buf.baff193.ink Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE
Submission: On April 10 via manual (April 10th 2023, 1:42:07 pm UTC) from FI — Scanned from NL

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 37 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is buf.baff193.ink.
TLS certificate: Issued by E1 on April 9th 2023. Valid for: 3 months.

This is the only time buf.baff193.ink was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
31	2a02:26f0:350... 2a02:26f0:3500:596::31fc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
37	4

5 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

buf.baff193.ink	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a02:26f0:3500:596::31fc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

g.fp.ps.netease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	netease.com g.fp.ps.netease.com — Cisco Umbrella Rank: 235979	3 MB
5	baff193.ink buf.baff193.ink	1 MB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 756	31 KB
37	3

	Domain	Requested by
31	g.fp.ps.netease.com	buf.baff193.ink
5	buf.baff193.ink	buf.baff193.ink
1	code.jquery.com	buf.baff193.ink
37	3

This site contains no links.

Subject Issuer	Validity	Valid
*.baff193.ink E1	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
netease.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-17` - `2024-02-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE
Frame ID: D6F513FBF8508181F0898FFE18E83B90
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BUFF163 skin trading platform, DOTA2 skin trade, CSGO skin trade

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

4141 kB
Transfer

7040 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
17 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response buf.baff193.ink/	1 MB 798 KB	252ms 166ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `daf324c0df713f78dc161b5df9d2c622f712f865c33e802ad8972bc3ddaf1b45` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7b5b6914deb20b7c-AMS content-encoding br content-type text/html; charset=UTF-8 date Mon, 10 Apr 2023 13:41:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAT4ii6oZIvznQtfZmcf08OmWEFbCAU5W11IWSPiu3W0%2Bg3soIdsG%2FEEQqsJ1Flv0Wdm2YnFg8t%2FIFkRRwuq0Ex8FJHHjbBH4Ho4gk25ezzx78nPoXkJAUACeuTCwpLZnIqV9rGRX0jNhG2YFHw%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	jquery-3.6.3.min.js Show response code.jquery.com/	88 KB 31 KB	109ms 28ms	Script application/javascript	2001:4de0:ac18::1:a:1b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.3.min.js Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash `a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575` Request headers Referer https://buf.baff193.ink/ Origin https://buf.baff193.ink accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:41:59 GMT content-encoding gzip last-modified Tue, 20 Dec 2022 21:10:40 GMT server nginx etag W/"63a224d0-15f5b" vary Accept-Encoding x-hw 1681134119.dop152.am5.t,1681134119.cds143.am5.hn,1681134119.cds258.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 31046
GET H2	200	250d77c.js Show response buf.baff193.ink/	335 KB 98 KB	70ms 69ms	Script text/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://buf.baff193.ink/250d77c.js Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `99cff2170c703fa4c82f251c633f2b46099d1a19b26d343f2bc8cf1615f4a464` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:41:59 GMT content-encoding br cf-cache-status HIT last-modified Mon, 10 Apr 2023 12:41:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3623 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFiq375FcOE0K%2Bkm4Nr1StpXnV0zfhyj6D3jTCadK%2Bv7%2F9pFdHWU5TklBnHLJt%2Bz3WNiZJ68qx8ckMnhoM0J8Df7PfVoZWayiHhAVCSL0G0PgexgZk%2F9X%2BXxXLXpXVWnCKX6oqXjzXe0LMzBIlA%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 7b5b6915e87f0b7c-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	fa03bbf.js Show response buf.baff193.ink/	601 KB 151 KB	46ms 46ms	Script text/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://buf.baff193.ink/fa03bbf.js Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `54278c840c95a570cd2d5db54de25cecb788718fbbc802d5af503a56ad4ce8e8` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:41:59 GMT content-encoding br cf-cache-status HIT last-modified Mon, 10 Apr 2023 12:41:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 3623 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2%2F8dGiLRjJmsPhHBLthqLtE96cboqiu%2BEOygo34iXES5JOFsK2hXrIAB%2FsNzb8eAE0POkhE2%2Fpr0UBsUySTedzgzNgEMLHaABMoDCbwOBzYwAIxqiycdARrahPHJoWe1TqKWg5GXemNpQUVf1c%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 7b5b6915e8820b7c-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jkbk4ntds3x5 Show response buf.baff193.ink/2299f5lt3ljwjk/	1 MB 332 KB	230ms 229ms	Script text/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://buf.baff193.ink/2299f5lt3ljwjk/jkbk4ntds3x5 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/fa03bbf.