urlscan.io logo urlscan.io
SecurityTrails logo

www.hotel-sanpaolo.com Open in urlscan Pro
156.232.158.190  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hotel-sanpaolo.com/
Effective URL: http://www.hotel-sanpaolo.com/
Submission: On April 19 via manual from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 17 domains to perform 60 HTTP transactions. The main IP is 156.232.158.190, located in Hong Kong and belongs to DXTL-HK DXTL Tseung Kwan O Service, HK. The main domain is www.hotel-sanpaolo.com.
This is the only time www.hotel-sanpaolo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 156.232.158.190 134548 (DXTL-HK D...)
5 103.235.46.191 55967 (BAIDU Bei...)
1 122.228.91.87 134771 (CHINATELE...)
1 183.131.207.66 136190 (CHINATELE...)
1 154.83.123.131 134548 (DXTL-HK D...)
1 182.61.201.93 38365 (BAIDU Bei...)
1 180.101.212.103 4134 (CHINANET-...)
5 199.180.112.203 25820 (IT7NET)
11 23.224.227.107 40065 (CNSERVERS)
16 2606:4700:10:... 13335 (CLOUDFLAR...)
2 168.235.253.103 53587 (AZT)
1 149.28.77.90 20473 (AS-CHOOPA)
1 47.75.19.88 45102 (CNNIC-ALI...)
1 240e:ff:f101:... 4816 (CHINANET-...)
3 203.205.254.152 132203 (TENCENT-N...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 168.235.253.206 53587 (AZT)
1 168.235.253.202 53587 (AZT)
1 168.235.253.34 53587 (AZT)
1 168.235.253.163 53587 (AZT)
60 21
4    156.232.158.190 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)
hotel-sanpaolo.com
www.hotel-sanpaolo.com
5    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    122.228.91.87 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)
js.users.51.la
1    183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
ia.51.la
1    154.83.123.131 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)
api-four.com
1    182.61.201.93 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
push.zhanzhang.baidu.com
1    180.101.212.103 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
api.share.baidu.com
5    199.180.112.203 (Los Angeles, United States)

ASN25820 (IT7NET, CA)
PTR: 199.180.112.203.16clouds.com
api-6.com
11    23.224.227.107 (United States)

ASN40065 (CNSERVERS, US)
niuniuyi-ngshi.work
16    2606:4700:10::ac43:1f36 (United States)

ASN13335 (CLOUDFLARENET, US)
pic.lbtp88.com
2    168.235.253.103 (United States)

ASN53587 (AZT, US)
3337756.com
3338863.com
1    149.28.77.90 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.77.90.vultr.com
3337735.com
1    47.75.19.88 (Central, Hong Kong)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
3335537.com
1    240e:ff:f101:10::13f (China)

ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN)
p.qlogo.cn
3    203.205.254.152 (Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
p.qlogo.cn
1    2606:4700:3037::ac43:db4e (United States)

ASN13335 (CLOUDFLARENET, US)
77piclive.com
1    168.235.253.206 (United States)

ASN53587 (AZT, US)
3337726.com
1    168.235.253.202 (United States)

ASN53587 (AZT, US)
3337729.com
1    168.235.253.34 (United States)

ASN53587 (AZT, US)
fiehff.com
1    168.235.253.163 (United States)

ASN53587 (AZT, US)
3337780.com
Domain Requested by
16 pic.lbtp88.com niuniuyi-ngshi.work
11 niuniuyi-ngshi.work api-6.com
niuniuyi-ngshi.work
5 api-6.com www.hotel-sanpaolo.com
api-6.com
5 hm.baidu.com www.hotel-sanpaolo.com
api-6.com
niuniuyi-ngshi.work
4 p.qlogo.cn niuniuyi-ngshi.work
3 www.hotel-sanpaolo.com www.hotel-sanpaolo.com
1 3338863.com niuniuyi-ngshi.work
1 3337780.com niuniuyi-ngshi.work
1 fiehff.com niuniuyi-ngshi.work
1 3337729.com niuniuyi-ngshi.work
1 3337726.com niuniuyi-ngshi.work
1 77piclive.com niuniuyi-ngshi.work
1 3335537.com niuniuyi-ngshi.work
1 3337735.com niuniuyi-ngshi.work
1 3337756.com niuniuyi-ngshi.work
1 api.share.baidu.com www.hotel-sanpaolo.com
1 push.zhanzhang.baidu.com www.hotel-sanpaolo.com
1 api-four.com www.hotel-sanpaolo.com
1 ia.51.la www.hotel-sanpaolo.com
1 js.users.51.la www.hotel-sanpaolo.com
1 hotel-sanpaolo.com 1 redirects
60 21

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2020-08-27 -
2022-04-19		 2 years crt.sh
www.api-four.com
R3		 2021-04-05 -
2021-07-04		 3 months crt.sh
api-6.com
R3		 2021-04-05 -
2021-07-04		 3 months crt.sh
niuniuyi-ngshi.work
R3		 2021-04-03 -
2021-07-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-09-18 -
2021-09-18		 a year crt.sh
3337756.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-24 -
2021-11-24		 a year crt.sh
3337735.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-24 -
2021-11-24		 a year crt.sh
3335537.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-24 -
2021-11-24		 a year crt.sh
*.qpic.cn
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-16 -
2021-06-17		 a year crt.sh
3337726.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-24 -
2021-11-24		 a year crt.sh
3337729.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-24 -
2021-11-24		 a year crt.sh
fiehff.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-23 -
2021-09-23		 a year crt.sh
3337780.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-24 -
2021-11-24		 a year crt.sh
3338863.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-24 -
2021-11-24		 a year crt.sh

This page contains 2 frames:

Primary Page: http://www.hotel-sanpaolo.com/
Frame ID: 71FC96DFC1142A52E92103138396B049
Requests: 10 HTTP requests in this frame

Frame: https://niuniuyi-ngshi.work/?tt=1618835254311
Frame ID: C97EEAD23A125C432888DB2910F76C1E
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://hotel-sanpaolo.com/ HTTP 301
    http://www.hotel-sanpaolo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

60
Requests

87 %
HTTPS

15 %
IPv6

17
Domains

21
Subdomains

21
IPs

3
Countries

4165 kB
Transfer

4766 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hotel-sanpaolo.com/ HTTP 301
    http://www.hotel-sanpaolo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hotel-sanpaolo.com/
Redirect Chain
  • http://hotel-sanpaolo.com/
  • http://www.hotel-sanpaolo.com/
797 B
938 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.hotel-sanpaolo.com/
Protocol
HTTP/1.1
Server
156.232.158.190 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
771816d46f0fa1efb273f79315e324b6ee619e0569505e797a2bdae2cdf7b73b

Request headers

Host
www.hotel-sanpaolo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 19 Apr 2021 12:27:29 GMT
Content-Type
text/html
Content-Length
797
Connection
keep-alive

