shu-sa3.sh1niaoduoo.cfd Open in urlscan Pro
154.213.28.32 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://shu-sa3.sh1niaoduoo.cfd/
Effective URL:
https://shu-sa3.sh1niaoduoo.cfd/
Submission: On November 19 via api (November 19th 2024, 8:50:42 am UTC) from LU — Scanned from CA

Summary HTTP 66 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 17 domains to perform 66 HTTP transactions. The main IP is 154.213.28.32, located in Hong Kong, Hong Kong and belongs to HIITL-AS-AP Hong Kong FireLine Network LTD, HK. The main domain is shu-sa3.sh1niaoduoo.cfd.
TLS certificate: Issued by R10 on November 19th 2024. Valid for: 3 months.

This is the only time shu-sa3.sh1niaoduoo.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	154.213.28.32 154.213.28.32	136950 (HIITL-AS-...) (HIITL-AS-AP Hong Kong FireLine Network LTD)
4	183.240.98.228 183.240.98.228	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
13	218.60.100.169 218.60.100.169	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	156.243.7.79 156.243.7.79	40065 (CNSERVERS) (CNSERVERS)
3	104.160.179.195 104.160.179.195	46844 (SHARKTECH) (SHARKTECH)
2	108.138.128.63 108.138.128.63	16509 (AMAZON-02) (AMAZON-02)
1	104.18.13.188 104.18.13.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	124.243.146.25 124.243.146.25	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
1	43.152.183.74 43.152.183.74	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	108.138.128.38 108.138.128.38	16509 (AMAZON-02) (AMAZON-02)
1	104.160.179.249 104.160.179.249	46844 (SHARKTECH) (SHARKTECH)
2	192.74.242.167 192.74.242.167	54600 (PEG-SV) (PEG-SV)
2	103.46.184.35 103.46.184.35	152918 (LNL-AS-AP...) (LNL-AS-AP Liberally Network LLC)
1	23.225.0.34 23.225.0.34	40065 (CNSERVERS) (CNSERVERS)
12	64.112.78.82 64.112.78.82	6939 (HURRICANE) (HURRICANE)
66	14

21 154.213.28.32 (Hong Kong, Hong Kong)

ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK)

shu-sa3.sh1niaoduoo.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 183.240.98.228 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 218.60.100.169 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

cc777img.dqsldz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 156.243.7.79 (United States)

ASN40065 (CNSERVERS, US)

images.2957087.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.160.179.195 (United States)

ASN46844 (SHARKTECH, US)
PTR: d1-packageaccountimprove.nl

777tt333cc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
333tt999cc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kk555777kk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.128.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-63.jfk50.r.cloudfront.net

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.188 (None, )

ASN13335 (CLOUDFLARENET, US)

qpao1011.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.243.146.25 (Singapore) 1 redirects

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-124-243-146-25.compute.hwclouds-dns.com

img.251195.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.152.183.74 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

pic1.zhimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-38.jfk50.r.cloudfront.net

imgpublic.ycomesc.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.160.179.249 (United States)

ASN46844 (SHARKTECH, US)
PTR: n7-improvenervebend.eu

777tt555cc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.74.242.167 (United States)

ASN54600 (PEG-SV, US)
PTR: leetu.archivemotherinlaw.com

tu-tu1.tuyitu456.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.46.184.35 (Hong Kong)

ASN152918 (LNL-AS-AP Liberally Network LLC, HK)
PTR: undefined.hostname.localhost

j-32a.yypayyhi.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.225.0.34 (United States)

ASN40065 (CNSERVERS, US)

tupianfangpingbi.91434.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 64.112.78.82 (United States)

ASN6939 (HURRICANE, US)
PTR: customer.tatraservices.com

uqetyzxa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	sh1niaoduoo.cfd shu-sa3.sh1niaoduoo.cfd	356 KB
13	dqsldz.com cc777img.dqsldz.com — Cisco Umbrella Rank: 621882	2 MB
12	uqetyzxa.com uqetyzxa.com — Cisco Umbrella Rank: 656117	665 KB
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 12020	24 KB
2	yypayyhi.xyz j-32a.yypayyhi.xyz	34 KB
2	tuyitu456.cfd tu-tu1.tuyitu456.cfd	577 KB
2	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 6429	200 KB
2	2957087.com images.2957087.com	1 MB
1	91434.icu tupianfangpingbi.91434.icu	196 KB
1	kk555777kk.com kk555777kk.com	95 KB
1	777tt555cc.com 777tt555cc.com	63 KB
1	ycomesc.live imgpublic.ycomesc.live	158 KB
1	zhimg.com pic1.zhimg.com — Cisco Umbrella Rank: 63295	10 KB
1	251195.com 1 redirects img.251195.com	110 B
1	qpao1011.com qpao1011.com	137 KB
1	333tt999cc.com 333tt999cc.com	508 KB
1	777tt333cc.com 777tt333cc.com	401 KB
66	17

	Domain	Requested by
21	shu-sa3.sh1niaoduoo.cfd	shu-sa3.sh1niaoduoo.cfd
13	cc777img.dqsldz.com	shu-sa3.sh1niaoduoo.cfd
12	uqetyzxa.com	shu-sa3.sh1niaoduoo.cfd
4	hm.baidu.com	shu-sa3.sh1niaoduoo.cfd
2	j-32a.yypayyhi.xyz	shu-sa3.sh1niaoduoo.cfd
2	tu-tu1.tuyitu456.cfd	shu-sa3.sh1niaoduoo.cfd
2	static.wixstatic.com	shu-sa3.sh1niaoduoo.cfd
2	images.2957087.com	shu-sa3.sh1niaoduoo.cfd
1	tupianfangpingbi.91434.icu	shu-sa3.sh1niaoduoo.cfd
1	kk555777kk.com	shu-sa3.sh1niaoduoo.cfd
1	777tt555cc.com	shu-sa3.sh1niaoduoo.cfd
1	imgpublic.ycomesc.live	shu-sa3.sh1niaoduoo.cfd
1	pic1.zhimg.com	shu-sa3.sh1niaoduoo.cfd
1	img.251195.com	1 redirects
1	qpao1011.com	shu-sa3.sh1niaoduoo.cfd
1	333tt999cc.com	shu-sa3.sh1niaoduoo.cfd
1	777tt333cc.com	shu-sa3.sh1niaoduoo.cfd
66	17

This site contains links to these domains. Also see Links.

Domain
glrss015.top
gjaoj051.top
zaslpcc.pub12320.vip
yvuvemgt.lt2689.top
vnsr6825.com
88859cc.com
www.5567bb.cc
555598jj.com

Subject Issuer	Validity	Valid
3abl.mitao12.lol R10	`2024-11-19` - `2025-02-17`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
cc777img.dqsldz.com TrustAsia RSA DV TLS CA G2	`2024-10-28` - `2025-01-26`	3 months	crt.sh
images.2957087.com R11	`2024-09-16` - `2024-12-15`	3 months	crt.sh
777tt333cc.com R11	`2024-10-30` - `2025-01-28`	3 months	crt.sh
333tt999cc.com ZeroSSL RSA Domain Secure Site CA	`2024-10-30` - `2025-01-28`	3 months	crt.sh
*.wixstatic.com R10	`2024-11-14` - `2025-02-12`	3 months	crt.sh
qpao1011.com E6	`2024-11-08` - `2025-02-06`	3 months	crt.sh
*.ycomesc.live Amazon RSA 2048 M02	`2024-10-08` - `2025-11-06`	a year	crt.sh
777tt555cc.com ZeroSSL RSA Domain Secure Site CA	`2024-10-30` - `2025-01-28`	3 months	crt.sh
tu-tu1.tuyitu456.cfd R11	`2024-11-14` - `2025-02-12`	3 months	crt.sh
kk555777kk.com R11	`2024-10-29` - `2025-01-27`	3 months	crt.sh
j-32a.yypayyhi.xyz R10	`2024-11-16` - `2025-02-14`	3 months	crt.sh
tupianfangpingbi.91434.icu Sectigo RSA Domain Validation Secure Server CA	`2024-09-20` - `2025-09-20`	a year	crt.sh
uqetyzxa.com Certum Domain Validation CA SHA2	`2024-09-18` - `2025-10-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://shu-sa3.sh1niaoduoo.cfd/
Frame ID: 38CBE797D2F04D792DDEA46E5EAAC368
Requests: 66 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