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c4d30d5820cebaf81d54e4fd6f33f90d4f2bec3d5cc2f00bbc47ddafa08f8f5f` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:41:59 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BEqwbMqNLGURc7tENArbnHbZ%2FxRGM%2FIFrlLKLgtoX%2F9MWDwfGKKmZ9%2Bi%2BFmY7RkOJa1LEdiKlDlKPseDbFFIEydLUfrraZkYM8jXK8wYysRFm9PUAKnXJX45kS6Tmcf7agnTRnaKTNUmA%2FApZM%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cf-ray 7b5b6917af4f0e40-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `73580ddf84ebfb5550c0b09cf307e3e17174073894f24896bdc72c191ec055ee` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	619 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `dc17d02593b2a5b4b6bbacbdc7e9a7b5475a91f816dd55ec6b0ec4fec8a1ad9a` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	806 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `161145385997d705d6b15a2a96a5e965466a2f3f93d7182b4f5dcb53faaeef93` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	690 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c0a136bc3f916f34ecea5295f05ad6e419b19d96e8041e15be520ac998dbfdbd` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	739 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4eb35c61ab4becacae236d7fd656a01dc88be261556d70895ae9ab7d86325622` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	339 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c2886eb4148a3b08e5534055f71502328c6a9efe2e95e2014f6a05866c5c9d61` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	606 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4de2c861c17e38b6c51f34e3ec699486b189299fb3f7b4033a1a2f7908995131` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET H2	200	5ab9fdf620e3db7deed9d522tGLwJOSb g.fp.ps.netease.com/market/file/	9 KB 9 KB	327ms 155ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5ab9fdf620e3db7deed9d522tGLwJOSb Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `3d8f93449263c23010c8d6cc2a1949959de44d68c9a9595713d413cf74528fe1` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:41:59 GMT last-modified Tue, 27 Mar 2018 08:16:54 GMT server nginx/1.14.2 content-md5 174b43fc774ac86c62fa518004b2e1a8 etag "6363700f338c8e4f52d5efa5yYJS:8923" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=52938 x-cache-ip 2a02:26f0:3500:596::31fc content-length 8923
GET H2	200	63606617ddf9cd237f527ac8JTs0avYi04 g.fp.ps.netease.com/market/file/	178 KB 178 KB	236ms 64ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/63606617ddf9cd237f527ac8JTs0avYi04 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `de3e6ebb834c7f2b86318dab96aadb2e23fd5875aecb65798688d4045c0df6ca` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:41:59 GMT last-modified Tue, 01 Nov 2022 00:19:35 GMT server nginx/1.14.2 content-md5 bc37f4d59ed7d0d62ab4b7a60158d253 etag "63606617ddf9cd237f527ac91GeR:181810" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=54380 x-cache-ip 2a02:26f0:3500:596::31fc content-length 181810
GET H2	200	63604f663b6d311846d3ae00iifqCX1W04 g.fp.ps.netease.com/market/file/	174 KB 175 KB	298ms 126ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/63604f663b6d311846d3ae00iifqCX1W04 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `91e9287668c3349831c95f02f1d50ade998da121b0461e4c9642d3f530e0b6c6` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:41:59 GMT last-modified Mon, 31 Oct 2022 22:42:46 GMT server nginx/1.14.2 content-md5 6caec014c2b8fb4420e4ff7b1921d49f etag "63604f663b6d311846d3ae01feIP:178072" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=56756 x-cache-ip 2a02:26f0:3500:596::31fc content-length 178072
GET H2	200	63056f5830422a631492de69fXiNzYiX04 g.fp.ps.netease.com/market/file/	72 KB 73 KB	241ms 70ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/63056f5830422a631492de69fXiNzYiX04 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `d3abe3ef661943a644f229dff7dfc2d64e66dbd100186b4e46e4ac316bdebedd` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id e981c197ba861c673a491c933bf4e334 date Mon, 10 Apr 2023 13:41:59 GMT last-modified Wed, 24 Aug 2022 00:22:49 GMT server nginx content-md5 92721adfdc152fbdd5348ffaeddd6e58 etag "63056f5830422a631492de6a1YNx:73733" ntes-trace-id 580a34a66824f383:580a34a66824f383:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=55493 x-cache-ip 2a02:26f0:3500:596::31fc content-length 73733