Redirect headers

Server
nginx
Date
Mon, 19 Apr 2021 12:27:28 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Location
http://www.hotel-sanpaolo.com/
tj.js
www.hotel-sanpaolo.com/ 		366 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.hotel-sanpaolo.com/tj.js
Requested by
Host: www.hotel-sanpaolo.com
URL: http://www.hotel-sanpaolo.com/
Protocol
HTTP/1.1
Server
156.232.158.190 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
c6f6b33eb149744675162d51cc190ceb03f1dca8cf69f1e8aa1d39ed95e7127d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.hotel-sanpaolo.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.hotel-sanpaolo.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.hotel-sanpaolo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 12:27:29 GMT
Server
nginx
Connection
keep-alive
Content-Length
366
Content-Type
application/x-javascript
common.js
www.hotel-sanpaolo.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.hotel-sanpaolo.com/common.js
Requested by
Host: www.hotel-sanpaolo.com
URL: http://www.hotel-sanpaolo.com/
Protocol
HTTP/1.1
Server
156.232.158.190 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
fb3944f28defb1c891f0595cdbd2cc3cb271f9bcd44f58d25efab48ad2970b1a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.hotel-sanpaolo.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
*/*
Referer
http://www.hotel-sanpaolo.com/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.hotel-sanpaolo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 12:27:29 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/x-javascript
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?8dd815ed8a74dfcd3b2b500a05515950
Requested by
Host: www.hotel-sanpaolo.com
URL: http://www.hotel-sanpaolo.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
293ffdaff59aa12de61cc76c1ceafc61453acbd7fa2842343e8ae211121d05b2
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://www.hotel-sanpaolo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 12:27:30 GMT
Content-Encoding
gzip
Server
apache
Etag
7efbeb6531ba32d54ba56ed7adeebc36
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14041
20969939.js
js.users.51.la/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/20969939.js
Requested by
Host: www.hotel-sanpaolo.com
URL: http://www.hotel-sanpaolo.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
122.228.91.87 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
d9c03bf5bb0585657cb6bd5931613d3484d95972228e5bd23277010cd215760b

Request headers

Referer
http://www.hotel-sanpaolo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id
20969939
Date
Mon, 19 Apr 2021 12:27:31 GMT
Content-Encoding
gzip
X-Ws-Request-Id
607d7733_ianxin167_47596-1288
Age
78786
Transfer-Encoding
chunked
X-Via
1.1 zhshx11:8 (Cdn Cache Server V2.0)[0 200 0], 1.1 PSjsyzdx6jg55:4 (Cdn Cache Server V2.0)[52 200 2], 1.1 zhdx112:4 (Cdn Cache Server V2.0)[1 200 0]
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
Request-Id
000001771B9079FF941090E9E4B00A19
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSrckSxxKFIgF7a+sbHpBQwErSS+ysvK
Last-Modified
Sat Oct 24 15:29:28 CST 2020
Server
nginx/1.14.0
ETag
"aad96f200fbad46fc525f676c53376c7"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
version-id
G001117559832750FFFF941252FC7B4B
go1
ia.51.la/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ia.51.la/go1?id=20969939&rt=1618835251711&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1618835251711&tt=%25E6%2589%25AC%25E5%25B7%259E%25E8%25B8%258A%25E7%25BC%2598%25E7%2589%25A9%25E8%2581%2594%25E7%25BD%2591%25E7%25A7%2591%25E6%258A%2580%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.hotel-sanpaolo.com%252F&pu=
Requested by
Host: www.hotel-sanpaolo.com
URL: http://www.hotel-sanpaolo.com/
Protocol
HTTP/1.1
Server
183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hotel-sanpaolo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 12:27:32 GMT
Server
CloudWAF
Connection
keep-alive
Content-Length
0
common.php
api-four.com/ 		278 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-four.com/common.php?val=niuniuchuanmei&t=0.03829452195484473?v=039859123472608937
Requested by
Host: www.hotel-sanpaolo.com
URL: http://www.hotel-sanpaolo.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.83.123.131 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
efdf925c1f35044bfd781eb5975e01181b6aac0584e9bf1538b4aff1a92172ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.hotel-sanpaolo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:32 GMT
server
nginx
strict-transport-security
max-age=31536000
access-control-allow-methods
POST,GET,OPTIONS,DELETE
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
push.js
push.zhanzhang.baidu.com/ 		281 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
http://push.zhanzhang.baidu.com/push.js
Requested by
Host: www.hotel-sanpaolo.com
URL: http://www.hotel-sanpaolo.com/
Protocol
HTTP/1.1
Server
182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

Referer
http://www.hotel-sanpaolo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 12:27:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:47:55 GMT
Server
apache
Etag
"4078521116"
Vary
Accept-Encoding
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
227
Expires
Tue, 19 Apr 2022 12:27:32 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1208849919&si=8dd815ed8a74dfcd3b2b500a05515950&v=1.2.80&lv=1&sn=55217&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.hotel-sanpaolo.com%2F&tt=%E6%89%AC%E5%B7%9E%E8%B8%8A%E7%BC%98%E7%89%A9%E8%81%94%E7%BD%91%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: www.hotel-sanpaolo.com
URL: http://www.hotel-sanpaolo.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://www.hotel-sanpaolo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 12:27:32 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
s.gif
api.share.baidu.com/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://api.share.baidu.com/s.gif?l=http://www.hotel-sanpaolo.com/
Requested by
Host: www.hotel-sanpaolo.com
URL: http://www.hotel-sanpaolo.com/
Protocol
HTTP/1.1
Server
180.101.212.103 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.hotel-sanpaolo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 12:27:32 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
/
api-6.com/ Frame C97E 		807 B
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api-6.com/?tt=1618835252
Requested by
Host: www.hotel-sanpaolo.com
URL: http://www.hotel-sanpaolo.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.180.112.203 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
199.180.112.203.16clouds.com
Software
nginx /
Resource Hash
604bf0039a2d2f4baddf125dd05299c8fd261b21fc78f576abd7d492a3fd7d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
api-6.com
:scheme
https
:path
/?tt=1618835252
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.hotel-sanpaolo.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://www.hotel-sanpaolo.com/

