baidyouzi18.top Open in urlscan Pro
154.39.191.122 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://baidyouzi18.top/
Submission: On December 05 via api (December 5th 2023, 4:12:30 pm UTC) from US — Scanned from US

Summary HTTP 57 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 12 IPs in 6 countries across 16 domains to perform 57 HTTP transactions. The main IP is 154.39.191.122, located in United States and belongs to HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK. The main domain is baidyouzi18.top.
TLS certificate: Issued by R3 on December 5th 2023. Valid for: 3 months.

This is the only time baidyouzi18.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	154.39.191.122 154.39.191.122	139646 (HKMTC-AS-...) (HKMTC-AS-AP HONG KONG Megalayer Technology Co.)
6	167.235.193.182 167.235.193.182	24940 (HETZNER-AS) (HETZNER-AS)
5 5	3.36.126.81 3.36.126.81	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:10:... 2606:4700:10::6816:4b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	49.12.4.154 49.12.4.154	24940 (HETZNER-AS) (HETZNER-AS)
3	2606:4700:303... 2606:4700:3034::ac43:ade6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	154.64.14.229 154.64.14.229	139646 (HKMTC-AS-...) (HKMTC-AS-AP HONG KONG Megalayer Technology Co.)
2	137.175.110.162 137.175.110.162	54600 (PEG-SV) (PEG-SV)
2	154.91.86.4 154.91.86.4	399077 (TERAEXCH) (TERAEXCH)
2	194.53.53.250 194.53.53.250	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
2	2606:4700:303... 2606:4700:3033::6815:37b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	146.75.36.193 146.75.36.193	54113 (FASTLY) (FASTLY)
18	64.112.76.52 64.112.76.52	6939 (HURRICANE) (HURRICANE)
57	12

13 154.39.191.122 (United States)

ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)

baidyouzi18.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 167.235.193.182 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.182.193.235.167.clients.your-server.de

maxun103.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maxun066.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.36.126.81 (Incheon, Korea, Republic Of) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-36-126-81.ap-northeast-2.compute.amazonaws.com

www.xn--1qwynp09f.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.1379a.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:4b98 (United States)

ASN13335 (CLOUDFLARENET, US)

files.230808.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 49.12.4.154 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.154.4.12.49.clients.your-server.de

mrtoss03.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::ac43:ade6 (United States)

ASN13335 (CLOUDFLARENET, US)

kvtaaa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.64.14.229 (San Jose, United States)

ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)

222vn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 137.175.110.162 (United States)

ASN54600 (PEG-SV, US)

img.gehhghrf.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.91.86.4 (Seychelles)

ASN399077 (TERAEXCH, US)

hx33hx33.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.53.53.250 (Moscow Oblast, Russian Federation)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

ad.xmmnsl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:37b9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.imageoss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.36.193 (Reston, United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 64.112.76.52 (United States)

ASN6939 (HURRICANE, US)
PTR: customer.tatraservices.com

nxximg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	nxximg.com nxximg.com	322 KB
13	baidyouzi18.top baidyouzi18.top	162 KB
5	230808.top files.230808.top — Cisco Umbrella Rank: 735123	2 MB
3	kvtaaa.top kvtaaa.top	589 KB
3	mrtoss03.com 3 redirects mrtoss03.com	591 B
3	xn--1qwynp09f.net 3 redirects www.xn--1qwynp09f.net — Cisco Umbrella Rank: 662442	367 B
3	maxun066.top maxun066.top — Cisco Umbrella Rank: 438296	306 KB
3	maxun103.top maxun103.top — Cisco Umbrella Rank: 606712	215 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 10115	12 KB
2	imageoss.com www.imageoss.com	123 KB
2	xmmnsl.com ad.xmmnsl.com	990 KB
2	hx33hx33.cc hx33hx33.cc	385 KB
2	gehhghrf.xyz img.gehhghrf.xyz	85 KB
2	1379a.xyz 2 redirects img.1379a.xyz	245 B
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7364	30 KB
1	222vn.co 222vn.co	239 KB
57	16

	Domain	Requested by
18	nxximg.com	baidyouzi18.top
13	baidyouzi18.top	baidyouzi18.top
5	files.230808.top	baidyouzi18.top
3	kvtaaa.top	baidyouzi18.top
3	mrtoss03.com	3 redirects
3	www.xn--1qwynp09f.net	3 redirects
3	maxun066.top	baidyouzi18.top
3	maxun103.top	baidyouzi18.top
2	hm.baidu.com	baidyouzi18.top
2	www.imageoss.com	baidyouzi18.top
2	ad.xmmnsl.com	baidyouzi18.top
2	hx33hx33.cc	baidyouzi18.top
2	img.gehhghrf.xyz	baidyouzi18.top
2	img.1379a.xyz	2 redirects
1	i.imgur.com	baidyouzi18.top
1	222vn.co	baidyouzi18.top
57	16

This site contains links to these domains. Also see Links.

Domain
54.5447722.vip
46.46866323.com
4j913.vip
161271.vip
www.xxtty94.xyz
dwip8.2lpla6meup.xyz
djgprk.com
c.fbzns.com

Subject Issuer	Validity	Valid
www.bb66999.com R3	`2023-12-05` - `2024-03-04`	3 months	crt.sh
maxun103.top Buypass Class 2 CA 5	`2023-11-01` - `2024-04-28`	6 months	crt.sh
maxun066.top R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
222vn.co RapidSSL TLS RSA CA G1	`2023-10-22` - `2024-10-21`	a year	crt.sh
img.gehhghrf.xyz R3	`2023-09-26` - `2023-12-25`	3 months	crt.sh
hx33hx33.cc R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
xmmnsl.com E1	`2023-10-08` - `2024-01-06`	3 months	crt.sh
www.imageoss.com GTS CA 1P5	`2023-11-08` - `2024-02-06`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
nxximg.com Certum Domain Validation CA SHA2	`2023-07-27` - `2024-08-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://baidyouzi18.top/
Frame ID: 5B2B4D15FE0CE5ACE454B1AA604F5810
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