GET H2	200	62fc16f91d3449ac632e3c488XzzroXM04 g.fp.ps.netease.com/market/file/	36 KB 36 KB	327ms 156ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/62fc16f91d3449ac632e3c488XzzroXM04 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `eb5520dce709038636c4c2a229dfb1c3c944882e299b76a4e671e9d8abbe520d` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id ced6c97842cebee1a57c64187127bcd7 date Mon, 10 Apr 2023 13:41:59 GMT last-modified Tue, 16 Aug 2022 22:15:21 GMT server nginx content-md5 ef317280f55886ed330e1bea3c348bed etag "62fc16f91d3449ac632e3c49iQXN:36835" ntes-trace-id 614b85bff5169804:614b85bff5169804:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=55451 x-cache-ip 2a02:26f0:3500:596::31fc content-length 36835
GET H2	200	62fc173eddf9cd7fe0f8a2371lMM19kX04 g.fp.ps.netease.com/market/file/	45 KB 45 KB	326ms 156ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/62fc173eddf9cd7fe0f8a2371lMM19kX04 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `661e75c46642ac75c620195a41076cc106af67c51c9641b2412c308ad2e7597c` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 2fc5cddc322f838140c05ed2761771f2 date Mon, 10 Apr 2023 13:41:59 GMT last-modified Tue, 16 Aug 2022 22:16:31 GMT server nginx content-md5 329dd4fc42524b888fa96971ab742320 etag "62fc173eddf9cd7fe0f8a238ley1:46090" ntes-trace-id cd5da2d9ab429d92:cd5da2d9ab429d92:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=58704 x-cache-ip 2a02:26f0:3500:596::31fc content-length 46090
GET H2	200	62fc17db57166d032cdf5cc5Tg9VV0S404 g.fp.ps.netease.com/market/file/	75 KB 75 KB	273ms 147ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/62fc17db57166d032cdf5cc5Tg9VV0S404 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `48c58f7304c1a4e24cac1ea876ae6874eba7dfbfd83a6a3ce93b5ba579357fad` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 3fef231220929023b0afcbf00e8d680f date Mon, 10 Apr 2023 13:41:59 GMT last-modified Tue, 16 Aug 2022 22:19:07 GMT server nginx content-md5 7a56d3a7fb2245b5c3d2d85ae55113b1 etag "62fc17db57166d032cdf5cc6OhNW:76694" ntes-trace-id 732d211bea0150b8:732d211bea0150b8:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=57518 x-cache-ip 2a02:26f0:3500:596::31fc content-length 76694
GET H2	200	62bf850700722e66448322fagwdOiFPg04 g.fp.ps.netease.com/market/file/	52 KB 52 KB	159ms 32ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/62bf850700722e66448322fagwdOiFPg04 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `c5b2adc052ede8f6d165d098508732d31815e912ddd68ce2b700e246056d4161` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 2742d9541d7a55ea496e4262bbaa9190 date Mon, 10 Apr 2023 13:41:59 GMT last-modified Fri, 01 Jul 2022 23:36:39 GMT server nginx content-md5 a0e2e1f045bf111e2dd75fabf1b957a0 etag "62bf850700722e66448322fb5Gjo:53069" ntes-trace-id 789ab88e0102ce31:789ab88e0102ce31:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=55699 x-cache-ip 2a02:26f0:3500:596::31fc content-length 53069
GET H2	200	62bf752e4940ea85b68c834fydVvUmBj04 g.fp.ps.netease.com/market/file/	67 KB 68 KB	243ms 117ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/62bf752e4940ea85b68c834fydVvUmBj04 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `0303ef036c13838df457b8c3bc475577d2480ee1ea5967776ee33ff7175efe99` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:41:59 GMT last-modified Fri, 01 Jul 2022 22:29:02 GMT server nginx/1.14.2 content-md5 72916ef1eaffaafdbd8c68fe25f98c69 etag "62bf752e4940ea85b68c8350ioNk:68780" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=53977 x-cache-ip 2a02:26f0:3500:596::31fc content-length 68780
GET H2	200	62bf73d33edd585943b1865eZcOOJTPH04 g.fp.ps.netease.com/market/file/	66 KB 66 KB	191ms 65ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/62bf73d33edd585943b1865eZcOOJTPH04 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `5ac2d72ca77672473eb7c2016a24c2f83ae425632f605b884a6df6ba618c1e5c` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id ec89d183e413e4bfb6bcc29ed1c0200e date Mon, 10 Apr 2023 13:41:59 GMT last-modified Fri, 01 Jul 2022 22:23:15 GMT server nginx content-md5 262fbb4a793c4bdbd9ae7d369f233be1 etag "62bf73d33edd585943b1865fculH:67563" ntes-trace-id fa6d930fe505c917:fa6d930fe505c917:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=53784 x-cache-ip 2a02:26f0:3500:596::31fc content-length 67563
GET H2	200	5dd3693b7f9d2a51e20c4f77Xd4kYXqp02 g.fp.ps.netease.com/market/file/	103 KB 104 KB	268ms 142ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5dd3693b7f9d2a51e20c4f77Xd4kYXqp02 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `9cfb85003e25d67c5ed7b6656071746d3016a97e755e05063a04f3ced2f57cc2` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 739b89e62ad5afc1b43bcd120f046ee2 date Mon, 10 Apr 2023 13:41:59 GMT last-modified Tue, 19 Nov 2019 04:02:03 GMT server nginx content-md5 1783c607cf0c99f3d1f757f610c886ff etag "5qkMUzDTXtX:105719" ntes-trace-id d02b47375470cfd0:d02b47375470cfd0:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=55477 x-cache-ip 2a02:26f0:3500:596::31fc content-length 105719