Response headers

server
nginx
date
Mon, 19 Apr 2021 12:27:33 GMT
content-type
text/html
content-length
807
last-modified
Mon, 05 Apr 2021 06:27:29 GMT
etag
"606aadd1-327"
strict-transport-security
max-age=31536000
accept-ranges
bytes
jquery-3.5.1.min.js
api-6.com/js/ Frame C97E 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-6.com/js/jquery-3.5.1.min.js
Requested by
Host: api-6.com
URL: https://api-6.com/?tt=1618835252
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.180.112.203 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
199.180.112.203.16clouds.com
Software
nginx /
Resource Hash
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://api-6.com/?tt=1618835252
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:33 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 08:16:16 GMT
server
nginx
etag
W/"60642fd0-15d86"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Tue, 20 Apr 2021 00:27:33 GMT
json.js
api-6.com/js/ Frame C97E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api-6.com/js/json.js
Requested by
Host: api-6.com
URL: https://api-6.com/?tt=1618835252
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.180.112.203 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
199.180.112.203.16clouds.com
Software
nginx /
Resource Hash
be0a924d0ffb70922c4c639cad1cc11a794fd18163f62685a804b9c1c32ee2db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://api-6.com/?tt=1618835252
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:33 GMT
content-encoding
gzip
last-modified
Mon, 05 Apr 2021 06:26:32 GMT
server
nginx
etag
W/"606aad98-1a80"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Tue, 20 Apr 2021 00:27:33 GMT
hm.js
hm.baidu.com/ Frame C97E 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3
Requested by
Host: api-6.com
URL: https://api-6.com/?tt=1618835252
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
8649b5ae9f0987d1e36763bda7201bc06aae11753f0e5a3a287ccbe4fb26bdff
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://api-6.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 12:27:34 GMT
Content-Encoding
gzip
Server
apache
Etag
dc387d2905ed4104ba755c8b3a60c6da
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14034
config.json
api-6.com/js/ Frame C97E 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-6.com/js/config.json?refresh=2021419Mon%20Apr%2019%202021%2014:27:34%20GMT+0200%20(Central%20European%20Summer%20Time)
Requested by
Host: api-6.com
URL: https://api-6.com/js/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.180.112.203 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
199.180.112.203.16clouds.com
Software
nginx /
Resource Hash
1fbea9fda51f192866a3daf54890ffde73a63962928bee75a471187a7a4a74d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://api-6.com/?tt=1618835252
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:34 GMT
last-modified
Fri, 09 Apr 2021 13:31:46 GMT
server
nginx
etag
"60705742-552"
strict-transport-security
max-age=31536000
content-type
application/json
accept-ranges
bytes
content-length
1362
getClientLastAccess
api-6.com/api/ Frame C97E 		62 B
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-6.com/api/getClientLastAccess
Requested by
Host: api-6.com
URL: https://api-6.com/js/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.180.112.203 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
199.180.112.203.16clouds.com
Software
nginx /
Resource Hash
ceda8f03ed2096114bc7d14faea18753d8911c253972c573c581670f3d6d1243
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Referer
https://api-6.com/?tt=1618835252
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 19 Apr 2021 12:27:34 GMT
server
nginx
content-length
62
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
/
niuniuyi-ngshi.work/ Frame C97E 		23 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://niuniuyi-ngshi.work/?tt=1618835254311
Requested by
Host: api-6.com
URL: https://api-6.com/js/json.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.227.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
3419585c00f121009cd3210fbf81943e290d153e7c03c7d5ed187f7e17341b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
niuniuyi-ngshi.work
:scheme
https
:path
/?tt=1618835254311
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://api-6.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://api-6.com/

Response headers

server
nginx
date
Mon, 19 Apr 2021 12:27:35 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-content-type-options
nosniff
content-encoding
gzip
hm.gif
hm.baidu.com/ Frame C97E 		0
0
hm.gif
hm.baidu.com/ Frame C97E 		0
0
bootstrap.min.css
niuniuyi-ngshi.work/template/m1938pc_3_29/images/css/ Frame C97E 		142 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://niuniuyi-ngshi.work/template/m1938pc_3_29/images/css/bootstrap.min.css
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.227.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
e6f8716e1feeac16451103512b9abf255a97985e9325b9bcc8850f29f0a0f4a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://niuniuyi-ngshi.work/?tt=1618835254311
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Aug 2019 05:14:44 GMT
server
nginx
etag
W/"5d4bafc4-2381d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000; includeSubdomains; preload
expires
Tue, 20 Apr 2021 00:27:35 GMT
swiper.min.css
niuniuyi-ngshi.work/template/m1938pc_3_29/images/css/ Frame C97E 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://niuniuyi-ngshi.work/template/m1938pc_3_29/images/css/swiper.min.css
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.227.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
46525cb298d262696150996f8731fe08bd6727c7e33f2dc8222ae40f1543dfe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://niuniuyi-ngshi.work/?tt=1618835254311
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Aug 2019 05:15:24 GMT
server
nginx
etag
W/"5d4bafec-456d"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000; includeSubdomains; preload
expires
Tue, 20 Apr 2021 00:27:35 GMT
style.css
niuniuyi-ngshi.work/template/m1938pc_3_29/images/css/ Frame C97E 		62 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://niuniuyi-ngshi.work/template/m1938pc_3_29/images/css/style.css
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.227.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
825187a0e320c91e0b915b82e00d2acbd73a30be6412c8af42a03447b877333a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://niuniuyi-ngshi.work/?tt=1618835254311
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 16:09:01 GMT
server
nginx
etag
W/"60634d1d-f8fb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000; includeSubdomains; preload
expires
Tue, 20 Apr 2021 00:27:35 GMT
white.css
niuniuyi-ngshi.work/template/m1938pc_3_29/images/css/ Frame C97E 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://niuniuyi-ngshi.work/template/m1938pc_3_29/images/css/white.css
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.227.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
71512f11117e91747c7794c72930eea5151d8ca0d4cffd9ec424d4d42d285829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://niuniuyi-ngshi.work/?tt=1618835254311
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Aug 2019 03:59:30 GMT
server
nginx
etag
W/"5d4b9e22-28b6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000; includeSubdomains; preload
expires
Tue, 20 Apr 2021 00:27:35 GMT
mm-content.css
niuniuyi-ngshi.work/template/m1938pc_3_29/images/css/ Frame C97E 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://niuniuyi-ngshi.work/template/m1938pc_3_29/images/css/mm-content.css
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.227.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
cb7371506a3185ea6bf15be80f68e6982654c2bc6ae3805d1ff324e614a0c973
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://niuniuyi-ngshi.work/?tt=1618835254311
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 11:11:21 GMT
server
nginx
etag
W/"60630759-2731"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000; includeSubdomains; preload
expires
Tue, 20 Apr 2021 00:27:35 GMT
jquery.js
niuniuyi-ngshi.work/static/js/ Frame C97E 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://niuniuyi-ngshi.work/static/js/jquery.js
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.227.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://niuniuyi-ngshi.work/?tt=1618835254311
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Aug 2020 02:10:40 GMT
server
nginx
etag
W/"5f39e720-169d5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000; includeSubdomains; preload
expires
Tue, 20 Apr 2021 00:27:35 GMT
jquery.config.js
niuniuyi-ngshi.work/template/m1938pc_3_29/images/js/ Frame C97E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://niuniuyi-ngshi.work/template/m1938pc_3_29/images/js/jquery.config.js
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.227.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
4f9a6b4c379bc277a0744a10d12b398fd5aaf28993e074899b9504e4f8ccdacd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://niuniuyi-ngshi.work/?tt=1618835254311
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 31 Mar 2021 11:19:53 GMT
server
nginx
etag
W/"60645ad9-259b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000; includeSubdomains; preload
expires
Tue, 20 Apr 2021 00:27:35 GMT
logo.png
niuniuyi-ngshi.work/template/m1938pc_3_29/images/images/ Frame C97E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niuniuyi-ngshi.work/template/m1938pc_3_29/images/images/logo.png
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.227.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
d37424c026e19e399be0197a97e6b24ac31af44337ddcf24a4204a06c133ed08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://niuniuyi-ngshi.work/?tt=1618835254311
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 30 Mar 2021 13:30:36 GMT
server
nginx
etag
"606327fc-30b4"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
12468
expires
Wed, 19 May 2021 12:27:36 GMT
fb.gif
niuniuyi-ngshi.work/template/m1938pc_3_29/images/images/ Frame C97E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://niuniuyi-ngshi.work/template/m1938pc_3_29/images/images/fb.gif
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.227.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
7a5bd67e35aff660feb63f5844393e371e23821687baea6fa6fdb653e5c8f2ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://niuniuyi-ngshi.work/?tt=1618835254311
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Aug 2019 03:59:30 GMT
server
nginx
etag
"5d4b9e22-be9"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3049
expires
Wed, 19 May 2021 12:27:36 GMT
hm.js
hm.baidu.com/ Frame C97E 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
6f23dc069ee8ffa74c15a0bf512d1194664f4605eb579fc1e6adc53e7251da26
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 19 Apr 2021 12:27:36 GMT
Content-Encoding
gzip
Server
apache
Etag
d6d0210f824ab97a28ecb744e2a9de58
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14034
yrb2l1xv4xf0721yrb2l1xv4xf3319222.jpg
pic.lbtp88.com/upload/vod/2019/11-08/07/ Frame C97E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/07/yrb2l1xv4xf0721yrb2l1xv4xf3319222.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe5886f700ff03c067641bdcba4aad3bba7dbb5e82298bac70c972d766dcfaab