柚子影视AV,柚子免费视频TV,在线视频,柚子免费短视频分享

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

86 %
HTTPS

21 %
IPv6

16
Domains

16
Subdomains

12
IPs

6
Countries

5806 kB
Transfer

6090 kB
Size

3
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://54.5447722.vip/

Search URL Search Domain Scan URL

URL: https://46.46866323.com/

Search URL Search Domain Scan URL

URL: https://4j913.vip/

Search URL Search Domain Scan URL

URL: https://161271.vip:2053/index.html?shareName=161271.vip

Search URL Search Domain Scan URL

URL: https://www.xxtty94.xyz/xt.html?channelCode=mimi_hf3

Search URL Search Domain Scan URL

URL: https://dwip8.2lpla6meup.xyz/abc/346.html

Search URL Search Domain Scan URL

URL: https://djgprk.com/?dc=YYMM
Title: 视频专区

Search URL Search Domain Scan URL

URL: https://c.fbzns.com/322.html
Title: 免费直播

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.xn--1qwynp09f.net/images/65422a8feced06e2bd7e2616.gif HTTP 302
https://files.230808.top/store/loveimgmoe/7b/85/651802b04f57e8ae2da17b85.gif

Request Chain 10

https://mrtoss03.com/8f4d872291de1252568125e0cedd868e.gif HTTP 301
https://kvtaaa.top/8f4d872291de1252568125e0cedd868e.gif

Request Chain 12

https://img.1379a.xyz/images/64aa7657aa4f5527c6a5f918.gif HTTP 302
https://files.230808.top/store/loveimgmoe/f9/18/64aa7657aa4f5527c6a5f918.gif

Request Chain 20

https://www.xn--1qwynp09f.net/images/65422a8feced06e2bd7e2616.gif HTTP 302
https://files.230808.top/store/loveimgmoe/7b/85/651802b04f57e8ae2da17b85.gif

Request Chain 21

https://mrtoss03.com/8f4d872291de1252568125e0cedd868e.gif HTTP 301
https://kvtaaa.top/8f4d872291de1252568125e0cedd868e.gif

Request Chain 22

https://img.1379a.xyz/images/64aa7657aa4f5527c6a5f918.gif HTTP 302
https://files.230808.top/store/loveimgmoe/f9/18/64aa7657aa4f5527c6a5f918.gif

Request Chain 29

https://www.xn--1qwynp09f.net/images/65422a92eced06e2bd7e261e.gif HTTP 302
https://files.230808.top/store/loveimgmoe/7b/8d/651802b24f57e8ae2da17b8d.gif

Request Chain 32

https://mrtoss03.com/b87dba0f9c4c8976494bbac9593aa1d7.gif HTTP 301
https://kvtaaa.top/b87dba0f9c4c8976494bbac9593aa1d7.gif

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
baidyouzi18.top/ 56 KB
12 KB 1786ms
544ms Document
text/html 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://baidyouzi18.top/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / PHP/7.2.34 ASP.NET
Resource Hash: fa48770ea7ab75d58fb2328f9bd97994374fb284cbdf7c843a67bb6e8c42e116

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Content-Encoding: gzip
Content-Length: 11815
Content-Type: text/html;charset=utf-8
Date: Tue, 05 Dec 2023 16:12:32 GMT
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.34 ASP.NET

GET
H/1.1 200
OK style.css
baidyouzi18.top/template/m1938pc/static/css/ 18 KB
5 KB 222ms
219ms Stylesheet
text/css 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://baidyouzi18.top/template/m1938pc/static/css/style.css
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f2fb1279ba798820127591b0aa5ce228e651a965ef106cc81b1cb05b7fde43d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 09:18:35 GMT
Server: Microsoft-IIS/8.5
ETag: "80e7f983d424d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4983

GET
H/1.1 200
OK jquery.min.js Show response
baidyouzi18.top/template/m1938pc/static/js/ 95 KB
33 KB 1083ms
650ms Script
application/javascript 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://baidyouzi18.top/template/m1938pc/static/js/jquery.min.js
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 09:18:45 GMT
Server: Microsoft-IIS/8.5
ETag: "80c8ef89d424d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 33835

GET
H/1.1 200
OK bootstrap.min.css
baidyouzi18.top/template/m1938pc/static/css/ 119 KB
19 KB 441ms
219ms Stylesheet
text/css 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://baidyouzi18.top/template/m1938pc/static/css/bootstrap.min.css
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9b6e66542dc67c64cb49e87e18686732b2baa1e63d6f34202c872533d20e26f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 09:18:36 GMT
Server: Microsoft-IIS/8.5
ETag: "07e9284d424d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 19623

GET
H/1.1 200
OK style_1.css
baidyouzi18.top/template/m1938pc/static/css/ 64 KB
11 KB 849ms
425ms Stylesheet
text/css 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://baidyouzi18.top/template/m1938pc/static/css/style_1.css
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 7bce5d6dab24eebce124dd4414674c9ed82a738944e79cd5342706a9b35a69fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 09:18:37 GMT
Server: Microsoft-IIS/8.5
ETag: "80142b85d424d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 11365

GET
H/1.1 200
OK white.css
baidyouzi18.top/template/m1938pc/static/css/ 12 KB
3 KB 647ms
216ms Stylesheet
text/css 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://baidyouzi18.top/template/m1938pc/static/css/white.css
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1e1006d70d43e23d479a2b4f37d2e4984c2b9d71628d22d2b2893068a7e8ee04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 09:18:38 GMT
Server: Microsoft-IIS/8.5
ETag: "0abc385d424d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2644

GET
H/1.1 200
OK mm-content.css
baidyouzi18.top/template/m1938pc/static/css/ 10 KB
2 KB 648ms
216ms Stylesheet
text/css 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://baidyouzi18.top/template/m1938pc/static/css/mm-content.css
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 32ae2da04a11272161f174b372dd1a905cc717315cacf821e1885adf165f593e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 09:18:38 GMT
Server: Microsoft-IIS/8.5
ETag: "0abc385d424d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1440

GET
H/1.1 200
OK youziyingshi.gif
baidyouzi18.top/template/m1938pc/static/images/ 52 KB
53 KB 222ms
218ms Image
image/gif 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baidyouzi18.top/template/m1938pc/static/images/youziyingshi.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fe6824ddcb874fc1248d7d376ab753799d234577e7552cb525d9bd83d5b7f14d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:34 GMT
Last-Modified: Sat, 16 Sep 2023 14:40:32 GMT
Server: Microsoft-IIS/8.5
ETag: "59e8c3beabe8d91:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 53646