鏃犳爣棰樻枃妗�

Page URL History Show full URLs

http://shu-sa3.sh1niaoduoo.cfd/ HTTP 307
https://shu-sa3.sh1niaoduoo.cfd/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

67 %
HTTPS

0 %
IPv6

17
Domains

17
Subdomains

14
IPs

5
Countries

6564 kB
Transfer

7270 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://glrss015.top/

Search URL Search Domain Scan URL

URL: https://gjaoj051.top/

Search URL Search Domain Scan URL

URL: https://zaslpcc.pub12320.vip:39002/1_md1/nice.htm?F698VZ47
Title: KY直播

Search URL Search Domain Scan URL

URL: https://yvuvemgt.lt2689.top:25002/lm/new.html?channelCode=TTJCCCC11
Title: 双鱼直播

Search URL Search Domain Scan URL

URL: https://vnsr6825.com/?at=6607
Title: 澳门威尼斯

Search URL Search Domain Scan URL

URL: https://88859cc.com:18556/
Title: 百万提款

Search URL Search Domain Scan URL

URL: https://www.5567bb.cc/
Title: 博万体育

Search URL Search Domain Scan URL

URL: https://555598jj.com:61016/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://shu-sa3.sh1niaoduoo.cfd/ HTTP 307
https://shu-sa3.sh1niaoduoo.cfd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://img.251195.com/images/660fc7b58d48b379df762848.gif HTTP 302
https://pic1.zhimg.com/v2-e440a1df2bc21fae59606a13cb743df4

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
shu-sa3.sh1niaoduoo.cfd/
Redirect Chain

http://shu-sa3.sh1niaoduoo.cfd/
https://shu-sa3.sh1niaoduoo.cfd/

10 KB
3 KB

1065ms
239ms

Document
text/html

154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

066de3addfef3bdba3b1d9eefba21906fd3f682b868162bbda0963f7c08ea430

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 19 Nov 2024 08:50:24 GMT
etag: W/"673c22bc-2847"
last-modified: Tue, 19 Nov 2024 05:31:40 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

Location: https://shu-sa3.sh1niaoduoo.cfd/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 bootstrap.px.min.css
shu-sa3.sh1niaoduoo.cfd/css/ 157 KB
29 KB 484ms
481ms Stylesheet
text/css 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/css/bootstrap.px.min.css

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

f6dba1fd7647e8371fea0aff37b1cff06a535ea0ad9d83a8c851afc4170946dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6723e287-27340"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: text/css
last-modified: Thu, 31 Oct 2024 20:03:19 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap-icons.css
shu-sa3.sh1niaoduoo.cfd/css/ 93 KB
16 KB 528ms
525ms Stylesheet
text/css 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/css/bootstrap-icons.css

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

0018c93b3d14f0f6940e6718832b7a885f97db214383eae2e4cef2801d7957cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"65f39032-1756d"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: text/css
last-modified: Fri, 15 Mar 2024 00:02:58 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap-v4.px.css
shu-sa3.sh1niaoduoo.cfd/css/ 1 KB
698 B 527ms
525ms Stylesheet
text/css 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/css/bootstrap-v4.px.css

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

2d7c965e69ff1772670354bfa51ffc3c3d7c5dff0ffb26ce1c2fd6c129d3f1e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"65f3196c-58b"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: text/css
last-modified: Thu, 14 Mar 2024 15:36:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 style.css
shu-sa3.sh1niaoduoo.cfd/css/ 28 KB
7 KB 723ms
720ms Stylesheet
text/css 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/css/style.css

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

aee9e24f5a42afd33ce19da938d523f46f542ccea0626a18abf6b3b250bf0808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6723df9c-70b5"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: text/css
last-modified: Thu, 31 Oct 2024 19:50:52 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 swiper-bundle.min.css
shu-sa3.sh1niaoduoo.cfd/css/ 17 KB
3 KB 722ms
720ms Stylesheet
text/css 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/css/swiper-bundle.min.css

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

5fdda7f916fcff44564be8eff12c2b0d983ff815dd853b8d27ee76ded8ffbae2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6662793c-4560"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: text/css
last-modified: Fri, 07 Jun 2024 03:06:36 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 tc.css
shu-sa3.sh1niaoduoo.cfd/css/ 41 KB
9 KB 723ms
721ms Stylesheet
text/css 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/css/tc.css

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

545dc6151a8c4db35c4c3feaabba4ed0ef56564b66ffb387a9f0d43bd405a90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6723e51d-a442"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: text/css
last-modified: Thu, 31 Oct 2024 20:14:21 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 mobile.css
shu-sa3.sh1niaoduoo.cfd/css/ 4 KB
1 KB 727ms
725ms Stylesheet
text/css 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/css/mobile.css

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

e530270468ba43e24231794ec9b4193d03749318d6449e076408fe0bce4f689f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66325280-e83"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: text/css
last-modified: Wed, 01 May 2024 14:32:32 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
shu-sa3.sh1niaoduoo.cfd/js/ 87 KB
34 KB 727ms
725ms Script
application/javascript 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/js/jquery.min.js

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"65a09992-15d9d"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: application/javascript
last-modified: Fri, 12 Jan 2024 01:44:50 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bootstrap.bundle.min.js Show response
shu-sa3.sh1niaoduoo.cfd/js/ 81 KB
26 KB 727ms
725ms Script
application/javascript 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/js/bootstrap.bundle.min.js

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"663d509c-14535"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 22:39:24 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 swiper-bundle.min.js Show response
shu-sa3.sh1niaoduoo.cfd/js/ 85 KB
25 KB 723ms
722ms Script
application/javascript 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/js/swiper-bundle.min.js

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

c75f5760a170f7057a0f98292236de6ccaa4c1227be309b91fc3b4d73346f8b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66627946-15396"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: application/javascript
last-modified: Fri, 07 Jun 2024 03:06:46 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 tj.js Show response
shu-sa3.sh1niaoduoo.cfd/js/ 505 B
719 B 724ms
722ms Script
application/javascript 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/js/tj.js

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

3d7ac8a514170fd0981f29a4f9f5726522165c8208b464fd5819023195c3a83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
etag: "67306fbb-1f9"
expires: Tue, 19 Nov 2024 20:50:24 GMT
accept-ranges: bytes
content-length: 505
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: application/javascript
last-modified: Sun, 10 Nov 2024 08:32:59 GMT
server: nginx

GET
H2 200 lm.js Show response
shu-sa3.sh1niaoduoo.cfd/js/ 10 KB
4 KB 724ms
722ms Script
application/javascript 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/js/lm.js

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

92695f12f5d5297aae04ceb9cc9178ea9cfc58c32fa6b90ab80fbd0fd294e90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66f767e5-2659"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: application/javascript
last-modified: Sat, 28 Sep 2024 02:20:21 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 base.js Show response
shu-sa3.sh1niaoduoo.cfd/ 3 KB
2 KB 724ms
723ms Script
application/javascript 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/base.js

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

fb44e03afa7ba31ac439516c4e21fb21e04db2f1b1f15453e26a320f098b5364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6738d03c-a01"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: application/javascript
last-modified: Sat, 16 Nov 2024 17:02:52 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 crypto-js.js Show response
shu-sa3.sh1niaoduoo.cfd/js/ 214 KB
47 KB 724ms
723ms Script
application/javascript 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/js/crypto-js.js

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

471a85194f818955b755b792550f392fc00b309d2e819bd8725d78ec627bb7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6566f986-357d5"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: application/javascript
last-modified: Wed, 29 Nov 2023 08:42:46 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 gg.js Show response
shu-sa3.sh1niaoduoo.cfd/js/ 24 KB
9 KB 725ms
724ms Script
application/javascript 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/js/gg.js

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

cf1ecec7938a12533abacd2f07d2229816d255ca3af6061cb6bdcb988393e7b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"673a20ab-5f94"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: application/javascript
last-modified: Sun, 17 Nov 2024 16:58:19 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 api.js Show response
shu-sa3.sh1niaoduoo.cfd/js/ 49 KB
9 KB 725ms
724ms Script
application/javascript 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/js/api.js

