c1.ddcsdt.com/upload/epy/img/202304/2c/ 38 KB
39 KB 118ms
113ms XHR
application/octet-stream 43.152.26.154

General

Check archive.org

Show headers Download Go to

Full URL

https://io9.c1.ddcsdt.com/upload/epy/img/202304/2c/93507d3b24b69717285d51187c40b3

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

43.152.26.154 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 06:21:15 GMT
strict-transport-security: max-age=63072000;includeSubDomains
x-cache-lookup: Cache Hit
last-modified: Sat, 29 Apr 2023 09:17:21 GMT
server: nginx
etag: "644ce0a1-994e"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=25920000
x-nws-log-uuid: 11232172640338251912
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
content-length: 39246

GET
H2 200 5b695ce5104f9c53f7d756974527fe
io8.c1.ddcsdt.com/upload/epy/img/202404/93/ 45 KB
45 KB 93ms
89ms XHR
application/octet-stream 43.152.26.154

General

Check archive.org

Show headers Download Go to

Full URL

https://io8.c1.ddcsdt.com/upload/epy/img/202404/93/5b695ce5104f9c53f7d756974527fe

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

43.152.26.154 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 30 Apr 2024 06:27:16 GMT
strict-transport-security: max-age=63072000;includeSubDomains
x-cache-lookup: Cache Hit
last-modified: Sun, 28 Apr 2024 13:24:45 GMT
server: nginx
etag: "662e4e1d-b27e"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=25920000
x-nws-log-uuid: 15289661597187807564
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
content-length: 45694

GET
H3 200 59518f0702bf29d6084072f13afe8a
io1.c2.ddcsdt.com/upload/epy/img/202310/2a/ 1 KB
2 KB 151ms
44ms XHR
application/octet-stream 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/epy/img/202310/2a/59518f0702bf29d6084072f13afe8a

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

QUIC, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE2-CACHE15[4],EU-GER-frankfurt-EDGE2-CACHE10[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE15[6],EU-FRA-paris-GLOBAL1-CACHE30[0,TCP_HIT,3]
x-ccdn-cachettl: 2592000
age: 611104
alt-svc: h3=":443"; ma=2592000
content-length: 1134
last-modified: Mon, 23 Oct 2023 07:49:43 GMT
server: openresty
etag: "65362597-46e"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 2460c0d78c7a45f738309424a0a24463
x-ccdn-expires: 1980896
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET
H2 200 604cb6ce5bd330df9dfc5e90db92aa
io6.c1.ddcsdt.com/upload/epy/img/202402/f9/ 53 KB
53 KB 51ms
48ms XHR
application/octet-stream 43.152.26.154

General

Check archive.org

Show headers Download Go to

Full URL

https://io6.c1.ddcsdt.com/upload/epy/img/202402/f9/604cb6ce5bd330df9dfc5e90db92aa

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

43.152.26.154 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 06:27:32 GMT
strict-transport-security: max-age=63072000;includeSubDomains
x-cache-lookup: Cache Hit
last-modified: Thu, 08 Feb 2024 06:57:58 GMT
server: nginx
etag: "65c47b76-d320"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=25920000
x-nws-log-uuid: 16326736225139865706
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
content-length: 54048

GET
H2 200 604cb6ce5bd330df9dfc5e90db92aa
io6.c1.ddcsdt.com/upload/epy/img/202402/f9/ 53 KB
0 117ms
117ms XHR
application/octet-stream 43.152.26.154

General

Check archive.org

Show headers Download Go to

Full URL: https://io6.c1.ddcsdt.com/upload/epy/img/202402/f9/604cb6ce5bd330df9dfc5e90db92aa
Requested by: Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 43.152.26.154 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 30 Mar 2024 06:27:32 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 08 Feb 2024 06:57:58 GMT
server: nginx
etag: "65c47b76-d320"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=25920000
x-nws-log-uuid: 16326736225139865706
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
content-length: 54048

GET
H3 200 60641d2e8ad17
io1.c2.ddcsdt.com/upload/epy/2021/03/31/ 5 KB
6 KB 162ms
55ms XHR
application/octet-stream 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/epy/2021/03/31/60641d2e8ad17

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

QUIC, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE2-CACHE15[5],EU-GER-frankfurt-EDGE2-CACHE1[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE19[442],EU-FRA-paris-GLOBAL1-CACHE2[440,TCP_MISS,442]
x-ccdn-cachettl: 2592000
age: 3225796
alt-svc: h3=":443"; ma=2592000
content-length: 5244
last-modified: Sat, 08 May 2021 11:42:37 GMT
server: openresty
etag: "6096792d-147c"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 773ccfe9e98a647bdcae9c32d85bdfb9
x-ccdn-expires: 1974956
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET
H3 200 7d8fc26cf567a5444988e4a67f00e88f
io3.c2.ddcsdt.com/upload/epy/2023/07/25/ 12 KB
13 KB 170ms
63ms XHR
application/octet-stream 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io3.c2.ddcsdt.com/upload/epy/2023/07/25/7d8fc26cf567a5444988e4a67f00e88f