GET
H2 200 2dc8f9c6d5fa6e52d7706e8a484d6101.gif
maxun103.top/ 77 KB
77 KB 1847ms
99ms Image
image/gif 167.235.193.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxun103.top/2dc8f9c6d5fa6e52d7706e8a484d6101.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.193.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.193.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 846ec3fac7045638c3d569c756d70fd4f0a9322e264b1763a9da7ea3f31a55b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:27:12 GMT
last-modified: Tue, 05 Dec 2023 13:27:12 GMT
server: nginx
etag: "64e7767d-13355"
x-cache: HIT, policy, disk
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 78677
expires: Thu, 04 Jan 2024 13:27:12 GMT

GET
H2 200 081ee7da39ccd4af5a1e8598cad9ecdc.gif
maxun066.top/ 119 KB
119 KB 2229ms
187ms Image
image/gif 167.235.193.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxun066.top/081ee7da39ccd4af5a1e8598cad9ecdc.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.193.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.193.235.167.clients.your-server.de
Software: cloudflare /
Resource Hash: 16eb8c3cc5ee819d56a2b440de3202a93bf53bad2b48c1ad718252f3c5f8cee6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2269374
x-cache: HIT, policy, disk
content-length: 122147
last-modified: Tue, 05 Dec 2023 15:22:03 GMT
server: cloudflare
etag: "642682e0-1dd23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnNR6PmPup4%2BCB5ukzudLteLJ%2FIfRoy1izIL9NRHJIIizutrnZm%2B8TynkV%2FVAa%2FT9CPLuVzxuRLU6deGjzNBKOMgs6tU4Z%2FeWtR2ixyiPZPA1IOCLR7rmeFaPknbe5RyEpwo%2BYPZ7P8O"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 830d4847e9719130-FRA
expires: Sat, 09 Dec 2023 08:59:08 GMT

GET
H2

200

651802b04f57e8ae2da17b85.gif
files.230808.top/store/loveimgmoe/7b/85/
Redirect Chain

https://www.xn--1qwynp09f.net/images/65422a8feced06e2bd7e2616.gif
https://files.230808.top/store/loveimgmoe/7b/85/651802b04f57e8ae2da17b85.gif

776 KB
776 KB

24ms
23ms

Image
image/gif

2606:4700:10::6816:4b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.230808.top/store/loveimgmoe/7b/85/651802b04f57e8ae2da17b85.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Server: 2606:4700:10::6816:4b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa5eaf2756096e95465a86e525e4a263cd3360ecc168ef8a0855d2d9a1f529e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:22 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Sep 2023 11:16:14 GMT
server: cloudflare
age: 533409
vary: Origin, Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 830d92024ac343f3-EWR
alt-svc: h3=":443"; ma=86400
content-length: 794125

Redirect headers

location: https://files.230808.top/store/loveimgmoe/7b/85/651802b04f57e8ae2da17b85.gif
cache-control: max-age=600
referrer-policy: no-referrer
content-length: 0

GET
H2

200

8f4d872291de1252568125e0cedd868e.gif
kvtaaa.top/
Redirect Chain

https://mrtoss03.com/8f4d872291de1252568125e0cedd868e.gif
https://kvtaaa.top/8f4d872291de1252568125e0cedd868e.gif

281 KB
282 KB

88ms
12ms

Image
image/gif

2606:4700:3034::ac43:ade6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvtaaa.top/8f4d872291de1252568125e0cedd868e.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Server: 2606:4700:3034::ac43:ade6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40c3ef9e11d15a2e5eeaa0be711dc3d9b3aed6d3b373ad07d71614aeb90c5546

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2190260
alt-svc: h3=":443"; ma=86400
content-length: 287946
last-modified: Sun, 01 Oct 2023 09:20:41 GMT
server: cloudflare
etag: "651939e9-464ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=laiwc2uv37z26otY6KW9G3p%2BguSHGQ8%2FEKjutivj2IV3ClOHZz7DGKzaixCOcVmNXUgUskvEkxUJeZ%2B%2FOvkuyPeAgE5KmZvOjTfx7xnkfYUF0WSQ7A6bdWvQMFftyzcsDHPJEQbpJ6cP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 830d91fad81a0f74-EWR
expires: Sun, 10 Dec 2023 07:48:01 GMT

Redirect headers

Location: https://kvtaaa.top/8f4d872291de1252568125e0cedd868e.gif
Date: Tue, 05 Dec 2023 16:12:21 GMT
Content-Length: 0
Content-Type: text/html; charset=utf-8

GET
H2 200 65422fc1aed05.gif
222vn.co/i/2023/11/01/ 239 KB
239 KB 291ms
71ms Image
image/gif 154.64.14.229
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://222vn.co/i/2023/11/01/65422fc1aed05.gif

Requested by

Host: baidyouzi18.top
URL: https://baidyouzi18.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.64.14.229 San Jose, United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

34557c214b3eb9661a22d53a765633f7537ae040a22080288842ebba31b14738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 01 Nov 2023 11:00:17 GMT
server: nginx
etag: "65422fc1-3bac0"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 244416
expires: Thu, 04 Jan 2024 16:12:20 GMT

GET
H2

200

64aa7657aa4f5527c6a5f918.gif
files.230808.top/store/loveimgmoe/f9/18/
Redirect Chain

https://img.1379a.xyz/images/64aa7657aa4f5527c6a5f918.gif
https://files.230808.top/store/loveimgmoe/f9/18/64aa7657aa4f5527c6a5f918.gif

78 KB
79 KB

84ms
20ms

Image
image/gif

2606:4700:10::6816:4b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.230808.top/store/loveimgmoe/f9/18/64aa7657aa4f5527c6a5f918.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Server: 2606:4700:10::6816:4b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a231b769aa6ebc6d39ccb48c138f5957859b4d242037226054e3c7f39496303

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:21 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Jul 2023 08:57:13 GMT
server: cloudflare
age: 689318
vary: Origin, Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 830d91fbb92343f3-EWR
alt-svc: h3=":443"; ma=86400
content-length: 80287

Redirect headers

location: https://files.230808.top/store/loveimgmoe/f9/18/64aa7657aa4f5527c6a5f918.gif
cache-control: max-age=600
referrer-policy: no-referrer
content-length: 0

GET
H2 200 960-80.gif
img.gehhghrf.xyz/dyj0012/ 42 KB
42 KB 403ms
160ms Image
image/gif 137.175.110.162
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gehhghrf.xyz/dyj0012/960-80.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.110.162 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 36c329535ef2b44378dd894b3758a0fbf282b2348d2ca75328ccf8a7763d697c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 09:05:00 GMT
last-modified: Fri, 01 Dec 2023 09:05:04 GMT
server: Microsoft-IIS/8.5
etag: "1701421504"
x-powered-by: ASP.NET
x-cache: HIT, server, memory
content-type: image/gif
accept-ranges: bytes
content-length: 43186