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

9745fae25cb21781675a11b1be074efe5e77f458b12d481e1968a3dfd94384ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"673a20ab-c221"
expires: Tue, 19 Nov 2024 20:50:24 GMT
date: Tue, 19 Nov 2024 08:50:24 GMT
content-type: application/javascript
last-modified: Sun, 17 Nov 2024 16:58:19 GMT
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1168ms
372ms Script
application/javascript 183.240.98.228
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?8228db5df5e5fea7ee84bc6bfc4925a7

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/js/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

1b98a24e96fd2c598025b19a571c5ad98ffb9be55c7f927d9e55f5156666fbc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Etag: 9d8b6a3d75ac4b015e2087a5005efba6
Content-Length: 11286
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 19 Nov 2024 08:50:26 GMT
Content-Type: application/javascript
Server: apache

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 840ms
336ms Script
application/javascript 183.240.98.228
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?a6bf47304472ba8549019d19cdecc9bf

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/js/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

a999d03d4ebc4f70e229223cf57eaa3745440ad6da3815e2fb44a1ea9979777b

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Etag: 447fe94cb6c3174c9125947b2b18a673
Content-Length: 11288
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 19 Nov 2024 08:50:25 GMT
Content-Type: application/javascript
Server: apache

GET
H2 200 bootstrap-icons.woff2
shu-sa3.sh1niaoduoo.cfd/css/ 118 KB
119 KB 242ms
240ms Font
font/woff2 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL

https://shu-sa3.sh1niaoduoo.cfd/css/bootstrap-icons.woff2?2ab2cbbe07fcebb53bdaa7313bb290tr

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/css/bootstrap-icons.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

eba8243051339456fed8f7767ae87a2b37199b83c21a6ea76c18254fa4959f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Origin: https://shu-sa3.sh1niaoduoo.cfd
Referer: https://shu-sa3.sh1niaoduoo.cfd/css/bootstrap-icons.css

Response headers

strict-transport-security: max-age=31536000
etag: "65f38e2c-1d8fc"
accept-ranges: bytes
content-length: 121084
date: Tue, 19 Nov 2024 08:50:25 GMT
content-type: font/woff2
last-modified: Thu, 14 Mar 2024 23:54:20 GMT
server: nginx

GET
H/1.1 200
OK 114ndhg.gif
cc777img.dqsldz.com/i/2024/10/28/ 212 KB
213 KB 2392ms
305ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/10/28/114ndhg.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: d521d8b46aa1a45768f3215b94a01d760956dd9efe3c0274a3e2cddd6647f2ca

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "671fa371-35151"
Age: 1878891
nginx-hit: 1
Expires: Wed, 27 Nov 2024 14:54:53 GMT
X-CCDN-REQ-ID-46B1: 3ddccd7acda59984585db249aa0bd375
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Oct 2024 14:45:05 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
X-CCDN-Expires: 713223
Connection: keep-alive
x-hcs-proxy-type: 1
via: CHN-LNdalian-AREACUCC1-CACHE20[2],CHN-LNdalian-AREACUCC1-CACHE19[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE25[7],CHN-TJ-GLOBAL1-CACHE19[0,TCP_HIT,3]
X-CCDN-CacheTTL: 2592000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 217425
Server: openresty

GET
H/1.1 200
OK 112vacg.gif
cc777img.dqsldz.com/i/2024/10/28/ 185 KB
186 KB 3028ms
304ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/10/28/112vacg.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 63a13891e95d4d4894bf7d6681eed3447b0a555b70173079b81de75cb3348a8a

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "671fa2be-2e484"
Age: 1879330
nginx-hit: 1
Expires: Wed, 27 Nov 2024 14:45:09 GMT
X-CCDN-REQ-ID-46B1: 6c4869bdf7b4a2129b5cb24f23d3bf5d
Date: Tue, 19 Nov 2024 08:50:28 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Oct 2024 14:42:06 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
X-CCDN-Expires: 712690
Connection: keep-alive
x-hcs-proxy-type: 1
via: CHN-LNdalian-AREACUCC1-CACHE2[2],CHN-LNdalian-AREACUCC1-CACHE40[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE79[4],CHN-TJ-GLOBAL1-CACHE40[0,TCP_HIT,0]
X-CCDN-CacheTTL: 2592000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 189572
Server: openresty

GET
H/1.1 200
OK 114nenq.gif
cc777img.dqsldz.com/i/2024/10/28/ 238 KB
239 KB 2406ms
308ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/10/28/114nenq.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 1292dba782f0b968ecbf08c188877a0bd6cfa4bc47306c27b5c9d0f4b2b1fd76

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "671fa371-3b83a"
Age: 1878799
nginx-hit: 1
Expires: Wed, 27 Nov 2024 14:54:53 GMT
X-CCDN-REQ-ID-46B1: 08f1269e7503c7038788962763e2532c
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Oct 2024 14:45:05 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
X-CCDN-Expires: 713219
Connection: keep-alive
x-hcs-proxy-type: 1
via: CHN-LNdalian-AREACUCC1-CACHE31[2],CHN-LNdalian-AREACUCC1-CACHE24[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE99[11],CHN-TJ-GLOBAL1-CACHE90[0,TCP_HIT,6]
X-CCDN-CacheTTL: 2592000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 243770
Server: openresty

GET
H/1.1 200
OK 112vasq.gif
cc777img.dqsldz.com/i/2024/10/28/ 247 KB
247 KB 2722ms
307ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/10/28/112vasq.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 94ea12348e9cdab8dfcf76c668a2ce248be4adfbb0a0404facba28f18504c9f6

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "671fa2be-3dad5"
Age: 1879329
nginx-hit: 1
Expires: Wed, 27 Nov 2024 14:46:58 GMT
X-CCDN-REQ-ID-46B1: d4f66668441f41eee0400efc6d430b9a
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Oct 2024 14:42:06 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
X-CCDN-Expires: 712688
Connection: keep-alive
x-hcs-proxy-type: 1
via: CHN-LNdalian-AREACUCC1-CACHE21[2],CHN-LNdalian-AREACUCC1-CACHE70[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE80[7],CHN-TJ-GLOBAL1-CACHE84[0,TCP_HIT,2]
X-CCDN-CacheTTL: 2592000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 252629
Server: openresty

GET
H/1.1 200
OK zflaye.gif
cc777img.dqsldz.com/i/2024/10/28/ 111 KB
112 KB 2677ms
305ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/10/28/zflaye.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: f952b07e3b51680c16ab659dee3ce5619c1b900f8619d39dbdaffedd455ae932

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "671f94da-1bcfe"
Age: 1881306
nginx-hit: 1
Expires: Wed, 27 Nov 2024 14:00:29 GMT
X-CCDN-REQ-ID-46B1: 3a508ace166afad77ee01b8e74ba28c7
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Oct 2024 13:42:50 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
X-CCDN-Expires: 710697
Connection: keep-alive
x-hcs-proxy-type: 1
via: CHN-LNdalian-AREACUCC1-CACHE56[3],CHN-LNdalian-AREACUCC1-CACHE10[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE51[6],CHN-TJ-GLOBAL1-CACHE10[0,TCP_HIT,3]
X-CCDN-CacheTTL: 2592000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 113918
Server: openresty

GET
H/1.1 200
OK zdojsh.gif
cc777img.dqsldz.com/i/2024/10/28/ 113 KB
113 KB 2067ms
302ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/10/28/zdojsh.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: c8fb56bb0d5c432c67e3757f531a83b38e67dfbd6579b4eea0fd229a5ff2bcce

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "671f9411-1c2e5"
Age: 1882568
nginx-hit: 1
Expires: Wed, 27 Nov 2024 13:53:45 GMT
X-CCDN-REQ-ID-46B1: 6018398a9344448f498090bb131f2662
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Oct 2024 13:39:29 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
X-CCDN-Expires: 709451
Connection: keep-alive
x-hcs-proxy-type: 1
via: CHN-LNdalian-AREACUCC1-CACHE21[3],CHN-LNdalian-AREACUCC1-CACHE62[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE29[3],CHN-TJ-GLOBAL1-CACHE88[0,TCP_HIT,0]
X-CCDN-CacheTTL: 2592000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 115429
Server: openresty