GET H2	200	61ea0b999aaaab37a91a4301SwSN3rSB04 g.fp.ps.netease.com/market/file/	101 KB 101 KB	70ms 67ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/61ea0b999aaaab37a91a4301SwSN3rSB04 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `a7288c92e1802fe4e503f42c26e10902378cebded59bc0d986ece21046c56afc` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 57f66ae4e1f4754620989bfc23e03d57 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Fri, 21 Jan 2022 01:25:45 GMT server nginx content-md5 fbd96bd99b989dd783f5d7484fc1b429 etag "61ea0b999aaaab37a91a4302v66u:102995" ntes-trace-id a0d31af4c4fd314b:a0d31af4c4fd314b:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=55218 x-cache-ip 2a02:26f0:3500:596::31fc content-length 102995
GET H2	200	60909db97f9d2a4a462573a9dQrG7dBt03 g.fp.ps.netease.com/market/file/	94 KB 95 KB	52ms 49ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/60909db97f9d2a4a462573a9dQrG7dBt03 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `9c3840cfac7137c3bccf8ddd604adfcf9e612b114a915b96d8956807eaf6d843` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:42:00 GMT last-modified Tue, 04 May 2021 01:04:57 GMT server nginx/1.14.2 content-md5 f12ec7a221b88ded1f8ab1fb4c09966d etag "60909db97f9d2a4a462573aaf8sA:96378" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=54277 x-cache-ip 2a02:26f0:3500:596::31fc content-length 96378
GET H2	200	5fc973f96f04945782dfe404NcZy90mW02 g.fp.ps.netease.com/market/file/	188 KB 188 KB	70ms 67ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5fc973f96f04945782dfe404NcZy90mW02 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `a14b757f97860953804864711c6ee42f7d26829085f17752aaf164e5eb89ca81` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:42:00 GMT last-modified Thu, 03 Dec 2020 23:25:45 GMT server nginx/1.14.2 content-md5 54147c685409e1e8bb1c42a38b9f7dd2 etag "6g4DZwTRAiA:192339" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=56755 x-cache-ip 2a02:26f0:3500:596::31fc content-length 192339
GET H2	200	5dd335712786fd4fc27375faqrbJl4IM02 g.fp.ps.netease.com/market/file/	80 KB 81 KB	51ms 48ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5dd335712786fd4fc27375faqrbJl4IM02 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `d66e49afc33f799393aba409757834b122281be9704f293779478a89de81fe7d` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id f7593f690bd9260e26a013b418f3fd64 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Tue, 19 Nov 2019 00:21:05 GMT server nginx content-md5 ec90e8032f7b7d2bbdd1b216b0a5129d etag "3E2xmfQD4UQ:82204" ntes-trace-id 7eed6ca2b6b8355f:7eed6ca2b6b8355f:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=60267 x-cache-ip 2a02:26f0:3500:596::31fc content-length 82204
GET H2	200	5dfae2308b74273f90dfe8a20tVvB73T02 g.fp.ps.netease.com/market/file/	161 KB 161 KB	57ms 54ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5dfae2308b74273f90dfe8a20tVvB73T02 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `35d332f87338d5dc6a8874326b814250a38d3049078beff01fca84c4d3144fdb` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:42:00 GMT last-modified Thu, 19 Dec 2019 02:36:32 GMT server nginx/1.14.2 content-md5 5a58bb309766daa048b64983e3eb477d etag "9jdcxY73uqc:164448" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=54525 x-cache-ip 2a02:26f0:3500:596::31fc content-length 164448
GET H2	200	5c89cb422786fd84405e6ae7IOiN7zwp02 g.fp.ps.netease.com/market/file/	88 KB 88 KB	61ms 58ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5c89cb422786fd84405e6ae7IOiN7zwp02 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `ad2d82dd1a1492d3d6dd1b707ff7415e6e60a41980ce6e4e971d6d002a17e085` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 604f9b76247940f8b06ebc18248efe98 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Thu, 14 Mar 2019 03:32:18 GMT server nginx content-md5 7cb2cd0baa9ef53187d9ebb392c865e3 etag "7l8l9SmXyxQ:89616" ntes-trace-id be66d0d6d64367da:be66d0d6d64367da:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=55638 x-cache-ip 2a02:26f0:3500:596::31fc content-length 89616
GET H2	200	5c89ca8d7f9d2abe90d23416E8SL5XvL02 g.fp.ps.netease.com/market/file/	66 KB 66 KB	72ms 69ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5c89ca8d7f9d2abe90d23416E8SL5XvL02 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `e3ccc9a2a8a58f9189919113156c6ed7f5cebb8e48ecd8e87ad97323a42c3ccb` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 8c022e67d0f93068649a749c3d420137 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Thu, 14 Mar 2019 03:29:17 GMT server nginx content-md5 bbc8cbde3b759bdaf8465fdc0e8b423d etag "AV5fMsmhYr3:67454" ntes-trace-id b25aab5a16ad845b:b25aab5a16ad845b:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=63093 x-cache-ip 2a02:26f0:3500:596::31fc content-length 67454