GET
H2 200 960x120.gif
hx33hx33.cc/xtimage/ 192 KB
193 KB 1551ms
216ms Image
image/gif 154.91.86.4
TERAEXCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hx33hx33.cc/xtimage/960x120.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.91.86.4 , Seychelles, ASN399077 (TERAEXCH, US),
Reverse DNS
Software: openresty /
Resource Hash: b44b1474497084bfa1343d1a831ace0585f40fd12b9a3dda32cb83d41a3675e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-log: X-Log
date: Tue, 05 Dec 2023 16:12:20 GMT
x-svr: IO
content-md5: RuyrK26KwzI2cU4OMTZxUg==
x-reqid: SJcBABHeRlB7-50X
content-transfer-encoding: binary
content-disposition: inline; filename="960x120.gif"; filename*=utf-8''960x120.gif
content-length: 196473
last-modified: Fri, 20 Oct 2023 06:52:22 GMT
server: openresty
etag: "Fl28Kd89omzTY1Ap6TZGefD_WlSu"
access-control-max-age: 2592000
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
accept-ranges: bytes
x-qiniu-zone: 1

GET
H/1.1 200
OK 1.gif
baidyouzi18.top/template/m1938pc/static/images/ 254 B
501 B 215ms
212ms Image
image/gif 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baidyouzi18.top/template/m1938pc/static/images/1.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:34 GMT
Last-Modified: Tue, 10 Jan 2023 06:41:04 GMT
Server: Microsoft-IIS/8.5
ETag: "42545283be24d91:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 254

GET
H2 200 1665643713.gif
ad.xmmnsl.com/uploads/images/ 494 KB
495 KB 509ms
462ms Image
image/gif 194.53.53.250
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.xmmnsl.com/uploads/images/1665643713.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.53.53.250 Moscow Oblast, Russian Federation, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 132720bfd4ea3959148dee04d05536c99b1c06357b349576e97155397061d4d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 13 Oct 2022 06:48:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6347b4c1-7b815"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3jzjg6DpwG%2BVvubp1FZSx0oCNulVj%2BQnQSgRBBGh6V%2B1NZO9Xbj%2BTdsnXY0rtXqmdWO2nP6fs2T1TXJLOfhzDXWRmRjfpiyQlX%2BcgYPnRBOXzbuQjum%2FnL%2FTX1GB4%2Fa"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 830d91f0dce60ca8-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 960x809a8a002391b33a97.gif
www.imageoss.com/images/2023/11/13/ 61 KB
62 KB 460ms
19ms Image
image/gif 2606:4700:3033::6815:37b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imageoss.com/images/2023/11/13/960x809a8a002391b33a97.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:37b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3c575e4460622ce9ae6da7b3eefd2af9c0a427172cdd90eddcc54b7716b176

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
cf-cache-status: HIT
last-modified: Mon, 13 Nov 2023 12:07:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 479973
etag: "65521199-f47e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBsn1oKfC9F%2BgcRVOkoHqZMe6%2BLE0q0ORdcIKsxlfcBhynUCAEjrdGK1ikmW%2BHzk0X1yOoyq6I%2BhSZ03cAiPMuJEKZWNAnv6JAl0MrY7MAEEQwdbHUwQwnHII6NEJOPiGQ7jy0vh8LQJjiqC2URG"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830d91f34cd8421d-EWR
alt-svc: h3=":443"; ma=86400
content-length: 62590

GET
H2 200 2dc8f9c6d5fa6e52d7706e8a484d6101.gif
maxun103.top/ 77 KB
77 KB 652ms
99ms Image
image/gif 167.235.193.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxun103.top/2dc8f9c6d5fa6e52d7706e8a484d6101.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.193.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.193.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 846ec3fac7045638c3d569c756d70fd4f0a9322e264b1763a9da7ea3f31a55b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 13:27:12 GMT
last-modified: Tue, 05 Dec 2023 13:27:12 GMT
server: nginx
etag: "64e7767d-13355"
x-cache: HIT, policy, disk
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 78677
expires: Thu, 04 Jan 2024 13:27:12 GMT

GET
H2 200 081ee7da39ccd4af5a1e8598cad9ecdc.gif
maxun066.top/ 119 KB
120 KB 945ms
98ms Image
image/gif 167.235.193.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxun066.top/081ee7da39ccd4af5a1e8598cad9ecdc.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.193.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.193.235.167.clients.your-server.de
Software: cloudflare /
Resource Hash: 16eb8c3cc5ee819d56a2b440de3202a93bf53bad2b48c1ad718252f3c5f8cee6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:22:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2269374
x-cache: HIT, policy, disk
content-length: 122147
last-modified: Tue, 05 Dec 2023 15:22:03 GMT
server: cloudflare
etag: "642682e0-1dd23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnNR6PmPup4%2BCB5ukzudLteLJ%2FIfRoy1izIL9NRHJIIizutrnZm%2B8TynkV%2FVAa%2FT9CPLuVzxuRLU6deGjzNBKOMgs6tU4Z%2FeWtR2ixyiPZPA1IOCLR7rmeFaPknbe5RyEpwo%2BYPZ7P8O"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 830d4847e9719130-FRA
expires: Sat, 09 Dec 2023 08:59:08 GMT

GET
H2

200

651802b04f57e8ae2da17b85.gif
files.230808.top/store/loveimgmoe/7b/85/
Redirect Chain

https://www.xn--1qwynp09f.net/images/65422a8feced06e2bd7e2616.gif
https://files.230808.top/store/loveimgmoe/7b/85/651802b04f57e8ae2da17b85.gif

776 KB
776 KB

15ms
13ms

Image
image/gif

2606:4700:10::6816:4b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.230808.top/store/loveimgmoe/7b/85/651802b04f57e8ae2da17b85.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Server: 2606:4700:10::6816:4b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aa5eaf2756096e95465a86e525e4a263cd3360ecc168ef8a0855d2d9a1f529e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:22 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Sep 2023 11:16:14 GMT
server: cloudflare
age: 533409
vary: Origin, Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 830d92024abf43f3-EWR
alt-svc: h3=":443"; ma=86400
content-length: 794125

Redirect headers

location: https://files.230808.top/store/loveimgmoe/7b/85/651802b04f57e8ae2da17b85.gif
cache-control: max-age=600
referrer-policy: no-referrer
content-length: 0

