www.hhyytt99.com Open in urlscan Pro
2606:4700:3034::ac43:baa3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hhyytt99.com/
Effective URL:
https://www.hhyytt99.com/
Submission: On June 05 via api (June 5th 2023, 8:13:31 am UTC) from CN — Scanned from DE

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 6 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3034::ac43:baa3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hhyytt99.com.
TLS certificate: Issued by R3 on May 23rd 2023. Valid for: 3 months.

This is the only time www.hhyytt99.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	2606:4700:303... 2606:4700:3034::ac43:baa3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
12	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	2600:9000:223... 2600:9000:223f:4c00:7:6012:9880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:7600:11:9be7:da80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
1	35.213.89.133 35.213.89.133	15169 (GOOGLE) (GOOGLE)
1	18.235.134.96 18.235.134.96	() ()
1	119.63.198.143 119.63.198.143	() ()
1	119.63.198.188 119.63.198.188	() ()
49	10

25 2606:4700:3034::ac43:baa3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.hhyytt99.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:4c00:7:6012:9880:93a1 (United States)

ASN16509 (AMAZON-02, US)

asset.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7600:11:9be7:da80:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2cli4kgl5uxre.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.213.89.133 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 133.89.213.35.bc.googleusercontent.com

trace.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.134.96 (None, )

ASN- ()

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.143 (None, )

ASN- ()

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.188 (None, )

ASN- ()

rlog.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	hhyytt99.com 1 redirects www.hhyytt99.com	1 MB
16	popin.cc api.popin.cc — Cisco Umbrella Rank: 23778 asset.popin.cc — Cisco Umbrella Rank: 274014 trace.popin.cc — Cisco Umbrella Rank: 2995 log.popin.cc rlog.popin.cc	82 KB
6	mediago.io trace.mediago.io — Cisco Umbrella Rank: 1159	637 B
1	treasuredata.com in.treasuredata.com	559 B
1	cloudfront.net d2cli4kgl5uxre.cloudfront.net	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 70	45 KB
49	6

	Domain	Requested by
25	www.hhyytt99.com	1 redirects www.hhyytt99.com asset.popin.cc
12	api.popin.cc	www.hhyytt99.com api.popin.cc
6	trace.mediago.io	www.hhyytt99.com
1	rlog.popin.cc
1	log.popin.cc
1	in.treasuredata.com	api.popin.cc
1	trace.popin.cc	www.hhyytt99.com
1	d2cli4kgl5uxre.cloudfront.net	asset.popin.cc
1	asset.popin.cc	www.hhyytt99.com
1	www.googletagmanager.com	www.hhyytt99.com
49	10

This site contains links to these domains. Also see Links.

Domain
line.me

Subject Issuer	Validity	Valid
www.hhyytt99.com R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2022-09-23` - `2023-10-24`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.mediago.io GlobalSign GCC R3 DV TLS CA 2020	`2023-01-13` - `2024-02-11`	a year	crt.sh
trace.popin.cc GTS CA 1D4	`2023-04-22` - `2023-07-21`	3 months	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-02-21` - `2023-09-16`	7 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.hhyytt99.com/
Frame ID: B597D197057BFB66BAC9380BD97851B4
Requests: 46 HTTP requests in this frame

Frame: https://www.hhyytt99.com/static/awx.png
Frame ID: 20EF24865EDE3652074841BCC2BD607C
Requests: 2 HTTP requests in this frame

Frame: https://api.popin.cc/iframe/piuid.html?ac=piuid&t=15009898
Frame ID: EB23FF9FE07F11C38DD1653F33CFF261
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

大叔玩股票僅僅一年就賺破千萬！選股關鍵是這個...

Page URL History Show full URLs

http://www.hhyytt99.com/ HTTP 301
https://www.hhyytt99.com/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

10
Subdomains

10
IPs

3
Countries

1357 kB
Transfer

1656 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://line.me/ti/p/bWJZkWMPOn
Title: 點擊添加陳澤坤老師的LINE領取飚股

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hhyytt99.com/ HTTP 301
https://www.hhyytt99.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.hhyytt99.com/
Redirect Chain

http://www.hhyytt99.com/
https://www.hhyytt99.com/

18 KB
6 KB

143ms
73ms

Document
text/html

2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhyytt99.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e79db979b6554b2288530343e7c33613184fd35deac4aae74a49ae39b6aaaaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7d26f4b67a14bbe9-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 05 Jun 2023 08:13:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDgpUkSNDjm%2BkxIAheZIpGfQ3z1oVF0WN%2BiDimHA6CGoXwesOco%2Fbqp%2BaVNYnX%2F3cuiYgr%2FUJXyUfb14d5isIhEJbFG6iEmeu%2Fq4884mTH8RorjM%2FO7AfiaE5xkfOE40zuTIE7FlQdtwrkyTmcCC"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

CF-RAY: 7d26f4b5cdca9a00-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 05 Jun 2023 08:13:22 GMT
Expires: Mon, 05 Jun 2023 09:13:22 GMT
Location: https://www.hhyytt99.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k0%2FPyd0vWif5fydwebt7fObeOxiV5r96AeCHMJWa04ACLFbCb59pC0VXkDPonoQ%2Fb4JJbjaKlNV8vrGkRp78jr6EDK0zI7VuaMqHQRzQ5lbX%2FsKiMWZMEyKsZdMNhvHmTTtQAsF2%2BywE39Z6V3sF"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-2.1.4.min.js Show response
www.hhyytt99.com/static/ 82 KB
30 KB 111ms
110ms Script
application/javascript 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhyytt99.com/static/jquery-2.1.4.min.js