GET
H2 200 b9ba76160127a.gif
images.2957087.com/GCd0AfEG/ 444 KB
444 KB 990ms
215ms Image
image/gif 156.243.7.79
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.2957087.com:35006/GCd0AfEG/b9ba76160127a.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.243.7.79 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: cfdc0aaf6f9ad38019c42e95d0477fd24257575a0ac0878d2160956c9a9433d7

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

cache-control: max-age=2592000
etag: "671dd6f9-6efdb"
expires: Thu, 19 Dec 2024 08:27:06 GMT
accept-ranges: bytes
x-cache: HIT, policy, disk
content-length: 454619
date: Tue, 19 Nov 2024 08:27:06 GMT
content-type: image/gif
last-modified: Tue, 19 Nov 2024 08:27:07 GMT
server: nginx

GET
H2 200 8fb80c3abacc4c96907be28432118d5e.gif
777tt333cc.com/ 401 KB
401 KB 1010ms
148ms Image
image/gif 104.160.179.195
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://777tt333cc.com/8fb80c3abacc4c96907be28432118d5e.gif

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.160.179.195 , United States, ASN46844 (SHARKTECH, US),

Reverse DNS

d1-packageaccountimprove.nl

Software

nginx /

Resource Hash

463103ded60e3424fd4ad384274e3ab726905273cfc71baeb95f9e76f0eefce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67286f9b-642d9"
psc-cache-status: HIT
accept-ranges: bytes
content-length: 410329
date: Tue, 19 Nov 2024 08:50:26 GMT
content-type: image/gif
last-modified: Mon, 04 Nov 2024 06:54:19 GMT
server: nginx

GET
H2 200 24919cdaedbd4c42bc559a1303475b0d.gif
333tt999cc.com/ 507 KB
508 KB 1259ms
107ms Image
image/gif 104.160.179.195
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://333tt999cc.com/24919cdaedbd4c42bc559a1303475b0d.gif

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.160.179.195 , United States, ASN46844 (SHARKTECH, US),

Reverse DNS

d1-packageaccountimprove.nl

Software

nginx /

Resource Hash

8aabc04551c9ac6f90015d382ff43f2dc650ea9eb34e7eb00a1e6be92a6ae407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "672ca3a3-7ed74"
psc-cache-status: HIT
accept-ranges: bytes
content-length: 519540
date: Tue, 19 Nov 2024 08:50:26 GMT
content-type: image/gif
last-modified: Thu, 07 Nov 2024 11:25:23 GMT
server: nginx

GET
H/1.1 200
OK zd4i70.gif
cc777img.dqsldz.com/i/2024/10/28/ 92 KB
92 KB 2052ms
299ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/10/28/zd4i70.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 2426d7c7f0b4642d2ff76822c538917cca6b4dc26aee76e52b6ddfca5442f90b

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "671f93dc-16f56"
Age: 1882568
nginx-hit: 1
Expires: Wed, 27 Nov 2024 13:53:51 GMT
X-CCDN-REQ-ID-46B1: 8ef47b4b20484d7aad31e7984deccaf7
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Oct 2024 13:38:36 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
X-CCDN-Expires: 711614
Connection: keep-alive
x-hcs-proxy-type: 1
via: CHN-LNdalian-AREACUCC1-CACHE56[3],CHN-LNdalian-AREACUCC1-CACHE53[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE46[6],CHN-TJ-GLOBAL1-CACHE88[0,TCP_HIT,0]
X-CCDN-CacheTTL: 2592000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 94038
Server: openresty

GET
H/1.1 200
OK zd94vn.gif
cc777img.dqsldz.com/i/2024/10/28/ 196 KB
196 KB 2058ms
301ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/10/28/zd94vn.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 17f06b591382030e0bbdffe9e95f8005f9bcca40924688b67c359b79f58a1cac

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "671f93f1-30e2b"
Age: 1883481
nginx-hit: 1
Expires: Wed, 27 Nov 2024 13:39:06 GMT
X-CCDN-REQ-ID-46B1: 8d06f78db1d48d245c38bc04a05c00bf
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Oct 2024 13:38:57 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
x-hcs-proxy-type: 1
Connection: keep-alive
X-CCDN-CacheTTL: 2592000
via: CHN-LNdalian-AREACUCC1-CACHE2[3],CHN-LNdalian-AREACUCC1-CACHE55[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE62[823],CHN-TJ-GLOBAL1-CACHE55[785,TCP_MISS,819]
X-CCDN-Expires: 708686
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 200235
Server: openresty

GET
H2 200 dd9a87_3dd9658f90f54f25b8340782be959f38~mv2.gif
static.wixstatic.com/media/ 127 KB
127 KB 198ms
91ms Image
image/gif 108.138.128.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/dd9a87_3dd9658f90f54f25b8340782be959f38~mv2.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-63.jfk50.r.cloudfront.net
Software: openresty/1.25.3.2 /
Resource Hash: 1c906a1addeb1465b50762387e5b3f123f564052b1fb2aa0e427eb30e3885b89

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

access-control-expose-headers: Content-Length
etag: "6872dfe425ecb0260e49c807a4bb427d"
age: 2080284
expires: Sat, 26 Oct 2024 07:59:01 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 08OwpRyg43r8ki2jlOFMvp9M4bgB8ffTmjZFFkxBmjG-i5adOsNcQA==
date: Sat, 26 Oct 2024 06:59:01 GMT
content-type: image/gif
last-modified: Sat, 26 Oct 2024 06:57:40 GMT
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
via: 1.1 google, 1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-56f88799f9-6nx6j
content-length: 129565
x-amz-cf-pop: JFK50-P4
server: openresty/1.25.3.2

GET
H/1.1 200
OK 112v8dj.gif
cc777img.dqsldz.com/i/2024/10/28/ 205 KB
206 KB 2058ms
299ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/10/28/112v8dj.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 7e24f432d132345eed16ab2bfb6725d1375f6c6cb4fe13bb9b5b007e40d557ca

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "671fa2be-3340d"
Age: 1878417
nginx-hit: 1
Expires: Wed, 27 Nov 2024 14:52:14 GMT
X-CCDN-REQ-ID-46B1: 9c131927c76bc460019ac910c834d954
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Oct 2024 14:42:06 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
X-CCDN-Expires: 713586
Connection: keep-alive
x-hcs-proxy-type: 1
via: CHN-LNdalian-AREACUCC1-CACHE10[3],CHN-LNdalian-AREACUCC1-CACHE70[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE17[7],CHN-TJ-GLOBAL1-CACHE70[0,TCP_HIT,5]
X-CCDN-CacheTTL: 2592000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 209933
Server: openresty

GET
H2 200 1211-7.gif
qpao1011.com/dds/ 137 KB
137 KB 139ms
34ms Image
image/gif 104.18.13.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qpao1011.com/dds/1211-7.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.188 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a99be32f75bcacf7bab63189ee58b031d2d4976bed436b762a2db79f37215e0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

cache-control: public, max-age=14400
cf-cache-status: HIT
etag: "668ed39c-22389"
age: 4241
access-control-allow-methods: *
cf-ray: 8e4ef3dd38433704-YYZ
expires: Tue, 19 Nov 2024 12:50:25 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 140169
date: Tue, 19 Nov 2024 08:50:25 GMT
content-type: image/gif
last-modified: Wed, 10 Jul 2024 18:31:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 bb1099cb798ff.gif
images.2957087.com/GkpF1uug/ 658 KB
659 KB 981ms
216ms Image
image/gif 156.243.7.79
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.2957087.com:35006/GkpF1uug/bb1099cb798ff.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 156.243.7.79 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 79617569efec0775a501c35e799472aca4a99b806e73c6c8a33ca97c24176b8d

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

cache-control: max-age=2592000
etag: "67060119-a4916"
expires: Thu, 19 Dec 2024 08:48:09 GMT
accept-ranges: bytes
x-cache: HIT, policy, disk
content-length: 674070
date: Tue, 19 Nov 2024 08:48:09 GMT
content-type: image/gif
last-modified: Tue, 19 Nov 2024 08:48:09 GMT
server: nginx