GET
H2

200

8f4d872291de1252568125e0cedd868e.gif
kvtaaa.top/
Redirect Chain

https://mrtoss03.com/8f4d872291de1252568125e0cedd868e.gif
https://kvtaaa.top/8f4d872291de1252568125e0cedd868e.gif

281 KB
282 KB

87ms
24ms

Image
image/gif

2606:4700:3034::ac43:ade6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvtaaa.top/8f4d872291de1252568125e0cedd868e.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Server: 2606:4700:3034::ac43:ade6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40c3ef9e11d15a2e5eeaa0be711dc3d9b3aed6d3b373ad07d71614aeb90c5546

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2190260
alt-svc: h3=":443"; ma=86400
content-length: 287946
last-modified: Sun, 01 Oct 2023 09:20:41 GMT
server: cloudflare
etag: "651939e9-464ca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7MxnGFd7eNffGp7LTzpCF3BlTGWeTTUE2bnhaIhyYEO4gePIKXtE8O9KrRh%2FDQRnVF9yRokoCdN6GgGLXc7ZoHt%2Fu6yORPxM5nZ5BOk1UPGnAU3N4%2Fmr3w6BERSBH1ZaqoHvzS85%2FAC"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 830d91fad81d0f74-EWR
expires: Sun, 10 Dec 2023 07:48:01 GMT

Redirect headers

Location: https://kvtaaa.top/8f4d872291de1252568125e0cedd868e.gif
Date: Tue, 05 Dec 2023 16:12:21 GMT
Content-Length: 0
Content-Type: text/html; charset=utf-8

GET
H2

200

64aa7657aa4f5527c6a5f918.gif
files.230808.top/store/loveimgmoe/f9/18/
Redirect Chain

https://img.1379a.xyz/images/64aa7657aa4f5527c6a5f918.gif
https://files.230808.top/store/loveimgmoe/f9/18/64aa7657aa4f5527c6a5f918.gif

78 KB
79 KB

101ms
37ms

Image
image/gif

2606:4700:10::6816:4b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.230808.top/store/loveimgmoe/f9/18/64aa7657aa4f5527c6a5f918.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Server: 2606:4700:10::6816:4b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a231b769aa6ebc6d39ccb48c138f5957859b4d242037226054e3c7f39496303

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:21 GMT
cf-cache-status: HIT
last-modified: Sun, 09 Jul 2023 08:57:13 GMT
server: cloudflare
age: 689318
vary: Origin, Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 830d91fbb92443f3-EWR
alt-svc: h3=":443"; ma=86400
content-length: 80287

Redirect headers

location: https://files.230808.top/store/loveimgmoe/f9/18/64aa7657aa4f5527c6a5f918.gif
cache-control: max-age=600
referrer-policy: no-referrer
content-length: 0

GET
H2 200 960-80.gif
img.gehhghrf.xyz/dyj0012/ 42 KB
42 KB 226ms
73ms Image
image/gif 137.175.110.162
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gehhghrf.xyz/dyj0012/960-80.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.110.162 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 36c329535ef2b44378dd894b3758a0fbf282b2348d2ca75328ccf8a7763d697c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 09:05:00 GMT
last-modified: Fri, 01 Dec 2023 09:05:04 GMT
server: Microsoft-IIS/8.5
etag: "1701421504"
x-powered-by: ASP.NET
x-cache: HIT, server, memory
content-type: image/gif
accept-ranges: bytes
content-length: 43186

GET
H2 200 960x120.gif
hx33hx33.cc/xtimage/ 192 KB
193 KB 1461ms
217ms Image
image/gif 154.91.86.4
TERAEXCH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hx33hx33.cc/xtimage/960x120.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.91.86.4 , Seychelles, ASN399077 (TERAEXCH, US),
Reverse DNS
Software: openresty /
Resource Hash: b44b1474497084bfa1343d1a831ace0585f40fd12b9a3dda32cb83d41a3675e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-log: X-Log
date: Tue, 05 Dec 2023 16:12:20 GMT
x-svr: IO
content-md5: RuyrK26KwzI2cU4OMTZxUg==
x-reqid: o3kAAK6ATFB7-50X
content-transfer-encoding: binary
content-disposition: inline; filename="960x120.gif"; filename*=utf-8''960x120.gif
content-length: 196473
last-modified: Fri, 20 Oct 2023 06:52:22 GMT
server: openresty
etag: "Fl28Kd89omzTY1Ap6TZGefD_WlSu"
access-control-max-age: 2592000
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Log, X-Reqid
cache-control: public, max-age=31536000
accept-ranges: bytes
x-qiniu-zone: 1

GET
H/1.1 200
OK 1.gif
baidyouzi18.top/template/m1938pc/static/images/ 254 B
501 B 216ms
215ms Image
image/gif 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://baidyouzi18.top/template/m1938pc/static/images/1.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:34 GMT
Last-Modified: Tue, 10 Jan 2023 06:41:04 GMT
Server: Microsoft-IIS/8.5
ETag: "42545283be24d91:0"
X-Powered-By: ASP.NET
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 254

GET
H2 200 960x809a8a002391b33a97.gif
www.imageoss.com/images/2023/11/13/ 61 KB
61 KB 465ms
24ms Image
image/gif 2606:4700:3033::6815:37b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imageoss.com/images/2023/11/13/960x809a8a002391b33a97.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:37b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3c575e4460622ce9ae6da7b3eefd2af9c0a427172cdd90eddcc54b7716b176

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
cf-cache-status: HIT
last-modified: Mon, 13 Nov 2023 12:07:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 479973
etag: "65521199-f47e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7YCzl7cSTECCKw6QQ0A7dYWFJ0BzYjosg29B40zw3bKot%2BD8C7pCc9qC505sR6DvI6GSlVv%2FeXAM07%2FgmcvG6aWcznBISLOmfA94SukUoNEgNY1LplMgv2I2a%2FQa4WxAr%2B77cBeNOhZHDEeaIXRz"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 830d91f34cd9421d-EWR
alt-svc: h3=":443"; ma=86400
content-length: 62590

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1462ms
403ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?5ad88e3142fba7b31d8cefe50f899342

Requested by

Host: baidyouzi18.top
URL: https://baidyouzi18.top/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

361563cb82a53684b744e119411f02f1d2c0f90737de1fefd6d808f17166f4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:21 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 10f119909a6cd6ac52103e286a8ec467
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11258