GET H2	200	5c89abfc2786fd760647a3513VjUCel602 g.fp.ps.netease.com/market/file/	63 KB 63 KB	71ms 68ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5c89abfc2786fd760647a3513VjUCel602 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `b95e8e87f22fe78dcc4b931817c8d92357c0d48412f6ee6a3299ca828bb046bb` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 78fd9311166d83d8ee5d3b76c13512a0 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Thu, 14 Mar 2019 01:18:52 GMT server nginx content-md5 ab909129df0fec267ed8a5ed37f99b80 etag "IIglfyjqb8r:64288" ntes-trace-id 3f6eda5300e415c2:3f6eda5300e415c2:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=55416 x-cache-ip 2a02:26f0:3500:596::31fc content-length 64288
GET H2	200	5c09a351143cfae1e921ad73VY5c6iOC g.fp.ps.netease.com/market/file/	74 KB 75 KB	60ms 57ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5c09a351143cfae1e921ad73VY5c6iOC Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `5af89fc21cf60a539db8dae4fc14da9186b5949a3e1ceb98061f062c93e3635d` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id f50c7951215f08847355badda21f238b date Mon, 10 Apr 2023 13:42:00 GMT last-modified Thu, 06 Dec 2018 22:31:46 GMT server nginx content-md5 de0ff6df5c102a9beb6651042343a0fd etag "Afx35xEy2GF:75891" ntes-trace-id 106851eb92f722b9:106851eb92f722b9:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=54514 x-cache-ip 2a02:26f0:3500:596::31fc content-length 75891
GET H2	200	5b64169a96dee4b71b01adaaOZR4VMLc g.fp.ps.netease.com/market/file/	86 KB 86 KB	78ms 75ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5b64169a96dee4b71b01adaaOZR4VMLc Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `6510fcfe74b4dec9a11140d44b6e700803ea7c170b302fe8b6a18453b5889478` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:42:00 GMT last-modified Fri, 03 Aug 2018 08:47:22 GMT server nginx/1.14.2 content-md5 e948acd355c11b314bb3b58739189bd1 etag "636357b4338c8e4f52d3a34fiQHd:87730" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=61992 x-cache-ip 2a02:26f0:3500:596::31fc content-length 87730
GET H2	200	614ab7ae3f368d1081b8afecktGFJUpc03 g.fp.ps.netease.com/market/file/	65 KB 65 KB	56ms 53ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/614ab7ae3f368d1081b8afecktGFJUpc03 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `b8608d1ee73b3e9b64d72e286ed988eb06dbb56def884828726ac171e60b7081` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id cf8e600f937fa4cd704611137f3b2ae9 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Wed, 22 Sep 2021 04:57:18 GMT server nginx content-md5 d4dfdca280abef3db717d2fd5a984174 etag "614ab7ae3f368d1081b8afedYRbx:66547" ntes-trace-id 36932a9baab695b1:36932a9baab695b1:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=59535 x-cache-ip 2a02:26f0:3500:596::31fc content-length 66547
GET H2	200	614abd41aa32b01f4674672czdPriCLH03 g.fp.ps.netease.com/market/file/	52 KB 53 KB	80ms 77ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/614abd41aa32b01f4674672czdPriCLH03 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `2313e8bf0d27c162f4d7934aa6e6e4fc2401156ae60448e7731924d6911c32d7` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:42:00 GMT last-modified Wed, 22 Sep 2021 05:21:05 GMT server nginx/1.14.2 content-md5 2900a126c18bdcebe2ec6ec0a995bef8 etag "614abd41aa32b01f4674672dN2ot:53392" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=60190 x-cache-ip 2a02:26f0:3500:596::31fc content-length 53392
GET H2	200	609090042786fd7344d12bf8a1SoVHIN03 g.fp.ps.netease.com/market/file/	53 KB 54 KB	58ms 55ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/609090042786fd7344d12bf8a1SoVHIN03 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `beb4d8d8c9e8e9fb9eb2cd255bfa413aef9882d0a11c186e8061b6c6449a453c` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:42:00 GMT last-modified Tue, 04 May 2021 00:06:28 GMT server nginx/1.14.2 content-md5 e61a66e356de1579ac0fde9f1320f229 etag "609090042786fd7344d12bf9rpmF:54471" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=54434 x-cache-ip 2a02:26f0:3500:596::31fc content-length 54471