GET
H2

200

v2-e440a1df2bc21fae59606a13cb743df4
pic1.zhimg.com/
Redirect Chain

https://img.251195.com/images/660fc7b58d48b379df762848.gif
https://pic1.zhimg.com/v2-e440a1df2bc21fae59606a13cb743df4

10 KB
10 KB

540ms
35ms

Image
image/webp

43.152.183.74
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic1.zhimg.com/v2-e440a1df2bc21fae59606a13cb743df4
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: H2
Server: 43.152.183.74 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Byte-nginx / ImageX
Resource Hash: 65e71a95cfe4f38768bfed67628342e547109c5767e516cbe33efd93aab33796

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer

Response headers

x-request-ip: 123.150.77.135
x-response-cache: miss
x-request-id: 8cbec1d89ce5e34dc7ed04b07729d2c1
access-control-max-age: 2592000
x-bdcdn-cache-status: TCP_MISS
nw-session-id: 2024111118024529878ACDF175D5CDCB31kjl7t02ff
server-timing: inner; dur=46
x-cdn-provider: tencent
date: Mon, 11 Nov 2024 10:02:45 GMT
x-length: 9904
last-modified: Mon, 11 Nov 2024 10:02:45 GMT
content-type: image/webp
x-tt-trace-host: 01526ef6db5d1e33a06b8b180da9bd03ab09898ab320fc349c16f7ccacc0161a7dba8e3036eac8e639213f3e566281784b6c25e88d70cdd25765c4a9d0144c4c808fcd7e78819794335f939323c592f139d69193c72cccdfed0fad1fda58363eedb28ca0a320a0517997c1d630bd6189ab
cache-control: max-age=31536000
x-nws-log-uuid: 4622929068923827987
nw-session-trace: 2024-11-11T18:02:45.479823351+08:00 37
x-response-date: Mon, 11 Nov 2024 18:02:45 GMT
x-tt-trace-tag: id=5
imagex-fmt: awebp2awebp
accept-ranges: bytes
x-tt-trace-id: 202411111802458c9575a24b98255CC597
content-length: 9904
access-control-allow-origin: *
x-cache-lookup: Cache Hit
x-tt-logid: 2024111118024529878ACDF175D5CDCB31
server: Byte-nginx
x-response-cinfo: 123.150.77.135
x-powered-by: ImageX

Redirect headers

cache-control: max-age=600
location: https://pic1.zhimg.com/v2-e440a1df2bc21fae59606a13cb743df4
content-length: 0
referrer-policy: no-referrer

GET
H2 200 2021081821285786424.gif
imgpublic.ycomesc.live/new/ads/20210818/ 158 KB
158 KB 156ms
42ms Image
image/gif 108.138.128.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgpublic.ycomesc.live/new/ads/20210818/2021081821285786424.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-38.jfk50.r.cloudfront.net
Software: nginx /
Resource Hash: ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

etag: "64c0f3edc7b3bfd2a2c009f3b93ebd7d"
age: 543
x-amz-meta-x-goog-reserved-source-generation: 1693296237096049
x-amz-meta-x-goog-source-etag: "64c0f3edc7b3bfd2a2c009f3b93ebd7d"
x-cache: Hit from cloudfront
x-amz-cf-id: dRRqnz50hyijVlAIrmvicBICG70jrQdRQOKwBY3w0XFtEDSo5KcPnA==
date: Tue, 19 Nov 2024 08:41:23 GMT
content-type: image/gif
last-modified: Wed, 13 Dec 2023 04:54:41 GMT
vary: Origin
via: 1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-meta-last-modified: 1700489316000
content-length: 161572
x-amz-cf-pop: JFK50-P4
server: nginx
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK 150-150.gif
cc777img.dqsldz.com/i/2024/11/13/ 36 KB
37 KB 2055ms
298ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/11/13/150-150.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 65ce8a550a9e81b503eabcd414a9bc9757f92d21ce8ff574ffcfcb5da6a668d2

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "6734a13b-9077"
Age: 500835
nginx-hit: 1
Expires: Fri, 13 Dec 2024 12:53:22 GMT
X-CCDN-REQ-ID-46B1: 64bd1ab0cd9efd3be4167c57a029a353
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/gif
Last-Modified: Wed, 13 Nov 2024 12:53:15 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
X-CCDN-Expires: 2091168
Connection: keep-alive
x-hcs-proxy-type: 1
via: CHN-LNdalian-AREACUCC1-CACHE31[2],CHN-LNdalian-AREACUCC1-CACHE62[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE79[6],CHN-TJ-GLOBAL1-CACHE104[0,TCP_HIT,3],CHN-HElangfang-GLOBAL6-CACHE141[17],CHN-HElangfang-GLOBAL6-CACHE79[0,TCP_HIT,16]
X-CCDN-CacheTTL: 2592000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 36983
Server: openresty

GET
H2 200 008b002cb2ee44aca97173503b825564.gif
777tt555cc.com/ 63 KB
63 KB 1466ms
114ms Image
image/gif 104.160.179.249
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://777tt555cc.com/008b002cb2ee44aca97173503b825564.gif

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.160.179.249 , United States, ASN46844 (SHARKTECH, US),

Reverse DNS

n7-improvenervebend.eu

Software

nginx /

Resource Hash

ebcb4e6e13e227dea307688b47c9d659e04928434dfd5306a3ff05970683fbbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "67286fe1-fca4"
psc-cache-status: HIT
accept-ranges: bytes
content-length: 64676
date: Tue, 19 Nov 2024 08:50:26 GMT
content-type: image/gif
last-modified: Mon, 04 Nov 2024 06:55:29 GMT
server: nginx

GET
H/1.1 200
OK zfgfrw.gif
cc777img.dqsldz.com/i/2024/10/28/ 34 KB
34 KB 2050ms
297ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/10/28/zfgfrw.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 2401a2ef2a079e24bac995eecc874782a5b19ce59a3df5532865dd6d4cad4cc4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "671f94c3-862c"
Age: 1880475
nginx-hit: 1
Expires: Wed, 27 Nov 2024 14:27:10 GMT
X-CCDN-REQ-ID-46B1: a14cadebf3f0168346a9c0578797ab00
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/gif
Last-Modified: Mon, 28 Oct 2024 13:42:27 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
X-CCDN-Expires: 711544
Connection: keep-alive
x-hcs-proxy-type: 1
via: CHN-LNdalian-AREACUCC1-CACHE20[2],CHN-LNdalian-AREACUCC1-CACHE7[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE3[7],CHN-TJ-GLOBAL1-CACHE95[0,TCP_HIT,1]
X-CCDN-CacheTTL: 2592000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 34348
Server: openresty

GET
H2 200 dd9a87_bd4501d441a94790a1d663f707941ce4~mv2.gif
static.wixstatic.com/media/ 72 KB
73 KB 150ms
43ms Image
image/gif 108.138.128.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/dd9a87_bd4501d441a94790a1d663f707941ce4~mv2.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.128.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-128-63.jfk50.r.cloudfront.net
Software: openresty/1.25.3.2 /
Resource Hash: 8c88edbb7788c82503c6c6af90c59c04de0f864d29103d314437f3b39a6cc0da

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

access-control-expose-headers: Content-Length
etag: "e89f037ce0e095afd2db74e22fe2eb72"
age: 1294822
expires: Mon, 04 Nov 2024 10:10:03 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 0EQQ6e7VjawNiikSM7EP17n0x7ARSJpe9xv3rQ37p4WENOzylCDuaA==
date: Mon, 04 Nov 2024 09:10:03 GMT
content-type: image/gif
last-modified: Fri, 18 Oct 2024 14:20:08 GMT
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
via: 1.1 google, 1.1 7f9c24c13cc1a16d2c6ea3097e4958fa.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-56f88799f9-lw6mt
content-length: 74173
x-amz-cf-pop: JFK50-P4
server: openresty/1.25.3.2

GET
H2 200 ypxtb1.gif
tu-tu1.tuyitu456.cfd/bz/ 422 KB
418 KB 520ms
81ms Image
image/gif 192.74.242.167
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tu-tu1.tuyitu456.cfd/bz/ypxtb1.gif