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"978e4c0365a426c5f28643645f07b9c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmtLXdNeTEesl7HQqOB9%2FdaUtO2FlmtPOHs4ACl0YYANthwRlc1LnO8uUEossxoGh4vWp%2F3EaLtnKjp%2FFrTNekU%2FGogomVNY2nQQDiEbG%2BwtaHXPwyssvouD%2BB9RlfrL9Ty4McXfA%2BQGxHJA0m4d"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d26f4b6faa6bbe9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 style-ccbae81b21.css
www.hhyytt99.com/static/ 8 KB
2 KB 118ms
117ms Stylesheet
text/css 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhyytt99.com/static/style-ccbae81b21.css

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057bc25f6416b83dcf8bd8aca991f42a9443c1677056d410c79aee94a568b25c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"7f90bb65bc4d7ab0f614cb97f7bdd95d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opBMaQ0lMmELjyb4m%2BPGrqhhYxJxNEMLVYHMrqQUg%2FN%2Bsti0BjEN1VR8mGbZFJ3Ywzw1dyc5lvH9yK9O1fv0GVakCYLUkY%2F5Qdv2AC8Xa9XojSrb%2FRZSHJ4S4vfPHgL8HfnXt6PNCx9rb55uFxDP"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d26f4b6faa8bbe9-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 znwx.css
www.hhyytt99.com/static/ 2 KB
1 KB 117ms
116ms Stylesheet
text/css 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhyytt99.com/static/znwx.css

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc1f4e667bc50e72363fbf6d9184c0684bfe2c5d050234edb13f1b6379e1d638

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
etag: W/"9f9628587d0fd42e9a96f003643bb201"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzDJ1DTU%2BlMdSVpwVR89lsmiBlyVBllYpuV1GG%2FXmv7Z7zFLrSAnroWsEX6V1Ic%2FlKrEHUy%2Bx9AsbNMxxqGnGu0eHJT0hImk7TfjKdafbG2WZohCvNmNXEcmdeiAivvAnC8DXpO1n47Co60THUkS"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
cf-ray: 7d26f4b6faa9bbe9-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 awx.png
www.hhyytt99.com/static/ 497 B
1006 B 135ms
134ms Image
image/png 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/awx.png

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ae361ed02c8acd0cbe4eecc172be849c9dccdac22a5f601ad3b3321eeb5045

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 497
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "f46c5208d2430fedbecc79e1f5ad58e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BH5hRTFzEoIwJObKIvCqEoy0PjvhNfj1PWoLHuCa0PgxxdkFIHg4mIbpPY%2B03Np9SoZJIzvgxMnYIsjFCG2UTG9Nak1lF%2Bw%2Bn85aZgvbN6yFYr3zJjSDBJX6zmc7sE7ZMd4FNPqa%2FBwtZgC51LU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b7bc9a9b8e-FRA

GET
H3 200 znwx1.png
www.hhyytt99.com/static/ 14 KB
14 KB 112ms
111ms Image
image/png 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/znwx1.png

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6e7cdd106c060736f6f54587e98e40e4709a27e688b7c635efcc2bc69d9584c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13859
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "0e3823c36b0a5ccfd9982497c4db4450"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0MJFEIe3sHlqn3HBQNqoxXYCehVxDeHNXAoEO9ppab%2B8SMLGlJxyHFZ9YIS3GVaMHq%2FTM%2FmFJAvcufFhXVpo4caRN2fzCy2Uho%2FMj3kFHc9NjEctVnbx8cfbfshbNlKunKTnAsBNiXoSBZ%2FIEvGC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b7bc9f9b8e-FRA

GET
H3 200 yahoo_logo.jpeg
www.hhyytt99.com/static/ 59 KB
60 KB 226ms
224ms Image
image/jpeg 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/yahoo_logo.jpeg

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4070180ca01fd8aa387cc548a9143d6e2b713a496d7ace0ee2fd30a627cf62f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 60637
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "def6f67dfb31be4321654079a6a40f94"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fh1EkJugvavJAKlZIooZmfnQDcUs3MxV2zS2SSEFFh2ArGMRQImvayUY0FQFSPfIQivVLqEf%2FoC5unKV1OjiaWNzqs19QkpccWpOVUeC0udwxV%2FiNezOlJtau5945eKXOPUfbWvlU0MBv0WUP7hI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cdf9b8e-FRA

GET
H3 200 16.png
www.hhyytt99.com/ 574 KB
575 KB 181ms
177ms Image
image/png 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/16.png

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27589a133dca37ea84ea4433ad76553f3cb3f01f1b7dc40aa7167e0b67ad6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 587971
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "17d4e8db761d9d623f40d85f1c895cd2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUwi441XGmJecCbmJWi1tmCCfcsh0VQhMDxN2Iy81yhVlIJD5yNumIVRVYgDbFK6KiH3GlkVGreTqSe6NINJbgfwAOpcn%2BCOzgwcrPsao61Q5pIvuRHfEimf52EhjHiPTGYpbxkVaVRfwVo37lqz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80ce69b8e-FRA

GET
H3 200 4.png
www.hhyytt99.com/ 237 KB
238 KB 152ms
148ms Image
image/png 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/4.png

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43bedc763bd22cf3e81cdfe0c4cd73aa75552599fd2ea8862c1a7e28cb2005f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 242595
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "d225ed29df9544611f1fe00c8543266e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBKqw302ncwE7gvT3ZnA%2BHHVjt3Tr49iQnsmGq2vw9pWDwETx0q%2FkSjCSFAVb075MdtJbZ%2FjSSJpQAfZjPqfQ5vkvCFhXnUy5IjpXeT9Mkk37R9G8MeLm7IWMXGN4wVMo4DI%2FCr4tTLqtEc0pdEE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80ce79b8e-FRA