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
4152
cf-polished
qual=85, origFmt=jpeg, origSize=11751
content-disposition
inline; filename="yrb2l1xv4xf0721yrb2l1xv4xf3319222.webp"
content-length
11180
cf-request-id
098bb2cb0000004e2b3da31000000001
last-modified
Thu, 07 Nov 2019 23:21:33 GMT
server
cloudflare
etag
"c234d617c295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be69c14e2b-FRA
cf-bgj
imgq:85,h2pri
k1s2bquaknq0721k1s2bquaknq4919230.jpg
pic.lbtp88.com/upload/vod/2019/11-08/07/ Frame C97E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/07/k1s2bquaknq0721k1s2bquaknq4919230.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18042362a66081bb0b19771e4074e8bb981f78641f3c087159a6869838b9525f

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
4152
cf-polished
qual=85, origFmt=jpeg, origSize=11935
content-disposition
inline; filename="k1s2bquaknq0721k1s2bquaknq4919230.webp"
content-length
9750
cf-request-id
098bb2cb0000004e2b30a68000000001
last-modified
Thu, 07 Nov 2019 23:21:49 GMT
server
cloudflare
etag
"9f624521c295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be69c84e2b-FRA
cf-bgj
imgq:85,h2pri
lvc5v52shai0722lvc5v52shai0519240.jpg
pic.lbtp88.com/upload/vod/2019/11-08/07/ Frame C97E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/07/lvc5v52shai0722lvc5v52shai0519240.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c048a748499e00d7d528c760820d67aba7f5c11affdbb178c1205168470b6826

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
4152
cf-polished
qual=85, origFmt=jpeg, origSize=13266
content-disposition
inline; filename="lvc5v52shai0722lvc5v52shai0519240.webp"
content-length
11054
cf-request-id
098bb2cb0200004e2b47b5c000000001
last-modified
Thu, 07 Nov 2019 23:22:05 GMT
server
cloudflare
etag
"2c50352bc295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be69cb4e2b-FRA
cf-bgj
imgq:85,h2pri
dj2n53ffh130722dj2n53ffh132119248.jpg
pic.lbtp88.com/upload/vod/2019/11-08/07/ Frame C97E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/07/dj2n53ffh130722dj2n53ffh132119248.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de734e479be1bed54b278010e356f78fc3ce8ae8ff627095ddcd6d6e3422b04c

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
4152
cf-polished
qual=85, origFmt=jpeg, origSize=9950
content-disposition
inline; filename="dj2n53ffh130722dj2n53ffh132119248.webp"
content-length
8714
cf-request-id
098bb2cb0100004e2b3a920000000001
last-modified
Thu, 07 Nov 2019 23:22:21 GMT
server
cloudflare
etag
"24b99f34c295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be69cc4e2b-FRA
cf-bgj
imgq:85,h2pri
cwn0c4d0tfh1801cwn0c4d0tfh5829870.jpg
pic.lbtp88.com/upload/vod/2020/04-30/18/ Frame C97E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2020/04-30/18/cwn0c4d0tfh1801cwn0c4d0tfh5829870.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dff3b10d2fc0c7b2e68efc880cfceebe7a4e5e3dc9fb9d535e00a102c43f2e8

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
5902
cf-polished
qual=85, origFmt=jpeg, origSize=9064
content-disposition
inline; filename="cwn0c4d0tfh1801cwn0c4d0tfh5829870.webp"
content-length
8172
cf-request-id
098bb2cb0100004e2b579a8000000001
last-modified
Thu, 30 Apr 2020 10:01:58 GMT
server
cloudflare
etag
"9aeeb062d61ed61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be69cf4e2b-FRA
cf-bgj
imgq:85,h2pri
dz2t4qpgbt50332dz2t4qpgbt5315628.jpg
pic.lbtp88.com/upload/vod/2019/11-08/03/ Frame C97E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/03/dz2t4qpgbt50332dz2t4qpgbt5315628.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84a16df40e29e7f33bc8a7a8a8a33933f52a90572172ae20353d3e89c7d6b0a

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
106
cf-polished
qual=85, origFmt=jpeg, origSize=11051
content-disposition
inline; filename="dz2t4qpgbt50332dz2t4qpgbt5315628.webp"
content-length
9736
cf-request-id
098bb2cb0100004e2b71a8d000000001
last-modified
Thu, 07 Nov 2019 19:32:31 GMT
server
cloudflare
etag
"57f3d19a295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be69d14e2b-FRA
cf-bgj
imgq:85,h2pri
avrc2ldfbdr0332avrc2ldfbdr485658.jpg
pic.lbtp88.com/upload/vod/2019/11-08/03/ Frame C97E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/03/avrc2ldfbdr0332avrc2ldfbdr485658.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df511d15dc788172d3b4e8240a6e0e02283bf2192cdcec57c3fb8868a13cd0e3