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.74.242.167 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

leetu.archivemotherinlaw.com

Software

nginx /

Resource Hash

a807d66069eebc6557c76ef72e981bcc386ed72f8ce17adb3cbaab8fa772d02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"671b4780-696e2"
expires: Thu, 19 Dec 2024 08:50:25 GMT
date: Tue, 19 Nov 2024 08:50:25 GMT
content-type: image/gif
last-modified: Fri, 25 Oct 2024 07:23:44 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 7e09e82c26be4781a263d6eb495302f7.gif
kk555777kk.com/ 95 KB
95 KB 1541ms
148ms Image
image/gif 104.160.179.195
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kk555777kk.com/7e09e82c26be4781a263d6eb495302f7.gif

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.160.179.195 , United States, ASN46844 (SHARKTECH, US),

Reverse DNS

d1-packageaccountimprove.nl

Software

nginx /

Resource Hash

bf5e29f5b73db03ff11b5f76435610676b13859bae26c8baf279a5b0a9ab05fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "66f63b0c-17ab6"
psc-cache-status: HIT
accept-ranges: bytes
content-length: 96950
date: Tue, 19 Nov 2024 08:50:26 GMT
content-type: image/gif
last-modified: Fri, 27 Sep 2024 04:56:44 GMT
server: nginx

GET
H2 200 logo.png
shu-sa3.sh1niaoduoo.cfd/images/ 10 KB
10 KB 245ms
243ms Image
image/png 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shu-sa3.sh1niaoduoo.cfd/images/logo.png

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

87e139d101ba448d97074f7d79323175b3c9196ec4708b2678a03c003f27430c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"67346cd9-2743"
expires: Thu, 19 Dec 2024 08:50:25 GMT
date: Tue, 19 Nov 2024 08:50:25 GMT
content-type: image/png
last-modified: Wed, 13 Nov 2024 09:09:45 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 getShouyeList Show response
j-32a.yypayyhi.xyz/api.php/bai/ 41 KB
31 KB 1597ms
543ms XHR
application/json 103.46.184.35
LNL-AS-AP Liberal...

General

Check archive.org

Show headers Download Go to

Full URL

https://j-32a.yypayyhi.xyz/api.php/bai/getShouyeList

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.46.184.35 , Hong Kong, ASN152918 (LNL-AS-AP Liberally Network LLC, HK),

Reverse DNS

undefined.hostname.localhost

Software

nginx /

Resource Hash

73bddb097e4631a3702e1770003436174054297c567f65eb1b2a0f318b6ce4ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Accept: */*
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
date: Tue, 19 Nov 2024 08:50:26 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx
access-control-allow-headers: x-requested-with, content-type

GET
H2 200 getTcList Show response
j-32a.yypayyhi.xyz/api.php/bai/ 3 KB
3 KB 1368ms
315ms XHR
application/json 103.46.184.35
LNL-AS-AP Liberal...

General

Check archive.org

Show headers Download Go to

Full URL

https://j-32a.yypayyhi.xyz/api.php/bai/getTcList?currentPage=1&dlx=1&lx=1

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

103.46.184.35 , Hong Kong, ASN152918 (LNL-AS-AP Liberally Network LLC, HK),

Reverse DNS

undefined.hostname.localhost

Software

nginx /

Resource Hash

58de9deedbee2224201239cc1171c74ddea0ae7bb63d4149eeac348629def909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Accept: */*
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
date: Tue, 19 Nov 2024 08:50:26 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx
access-control-allow-headers: x-requested-with, content-type

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 335ms
335ms Image
image/gif 183.240.98.228
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=4365F29338E6FAB9&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-ca&lo=0&rnd=1439974230&si=a6bf47304472ba8549019d19cdecc9bf&v=1.3.2&lv=1&sn=47246&r=0&ww=1600&u=https%3A%2F%2Fshu-sa3.sh1niaoduoo.cfd%2F%23&tt=%E9%8F%83%E7%8A%B3%E7%88%A3%E6%A3%B0%E6%A8%BB%E6%9E%83%E5%A6%97%EF%BF%BD

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Tue, 19 Nov 2024 08:50:26 GMT
Content-Type: image/gif
Server: apache

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 385ms
385ms Image
image/gif 183.240.98.228
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=4365F29338E6FAB9&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-ca&lo=0&rnd=968142519&si=8228db5df5e5fea7ee84bc6bfc4925a7&v=1.3.2&lv=1&sn=47246&r=0&ww=1600&u=https%3A%2F%2Fshu-sa3.sh1niaoduoo.cfd%2F%23&tt=%E9%8F%83%E7%8A%B3%E7%88%A3%E6%A3%B0%E6%A8%BB%E6%9E%83%E5%A6%97%EF%BF%BD

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Tue, 19 Nov 2024 08:50:26 GMT
Content-Type: image/gif
Server: apache

GET
H2 200 dkdt.gif
tupianfangpingbi.91434.icu/images/ 196 KB
196 KB 277ms
93ms Image
image/gif 23.225.0.34
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tupianfangpingbi.91434.icu/images/dkdt.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.225.0.34 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: openresty /
Resource Hash: 17f06b591382030e0bbdffe9e95f8005f9bcca40924688b67c359b79f58a1cac

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

expires: Thu, 19 Dec 2024 08:50:26 GMT
cache-control: max-age=2592000
date: Tue, 19 Nov 2024 08:50:26 GMT
content-type: image/gif
server: openresty

GET
H2 200 close.png
shu-sa3.sh1niaoduoo.cfd/images/ 1 KB
1 KB 239ms
239ms Image
image/png 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shu-sa3.sh1niaoduoo.cfd/images/close.png

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),

Reverse DNS

Software

nginx /

Resource Hash

0fd15ed6689a246741e8803efb7ac0051d3707f0ed219ef174b023197c322da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"667911b2-426"
expires: Thu, 19 Dec 2024 08:50:26 GMT
date: Tue, 19 Nov 2024 08:50:26 GMT
content-type: image/png
last-modified: Mon, 24 Jun 2024 06:26:58 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 yphf.gif
tu-tu1.tuyitu456.cfd/bz/ 159 KB
159 KB 84ms
84ms Image
image/gif 192.74.242.167
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tu-tu1.tuyitu456.cfd/bz/yphf.gif

Requested by

Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.74.242.167 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

leetu.archivemotherinlaw.com

Software

nginx /

Resource Hash

18feeb46049e188ab9d60ff134af04864f870f46985922bc18a58a7e3e51f386

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
content-encoding: gzip
etag: W/"66f2d350-27af2"
expires: Thu, 19 Dec 2024 08:50:27 GMT
date: Tue, 19 Nov 2024 08:50:27 GMT
content-type: image/gif
last-modified: Tue, 24 Sep 2024 14:57:20 GMT
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK 960-100.gif
cc777img.dqsldz.com/i/2024/11/13/ 122 KB
122 KB 304ms
304ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/11/13/960-100.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: fa55d62491e5bacd45a5769249e495bac7982afae10364b4ceacafda9237b498

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "6734a13b-1e6f9"
Age: 500835
nginx-hit: 1
Expires: Fri, 13 Dec 2024 13:28:18 GMT
X-CCDN-REQ-ID-46B1: 417a45234d39dc0d6af2314bff77a2db
Date: Tue, 19 Nov 2024 08:50:28 GMT
Content-Type: image/gif
Last-Modified: Wed, 13 Nov 2024 12:53:15 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
x-hcs-proxy-type: 1
Connection: keep-alive
X-CCDN-CacheTTL: 2592000
via: CHN-LNdalian-AREACUCC1-CACHE56[2],CHN-LNdalian-AREACUCC1-CACHE40[0,TCP_HIT,0],CHN-TJ-GLOBAL1-CACHE42[4],CHN-TJ-GLOBAL1-CACHE40[0,TCP_HIT,2],CHN-HElangfang-GLOBAL6-CACHE45[640],CHN-HElangfang-GLOBAL6-CACHE71[624,TCP_MISS,637]
X-CCDN-Expires: 2091169
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 124665
Server: openresty