GET
H3 200 5.png
www.hhyytt99.com/ 49 KB
50 KB 134ms
130ms Image
image/png 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/5.png

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da4aa7d401ac5af5e7158677f94c3fa62404321686b8e09bccae12047eecf49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 50510
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "230ffd18d2d61129e4b6cb95fc267bae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edURXMr1uh9Lx4lrcZ0Q61ExWXVSe78GLPFnDB7qcTnUSqSwigzhK58laf5kj5C3HNy%2FwFYB8dLY1%2FTlkszjdu4Qymu8TqJHjkNtIx7%2Fply5LpGuW3jleO%2F1iWlXHskB%2FX%2BgMbSmB7g1elsJ241%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80ce99b8e-FRA

GET
H3 200 t5.png
www.hhyytt99.com/ 18 KB
19 KB 155ms
150ms Image
image/png 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/t5.png

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6b51d3e2d86cf501a7cd05656d9f784b6bbeceec883b4d0d533485bac077499

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 18583
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "a92e0a61ea7643e27a9bfbad94ef31b6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8Fw9AkJ3lfF0BfLGQjfGzd3VwApkq%2FOEof9z2JG%2Bmh4KhUkLBmK5Mwc18sd9WMkiCVyWxc6HQPN0Y6M2HJSiNqu7hrno8qwkr4XgSkSjEZhjB0yHrT%2BB%2Bz1M89U%2Bwi9kyMWLKvfztnFdE%2BFp6RQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cea9b8e-FRA

GET
H3 200 icon1.png
www.hhyytt99.com/static/ 977 B
1 KB 260ms
256ms Image
image/png 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/icon1.png

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e35c989574033d52feb3720a5c4c7259693b0685c381525c89cdd01f21ed0b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 977
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "365caeab0feabda5f8281d6f1ed4d18a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hUmgK%2BOz6eaNpaZI8skppC1V0VQWZ%2BxHw%2BWOpSkS9zUwg3n%2F%2FqHuxfeVocr9nx9BTVuoBQqX5ASYIYy8VIppOQQcRQdRqjFEhr4XctUG4ouZwP6P1s3d0D6COEiTUUMG1Rzbhy3OC%2F%2F9nlw6HVc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cec9b8e-FRA

GET
H3 200 TB2cCRGXX6.jpeg
www.hhyytt99.com/static/ 21 KB
21 KB 260ms
256ms Image
image/jpeg 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/TB2cCRGXX6.jpeg

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62535fcf821d91966a7b8124368442296dfdf03d570a00ea182ad2efc2123b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21104
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "a9a0bd8b89889d7dfa60c8180a717bc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcrNrq6Vr%2FtQWoQiyDuRJHn654ZGJUTpItVYxtVnmNqTK8eyTlySsUk5vpb1%2BD9aUAa3E68yG8OTkgql3a5WRiVXPG65iq6wyjmLNzL7AZqcukg%2F5UpYSfgrnERJsB50LLXkvRBJcZi0KLXINhY3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80ced9b8e-FRA

GET
H3 200 icon2.png
www.hhyytt99.com/static/ 2 KB
2 KB 262ms
258ms Image
image/png 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/icon2.png

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e09c8a822d9759654324f9e66dfb1a7225d5f04c2e9bb0ac02cd4134c6d5142

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 1603
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "42515743d67872fdf47dd92ad472a09e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSjDUTyiGsZ7QH8v1ud9zIo01j%2FPbRHzcWu6RvDOvzsWyAL2HiEx6Y0Bi9DFXZ%2FO7bvRJJ5RgZDMigrGchwOcdHDKvVhnqer273CKlzqNjx3FRH0HlUOtrssyOK2dUcwtobkWSoJt5RgPDBYUVzz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cee9b8e-FRA

GET
H3 200 TB2iI4wXbT8F1Jjy0FgXXX3fpXa_255369570.jpeg
www.hhyytt99.com/static/ 4 KB
5 KB 262ms
259ms Image
image/jpeg 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/TB2iI4wXbT8F1Jjy0FgXXX3fpXa_255369570.jpeg

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97fdbc7fb314f0135385a3ff25ce4c1789a5c53bc3f8d67e9aef313d0fff7849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4357
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "578a6ba651910cb9b8d1a43c3ebd0cbf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caqPMWIQXzhz67IfnZMYyCrpv3%2FWYf4oVmgq2NgC0K6NNrXaL99Cmyi88dplvKj5p5BqfbfjJuIL3gffFEqflQx8Z1nv8GlFhrvTaRThRWFIsOIORSsM%2FkUMoBwLzkMP3su1ExrejyJsRw1d7%2F1Z"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cef9b8e-FRA

GET
H3 200 TB2pGBwXgL8F1JjSsphXXXknVXa_255369570.jpeg
www.hhyytt99.com/static/ 20 KB
21 KB 264ms
260ms Image
image/jpeg 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/TB2pGBwXgL8F1JjSsphXXXknVXa_255369570.jpeg

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

140bc8a209c2387a1f952237274e5a5fea1d04e6594c395a9f108397abadf1dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 20498
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "3a82f93b45a5eb76b9e4f0200d7977fb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j65cXElh7kyr4sBysEcL4EIkiUdyxPHjTBhtswt%2FWXCZisAyqDsC7%2BnYehlxNt0jS8JZKeAgOQag28KUT0Z8lC8jQaJaSm%2Fzh9KZKdiGGpdsWdIMdbGBki802m%2FnJhFBpb%2F03ZtRC9bG4hDMbvlN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cf09b8e-FRA