GET
H2 200 1665643713.gif
ad.xmmnsl.com/uploads/images/ 494 KB
495 KB 507ms
461ms Image
image/gif 194.53.53.250
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.xmmnsl.com/uploads/images/1665643713.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.53.53.250 Moscow Oblast, Russian Federation, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 132720bfd4ea3959148dee04d05536c99b1c06357b349576e97155397061d4d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 13 Oct 2022 06:48:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6347b4c1-7b815"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbmU4ziJRqIQmIvXQqizFIgO%2FCFQCXW21vt8HSC85N5WPp3s8xv7Z6GA1FHkKJWQiDu99Icrg%2B85vri%2BP%2Faz1MOie9TtRN%2F%2B5qYKOh0FcahT66Kxd5sLkWYc%2BhwMXf7z"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 830d91f0dce90ca8-EWR
alt-svc: h3=":443"; ma=86400

GET
H2

200

651802b24f57e8ae2da17b8d.gif
files.230808.top/store/loveimgmoe/7b/8d/
Redirect Chain

https://www.xn--1qwynp09f.net/images/65422a92eced06e2bd7e261e.gif
https://files.230808.top/store/loveimgmoe/7b/8d/651802b24f57e8ae2da17b8d.gif

636 KB
637 KB

23ms
23ms

Image
image/gif

2606:4700:10::6816:4b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.230808.top/store/loveimgmoe/7b/8d/651802b24f57e8ae2da17b8d.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Server: 2606:4700:10::6816:4b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8e7ea9f78192af62e4e211ccb246add5f2d9f4b024aa669abf1ed2aa089387c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:22 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Sep 2023 11:16:43 GMT
server: cloudflare
age: 434060
vary: Origin, Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=432000
accept-ranges: bytes
cf-ray: 830d92024ac943f3-EWR
alt-svc: h3=":443"; ma=86400
content-length: 651532

Redirect headers

location: https://files.230808.top/store/loveimgmoe/7b/8d/651802b24f57e8ae2da17b8d.gif
cache-control: max-age=600
referrer-policy: no-referrer
content-length: 0

GET
H2 200 6b4bc2393b34f569886385798f04319d.gif
maxun066.top/ 66 KB
67 KB 943ms
97ms Image
image/gif 167.235.193.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxun066.top/6b4bc2393b34f569886385798f04319d.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.193.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.193.235.167.clients.your-server.de
Software: cloudflare /
Resource Hash: f2a244eb1748c34fb59c94b4576147ab29247b93edc1c77536c68aa4bbcdf368

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:42:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 466603
x-cache: HIT, policy, memory
content-length: 67829
last-modified: Tue, 05 Dec 2023 15:50:58 GMT
server: cloudflare
etag: "642682bb-108f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOb6zUaXQoq6Bbv5GG8jchw0CZgivu5Xk6hcDmj2G4s1BnwdyftnBPbjOQ3J0pJcQNgMShYNOUGoH9VnpZeALJJSCa1bZY9NDrry2WOxI7BBB9%2BkNY%2B%2FbQJU9MORPo275izh4v%2B1YXzB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 830d661bffce65d4-FRA
expires: Sat, 30 Dec 2023 06:05:41 GMT

GET
H2 200 8640c212ed4b8873323ab3a1034d64f9.gif
maxun103.top/ 61 KB
62 KB 926ms
373ms Image
image/gif 167.235.193.182
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://maxun103.top/8640c212ed4b8873323ab3a1034d64f9.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.193.182 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.182.193.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 7597be2a4832946dbcd61c09bd5ce3f91e0b71dc1ddff4ff79685416d2fd7ee0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:11:49 GMT
last-modified: Tue, 05 Dec 2023 16:11:49 GMT
server: nginx
etag: "6542906c-f585"
x-cache: HIT, policy, disk
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 62853
expires: Thu, 04 Jan 2024 16:11:49 GMT

GET
H2

200

b87dba0f9c4c8976494bbac9593aa1d7.gif
kvtaaa.top/
Redirect Chain

https://mrtoss03.com/b87dba0f9c4c8976494bbac9593aa1d7.gif
https://kvtaaa.top/b87dba0f9c4c8976494bbac9593aa1d7.gif

25 KB
25 KB

85ms
22ms

Image
image/gif

2606:4700:3034::ac43:ade6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvtaaa.top/b87dba0f9c4c8976494bbac9593aa1d7.gif
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Server: 2606:4700:3034::ac43:ade6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0bda31f6491bac637a7d7c6b66eb471a0017ec09959e2f5d5012497ee4dbc5d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 371326
alt-svc: h3=":443"; ma=86400
content-length: 25329
last-modified: Thu, 18 May 2023 11:49:33 GMT
server: cloudflare
etag: "646610cd-62f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sw1flCWQC62kQ5W07FpEjIth1YtFnSmTUCzedL6aAP6FELWZiFl21cWC92M00fQEbBxClpzpDnR%2FV7BDOs0lg00urV7HiACe%2BGJ%2BcfYoDlx%2FbXX3E9e6MhlYooEqs3sGem%2BwvFPL9C8H"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 830d91fad81e0f74-EWR
expires: Sun, 31 Dec 2023 09:03:35 GMT

Redirect headers

Location: https://kvtaaa.top/b87dba0f9c4c8976494bbac9593aa1d7.gif
Date: Tue, 05 Dec 2023 16:12:21 GMT
Content-Length: 0
Content-Type: text/html; charset=utf-8

GET
H2 200 MgWnY4f.gif
i.imgur.com/ 30 KB
30 KB 74ms
12ms Image
image/gif 146.75.36.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/MgWnY4f.gif

Requested by

Host: baidyouzi18.top
URL: https://baidyouzi18.top/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.36.193 Reston, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

10b5811313b9ef1914dfa10a362245996bbac3f77b60228e2f7bc4f64650d3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 513431
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 30734
x-served-by: cache-iad-kcgs7200020-IAD
last-modified: Thu, 09 Nov 2023 11:34:43 GMT
server: cat factory 1.0
x-timer: S1701792740.208260,VS0,VE2
etag: "0cc473f14264717ca3d67b32d3901cc1"
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JjAY6VxxnttIAaokuam0AeQ2OWvNzXM5o8isrOtylTCw-t2d-zI_tw==
x-cache-hits: 1

GET
H2 200 1.jpg
nxximg.com/20231205/bRorh6Kc/ 19 KB
20 KB 339ms
71ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/bRorh6Kc/1.jpg?t=1701759056
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: f5e92236ce4962db6fdd31fc4a824c6453eff80e64ef02ac48bc1a1ee4ff9f49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:00:57 GMT
server: nginx
etag: "656ee6c9-4ca1"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 19617