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
106
cf-polished
qual=85, origFmt=jpeg, origSize=10482
content-disposition
inline; filename="avrc2ldfbdr0332avrc2ldfbdr485658.webp"
content-length
9328
cf-request-id
098bb2cb1000004e2b1836f000000001
last-modified
Thu, 07 Nov 2019 19:32:48 GMT
server
cloudflare
etag
"1527f622a295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be8a054e2b-FRA
cf-bgj
imgq:85,h2pri
vjbd24keapn0333vjbd24keapn035687.jpg
pic.lbtp88.com/upload/vod/2019/11-08/03/ Frame C97E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/03/vjbd24keapn0333vjbd24keapn035687.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05fc5ba180d3037aa3e1f9fb945e0c3d5aba87983b8c482fd75182ed1c409851

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
106
cf-polished
qual=85, origFmt=jpeg, origSize=10651
content-disposition
inline; filename="vjbd24keapn0333vjbd24keapn035687.webp"
content-length
9886
cf-request-id
098bb2cb1000004e2b37062000000001
last-modified
Thu, 07 Nov 2019 19:33:03 GMT
server
cloudflare
etag
"84cc5b2ca295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be8a084e2b-FRA
cf-bgj
imgq:85,h2pri
ebtryonlwqr0333ebtryonlwqr195719.jpg
pic.lbtp88.com/upload/vod/2019/11-08/03/ Frame C97E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/03/ebtryonlwqr0333ebtryonlwqr195719.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c848d0ac3132c9ac5901d7722e7b806e9f10fedb67574d4f2e1d53b3ed6a01e3

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
106
cf-polished
qual=85, origFmt=jpeg, origSize=11866
content-disposition
inline; filename="ebtryonlwqr0333ebtryonlwqr195719.webp"
content-length
11144
cf-request-id
098bb2cb1000004e2b24123000000001
last-modified
Thu, 07 Nov 2019 19:33:19 GMT
server
cloudflare
etag
"8ad3c335a295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be8a094e2b-FRA
cf-bgj
imgq:85,h2pri
oelvlu52tqw0334oelvlu52tqw555867.jpg
pic.lbtp88.com/upload/vod/2019/11-08/03/ Frame C97E 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/03/oelvlu52tqw0334oelvlu52tqw555867.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7be05c999a7a7301235a713d464f74b9b359fbf300b55eea70addf3f9f66bf8

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
302
cf-polished
origSize=16805, status=webp_bigger
content-length
15884
cf-request-id
098bb2cb1000004e2b92b8f000000001
last-modified
Thu, 07 Nov 2019 19:34:55 GMT
server
cloudflare
etag
"1abad36ea295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be8a0a4e2b-FRA
cf-bgj
imgq:85,h2pri
ique34jajyg0335ique34jajyg115897.jpg
pic.lbtp88.com/upload/vod/2019/11-08/03/ Frame C97E 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/03/ique34jajyg0335ique34jajyg115897.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
572ce6dcb585b9762e5fb16b8ae0e3ff1cc7b0599df963fdff15400beb3d7601

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
302
cf-polished
origSize=14425, status=webp_bigger
content-length
13667
cf-request-id
098bb2cb1100004e2b1b373000000001
last-modified
Thu, 07 Nov 2019 19:35:11 GMT
server
cloudflare
etag
"35708a78a295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be8a0b4e2b-FRA
cf-bgj
imgq:85,h2pri
2fk45epy1up03352fk45epy1up275927.jpg
pic.lbtp88.com/upload/vod/2019/11-08/03/ Frame C97E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/03/2fk45epy1up03352fk45epy1up275927.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732bb3723273f5c3c912975f29252659e63a2fae43c5aef7d9cd768cc488a595

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
106
cf-polished
qual=85, origFmt=jpeg, origSize=10579
content-disposition
inline; filename="2fk45epy1up03352fk45epy1up275927.webp"
content-length
9158
cf-request-id
098bb2cb1100004e2b3da33000000001
last-modified
Thu, 07 Nov 2019 19:35:27 GMT
server
cloudflare
etag
"789c1882a295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be8a0d4e2b-FRA
cf-bgj
imgq:85,h2pri
o2selen1kky0335o2selen1kky435957.jpg
pic.lbtp88.com/upload/vod/2019/11-08/03/ Frame C97E 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2019/11-08/03/o2selen1kky0335o2selen1kky435957.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a38de24bf1b03ba85ff8ce0913270ee6e9e5d837717f7f0dc645f8c99347969d

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
106
cf-polished
qual=85, origFmt=jpeg, origSize=11323
content-disposition
inline; filename="o2selen1kky0335o2selen1kky435957.webp"
content-length
9776
cf-request-id
098bb2cb1100004e2b5501e000000001
last-modified
Thu, 07 Nov 2019 19:35:43 GMT
server
cloudflare
etag
"3f78b78ba295d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be8a0e4e2b-FRA
cf-bgj
imgq:85,h2pri
umwn54nszj50601umwn54nszj55110205.jpg
pic.lbtp88.com/upload/vod/2020/04-23/06/ Frame C97E 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2020/04-23/06/umwn54nszj50601umwn54nszj55110205.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deb9217e96190d0b81886e11615cf41851252f10d5da57f5546ac187394599e4

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
3193
cf-polished
qual=85, origFmt=jpeg, origSize=11425
content-disposition
inline; filename="umwn54nszj50601umwn54nszj55110205.webp"
content-length
10496
cf-request-id
098bb2cb1100004e2b6eae0000000001
last-modified
Wed, 22 Apr 2020 22:01:51 GMT
server
cloudflare
etag
"205cb7a0f118d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be8a104e2b-FRA
cf-bgj
imgq:85,h2pri
rxcqxj2dt5q0601rxcqxj2dt5q5210207.jpg
pic.lbtp88.com/upload/vod/2020/04-23/06/ Frame C97E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2020/04-23/06/rxcqxj2dt5q0601rxcqxj2dt5q5210207.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19d876f3b092b5e110339165a730f870b9e0e15a3e40a326f2ea41de6de02c53