GET
H3 200 TB2JddIXbL9F1JjSZJiXXcDGpXa_255369570.jpeg
www.hhyytt99.com/static/ 33 KB
34 KB 270ms
266ms Image
image/jpeg 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/TB2JddIXbL9F1JjSZJiXXcDGpXa_255369570.jpeg

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2383db2098218650545f1f2d8d4ee1572ce0a0c7fd3750de6005c563d409e383

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 34195
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "cf47fd06d3a59629e93f738593ea245a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFEhX8ObdWNi8%2Fmszkf%2ByKJXotOY0ty%2BMsmtH7op8ZsKn7ce%2B5E%2B9%2F5%2FMscv66UyXSJ506Hsk2%2B5jEg28ivQFmFyc6%2BOF7gXNJyVP651QTaI6FwsXJxgf80RML8hx4PBy01Pf6090h%2FqC4kfeAYR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cf19b8e-FRA

GET
H3 200 TB2Zkx4XdifF1Jjy0FdXXX3dpXa_255369570.jpeg
www.hhyytt99.com/static/ 58 KB
59 KB 271ms
267ms Image
image/jpeg 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/TB2Zkx4XdifF1Jjy0FdXXX3dpXa_255369570.jpeg

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56e8b2382d81051c1a7b0df24c5ee0ee48d0cf68c331267169b56dcc1d3c326e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 59836
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "6a83d6c74e5dbb5417afe9e69edda953"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=009Z2dGl%2FXt%2FXDU2T%2BpTRAwlyEfGVaVK%2B2PQgsaAxUo9GG8kl3yIhNV95je5TP6T%2F3RrvAn9rHgrDDP7X5YObWrIB9Rqt7Mhz87BT1d%2BPp7BLrndcx%2F6Z8dMi20NKeH0ZHUf8GTVGefVP1XqUnzK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cf29b8e-FRA

GET
H3 200 TB2hNlHXm69F1JjSZPiXXXfCXXa_255369570.jpeg
www.hhyytt99.com/static/ 6 KB
7 KB 279ms
274ms Image
image/jpeg 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/TB2hNlHXm69F1JjSZPiXXXfCXXa_255369570.jpeg

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd2d3e378a84eb1a9963949a546134786d5af94ad3d9298f8e38f353cb39d69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6285
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "93936bf3b87d882a3f176c31a3f2b4e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDtik0OEB%2B%2FXI5WkqNo6I%2BZiUSzsl7PzjNK2MJcwTJMq2tB6n96Hq8%2FtWF0M0gphiC0rJ0J7Fq22DX0AU5t47SoWFrO9EN%2BRZg0HNMfthBQDsqAo4WGv2Xv5dHilt1nWEAtP5CAKAYt4VIG0pX%2Fl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cf39b8e-FRA

GET
H3 200 TB2.jpeg
www.hhyytt99.com/static/ 42 KB
43 KB 129ms
124ms Image
image/jpeg 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/TB2.jpeg

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a371a17111be2fa7b901b542cf31b953ec461a693382b8f373cb1729336c8558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 43017
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "4e68fb65e8e43a9ce75d187efc56458c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSr30V30ujHiBWyN1EZXSR4hdCfSvMvfDgau%2BRN9yfU8oCTfDsIx3q669NpJOcDFwZ8P727eEPaiP5nPq954zd6ibQJ7UJ1I48%2B1mTOKbLsAqIaA%2BSrqP4FAMBRRMog4Z%2BLdCNlShwT%2FjRds%2F534"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cf49b8e-FRA

GET
H3 200 TB2c204XoyfF1Jjy0FbXXXSupXa_255369570.jpeg
www.hhyytt99.com/static/ 19 KB
20 KB 107ms
102ms Image
image/jpeg 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/TB2c204XoyfF1Jjy0FbXXXSupXa_255369570.jpeg

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38f36592f7f21ffed2f6b018621b923ebcfdd6821e8f1b5c7017ae6a008d12e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 19582
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "cc74ce02166c822e51c0a0e1e996d6ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYAY7UlwkiGMBhAbndNECyrecDnGbIZwZOAu00QAHixdqSlSFZsVZzDFPuAQgFfSoZZMBnD8b9Z4%2ByBs4AZqC9sEYVa0VcNDl9X9dIyX5NDC0lBCbEE%2B%2BZ%2F6O0JkIhyvvzADLMx%2BiU3OLkGMNI1%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cf59b8e-FRA

GET
H3 200 TB2y.jpeg
www.hhyytt99.com/static/ 5 KB
5 KB 103ms
98ms Image
image/jpeg 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/TB2y.jpeg

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b645368e63d23616aa07334dbf603214dbba6d61a61686214f058762681c5d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4710
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "6457f75fd3dcfe7c35d1e77fdeeda57b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dskwzipyykZBU2bYXj1eqUS6XV9jERY6f%2FiXupaupEO%2By0Ti8Raa9Ck%2F6Mf2I8D9FLCmZuYMFlmCbIgnspxte2WUwUKUjJkpdkWWsnB2u98VbqzF4MsDpw7ZiKLW4xprBgtCvEaoDymV5t123Ron"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
accept-ranges: bytes
cf-ray: 7d26f4b80cf89b8e-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
45 KB 113ms
35ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TRSRTPC