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

QUIC, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE5-CACHE4[6],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,3],EU-GER-frankfurt-GLOBAL1-CACHE12[4],EU-GER-frankfurt-GLOBAL1-CACHE2[0,TCP_HIT,3]
x-ccdn-cachettl: 2592000
age: 810342
alt-svc: h3=":443"; ma=2592000
content-length: 12594
last-modified: Tue, 25 Jul 2023 14:32:50 GMT
server: openresty
etag: "64bfdd12-3132"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 99767faf36741cc956cf49743040fcd9
x-ccdn-expires: 1781658
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET
H3 200 c32f840c7d0de40877b293b30232d4
io1.c2.ddcsdt.com/upload/epy/img/202401/15/ 22 KB
23 KB 152ms
46ms XHR
application/octet-stream 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/epy/img/202401/15/c32f840c7d0de40877b293b30232d4

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

QUIC, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE2-CACHE15[3],EU-GER-frankfurt-EDGE2-CACHE1[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE30[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
age: 222181
alt-svc: h3=":443"; ma=2592000
content-length: 22986
last-modified: Thu, 04 Jan 2024 09:03:34 GMT
server: openresty
etag: "65967466-59ca"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 5574fb7cc1648909bd5282a49c25886c
x-ccdn-expires: 2369819
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET
H2 200 jylt-bank.png
io1.c2.ddcsdt.com/upload/skin/image/ 3 KB
4 KB 61ms
59ms Image
image/png 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://io1.c2.ddcsdt.com/upload/skin/image/jylt-bank.png

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

f019178b5d57b61f192200341e5a354fcae081eb28768836e25522d447880576

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE2-CACHE12[2],EU-GER-frankfurt-EDGE2-CACHE2[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE2[3],EU-FRA-paris-GLOBAL1-CACHE1[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
age: 3559143
alt-svc: h3=":443"; ma=2592000
content-length: 3444
last-modified: Fri, 24 Sep 2021 07:15:34 GMT
server: openresty
etag: "614d7b16-d74"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: b1392ca96e9119575f1c57b9b172186b
x-ccdn-expires: 1625373
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Mon, 29 Apr 2024 06:21:15 GMT

GET
H2 200 hands.gif
io1.c2.ddcsdt.com/upload/skin/image/ 2 KB
2 KB 64ms
62ms Image
image/gif 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://io1.c2.ddcsdt.com/upload/skin/image/hands.gif

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

1cd58a68382a9c100ea6fe61cbd7e8e4fab4bbf41c8845a7485b8e071ab7d1f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE2-CACHE12[3],EU-GER-frankfurt-EDGE2-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE25[3],EU-FRA-paris-GLOBAL1-CACHE24[0,TCP_HIT,1]
x-ccdn-cachettl: 2592000
age: 3561258
alt-svc: h3=":443"; ma=2592000
content-length: 1630
last-modified: Thu, 29 Jun 2023 05:54:33 GMT
server: openresty
etag: "649d1c99-65e"
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: ba0b168437c37b3fd817c874f4a485c2
x-ccdn-expires: 1623687
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Mon, 29 Apr 2024 06:11:27 GMT

GET
H2 200 kj.css
io1.c2.ddcsdt.com/static/css/ Frame E69C 11 KB
8 KB 107ms
28ms Stylesheet
text/css 223.121.15.24
CMI-INT-HK China ...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/css/kj.css

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/iframe/1/3.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),

Reverse DNS

Software

openresty /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 10 May 2024 12:36:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE12[4],EU-GER-frankfurt-EDGE2-CACHE10[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE11[2],EU-FRA-paris-GLOBAL1-CACHE10[0,TCP_HIT,2]
age: 969050
alt-svc: h3=":443"; ma=2592000
content-length: 7638
last-modified: Fri, 26 Apr 2024 06:51:44 GMT
server: openresty
etag: W/"662b4f00-2b9a"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 359a203b13de8f16df6e7a1a72c03d26
x-ccdn-expires: 1622950
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Mon, 06 May 2024 06:00:48 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 324ms
307ms Image
image/gif 14.215.182.140

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1144938652&si=7bf9ea6d872c7c95640e19cf91a3506f&su=https%3A%2F%2F06715a.com%2F&v=1.3.0&lv=1&sn=31485&r=0&ww=1600&u=https%3A%2F%2F06715e.x4oi9usn.live%3A16688%2F&tt=%E9%A6%99%E6%B8%AF%E5%A4%9C%E6%98%8E%E7%8F%A0