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
3193
cf-polished
qual=85, origFmt=jpeg, origSize=10594
content-disposition
inline; filename="rxcqxj2dt5q0601rxcqxj2dt5q5210207.webp"
content-length
8206
cf-request-id
098bb2cb1100004e2b30a6a000000001
last-modified
Wed, 22 Apr 2020 22:01:52 GMT
server
cloudflare
etag
"8bb935a1f118d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be8a114e2b-FRA
cf-bgj
imgq:85,h2pri
xecsxufmunq0601xecsxufmunq5310209.jpg
pic.lbtp88.com/upload/vod/2020/04-23/06/ Frame C97E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.lbtp88.com/upload/vod/2020/04-23/06/xecsxufmunq0601xecsxufmunq5310209.jpg
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa20ac1622ff76109fafd59df1c432cb0c5b7d10122fd7c8d9977efd7c3c9d3c

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
cf-cache-status
HIT
age
3193
cf-polished
origSize=11456, status=webp_bigger
content-length
10968
cf-request-id
098bb2cb1100004e2b5490b000000001
last-modified
Wed, 22 Apr 2020 22:01:53 GMT
server
cloudflare
etag
"3b16b4a1f118d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
642620be8a124e2b-FRA
cf-bgj
imgq:85,h2pri
advertised.json
niuniuyi-ngshi.work/template/m1938pc_3_29/html/advertised/ Frame C97E 		26 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://niuniuyi-ngshi.work/template/m1938pc_3_29/html/advertised/advertised.json?refresh=2021419Mon%20Apr%2019%202021%2014:27:36%20GMT+0200%20(Central%20European%20Summer%20Time)
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/static/js/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.224.227.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx /
Resource Hash
275a88ee75412253e1d05b5e997bfa2e764de0b7849b28de55fac1c06dbbfdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://niuniuyi-ngshi.work/?tt=1618835254311
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 10:57:46 GMT
server
nginx
etag
"607d622a-6615"
strict-transport-security
max-age=31536000; includeSubdomains; preload
content-type
application/json
accept-ranges
bytes
content-length
26133
dfe8ceab8f384bb6851cf2a628b25185.gif
3337756.com/ Frame C97E 		335 KB
336 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3337756.com/dfe8ceab8f384bb6851cf2a628b25185.gif
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.235.253.103 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
7c376d20373835e52e89601bd4db23e3edbf03412b50ecfa68967a3bcd45f3ec

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 08:11:35 GMT
last-modified
Mon, 29 Mar 2021 10:53:54 GMT
server
nginx
etag
"6061b1c2-53d1e"
x-cache
HIT from cloud-us2-cdnb-03
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
343326
1d9b82a5b09f4be3a1e15ef712f858cb.gif
3337735.com/ Frame C97E 		441 KB
442 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3337735.com/1d9b82a5b09f4be3a1e15ef712f858cb.gif
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.28.77.90 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.77.90.vultr.com
Software
nginx /
Resource Hash
fc290aaa45502beab368f2be161d55f021de59515545660086f3851438e1ca21

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 06:54:56 GMT
last-modified
Mon, 29 Mar 2021 11:20:54 GMT
server
nginx
etag
"6061b816-6e517"
x-cache
HIT from vultr-la6-g01-yd11-02-0003
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
451863
9b906fde7da241f182503d380c978b4b.gif
3335537.com/ Frame C97E 		454 KB
455 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3335537.com/9b906fde7da241f182503d380c978b4b.gif
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.75.19.88 Central, Hong Kong, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
efa51675f235c7616b2c1f2e1018720e71442c7f9a0e9e1a12c4d2ca5a025d98

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Mon, 19 Apr 2021 12:27:37 GMT
x-oss-request-id
607D77395337553131F3573F
Last-Modified
Wed, 31 Mar 2021 11:37:07 GMT
Server
AliyunOSS
Content-MD5
D9cIsS1uXjCrmHKW6UTzqQ==
ETag
"0FD708B12D6E5E30AB987296E944F3A9"
Content-Type
image/gif
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
713976486191893537
Content-Length
465004
x-oss-server-time
2
0
p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956Nibqaia90bvqjpicURktAv30QMXqR3zeFTo9OzgDWTtC0jPics/ Frame C97E 		208 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956Nibqaia90bvqjpicURktAv30QMXqR3zeFTo9OzgDWTtC0jPics/0
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:ff:f101:10::13f , China, ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN),
Reverse DNS
Software
NWSs /
Resource Hash

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-DataSrc
2
Date
Mon, 19 Apr 2021 12:27:38 GMT
Size
427087
Connection
keep-alive
Content-Length
427087
X-Info
real data
X-ReqGue
0
User-ReturnCode
0
fid
0
Last-Modified
Wed, 31 Mar 2021 16:49:09 GMT
Server
NWSs
X-Cpt
filename=0
Vary
Accept,Origin
chid
0
X-Delay
94 us
Cache-Control
max-age=2592000
X-BCheck
0_1
X-NWS-LOG-UUID
617509d7-7888-4113-9d7d-1f9ed023d674
Content-Type
image/gif
0
p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956Nibqaia90bvqjpicUqIG0kAOCzJSSM84FMWibwI8pp4IkGXlxM/ Frame C97E 		340 KB
341 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956Nibqaia90bvqjpicUqIG0kAOCzJSSM84FMWibwI8pp4IkGXlxM/0
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.254.152 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Qnginx/1.4.4 /
Resource Hash
6992b7bf039da082339bd3f69d6b6240df074d4ebef1c45d9df33c6ed50fb715

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-datasrc
2
date
Mon, 19 Apr 2021 12:27:37 GMT
size
348084
content-length
348084
x-info
real data
x-reqgue
0
user-returncode
0
fid
0
last-modified
Wed, 31 Mar 2021 16:49:11 GMT
server
Qnginx/1.4.4
x-cpt
filename=0
vary
Accept,Origin
chid
0
x-delay
110 us
cache-control
max-age=2592000
x-bcheck
0_1
x-nws-log-uuid
6ebad06a-219d-49c1-b52a-2dda340d2faa
content-type
image/gif
0
p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956Nibqaia90bvqjpicWKw3kbU2gUSNzaicnd619REaDMQ8hBoAfA/ Frame C97E 		346 KB
347 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956Nibqaia90bvqjpicWKw3kbU2gUSNzaicnd619REaDMQ8hBoAfA/0
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.254.152 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Qnginx/1.4.4 /
Resource Hash
2fad88be00f1e0cb8be9fc590c05a0e71f8e03f4c171b4f2a26dca275412b8ca