GET
H2 200 1.jpg
nxximg.com/20231205/ThpEyACi/ 19 KB
19 KB 345ms
243ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/ThpEyACi/1.jpg?t=1701759335
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 6896d724ddfe9458bcf728c3c7027ec0029f1fc72ee7ae3586e337ed4d66a8b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:01:08 GMT
server: nginx
etag: "656ee6d4-4c23"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 19491

GET
H2 200 1.jpg
nxximg.com/20231205/T0d3xSq9/ 21 KB
21 KB 311ms
217ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/T0d3xSq9/1.jpg?t=1701759412
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 85bd66edf4e40695e73124d1a5729b1cf7d1d1ec9f418b2dffaec379786e430a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:01:09 GMT
server: nginx
etag: "656ee6d5-533d"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 21309

GET
H2 200 1.jpg
nxximg.com/20231205/DUWWt8Vp/ 7 KB
7 KB 189ms
153ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/DUWWt8Vp/1.jpg?t=1701759759
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: e7a6de0dd62eba88f0fb14fbd5e974fabb4ea1ad1b8b936b6b3ee6bc7f7e98c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 06:53:31 GMT
server: nginx
etag: "656ec8eb-1a39"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 6713

GET
H2 200 1.jpg
nxximg.com/20231205/y0tiZ0kY/ 20 KB
20 KB 208ms
183ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/y0tiZ0kY/1.jpg?t=1701759774
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 068aa8de068fee2a94e4694e8bd7890ac9c412eee2a47a08b046d4c184b3f973

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:00:59 GMT
server: nginx
etag: "656ee6cb-4ee3"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 20195

GET
H2 200 1.jpg
nxximg.com/20231202/tzyCeOE0/ 16 KB
17 KB 232ms
220ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231202/tzyCeOE0/1.jpg?t=1701497940
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: b8a8cce21252c5ed0dee0219f9be810fbc202c0e69821ae33155a863636fd5ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Sat, 02 Dec 2023 06:53:53 GMT
server: nginx
etag: "656ad481-41af"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 16815

GET
H2 200 1.jpg
nxximg.com/20231205/qeDsbqtw/ 16 KB
16 KB 232ms
221ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/qeDsbqtw/1.jpg?t=1701758727
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 3103067594b757980145b5b09ca20a2ea5c6905bb3011babd1998c577053f729

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:00:54 GMT
server: nginx
etag: "656ee6c6-4032"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 16434

GET
H2 200 1.jpg
nxximg.com/20231205/ONn1Enjq/ 19 KB
19 KB 232ms
221ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/ONn1Enjq/1.jpg?t=1701758831
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 038d08aff8dd10595d67d081c4e232ddac9780725e6a016fb7c609d8782c3567

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:00:53 GMT
server: nginx
etag: "656ee6c5-4c1b"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 19483

GET
H2 200 1.jpg
nxximg.com/20231205/iyoO9s2F/ 15 KB
15 KB 233ms
222ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/iyoO9s2F/1.jpg?t=1701758873
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 577bd28d392f5030da501dc57d55d16fab419bfabf016ccbce448330b2e1b313

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:00:53 GMT
server: nginx
etag: "656ee6c5-3a92"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 14994

GET
H2 200 1.jpg
nxximg.com/20231205/uLJGUGnC/ 16 KB
16 KB 233ms
222ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/uLJGUGnC/1.jpg?t=1701759124
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: c5e4330437b25bc6ed6d5f29d453afd5711c81893f44550486e3c54b32a71c16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:01:02 GMT
server: nginx
etag: "656ee6ce-3e83"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 16003

GET
H2 200 1.jpg
nxximg.com/20231205/XjWkg1c2/ 22 KB
22 KB 233ms
222ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/XjWkg1c2/1.jpg?t=1701759317
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 8eb19c4dc00c15c9111ea2948e8411c73b44ff82a8694495f1554fcd11468a24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:00:57 GMT
server: nginx
etag: "656ee6c9-5867"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 22631

GET
H2 200 1.jpg
nxximg.com/20231202/9KssfXFW/ 13 KB
13 KB 231ms
223ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231202/9KssfXFW/1.jpg?t=1701497300
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: bbc3b5aab513e38c5690a6bd92c0e26780cc31080f25fd630151ddb23e8f0ba3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Sat, 02 Dec 2023 06:54:00 GMT
server: nginx
etag: "656ad488-3369"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 13161

GET
H2 200 1.jpg
nxximg.com/20231205/U29kBe2t/ 23 KB
23 KB 231ms
223ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/U29kBe2t/1.jpg?t=1701759745
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: e887bffba0cb92177ac7fb325bc088f965fcfade996dd6d6c744a5a8a646ce54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:00:48 GMT
server: nginx
etag: "656ee6c0-5b10"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 23312

GET
H2 200 1.jpg
nxximg.com/20231205/lyEwKpwj/ 18 KB
19 KB 232ms
224ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/lyEwKpwj/1.jpg?t=1701759837
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: d88d01f18205f218020281c54732ce7fa20acb68460684d1a9ec868fbc42d5ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:00:50 GMT
server: nginx
etag: "656ee6c2-48e7"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 18663

GET
H2 200 1.jpg
nxximg.com/20231205/wtnbzzK5/ 17 KB
17 KB 230ms
224ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/wtnbzzK5/1.jpg?t=1701759887
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 37ceed861ee85cae3b973f6c870a07b92885bf575ae8be13ad6149a6215da10c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:00:50 GMT
server: nginx
etag: "656ee6c2-42b0"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 17072

GET
H2 200 1.jpg
nxximg.com/20231205/ttfPepAH/ 20 KB
20 KB 231ms
224ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/ttfPepAH/1.jpg?t=1701759894
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: a320f1ac7c2c99d53c18d7854c5906d2f1925746000f15308ca6f766a5a948fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:00:49 GMT
server: nginx
etag: "656ee6c1-4e2e"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 20014

GET
H2 200 1.jpg
nxximg.com/20231205/KylBEdYF/ 22 KB
22 KB 231ms
224ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231205/KylBEdYF/1.jpg?t=1701759927
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 24aaad36576e77aa8a02f85f5980090c045532d897db6bd849cb55a6f801c874

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Tue, 05 Dec 2023 09:00:48 GMT
server: nginx
etag: "656ee6c0-5713"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 22291