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241117/jlLe0lSC/ 78 KB
78 KB 767ms
113ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241117/jlLe0lSC/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 7881aea15f2b9e91586a76d10e589d0de66dfa1498870049b7149523f4f29d8f

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "6739be84-1363d"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 79421
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/jpeg
Last-Modified: Sun, 17 Nov 2024 09:59:32 GMT
Server: nginx

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241117/IQJqsmGQ/ 42 KB
42 KB 771ms
114ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241117/IQJqsmGQ/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: df92b5a67db4967ab6e262024ac8111348ef8eceb28587d083612833ab9de7f0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "6739beeb-a711"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 42769
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/jpeg
Last-Modified: Sun, 17 Nov 2024 10:01:15 GMT
Server: nginx

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241117/BcZWAVHj/ 41 KB
41 KB 769ms
114ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241117/BcZWAVHj/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 2c723057524be5b0ed2f97b4162e06e3db124a4b323bab4c0fd18db17ba79ebb

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "6739be83-a356"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 41814
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/jpeg
Last-Modified: Sun, 17 Nov 2024 09:59:31 GMT
Server: nginx

GET
H/1.1 200
OK 630-360.gif
cc777img.dqsldz.com/i/2024/11/13/ 236 KB
237 KB 306ms
306ms Image
image/gif 218.60.100.169
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc777img.dqsldz.com/i/2024/11/13/630-360.gif
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 218.60.100.169 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 32b55f0bb9292978684f53eff5e2f91b8cb816f0876d4957bce036f5cf3f3de5

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

ETag: "6734a13b-3b0a4"
Age: 498700
nginx-hit: 1
Expires: Fri, 13 Dec 2024 13:35:14 GMT
X-CCDN-REQ-ID-46B1: 77899b9c37fe99b4fcaf2ab74b904338
Date: Tue, 19 Nov 2024 08:50:28 GMT
Content-Type: image/gif
Last-Modified: Wed, 13 Nov 2024 12:53:15 GMT
Vary: Accept-Encoding
Cache-Control: max-age=2592000
X-CCDN-Expires: 2093300
Connection: keep-alive
x-hcs-proxy-type: 1
via: CHN-LNdalian-AREACUCC1-CACHE10[6],CHN-LNdalian-AREACUCC1-CACHE59[0,TCP_HIT,3],CHN-TJ-GLOBAL1-CACHE71[11],CHN-TJ-GLOBAL1-CACHE59[0,TCP_HIT,9],CHN-HElangfang-GLOBAL6-CACHE80[9],CHN-HElangfang-GLOBAL6-CACHE84[0,TCP_HIT,7]
X-CCDN-CacheTTL: 2592000
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 241828
Server: openresty

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241117/PDr2dBWf/ 47 KB
47 KB 775ms
116ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241117/PDr2dBWf/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 3e58195b98a484643edd50a9de661d4d8db05f4aaf9db8eec4bf38eb7fe340fd

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "6739be89-ba64"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 47716
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/jpeg
Last-Modified: Sun, 17 Nov 2024 09:59:37 GMT
Server: nginx

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241108/z32QmKIT/ 45 KB
45 KB 770ms
113ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241108/z32QmKIT/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: cf2528fda71b3c7f9a8bad2f1a44ddf13364ebbcf406667bb7c359a2f4b86d8a

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "672e9efa-b3cf"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 46031
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 08 Nov 2024 23:30:02 GMT
Server: nginx

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241108/sxlYQUMy/ 37 KB
37 KB 652ms
114ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241108/sxlYQUMy/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 8a0bcdacad5c5e4dbedc6cf9485d859d945b33db9700af5029fe722773616a49

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "672e9f6b-93b4"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 37812
Date: Tue, 19 Nov 2024 08:50:27 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 08 Nov 2024 23:31:55 GMT
Server: nginx

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241108/IAYHOlO7/ 44 KB
44 KB 102ms
102ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241108/IAYHOlO7/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 2a7d72cdab59beb58bc3dae36468a8aed77703a53cffa1675b1cfa710f68aace

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "672e9ef9-aee3"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 44771
Date: Tue, 19 Nov 2024 08:50:28 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 08 Nov 2024 23:30:01 GMT
Server: nginx

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241108/7umbsfdc/ 58 KB
58 KB 111ms
111ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241108/7umbsfdc/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: f03e32bc7df7f4f5a7d3a15a172cd5e9da9579924a06ae1810c2ce4cfbbf588b

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "672e9efa-e60a"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 58890
Date: Tue, 19 Nov 2024 08:50:28 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 08 Nov 2024 23:30:02 GMT
Server: nginx

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241108/hNgq678R/ 97 KB
97 KB 105ms
105ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241108/hNgq678R/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 0eb1b0a98cadf85815aefced17cdf0fdc390593f1824d6aacf94f917a085120c

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "672e9efa-183e8"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 99304
Date: Tue, 19 Nov 2024 08:50:28 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 08 Nov 2024 23:30:02 GMT
Server: nginx

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241110/xqLzZ0tS/ 77 KB
78 KB 104ms
103ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241110/xqLzZ0tS/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 5d1ec1fa649128984d17782b7765ee30010d3c629851154a1395f19b4fe528c4

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "67316b73-1357e"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 79230
Date: Tue, 19 Nov 2024 08:50:28 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 11 Nov 2024 02:26:59 GMT
Server: nginx

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241110/FRXOElz3/ 47 KB
47 KB 102ms
102ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241110/FRXOElz3/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 366558545d87f9cf79ca8fdc0793c5b812400cbd01adc0b44d554d6c7f938a83

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "67316b7d-ba70"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 47728
Date: Tue, 19 Nov 2024 08:50:28 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 11 Nov 2024 02:27:09 GMT
Server: nginx

GET
H/1.1 200
OK 1.jpg
uqetyzxa.com/20241110/D1fBWdMN/ 50 KB
50 KB 110ms
109ms Image
image/jpeg 64.112.78.82
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uqetyzxa.com/20241110/D1fBWdMN/1.jpg
Requested by: Host: shu-sa3.sh1niaoduoo.cfd
URL: https://shu-sa3.sh1niaoduoo.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 64.112.78.82 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 067268eaf8771effbb206cea35a4d4ddb7c98e696df199482aee61909c14013f

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

Cache: HIT
Cache-Control: public, max-age=15768000
ETag: "67316b7e-c7ca"
Connection: keep-alive
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 51146
Date: Tue, 19 Nov 2024 08:50:28 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 11 Nov 2024 02:27:10 GMT
Server: nginx

GET
H2 404 favicon.ico
shu-sa3.sh1niaoduoo.cfd/ 138 B
218 B 241ms
240ms Other
text/html 154.213.28.32
HIITL-AS-AP Hong ...

General

Check archive.org

Show headers Download Go to

Full URL: https://shu-sa3.sh1niaoduoo.cfd/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.213.28.32 Hong Kong, Hong Kong, ASN136950 (HIITL-AS-AP Hong Kong FireLine Network LTD, HK),
Reverse DNS
Software: nginx /
Resource Hash: 301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.31 Safari/537.36
Referer: https://shu-sa3.sh1niaoduoo.cfd/

Response headers

content-length: 138
date: Tue, 19 Nov 2024 08:50:28 GMT
etag: "67306dc6-8a"
content-type: text/html
server: nginx

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shu-sa3.sh1niaoduoo.cfd/	1970-01-21 09:52:22	Name: Hm_lvt_a6bf47304472ba8549019d19cdecc9bf Value: 1732006226
.shu-sa3.sh1niaoduoo.cfd/	1969-12-31 23:59:59	Name: Hm_lpvt_a6bf47304472ba8549019d19cdecc9bf Value: 1732006226
.shu-sa3.sh1niaoduoo.cfd/	1969-12-31 23:59:59	Name: HMACCOUNT Value: 4365F29338E6FAB9
.hm.baidu.com/	1970-01-21 10:42:46	Name: HMACCOUNT_BFESS Value: A9E7EDFEE16342D8
.shu-sa3.sh1niaoduoo.cfd/	1970-01-21 09:52:22	Name: Hm_lvt_8228db5df5e5fea7ee84bc6bfc4925a7 Value: 1732006226
.shu-sa3.sh1niaoduoo.cfd/	1969-12-31 23:59:59	Name: Hm_lpvt_8228db5df5e5fea7ee84bc6bfc4925a7 Value: 1732006226