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e9763dd5336d2cd1e878ff557eb85d9972fd1da1048748fc79fab694b52da47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 05 Jun 2023 08:13:22 GMT

GET
H3 404 znwx_icon_1.png
www.hhyytt99.com/static/ 138 B
138 B 279ms
277ms Image
text/html 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hhyytt99.com/static/znwx_icon_1.png

Requested by

Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/static/znwx.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/static/znwx.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:22 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9Tu4beeooVC7Cr3L6JQlGLz4vCAWmqKtLmnUpGjNm64uKlF2MekF4DRnUG6vqlTB30XXXH205tf%2F9PJhr9mkYLLjR6%2BNS9FrS4h50iKlSB7%2BXFnDhWUR98m7O3xO%2Ff54ufxIvRNHvsnaeEo5%2Fyk"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 7d26f4b80cf99b8e-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK skujp.js Show response
api.popin.cc/ads/ 1019 B
1 KB 882ms
295ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/ads/skujp.js
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: b82f41a041600bb1a3ca0b68539ae9c72d36abb9235968c93d84671525a212e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 08:13:23 GMT
x-amz-version-id: rvj2Ykcz2z4YKYLmNpoKcUJAk7mxKATg
Last-Modified: Thu, 21 Oct 2021 05:41:49 GMT
Server: nginx
ETag: "6bdb61f3803bcc8a5b92a1ac6063dc3f"
X-Cache-Status: HIT from 10.252.55.44
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1019
Expires: Mon, 05 Jun 2023 09:13:23 GMT

GET
H/1.1 200
OK SIMO_investB.js Show response
api.popin.cc/ads/ 1 KB
1 KB 1096ms
266ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/ads/SIMO_investB.js
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 63d0d0f70dab5842ceb1d25446062c7d618feb306eb13abe9c44fec1b6a48ab7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 08:13:23 GMT
x-amz-version-id: oQcF3Tk2oqkz.qnIzfrINNY83iXTvWIz
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 12:26:26 GMT
Server: nginx
ETag: W/"32196d7788a2e3efe719a238e90b1994"
X-Cache-Status: HIT from 10.252.55.25
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Mon, 05 Jun 2023 09:13:23 GMT

GET
H/1.1 200
OK SIMO_skujp.js Show response
api.popin.cc/ads/ 1 KB
1 KB 1103ms
270ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/ads/SIMO_skujp.js
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 9c2576780e59348fd4a061a356b00b317fed219d429d9ce1c99e310bc34da240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 08:13:23 GMT
x-amz-version-id: FZ2lYdYJDAV8ifvDFEHS_TtLc6C8vxgY
Content-Encoding: gzip
Last-Modified: Tue, 09 Nov 2021 06:58:30 GMT
Server: nginx
ETag: W/"d343fd0ca9831f28845740f0afab4f08"
X-Cache-Status: HIT from 10.252.55.25
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Mon, 05 Jun 2023 09:13:23 GMT

GET
H/1.1 200
OK SIMO_investC.js Show response
api.popin.cc/ads/ 1 KB
1 KB 1181ms
295ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/ads/SIMO_investC.js
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 9dbb01f26d439c3149dcb2af27df24bd702f7aa16459c7402e4b9a9333e22ade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 08:13:23 GMT
x-amz-version-id: wFHet3lkzCF0mHtVw2lZX76ZyABLHuL_
Content-Encoding: gzip
Last-Modified: Fri, 04 Mar 2022 02:57:09 GMT
Server: nginx
ETag: W/"4c98ebfca9ec9abe84f45e34528bd811"
X-Cache-Status: HIT from 10.252.55.25
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Mon, 05 Jun 2023 09:13:23 GMT

GET
H/1.1 200
OK SIMO_investD.js Show response
api.popin.cc/ads/ 1 KB
1 KB 1170ms
284ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/ads/SIMO_investD.js
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 2731bf03005040bb4f585fd864dc4fdf6bb846b409919d5961ba96f7f5b65c76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 08:13:23 GMT
x-amz-version-id: UtqmBmEeAIspDB.dMgAs1gMRHCSIusC_
Content-Encoding: gzip
Last-Modified: Mon, 27 Dec 2021 09:49:16 GMT
Server: nginx
ETag: W/"d3b8cdb9b15a74f01b96fb53228f15f0"
X-Cache-Status: HIT from 10.252.55.26
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Mon, 05 Jun 2023 09:13:23 GMT

GET
H/1.1 200
OK SIMO_MoneyB.js Show response
api.popin.cc/ads/ 1 KB
1 KB 1164ms
282ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/ads/SIMO_MoneyB.js
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 81eb832d4eb21c30c99eab6175cb7de7010dfc71f579c99fa83511144af03a13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 08:13:23 GMT
x-amz-version-id: 8BeyVz.vLHpD3RfvzVGFV8KBSFcJgiLa
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 06:45:45 GMT
Server: nginx
ETag: W/"ca82f261cef6c6bcdf6dd392057722c8"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Mon, 05 Jun 2023 09:13:23 GMT

GET
H/1.1 200
OK SIMO_MoneyB2.js Show response
api.popin.cc/ads/ 1 KB
1 KB 481ms
271ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/ads/SIMO_MoneyB2.js
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 27cfbf43c6fadc7095738e8be3a7abb456a88968e431353329cd5d955cc7c67b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 08:13:23 GMT
x-amz-version-id: CSQFj9zT79uDzqbAsC8f56gYnGFf8t.K
Content-Encoding: gzip
Last-Modified: Fri, 28 Jan 2022 05:31:03 GMT
Server: nginx
ETag: W/"42a100dea34cd8890b7b8155a7ac60ca"
X-Cache-Status: HIT from 10.252.55.25
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Mon, 05 Jun 2023 09:13:23 GMT