GET H2	200	5a9fc1ebee4c0f75edafd97f6vZN9kBa g.fp.ps.netease.com/market/file/	243 KB 243 KB	61ms 58ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5a9fc1ebee4c0f75edafd97f6vZN9kBa Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `e2ebfe9b6ae87f67b479357bc098561b9c760a47e7ebeacb6b03df9813466dbe` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 130dc670a05d2144698d8d6cd2dcc988 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Wed, 07 Mar 2018 10:41:47 GMT server nginx content-md5 16643ba99795d07d5579129094995097 etag "6362cbc6338c8e4f52c1e72eL5Hq:248367" ntes-trace-id 56b197c72c70697a:56b197c72c70697a:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=54480 x-cache-ip 2a02:26f0:3500:596::31fc content-length 248367
GET H2	200	5fc97d36143cfa697aebd51d5jrsCN6i02 g.fp.ps.netease.com/market/file/	77 KB 77 KB	72ms 70ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5fc97d36143cfa697aebd51d5jrsCN6i02 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `7122416a6881ba5050841d9454ce8735769005deb84fe0f442e5c7f4b41275cd` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 475b0728a0b3c30da448add9a1c285b3 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Fri, 04 Dec 2020 00:05:10 GMT server nginx content-md5 37cb8147e8d0b08d403e7032fe2a4573 etag "2FBK4uaFcGy:78445" ntes-trace-id 8929297164988a10:8929297164988a10:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=61180 x-cache-ip 2a02:26f0:3500:596::31fc content-length 78445
GET H2	200	5aa0c003a7f2524f57cf04aa22apojBM g.fp.ps.netease.com/market/file/	84 KB 84 KB	75ms 72ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5aa0c003a7f2524f57cf04aa22apojBM Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `55c7988ee9512294209841b9c03e4ba46998ec9d5a10babad326b93cc4901d33` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id b38b609ca4e151d6d79d67c291be2582 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Thu, 08 Mar 2018 04:45:55 GMT server nginx content-md5 fb6d072ebe746a8d713d113cf5b657c9 etag "63623a37338c8e4f52af62a6X0eK:85888" ntes-trace-id 63034759144868c5:63034759144868c5:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=63116 x-cache-ip 2a02:26f0:3500:596::31fc content-length 85888
GET H2	200	5a9fe248fb758ac34b911e9cB69Axa1E g.fp.ps.netease.com/market/file/	44 KB 44 KB	71ms 68ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5a9fe248fb758ac34b911e9cB69Axa1E Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `d95010a89058848f912133d565d511c964a52fdfb9d74ea8c68431d4fc719817` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id cf8eec3e05e7c641b4bc2ae3fecea617 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Wed, 07 Mar 2018 12:59:52 GMT server nginx content-md5 f8e388e59d744ece81101b7680e58e50 etag "63628ceb338c8e4f52b9d945QiCl:45046" ntes-trace-id 3e279155f24139ee:3e279155f24139ee:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=63985 x-cache-ip 2a02:26f0:3500:596::31fc content-length 45046
GET H2	200	5dd32b5f96dee4b3cb6aca3d8DH3tDzI02 g.fp.ps.netease.com/market/file/	54 KB 55 KB	77ms 74ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5dd32b5f96dee4b3cb6aca3d8DH3tDzI02 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `19cf2177264a2c92005118410ca38268364155d0dc6e43da08048ef30ca06297` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 52df8d2a4155dcf479d7f8ada24c02a9 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Mon, 18 Nov 2019 23:38:07 GMT server nginx content-md5 093516ae726da4ece86e3a623780a716 etag "7uGfW9vHpmt:55445" ntes-trace-id 9b240550889af65c:9b240550889af65c:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=61244 x-cache-ip 2a02:26f0:3500:596::31fc content-length 55445
GET H2	200	6171fc3ebab31bbed79f30d3OgR7pufe03 g.fp.ps.netease.com/market/file/	57 KB 57 KB	73ms 70ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/6171fc3ebab31bbed79f30d3OgR7pufe03 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash `09f439a7e9d2bc4e48d18455a0830e40b575a2fa37af1f3464c51fffd7a8f2e0` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers x-trace-id 2a7ec2e48667d167f7a905fcbd709494 date Mon, 10 Apr 2023 13:42:00 GMT last-modified Thu, 21 Oct 2021 23:48:14 GMT server nginx content-md5 87a0c338f670d94b8ade7872183d127d etag "6171fc3ebab31bbed79f30d44Blf:57971" ntes-trace-id 36bd20def25d0ff1:36bd20def25d0ff1:0:1 content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=60223 x-cache-ip 2a02:26f0:3500:596::31fc content-length 57971
GET H2	200	5ee0c1e16f0494744eb9eceaFfyNxMV902 g.fp.ps.netease.com/market/file/	104 KB 105 KB	59ms 56ms	Image image/png	2a02:26f0:3500:596::31fc AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://g.fp.ps.netease.com/market/file/5ee0c1e16f0494744eb9eceaFfyNxMV902 Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:3500:596::31fc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx/1.14.2 / Resource Hash `a35b43cec3ab980f57ab7d2b7c78efc77810896e4516e532ecd350a5d40e98b7` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:42:00 GMT last-modified Wed, 10 Jun 2020 11:20:01 GMT server nginx/1.14.2 content-md5 cb59e8acb8eae1982fd7b896e95c59ab etag "Hi6R0PHcCEK:106644" content-type image/png; charset=binary access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=60232 x-cache-ip 2a02:26f0:3500:596::31fc content-length 106644