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shu-sa3.sh1niaoduoo.cfd/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

333tt999cc.com
777tt333cc.com
777tt555cc.com
cc777img.dqsldz.com
hm.baidu.com
images.2957087.com
img.251195.com
imgpublic.ycomesc.live
j-32a.yypayyhi.xyz
kk555777kk.com
pic1.zhimg.com
qpao1011.com
shu-sa3.sh1niaoduoo.cfd
static.wixstatic.com
tu-tu1.tuyitu456.cfd
tupianfangpingbi.91434.icu
uqetyzxa.com
103.46.184.35
104.160.179.195
104.160.179.249
104.18.13.188
108.138.128.38
108.138.128.63
124.243.146.25
154.213.28.32
156.243.7.79
183.240.98.228
192.74.242.167
218.60.100.169
23.225.0.34
43.152.183.74
64.112.78.82
0018c93b3d14f0f6940e6718832b7a885f97db214383eae2e4cef2801d7957cc
066de3addfef3bdba3b1d9eefba21906fd3f682b868162bbda0963f7c08ea430
067268eaf8771effbb206cea35a4d4ddb7c98e696df199482aee61909c14013f
0eb1b0a98cadf85815aefced17cdf0fdc390593f1824d6aacf94f917a085120c
0fd15ed6689a246741e8803efb7ac0051d3707f0ed219ef174b023197c322da1
1292dba782f0b968ecbf08c188877a0bd6cfa4bc47306c27b5c9d0f4b2b1fd76
17f06b591382030e0bbdffe9e95f8005f9bcca40924688b67c359b79f58a1cac
18feeb46049e188ab9d60ff134af04864f870f46985922bc18a58a7e3e51f386
1b98a24e96fd2c598025b19a571c5ad98ffb9be55c7f927d9e55f5156666fbc0
1c906a1addeb1465b50762387e5b3f123f564052b1fb2aa0e427eb30e3885b89
2401a2ef2a079e24bac995eecc874782a5b19ce59a3df5532865dd6d4cad4cc4
2426d7c7f0b4642d2ff76822c538917cca6b4dc26aee76e52b6ddfca5442f90b
2a7d72cdab59beb58bc3dae36468a8aed77703a53cffa1675b1cfa710f68aace
2c723057524be5b0ed2f97b4162e06e3db124a4b323bab4c0fd18db17ba79ebb
2d7c965e69ff1772670354bfa51ffc3c3d7c5dff0ffb26ce1c2fd6c129d3f1e5
301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f
32b55f0bb9292978684f53eff5e2f91b8cb816f0876d4957bce036f5cf3f3de5
366558545d87f9cf79ca8fdc0793c5b812400cbd01adc0b44d554d6c7f938a83
3d7ac8a514170fd0981f29a4f9f5726522165c8208b464fd5819023195c3a83f
3e58195b98a484643edd50a9de661d4d8db05f4aaf9db8eec4bf38eb7fe340fd
463103ded60e3424fd4ad384274e3ab726905273cfc71baeb95f9e76f0eefce5
471a85194f818955b755b792550f392fc00b309d2e819bd8725d78ec627bb7e5
545dc6151a8c4db35c4c3feaabba4ed0ef56564b66ffb387a9f0d43bd405a90e
58de9deedbee2224201239cc1171c74ddea0ae7bb63d4149eeac348629def909
5a99be32f75bcacf7bab63189ee58b031d2d4976bed436b762a2db79f37215e0
5d1ec1fa649128984d17782b7765ee30010d3c629851154a1395f19b4fe528c4
5fdda7f916fcff44564be8eff12c2b0d983ff815dd853b8d27ee76ded8ffbae2
63a13891e95d4d4894bf7d6681eed3447b0a555b70173079b81de75cb3348a8a
65ce8a550a9e81b503eabcd414a9bc9757f92d21ce8ff574ffcfcb5da6a668d2
65e71a95cfe4f38768bfed67628342e547109c5767e516cbe33efd93aab33796
73bddb097e4631a3702e1770003436174054297c567f65eb1b2a0f318b6ce4ef
7881aea15f2b9e91586a76d10e589d0de66dfa1498870049b7149523f4f29d8f
79617569efec0775a501c35e799472aca4a99b806e73c6c8a33ca97c24176b8d
7e02c082fedfc821a8a51fe004dab6896dd928876a21ccac8675142c2e2f7b1f
7e24f432d132345eed16ab2bfb6725d1375f6c6cb4fe13bb9b5b007e40d557ca
87e139d101ba448d97074f7d79323175b3c9196ec4708b2678a03c003f27430c
8a0bcdacad5c5e4dbedc6cf9485d859d945b33db9700af5029fe722773616a49
8aabc04551c9ac6f90015d382ff43f2dc650ea9eb34e7eb00a1e6be92a6ae407
8c88edbb7788c82503c6c6af90c59c04de0f864d29103d314437f3b39a6cc0da
92695f12f5d5297aae04ceb9cc9178ea9cfc58c32fa6b90ab80fbd0fd294e90b
94ea12348e9cdab8dfcf76c668a2ce248be4adfbb0a0404facba28f18504c9f6
9745fae25cb21781675a11b1be074efe5e77f458b12d481e1968a3dfd94384ef
a807d66069eebc6557c76ef72e981bcc386ed72f8ce17adb3cbaab8fa772d02e
a999d03d4ebc4f70e229223cf57eaa3745440ad6da3815e2fb44a1ea9979777b
aee9e24f5a42afd33ce19da938d523f46f542ccea0626a18abf6b3b250bf0808
bf5e29f5b73db03ff11b5f76435610676b13859bae26c8baf279a5b0a9ab05fb
c75f5760a170f7057a0f98292236de6ccaa4c1227be309b91fc3b4d73346f8b3
c8fb56bb0d5c432c67e3757f531a83b38e67dfbd6579b4eea0fd229a5ff2bcce
ca5ada5bab699078f3ecdb2a2b569bcef9b8b34f6773d2197c0658a55fad5d25
cf1ecec7938a12533abacd2f07d2229816d255ca3af6061cb6bdcb988393e7b9
cf2528fda71b3c7f9a8bad2f1a44ddf13364ebbcf406667bb7c359a2f4b86d8a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfdc0aaf6f9ad38019c42e95d0477fd24257575a0ac0878d2160956c9a9433d7
d521d8b46aa1a45768f3215b94a01d760956dd9efe3c0274a3e2cddd6647f2ca
df92b5a67db4967ab6e262024ac8111348ef8eceb28587d083612833ab9de7f0
e530270468ba43e24231794ec9b4193d03749318d6449e076408fe0bce4f689f
eba8243051339456fed8f7767ae87a2b37199b83c21a6ea76c18254fa4959f66
ebcb4e6e13e227dea307688b47c9d659e04928434dfd5306a3ff05970683fbbe
f03e32bc7df7f4f5a7d3a15a172cd5e9da9579924a06ae1810c2ce4cfbbf588b
f6dba1fd7647e8371fea0aff37b1cff06a535ea0ad9d83a8c851afc4170946dc
f952b07e3b51680c16ab659dee3ce5619c1b900f8619d39dbdaffedd455ae932
fa55d62491e5bacd45a5769249e495bac7982afae10364b4ceacafda9237b498
fb44e03afa7ba31ac439516c4e21fb21e04db2f1b1f15453e26a320f098b5364
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

shu-sa3.sh1niaoduoo.cfd Open in urlscan Pro 154.213.28.32 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

67 %HTTPS

0 %IPv6

17 Domains

17 Subdomains

14 IPs

5 Countries

6564 kBTransfer

7270 kBSize

6 Cookies

8 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shu-sa3.sh1niaoduoo.cfd Open in urlscan Pro
154.213.28.32 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

67 %
HTTPS

0 %
IPv6

17
Domains

17
Subdomains

14
IPs

5
Countries

6564 kB
Transfer

7270 kB
Size

6
Cookies

66 HTTP transactions
0 data transactions