GET
H/1.1 200
OK 20199.js Show response
api.popin.cc/ads/ 1020 B
1 KB 279ms
271ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/ads/20199.js
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: af8ef4cf83145b2daac7e6971cb2318ce48e580289a964d4e4b27f0fa4ff8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 08:13:23 GMT
x-amz-version-id: ZrTbdECu9ovmG_YyALo4dZW1hwfZxZPj
Last-Modified: Tue, 16 Aug 2022 08:48:44 GMT
Server: nginx
ETag: "6b96beaf3f9d309dbe64d1bddb196429"
X-Cache-Status: HIT from 10.252.55.25
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1020
Expires: Mon, 05 Jun 2023 09:13:23 GMT

GET
H2 200 pixel.js Show response
asset.popin.cc/js/ 25 KB
10 KB 153ms
24ms Script
application/javascript 2600:9000:223f:4c00:7:6012:9880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.popin.cc/js/pixel.js
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:7:6012:9880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1fd170203d2322bbef5e3be2585b904c4b7525063bc42ac3cda335eb29123d9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 02:52:10 GMT
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Fri, 05 May 2023 03:03:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 19273
x-amz-server-side-encryption: AES256
etag: W/"f5d7d6d80b49596e4806209aa3e2d1a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: WDfBc0MHbSItJvrh5roti3aOw4jYOf4mjJPil5CWvJ7FUjSTgLLMgg==

GET
H2 200 val.html Show response
d2cli4kgl5uxre.cloudfront.net/js/h/ Frame 20EF 15 KB
15 KB 91ms
24ms Document
text/html 2600:9000:211e:7600:11:9be7:da80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2cli4kgl5uxre.cloudfront.net/js/h/val.html?a0v5la7bquf89=&acid=&trackingid=
Requested by: Host: asset.popin.cc
URL: https://asset.popin.cc/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:7600:11:9be7:da80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f50141fb42d9e30dbc525e2acf111e27f40e0957303144909c1c8d3885e6ee0

Request headers

Referer: https://www.hhyytt99.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 56682
content-length: 14955
content-type: text/html
date: Sun, 04 Jun 2023 16:28:41 GMT
etag: "4fe9088bce7cb730680b930054492124"
last-modified: Mon, 10 Oct 2022 09:17:12 GMT
server: AmazonS3
vary: Origin
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-id: fgZeSv_IrWqGHWSjkhflQTBR_OguEFF-9VgfP_r_Ga-rcLEl-ytkBg==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: 5H82oy8DzGfPgn50RaNmMTQosnA7YxRG
x-cache: Hit from cloudfront

GET
H2 200 track
trace.mediago.io/api/log/ 0
121 B 548ms
178ms Image
text/plain 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=101&random_t=1685952802899_30
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H3 200 awx.png Show response
www.hhyytt99.com/static/ Frame 20EF 497 B
1012 B 45ms
45ms Document
image/png 2606:4700:3034::ac43:baa3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hhyytt99.com/static/awx.png

Requested by

Host: asset.popin.cc
URL: https://asset.popin.cc/js/pixel.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:baa3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ae361ed02c8acd0cbe4eecc172be849c9dccdac22a5f601ad3b3321eeb5045

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hhyytt99.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400, must-revalidate
cf-cache-status: REVALIDATED
cf-ray: 7d26f4bb793d9b8e-FRA
content-length: 497
content-type: image/png
date: Mon, 05 Jun 2023 08:13:23 GMT
etag: "f46c5208d2430fedbecc79e1f5ad58e5"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BH5hRTFzEoIwJObKIvCqEoy0PjvhNfj1PWoLHuCa0PgxxdkFIHg4mIbpPY%2B03Np9SoZJIzvgxMnYIsjFCG2UTG9Nak1lF%2Bw%2Bn85aZgvbN6yFYr3zJjSDBJX6zmc7sE7ZMd4FNPqa%2FBwtZgC51LU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 track
trace.mediago.io/api/log/ 0
196 B 343ms
176ms Image
text/plain 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=102&random_t=1685952803106_15
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 track
trace.mediago.io/api/log/ 0
121 B 277ms
179ms Image
text/plain 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=103&random_t=1685952803174_20
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 track
trace.mediago.io/api/log/ 0
121 B 276ms
177ms Image
text/plain 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=104&random_t=1685952803174_29
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 track
trace.mediago.io/api/log/ 0
39 B 177ms
176ms Image
text/plain 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=105&iframeAcid=undefined&trueAcid=null&configResource=undefined&random_t=1685952803174_20
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 track
trace.mediago.io/api/log/ 0
39 B 178ms
176ms Image
text/plain 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=106&random_t=1685952803174_43
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 pageview
trace.popin.cc/api/bidder/track/pixel/ 0
114 B 801ms
268ms Image
text/plain 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.popin.cc/api/bidder/track/pixel/pageview?tn=f9f2b1ef23fe2759c2cad0953029a94b&spd=&mgd=&ptd=&tkd=&acd=&v=20230413_1
Requested by: Host: www.hhyytt99.com
URL: https://www.hhyytt99.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 156 KB
43 KB 635ms
569ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/ads/skujp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 775513625d482ba9eacab66da77d2b02d5d7f15788c270bb1295add4926c6284