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-datasrc
2
date
Mon, 19 Apr 2021 12:27:37 GMT
size
354668
content-length
354668
x-info
real data
x-reqgue
0
user-returncode
0
fid
0
last-modified
Wed, 31 Mar 2021 16:49:13 GMT
server
Qnginx/1.4.4
x-cpt
filename=0
vary
Accept,Origin
chid
0
x-delay
152 us
cache-control
max-age=2592000
x-bcheck
0_1
x-nws-log-uuid
26678923-f723-495d-a030-dfff2f9f24a1
content-type
image/gif
hf.gif
77piclive.com/niuniu/ Frame C97E 		526 KB
528 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://77piclive.com/niuniu/hf.gif
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:db4e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3a7d697e683d45c16abf4ff7113804fc6a358b4f74f5a65768c645acd5ff53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 12:27:36 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1030642
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
539122
cf-request-id
098bb2cc2a0000c28b3a0d8000000001
last-modified
Sat, 30 Jan 2021 04:43:57 GMT
server
cloudflare
etag
"6014e40d-839f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ch9X8IwSmcGvc5J3aGnErE5zmZTYsoUn7ulyo05B7qeesfzK6lA%2FmY9MxN%2FUJt7KiuqCYoxjrsAhiRZ%2BW4RwoZmQRDU48vZtrVrpsHbD6H412XnVz8BZulTR"}],"max_age":604800,"group":"cf-nel"}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
642620c04c6cc28b-FRA
expires
Fri, 07 May 2021 14:10:14 GMT
314370ad850e48b89d34b42a67f41fd3.gif
3337726.com/ Frame C97E 		793 KB
793 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3337726.com/314370ad850e48b89d34b42a67f41fd3.gif
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.235.253.206 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
17db50814d276c3e017795f240a80dc455e8b299a0ddd2e80e4a86f3563a1591

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 17 Apr 2021 17:02:39 GMT
last-modified
Wed, 31 Mar 2021 08:04:55 GMT
server
nginx
etag
"60642d27-c62bb"
x-cache
HIT from cloud-us3-cdnb-06
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
811707
0bf0915cdd304dd2b24541c1717fa771.gif
3337729.com/ Frame C97E 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3337729.com/0bf0915cdd304dd2b24541c1717fa771.gif
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.235.253.202 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
1c4f0642a662b58b304687ad1195f58d646fc736ac314ffb4c249f4ba8ad878c

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 17:33:39 GMT
last-modified
Wed, 31 Mar 2021 08:03:55 GMT
server
nginx
etag
"60642ceb-611a"
x-cache
HIT from cloud-us3-cdnb-02
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
24858
ec78ab34afdf4eb7897158c6aadd8d0e.gif
fiehff.com/ Frame C97E 		218 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fiehff.com/ec78ab34afdf4eb7897158c6aadd8d0e.gif
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.235.253.34 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
c5c978293e4114823c5590c0bde64aa457d590008c374d4f4087959cc7ab932e

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 17:59:21 GMT
last-modified
Wed, 31 Mar 2021 08:04:30 GMT
server
nginx
etag
"60642d0e-3678f"
x-cache
HIT from cloud-us1-cdnb-04
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
223119
0
p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956Nibqaia90bvqjpicXMUSQO3EKyXx5zjdlfGFqTb9cjXibLtlcE/ Frame C97E 		216 KB
217 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956Nibqaia90bvqjpicXMUSQO3EKyXx5zjdlfGFqTb9cjXibLtlcE/0
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.254.152 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Qnginx/1.4.4 /
Resource Hash
c5f5e8586cc27987d740b31854d3acd08aa5b53d7ec0f713054fde1b51a87ee0

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-datasrc
2
date
Mon, 19 Apr 2021 12:27:37 GMT
size
221524
content-length
221524
x-info
real data
x-reqgue
0
user-returncode
0
fid
0
last-modified
Wed, 31 Mar 2021 17:57:34 GMT
server
Qnginx/1.4.4
x-cpt
filename=0
vary
Accept,Origin
chid
0
x-delay
23940 us
cache-control
max-age=2592000
x-bcheck
0_1
x-nws-log-uuid
3a723b47-11d8-477f-bd85-3208275fecda
content-type
image/gif
a42c05e66e384be39a7b51fa31c9671f.gif
3337780.com/ Frame C97E 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3337780.com/a42c05e66e384be39a7b51fa31c9671f.gif
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.235.253.163 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
aee45c62df7291bc12f3536b7bfcc0615f383bb1c5f942366e3ea85c128302a6

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 15:51:13 GMT
last-modified
Mon, 29 Mar 2021 11:21:34 GMT
server
nginx
etag
"6061b83e-b5dc"
x-cache
HIT from cloud-us5-cdnb-03
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
46556
0488d49ffa28435da7e7ce06fef3f825.gif
3338863.com/ Frame C97E 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3338863.com/0488d49ffa28435da7e7ce06fef3f825.gif
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.235.253.103 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
23695acd3cca08d4c5a0df671d65070ed5b41c5c35330d66e48528ebde77ca00

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 02:53:26 GMT
last-modified
Wed, 31 Mar 2021 08:04:14 GMT
server
nginx
etag
"60642cfe-6885"
x-cache
HIT from cloud-us2-cdnb-03
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
26757
hm.gif
hm.baidu.com/ Frame C97E 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=357254376&si=e7191e5689b911df153e7a3714bcb7c3&su=https%3A%2F%2Fapi-6.com%2F&v=1.2.80&lv=1&sn=55223&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fniuniuyi-ngshi.work%2F%3Ftt%3D1618835254311&tt=%E7%89%9B%E7%89%9B%E5%BD%B1%E9%99%A2
Requested by
Host: niuniuyi-ngshi.work
URL: https://niuniuyi-ngshi.work/?tt=1618835254311
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://niuniuyi-ngshi.work/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Apr 2021 12:27:37 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1666017981&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fwww.hotel-sanpaolo.com%2F&v=1.2.80&lv=1&sn=55220&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fapi-6.com%2F%3Ftt%3D1618835252
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.gif?hca=266631B2559B2BB6&cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=412%2C412&et=3&ja=0&ln=en-us&lo=0&rnd=657183361&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Fwww.hotel-sanpaolo.com%2F&v=1.2.80&lv=1&sn=55220&r=0&ww=1600&u=https%3A%2F%2Fapi-6.com%2F%3Ftt%3D1618835252

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| _hmt string| edcode string| titlestr boolean| innerWeb function| getData function| setFrame function| setCookie function| getCookie function| ajax function| formatParams boolean| _bdhm_loaded_8dd815ed8a74dfcd3b2b500a05515950 object| mini_tangram_log_4pe1g7 object| innerTxt string| innerconfig string| innerUrl

5 Cookies

Domain/Path Name / Value
.www.hotel-sanpaolo.com/ Name: Hm_lpvt_8dd815ed8a74dfcd3b2b500a05515950
Value: 1618835252
.www.hotel-sanpaolo.com/ Name: Hm_lvt_8dd815ed8a74dfcd3b2b500a05515950
Value: 1618835252
www.hotel-sanpaolo.com/ Name: __51cke__
Value:
www.hotel-sanpaolo.com/ Name: __51laig__
Value: 1
www.hotel-sanpaolo.com/ Name: __tins__20969939
Value: %7B%22sid%22%3A%201618835251711%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201618837051711%7D