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `cf9f423af70c5182134e4cfa485579e0084e34373949806c735b59bc88ff6435` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	31 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `49ae55af06435e2a7fe3f305181887186167e2f2193143cd6b09966f79296cd9` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	45 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e3dbf7e7ccc3e415a9dd1fb1460cb8759fa7eabf4900fff86c065a2d9fde8cb0` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	891 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `37d08ebe3be6f6a5a19b1b3fd2a68b967e1b400d5382dd89089a893a07dad07b` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	51 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ee14b5bea413a1a436d410ce1ea0f7c59b7ec14b1bed679d26bcaebab70b5d71` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	16 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6272b1f8df52af7e8b520a2bed90ede4b25e5df2307e14363201a84820a7e791` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	12 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4b2dcefaff20aae7118c726eab43f11fe1840b3e6fffde68d01f7555aa51cb0b` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	62 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ea8aa3d9073f9b0bbf510dcd03c7c5c8139d5349ddb72b8e77bae5026138b95e` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	41 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `230b2fd961b1f2e0d251a5c1e6a076f84b15cc1841f0da9aaf6bb37da480eb17` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	9 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f3a0c70261c0024a360425836a68681429c34b9a6bced4ab3e39916e24bd1da4` Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers Content-Type image/jpeg
GET H3	200	e2a3ee4ea63678bc73eec4d8d056ae3d.css buf.baff193.ink/2299f5lt3ljwjk/jkbk4ntds3x5//	30 KB 7 KB	306ms 305ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://buf.baff193.ink/2299f5lt3ljwjk/jkbk4ntds3x5//e2a3ee4ea63678bc73eec4d8d056ae3d.css Requested by Host: buf.baff193.ink URL: https://buf.baff193.ink/250d77c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e9be03c9d3ae2ee214087253d9e634bf019c46739087e086f7c104679bd98360` Request headers accept-language nl-NL,nl;q=0.9 Referer https://buf.baff193.ink/?gclid=CjwKCAjw586hBhBrEiwAQYEnHbZjgKtmQokSV18pVN8Hn91T0sJ-4OlaC1NT0dFp6GYTJQsMc4sXIhoCh-YQAvD_BwE User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36 Response headers date Mon, 10 Apr 2023 13:42:01 GMT content-encoding br cf-cache-status MISS last-modified Mon, 10 Apr 2023 13:42:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pfJjB7O5CV68TUOPAxpjKgzagqtEvmDo5pLOc5NuCl%2BKNLNah1XY48tPJ6OOirLj9knmoP1PYJUi98SP9ifvxhoU%2BXCaVxHn37MchVQRk8kWtuE5xuOxU6l7bPCM5AOEc5Nwvib7nbic7K4Egg%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7b5b692449f10e40-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buf.baff193.ink/	1969-12-31 23:59:59	Name: 54018389c7a32a8d685baa10091bc39c Value: rv2299f5lt3ljwjkbk4ntds3x5t7
buf.baff193.ink/	1970-01-20 10:59:04	Name: 06046c92049114992db013ffcf404d94 Value: pCIGVnJ8JM
buf.baff193.ink/	1970-01-20 10:59:04	Name: bc415652fa8373a78513d2c253c3857a Value: f1f617201db41e505efe40c30bce6593
buf.baff193.ink/	1970-01-20 10:59:04	Name: ee55b848ea6d3422f505f329cda7603e Value: nTG1VT2NWTnROYVA5Y0c5TXo0Z1VMR2p5VGxTSDJ3SGNUYTlHZFR4U01LdV8tSlVPY19OdE5PWTRjaEY0MEJhbWNoRjNjS291ZEthbTkxTnBjS2ZuOW5mbmZoWXU5aGF1Tl9wXzBCY19kX1VfMEJGZ2ZLMHFjbjlIZGhjQWM0b0FkaHpnYzRGbTBCTnFjNGNCZGh6QTBWTkVObmN1Tk9RX2pzVXE5Vk5FTm5jcU5PUV82Sj1tY09hMzlPVEVqaGZFYmtqRGJxcEliblBfYkJTeWoxU0JjQWlxTl9wXzBCMF9kbEVfNko9cTBCTnU5MTA0OTFOMzA0TmU5MUZwZHdGNGZLb0FjS0ZwMEJTXzBuem0wVjNwMm52Xy1KVXYtNFVuMEJqbDBuMG1mMWNnZkJTX2ZCOV9maEhPY25mYWRoRjRjblRsMHdUbi1reHk5bU5FTmxwSTlLeG5jQkZCMHdvdWNLRjMwT2ZPZGh4bDluMHBmNDlIYzF6dTBPb3VjS2N5djEza05fcF82Sj1wZDFvNGZoVU9jQmkzZmhUbGNoVG45T2FnZmhpM2YxZkhjTzlIZjRvZWNtM3AybnZfLUpVdi1CVUhkS04zZm4wcDkxR19kaEhIOU85T2ZPY2dkMW8zZEtsXzlob3BjT2ZfLWt4eTltTkVObHBJZGhvcGN3RmVjd2M0ZndjMzBPenVmT2FCY09TX2NLdjQwNHpxZmhvcTlPRnl2MTNrTl9wXzZKPUJjbnpxY0tTX2ZoYzNjQml1OW5vM2Nodm1md2NCZGhGdWYxRjRmT3Y0MF8zcDJudl8tSlV2LTRUbmZoMHVjMW9CZDF6QmQxejNmT29wZHdmTzl3Tm05blVsMEt2cTkxR18ta3h5OW1ORU5scEk5d0ZxMEJISGM0enVkS1VPOU9UbDBCVW4wQk5CY0tHSGRLR25jMXp1ZGhjeWJ3ZklOX3BfNko9NGY0ekFkd3pBME9OZ2ZuenFjQkZ1ME9GZzBPVU9jaGNxZjRVbGNLbEhjbTM4MDQ9Xy1KVXYtNHptMEtmbDlLU2wwSzBCZk92ZTBuY0FjNFRsMEJTYWQxRnBmSzlIOUtmYS1uZkJ2bVVqLUpVT2ZtTnRObHBJMkF4bDJubGF2cXBJMjE1a2J3ZV9yRkND