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 08:13:24 GMT
x-amz-version-id: rMjFgUNkSodLPiS9pNV2rTlSUT0KRhgZ
Content-Encoding: gzip
Last-Modified: Wed, 04 Jan 2023 06:45:28 GMT
Server: nginx
ETag: W/"dea14647ed42ad93bfc3d619993107a4"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Mon, 05 Jun 2023 09:13:24 GMT

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 566ms
565ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 08:13:25 GMT
x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Mon, 05 Jun 2023 09:13:25 GMT

GET
H/1.1 200
OK piuid.html Show response
api.popin.cc/iframe/ Frame EB23 6 KB
2 KB 319ms
318ms Document
text/html 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/iframe/piuid.html?ac=piuid&t=15009898
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 984487ec46a1c477af29ace27e0794cccaa79bf6bf6a50976aadd5f4eee94f8b

Request headers

Referer: https://www.hhyytt99.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Date: Mon, 05 Jun 2023 08:13:25 GMT
ETag: W/"43676b9118e1fa3ce36d31e318eb36e9"
Expires: Mon, 05 Jun 2023 09:13:25 GMT
Last-Modified: Thu, 21 Nov 2019 09:08:45 GMT
Server: nginx
Timing-Allow-Origin: *
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Cache-Status: HIT from 10.252.55.25
x-amz-version-id: null

GET
H/1.1 200
OK popin_send_cookie_set_fail.js Show response
api.popin.cc/test/ 14 KB
4 KB 271ms
271ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date: Mon, 05 Jun 2023 08:13:25 GMT
x-amz-version-id: NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 03:29:29 GMT
Server: nginx
ETag: W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status: HIT from 10.252.55.25
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Mon, 05 Jun 2023 09:13:25 GMT

GET
H/1.1 200
OK readlogs Show response
in.treasuredata.com/js/v3/event/popin_media/ 89 B
559 B 475ms
117ms Script
application/javascript 18.235.134.96

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_media/readlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1685952809160&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIwYmE5Mzg0MC1lNzBkLTQ2OWQtYTE5ZS1hMGM0YzlkYWI3NzkiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5aSn5Y%2BU546p6IKh56Wo5YOF5YOF5LiA5bm05bCx6LO656C05Y2D6JCs77yB6YG46IKh6Zec6Y215piv6YCZ5YCLLi4uIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cuaGh5eXR0OTkuY29tLyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS45MCBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJ3d3cuaGh5eXR0OTkuY29tIiwidGRfcGF0aCI6Ii8iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImltYWdlIjoiIiwicHViZGF0ZSI6IiIsImRvbWFpbiI6Ind3dy5oaHl5dHQ5OS5jb20iLCJtZWRpYSI6IjIwMTk5IiwiZGV2aWNlIjoicGMiLCJhcGlfaG9zdCI6ImpwLnBvcGluLmNjIiwicmVhZF9yZSI6Im9yZ2FuaWMiLCJyZWFkX3N0YXRfdGV4dCI6MTgwMCwicmVhZF9zdGF0X2ltYWdlIjoyOCwicmVhZF9zdGF0X2luX3RleHQiOjE4MDAsInJlYWRfc3RhdF9pbl9pbWFnZSI6MjgsInJlYWQiOjEwLCJyZWFkX3RpbWUiOjMuOSwicG9waW5fdXNlcl9pZCI6IiIsInBpdWlkIjoiZjFlZGU3NTRiOTYwOTE2YzM2NDE2ODU5NTI4MDUwNDIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjB9&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.235.134.96 -, , ASN (),

Reverse DNS

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Mon, 05 Jun 2023 08:13:29 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET
H2 200 readlogs
log.popin.cc/log/popin_media/ 66 B
222 B 1378ms
267ms Image
image/jpeg 119.63.198.143

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/readlogs?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIwYmE5Mzg0MC1lNzBkLTQ2OWQtYTE5ZS1hMGM0YzlkYWI3NzkiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5aSn5Y+U546p6IKh56Wo5YOF5YOF5LiA5bm05bCx6LO656C05Y2D6JCs77yB6YG46IKh6Zec6Y215piv6YCZ5YCLLi4uIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cuaGh5eXR0OTkuY29tLyIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE0LjAuNTczNS45MCBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJ3d3cuaGh5eXR0OTkuY29tIiwidGRfcGF0aCI6Ii8iLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTE0LjAuNTczNSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJpbWFnZSI6IiIsInB1YmRhdGUiOiIiLCJkb21haW4iOiJ3d3cuaGh5eXR0OTkuY29tIiwibWVkaWEiOiIyMDE5OSIsImRldmljZSI6InBjIiwiYXBpX2hvc3QiOiJqcC5wb3Bpbi5jYyIsInJlYWRfcmUiOiJvcmdhbmljIiwicmVhZF9zdGF0X3RleHQiOjE4MDAsInJlYWRfc3RhdF9pbWFnZSI6MjgsInJlYWRfc3RhdF9pbl90ZXh0IjoxODAwLCJyZWFkX3N0YXRfaW5faW1hZ2UiOjI4LCJyZWFkIjoxMCwicmVhZF90aW1lIjozLjksInBvcGluX3VzZXJfaWQiOiIiLCJwaXVpZCI6ImYxZWRlNzU0Yjk2MDkxNmMzNjQxNjg1OTUyODA1MDQyIiwidWlkIjoiZjFlZGU3NTRiOTYwOTE2YzM2NDE2ODU5NTI4MDUwNDIifQ==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 -, , ASN (),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:30 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 s.gif
rlog.popin.cc/ 35 B
186 B 900ms
291ms Image
image/gif 119.63.198.188