5 Console Messages

Source Level URL
Text
console-api log URL: http://www.hotel-sanpaolo.com/common.js(Line 6)
Message:
1
console-api log URL: http://www.hotel-sanpaolo.com/common.js(Line 54)
Message:
2
console-api log URL: http://www.hotel-sanpaolo.com/common.js(Line 59)
Message:
0***DIV**showcloneshengxiaon
console-api log URL: http://www.hotel-sanpaolo.com/common.js(Line 59)
Message:
1***STYLE**
console-api log URL: https://api-6.com/js/json.js(Line 16)
Message:
[object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3335537.com
3337726.com
3337729.com
3337735.com
3337756.com
3337780.com
3338863.com
77piclive.com
api-6.com
api-four.com
api.share.baidu.com
fiehff.com
hm.baidu.com
hotel-sanpaolo.com
ia.51.la
js.users.51.la
niuniuyi-ngshi.work
p.qlogo.cn
pic.lbtp88.com
push.zhanzhang.baidu.com
www.hotel-sanpaolo.com
hm.baidu.com
103.235.46.191
122.228.91.87
149.28.77.90
154.83.123.131
156.232.158.190
168.235.253.103
168.235.253.163
168.235.253.202
168.235.253.206
168.235.253.34
180.101.212.103
182.61.201.93
183.131.207.66
199.180.112.203
203.205.254.152
23.224.227.107
240e:ff:f101:10::13f
2606:4700:10::ac43:1f36
2606:4700:3037::ac43:db4e
47.75.19.88
05fc5ba180d3037aa3e1f9fb945e0c3d5aba87983b8c482fd75182ed1c409851
17db50814d276c3e017795f240a80dc455e8b299a0ddd2e80e4a86f3563a1591
18042362a66081bb0b19771e4074e8bb981f78641f3c087159a6869838b9525f
19d876f3b092b5e110339165a730f870b9e0e15a3e40a326f2ea41de6de02c53
1c4f0642a662b58b304687ad1195f58d646fc736ac314ffb4c249f4ba8ad878c
1fbea9fda51f192866a3daf54890ffde73a63962928bee75a471187a7a4a74d8
23695acd3cca08d4c5a0df671d65070ed5b41c5c35330d66e48528ebde77ca00
275a88ee75412253e1d05b5e997bfa2e764de0b7849b28de55fac1c06dbbfdaf
293ffdaff59aa12de61cc76c1ceafc61453acbd7fa2842343e8ae211121d05b2
2dff3b10d2fc0c7b2e68efc880cfceebe7a4e5e3dc9fb9d535e00a102c43f2e8
2fad88be00f1e0cb8be9fc590c05a0e71f8e03f4c171b4f2a26dca275412b8ca
3419585c00f121009cd3210fbf81943e290d153e7c03c7d5ed187f7e17341b02
46525cb298d262696150996f8731fe08bd6727c7e33f2dc8222ae40f1543dfe6
4f9a6b4c379bc277a0744a10d12b398fd5aaf28993e074899b9504e4f8ccdacd
572ce6dcb585b9762e5fb16b8ae0e3ff1cc7b0599df963fdff15400beb3d7601
604bf0039a2d2f4baddf125dd05299c8fd261b21fc78f576abd7d492a3fd7d96
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6992b7bf039da082339bd3f69d6b6240df074d4ebef1c45d9df33c6ed50fb715
6f23dc069ee8ffa74c15a0bf512d1194664f4605eb579fc1e6adc53e7251da26
71512f11117e91747c7794c72930eea5151d8ca0d4cffd9ec424d4d42d285829
732bb3723273f5c3c912975f29252659e63a2fae43c5aef7d9cd768cc488a595
771816d46f0fa1efb273f79315e324b6ee619e0569505e797a2bdae2cdf7b73b
7a5bd67e35aff660feb63f5844393e371e23821687baea6fa6fdb653e5c8f2ba
7c376d20373835e52e89601bd4db23e3edbf03412b50ecfa68967a3bcd45f3ec
825187a0e320c91e0b915b82e00d2acbd73a30be6412c8af42a03447b877333a
8649b5ae9f0987d1e36763bda7201bc06aae11753f0e5a3a287ccbe4fb26bdff
a38de24bf1b03ba85ff8ce0913270ee6e9e5d837717f7f0dc645f8c99347969d
aa20ac1622ff76109fafd59df1c432cb0c5b7d10122fd7c8d9977efd7c3c9d3c
aee45c62df7291bc12f3536b7bfcc0615f383bb1c5f942366e3ea85c128302a6
b84a16df40e29e7f33bc8a7a8a8a33933f52a90572172ae20353d3e89c7d6b0a
be0a924d0ffb70922c4c639cad1cc11a794fd18163f62685a804b9c1c32ee2db
c048a748499e00d7d528c760820d67aba7f5c11affdbb178c1205168470b6826
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c5c978293e4114823c5590c0bde64aa457d590008c374d4f4087959cc7ab932e
c5f5e8586cc27987d740b31854d3acd08aa5b53d7ec0f713054fde1b51a87ee0
c6f6b33eb149744675162d51cc190ceb03f1dca8cf69f1e8aa1d39ed95e7127d
c7be05c999a7a7301235a713d464f74b9b359fbf300b55eea70addf3f9f66bf8
c848d0ac3132c9ac5901d7722e7b806e9f10fedb67574d4f2e1d53b3ed6a01e3
ca3a7d697e683d45c16abf4ff7113804fc6a358b4f74f5a65768c645acd5ff53
cb7371506a3185ea6bf15be80f68e6982654c2bc6ae3805d1ff324e614a0c973
ceda8f03ed2096114bc7d14faea18753d8911c253972c573c581670f3d6d1243
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d37424c026e19e399be0197a97e6b24ac31af44337ddcf24a4204a06c133ed08
d9c03bf5bb0585657cb6bd5931613d3484d95972228e5bd23277010cd215760b
de734e479be1bed54b278010e356f78fc3ce8ae8ff627095ddcd6d6e3422b04c
deb9217e96190d0b81886e11615cf41851252f10d5da57f5546ac187394599e4
df511d15dc788172d3b4e8240a6e0e02283bf2192cdcec57c3fb8868a13cd0e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f8716e1feeac16451103512b9abf255a97985e9325b9bcc8850f29f0a0f4a9
efa51675f235c7616b2c1f2e1018720e71442c7f9a0e9e1a12c4d2ca5a025d98
efdf925c1f35044bfd781eb5975e01181b6aac0584e9bf1538b4aff1a92172ea
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
fb3944f28defb1c891f0595cdbd2cc3cb271f9bcd44f58d25efab48ad2970b1a
fc290aaa45502beab368f2be161d55f021de59515545660086f3851438e1ca21
fe5886f700ff03c067641bdcba4aad3bba7dbb5e82298bac70c972d766dcfaab