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buf.baff193.ink
code.jquery.com
g.fp.ps.netease.com
2001:4de0:ac18::1:a:1b
2a02:26f0:3500:596::31fc
2a06:98c1:3121::3
0303ef036c13838df457b8c3bc475577d2480ee1ea5967776ee33ff7175efe99
09f439a7e9d2bc4e48d18455a0830e40b575a2fa37af1f3464c51fffd7a8f2e0
161145385997d705d6b15a2a96a5e965466a2f3f93d7182b4f5dcb53faaeef93
19cf2177264a2c92005118410ca38268364155d0dc6e43da08048ef30ca06297
230b2fd961b1f2e0d251a5c1e6a076f84b15cc1841f0da9aaf6bb37da480eb17
2313e8bf0d27c162f4d7934aa6e6e4fc2401156ae60448e7731924d6911c32d7
35d332f87338d5dc6a8874326b814250a38d3049078beff01fca84c4d3144fdb
37d08ebe3be6f6a5a19b1b3fd2a68b967e1b400d5382dd89089a893a07dad07b
3d8f93449263c23010c8d6cc2a1949959de44d68c9a9595713d413cf74528fe1
48c58f7304c1a4e24cac1ea876ae6874eba7dfbfd83a6a3ce93b5ba579357fad
49ae55af06435e2a7fe3f305181887186167e2f2193143cd6b09966f79296cd9
4b2dcefaff20aae7118c726eab43f11fe1840b3e6fffde68d01f7555aa51cb0b
4de2c861c17e38b6c51f34e3ec699486b189299fb3f7b4033a1a2f7908995131
4eb35c61ab4becacae236d7fd656a01dc88be261556d70895ae9ab7d86325622
54278c840c95a570cd2d5db54de25cecb788718fbbc802d5af503a56ad4ce8e8
55c7988ee9512294209841b9c03e4ba46998ec9d5a10babad326b93cc4901d33
5ac2d72ca77672473eb7c2016a24c2f83ae425632f605b884a6df6ba618c1e5c
5af89fc21cf60a539db8dae4fc14da9186b5949a3e1ceb98061f062c93e3635d
6272b1f8df52af7e8b520a2bed90ede4b25e5df2307e14363201a84820a7e791
6510fcfe74b4dec9a11140d44b6e700803ea7c170b302fe8b6a18453b5889478
661e75c46642ac75c620195a41076cc106af67c51c9641b2412c308ad2e7597c
7122416a6881ba5050841d9454ce8735769005deb84fe0f442e5c7f4b41275cd
73580ddf84ebfb5550c0b09cf307e3e17174073894f24896bdc72c191ec055ee
91e9287668c3349831c95f02f1d50ade998da121b0461e4c9642d3f530e0b6c6
99cff2170c703fa4c82f251c633f2b46099d1a19b26d343f2bc8cf1615f4a464
9c3840cfac7137c3bccf8ddd604adfcf9e612b114a915b96d8956807eaf6d843
9cfb85003e25d67c5ed7b6656071746d3016a97e755e05063a04f3ced2f57cc2
a14b757f97860953804864711c6ee42f7d26829085f17752aaf164e5eb89ca81
a35b43cec3ab980f57ab7d2b7c78efc77810896e4516e532ecd350a5d40e98b7
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a7288c92e1802fe4e503f42c26e10902378cebded59bc0d986ece21046c56afc
ad2d82dd1a1492d3d6dd1b707ff7415e6e60a41980ce6e4e971d6d002a17e085
b8608d1ee73b3e9b64d72e286ed988eb06dbb56def884828726ac171e60b7081
b95e8e87f22fe78dcc4b931817c8d92357c0d48412f6ee6a3299ca828bb046bb
beb4d8d8c9e8e9fb9eb2cd255bfa413aef9882d0a11c186e8061b6c6449a453c
c0a136bc3f916f34ecea5295f05ad6e419b19d96e8041e15be520ac998dbfdbd
c2886eb4148a3b08e5534055f71502328c6a9efe2e95e2014f6a05866c5c9d61
c4d30d5820cebaf81d54e4fd6f33f90d4f2bec3d5cc2f00bbc47ddafa08f8f5f
c5b2adc052ede8f6d165d098508732d31815e912ddd68ce2b700e246056d4161
cf9f423af70c5182134e4cfa485579e0084e34373949806c735b59bc88ff6435
d3abe3ef661943a644f229dff7dfc2d64e66dbd100186b4e46e4ac316bdebedd
d66e49afc33f799393aba409757834b122281be9704f293779478a89de81fe7d
d95010a89058848f912133d565d511c964a52fdfb9d74ea8c68431d4fc719817
daf324c0df713f78dc161b5df9d2c622f712f865c33e802ad8972bc3ddaf1b45
dc17d02593b2a5b4b6bbacbdc7e9a7b5475a91f816dd55ec6b0ec4fec8a1ad9a
de3e6ebb834c7f2b86318dab96aadb2e23fd5875aecb65798688d4045c0df6ca
e2ebfe9b6ae87f67b479357bc098561b9c760a47e7ebeacb6b03df9813466dbe
e3ccc9a2a8a58f9189919113156c6ed7f5cebb8e48ecd8e87ad97323a42c3ccb
e3dbf7e7ccc3e415a9dd1fb1460cb8759fa7eabf4900fff86c065a2d9fde8cb0
e9be03c9d3ae2ee214087253d9e634bf019c46739087e086f7c104679bd98360
ea8aa3d9073f9b0bbf510dcd03c7c5c8139d5349ddb72b8e77bae5026138b95e
eb5520dce709038636c4c2a229dfb1c3c944882e299b76a4e671e9d8abbe520d
ee14b5bea413a1a436d410ce1ea0f7c59b7ec14b1bed679d26bcaebab70b5d71
f3a0c70261c0024a360425836a68681429c34b9a6bced4ab3e39916e24bd1da4

buf.baff193.ink Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

100 %IPv6

3 Domains

3 Subdomains

4 IPs

3 Countries

4141 kBTransfer

7040 kBSize

4 Cookies

0 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

buf.baff193.ink Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

4141 kB
Transfer

7040 kB
Size

4
Cookies

37 HTTP transactions
17 data transactions