Requested by

Host: 06715e.x4oi9usn.live
URL: https://06715e.x4oi9usn.live:16688/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.182.140 -, , ASN (),

Reverse DNS

Software

apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://06715e.x4oi9usn.live:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 10 May 2024 12:36:14 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
DATA 200
OK truncated
/ 53 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 45 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 38 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 22 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-21 06:05:04	Name: HMACCOUNT_BFESS Value: A9DB48FAA68DBB08
.06715a.com/	1970-01-21 05:14:40	Name: Hm_lvt_edd94c426599867ca8045d6c570422a5 Value: 1715344570
.06715a.com/	1969-12-31 23:59:59	Name: Hm_lpvt_edd94c426599867ca8045d6c570422a5 Value: 1715344570

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://06715a.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://06715a.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://06715e.x4oi9usn.live:16688/(Line 47) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://06715e.x4oi9usn.live:16688/(Line 56) Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06715a.com
06715e.x4oi9usn.live
hm.baidu.com
io1.c2.ddcsdt.com
io2.c2.ddcsdt.com
io3.c2.ddcsdt.com
io4.c2.ddcsdt.com
io5.c2.ddcsdt.com
io6.c1.ddcsdt.com
io8.c1.ddcsdt.com
io9.c1.ddcsdt.com
111.45.3.198
14.215.182.140
18.167.74.164
223.121.15.24
23.90.149.106
43.152.26.154
90.84.161.22
0f603319b1e3db7bdebc6c5394fd4806509cd9be6fb9fc5581e76d3c3a59de7a
1cd58a68382a9c100ea6fe61cbd7e8e4fab4bbf41c8845a7485b8e071ab7d1f2
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747
463fa4edf2ecefe2e8f6b3d9f126efa0c9cd6e6ec7d0242e5cc0a74d363421be
52bc794aecb92d16656507b2681cad751466496a2a31b4d24cc81c92930cf17a
6d900a51e83307e3cb8000a346b84356a1d94068dea83657394e09d5f8a889df
703930c58abaa720ee7573050418c47d9b948ee58877bf340adb748fce532537
72b8290aa11145813746fbb847627fcaf15abe524445b17cf63c262a855c0dca
7e1bb46307f9533bd884999a404c30df1de8ac6254b79b3337ae8342e95f082a
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8da0eee3c161d2de1ce498654ce6be77e8179f93e30e0957858761c35d30c2cd
9c345077d1e5caafc738ffc4beb2ac95362a5ecb34bb3cea71aa07a0f3cb443d
9cfc9da2793bed78e967ecbc31dcc4706bf1900720c99b9d31d974153901c445
a078dc0011aa80cd27270fa2b60c252c17d0c6682894281d1e7d25af67cfdcb2
a18f0a7c0003cdb2f74c140f0a8746522f4991816a0013f9867bccd727633661
a9caa3fba522801b641559cb408ecf0f2d2029c3a3df291a63d96cf8f7fb4a5e
adb53e11d8f9e4b388129dcf144aef10d874bae33a3aba1f63cbbad51d7547ec
b30b3c7e69aaf69e1658cbd36bc042b789c29e5b12754c67505a6f493a8d59ed
be986a394a4553d924a5284232716a6dc93b5791ab4c60c427b3847847eeacd5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d25e62b82c91279e058d94c746f3a24b9bb706f827b5fc55ad961d086b274524
d2be58031d25d867b04d511d9803a8be2c366ea3f343a998c67d09466fd46b98
d4614e6253f57d4e1aed7c39258408c8668b36969d858d46ea041e99d55c808e
d491e84f31a59a863983c0b6ccf88f791d7305ac596f79e17e05b74b69ba769c
d695925b59e9188aa3dd75abe1024f9b8ec994d40139ea7589ad3919dc3f589d
dd59f49b2c60c83552d9b5097a65904eacec7d87da0d0bd9d3a86c5c8930bb10
ef1b4258712b39ecb74ecb6097d73459175544d89aa4187a37a379f2afa05b6c
f019178b5d57b61f192200341e5a354fcae081eb28768836e25522d447880576
f4c147e862882d5f2a63b007f542509fccded44ce40bb6d1ca18ec03da379eea

06715e.x4oi9usn.live Open in urlscan Pro 18.167.74.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

0 %IPv6

4 Domains

11 Subdomains

8 IPs

3 Countries

600 kBTransfer

2169 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

06715e.x4oi9usn.live Open in urlscan Pro
18.167.74.164 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

11
Subdomains

8
IPs

3
Countries

600 kB
Transfer

2169 kB
Size

3
Cookies

44 HTTP transactions
8 data transactions