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fwww.hhyytt99.com%2F&uid=&nid=KdDbQA28x2WB&media=20199&r1=10&r2=0&r3=text1800|image28|in_text1800|in_image28&r4=4&r5=re_organic|dv_pc|session|sstorage&r6=4&r7=-0&r8=116.63539999999999&t=1685952809156
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hhyytt99.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 08:13:29 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mediago.io/	1970-01-20 21:04:48	Name: __mguid_ Value: cd55fceae0563c05eae5b4b185676cb2
			.hhyytt99.com/	1970-01-20 21:04:48	Name: _ss_pp_id Value: f1ede754b960916c3641685952805042

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.hhyytt99.com/static/znwx_icon_1.png Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://www.hhyytt99.com/static/awx.png Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.popin.cc
asset.popin.cc
d2cli4kgl5uxre.cloudfront.net
in.treasuredata.com
log.popin.cc
rlog.popin.cc
trace.mediago.io
trace.popin.cc
www.googletagmanager.com
www.hhyytt99.com
119.63.193.220
119.63.198.143
119.63.198.188
18.235.134.96
2600:9000:211e:7600:11:9be7:da80:93a1
2600:9000:223f:4c00:7:6012:9880:93a1
2606:4700:3034::ac43:baa3
2a00:1450:4001:80b::2008
35.208.249.213
35.213.89.133
057bc25f6416b83dcf8bd8aca991f42a9443c1677056d410c79aee94a568b25c
140bc8a209c2387a1f952237274e5a5fea1d04e6594c395a9f108397abadf1dc
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1fd170203d2322bbef5e3be2585b904c4b7525063bc42ac3cda335eb29123d9b
2383db2098218650545f1f2d8d4ee1572ce0a0c7fd3750de6005c563d409e383
2731bf03005040bb4f585fd864dc4fdf6bb846b409919d5961ba96f7f5b65c76
27589a133dca37ea84ea4433ad76553f3cb3f01f1b7dc40aa7167e0b67ad6d78
27cfbf43c6fadc7095738e8be3a7abb456a88968e431353329cd5d955cc7c67b
301bd9f16f94feedfae7a946a14bac38cb73c43efe6117bc5586835af03d7d6f
38f36592f7f21ffed2f6b018621b923ebcfdd6821e8f1b5c7017ae6a008d12e1
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3f50141fb42d9e30dbc525e2acf111e27f40e0957303144909c1c8d3885e6ee0
4070180ca01fd8aa387cc548a9143d6e2b713a496d7ace0ee2fd30a627cf62f2
43bedc763bd22cf3e81cdfe0c4cd73aa75552599fd2ea8862c1a7e28cb2005f2
56e8b2382d81051c1a7b0df24c5ee0ee48d0cf68c331267169b56dcc1d3c326e
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
60ae361ed02c8acd0cbe4eecc172be849c9dccdac22a5f601ad3b3321eeb5045
62535fcf821d91966a7b8124368442296dfdf03d570a00ea182ad2efc2123b3e
63d0d0f70dab5842ceb1d25446062c7d618feb306eb13abe9c44fec1b6a48ab7
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
775513625d482ba9eacab66da77d2b02d5d7f15788c270bb1295add4926c6284
7e79db979b6554b2288530343e7c33613184fd35deac4aae74a49ae39b6aaaaf
81eb832d4eb21c30c99eab6175cb7de7010dfc71f579c99fa83511144af03a13
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8da4aa7d401ac5af5e7158677f94c3fa62404321686b8e09bccae12047eecf49
8e09c8a822d9759654324f9e66dfb1a7225d5f04c2e9bb0ac02cd4134c6d5142
8e35c989574033d52feb3720a5c4c7259693b0685c381525c89cdd01f21ed0b8
97fdbc7fb314f0135385a3ff25ce4c1789a5c53bc3f8d67e9aef313d0fff7849
984487ec46a1c477af29ace27e0794cccaa79bf6bf6a50976aadd5f4eee94f8b
9c2576780e59348fd4a061a356b00b317fed219d429d9ce1c99e310bc34da240
9dbb01f26d439c3149dcb2af27df24bd702f7aa16459c7402e4b9a9333e22ade
a371a17111be2fa7b901b542cf31b953ec461a693382b8f373cb1729336c8558
a6e7cdd106c060736f6f54587e98e40e4709a27e688b7c635efcc2bc69d9584c
af8ef4cf83145b2daac7e6971cb2318ce48e580289a964d4e4b27f0fa4ff8148
b645368e63d23616aa07334dbf603214dbba6d61a61686214f058762681c5d5c
b82f41a041600bb1a3ca0b68539ae9c72d36abb9235968c93d84671525a212e5
cc1f4e667bc50e72363fbf6d9184c0684bfe2c5d050234edb13f1b6379e1d638
cd2d3e378a84eb1a9963949a546134786d5af94ad3d9298f8e38f353cb39d69b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9763dd5336d2cd1e878ff557eb85d9972fd1da1048748fc79fab694b52da47e
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f6b51d3e2d86cf501a7cd05656d9f784b6bbeceec883b4d0d533485bac077499

www.hhyytt99.com Open in urlscan Pro 2606:4700:3034::ac43:baa3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

40 %IPv6

6 Domains

10 Subdomains

10 IPs

3 Countries

1357 kBTransfer

1656 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hhyytt99.com Open in urlscan Pro
2606:4700:3034::ac43:baa3 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

40 %
IPv6

6
Domains

10
Subdomains

10
IPs

3
Countries

1357 kB
Transfer

1656 kB
Size

2
Cookies

49 HTTP transactions
0 data transactions