GET
H2 200 1.jpg
nxximg.com/20231202/ign389A4/ 15 KB
15 KB 231ms
225ms Image
application/octet-stream 64.112.76.52
HURRICANE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nxximg.com/20231202/ign389A4/1.jpg?t=1701498401
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 64.112.76.52 , United States, ASN6939 (HURRICANE, US),
Reverse DNS: customer.tatraservices.com
Software: nginx /
Resource Hash: 6351ee1e04938e3ebca40a1fabf4fa66f294312f637603e678f2cd7c3aa2d7bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:12:20 GMT
last-modified: Sat, 02 Dec 2023 06:53:47 GMT
server: nginx
etag: "656ad47b-3a6c"
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *, *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
cache: HIT
content-disposition: attachment; filename="1.jpg"
accept-ranges: bytes
access-control-allow-headers: X-Requested-With
content-length: 14956

GET
H/1.1 200
OK font_593233_jsu8tlct5shpk3xr.woff
baidyouzi18.top/template/m1938pc/static/fonts/ 13 KB
13 KB 434ms
433ms Font
font/x-woff 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://baidyouzi18.top/template/m1938pc/static/fonts/font_593233_jsu8tlct5shpk3xr.woff
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/template/m1938pc/static/css/style_1.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72

Request headers

Referer: https://baidyouzi18.top/template/m1938pc/static/css/style_1.css
Origin: https://baidyouzi18.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:34 GMT
Last-Modified: Tue, 10 Jan 2023 09:18:40 GMT
Server: Microsoft-IIS/8.5
ETag: "b24d1587d424d91:0"
X-Powered-By: ASP.NET
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 13408

GET
H/1.1 200
OK 5e84701f2f9a418a9d486a0846fc4b1e.woff
baidyouzi18.top/template/m1938pc/static/fonts/ 7 KB
7 KB 218ms
218ms Font
font/x-woff 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://baidyouzi18.top/template/m1938pc/static/fonts/5e84701f2f9a418a9d486a0846fc4b1e.woff
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/template/m1938pc/static/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1fdb617ec52b6ad2b44ef4da4abca278a8f8b3cb5cbffc7efa9aaf3a0c6eb24a

Request headers

Referer: https://baidyouzi18.top/template/m1938pc/static/css/style.css
Origin: https://baidyouzi18.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:34 GMT
Last-Modified: Tue, 10 Jan 2023 09:18:52 GMT
Server: Microsoft-IIS/8.5
ETag: "d23f248ed424d91:0"
X-Powered-By: ASP.NET
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 7199

GET
H/1.1 200
OK iconfont.woff
baidyouzi18.top/template/m1938pc/static/fonts/ 2 KB
2 KB 224ms
218ms Font
font/x-woff 154.39.191.122
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: https://baidyouzi18.top/template/m1938pc/static/fonts/iconfont.woff
Requested by: Host: baidyouzi18.top
URL: https://baidyouzi18.top/template/m1938pc/static/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 154.39.191.122 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6349ee389e023f8e7ac33463fc637c21cfe40d997fe52352658e79d0d3317e87

Request headers

Referer: https://baidyouzi18.top/template/m1938pc/static/css/style.css
Origin: https://baidyouzi18.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 16:12:35 GMT
Last-Modified: Tue, 10 Jan 2023 09:18:52 GMT
Server: Microsoft-IIS/8.5
ETag: "e2841f8ed424d91:0"
X-Powered-By: ASP.NET
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 1768

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 403ms
403ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1824162814&si=5ad88e3142fba7b31d8cefe50f899342&v=1.3.0&lv=1&sn=45397&r=0&ww=1600&u=https%3A%2F%2Fbaidyouzi18.top%2F&tt=%E6%9F%9A%E5%AD%90%E5%BD%B1%E8%A7%86AV%2C%E6%9F%9A%E5%AD%90%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91TV%2C%E5%9C%A8%E7%BA%BF%E8%A7%86%E9%A2%91%2C%E6%9F%9A%E5%AD%90%E5%85%8D%E8%B4%B9%E7%9F%AD%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB

Requested by

Host: baidyouzi18.top
URL: https://baidyouzi18.top/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://baidyouzi18.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Dec 2023 16:12:21 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-21 02:19:12	Name: HMACCOUNT_BFESS Value: C1F9F614D3EEE2BA
.baidyouzi18.top/	1970-01-21 01:28:48	Name: Hm_lvt_5ad88e3142fba7b31d8cefe50f899342 Value: 1701792742
.baidyouzi18.top/	1969-12-31 23:59:59	Name: Hm_lpvt_5ad88e3142fba7b31d8cefe50f899342 Value: 1701792742

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://baidyouzi18.top/(Line 6) Message: Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
other	warning	URL: https://baidyouzi18.top/ Message: Failed to decode downloaded font: https://baidyouzi18.top/template/m1938pc/static/fonts/5e84701f2f9a418a9d486a0846fc4b1e.woff
other	warning	URL: https://baidyouzi18.top/ Message: OTS parsing error: invalid sfntVersion: 1008813135

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

222vn.co
ad.xmmnsl.com
baidyouzi18.top
files.230808.top
hm.baidu.com
hx33hx33.cc
i.imgur.com
img.1379a.xyz
img.gehhghrf.xyz
kvtaaa.top
maxun066.top
maxun103.top
mrtoss03.com
nxximg.com
www.imageoss.com
www.xn--1qwynp09f.net
103.235.46.191
137.175.110.162
146.75.36.193
154.39.191.122
154.64.14.229
154.91.86.4
167.235.193.182
194.53.53.250
2606:4700:10::6816:4b98
2606:4700:3033::6815:37b9
2606:4700:3034::ac43:ade6
3.36.126.81
49.12.4.154
64.112.76.52
038d08aff8dd10595d67d081c4e232ddac9780725e6a016fb7c609d8782c3567
068aa8de068fee2a94e4694e8bd7890ac9c412eee2a47a08b046d4c184b3f973
10b5811313b9ef1914dfa10a362245996bbac3f77b60228e2f7bc4f64650d3b5
1106aebd6819da7203324abc443186658c8f54180a460ccc5b83553c5ce34f72
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
132720bfd4ea3959148dee04d05536c99b1c06357b349576e97155397061d4d0
16eb8c3cc5ee819d56a2b440de3202a93bf53bad2b48c1ad718252f3c5f8cee6
1e1006d70d43e23d479a2b4f37d2e4984c2b9d71628d22d2b2893068a7e8ee04
1fdb617ec52b6ad2b44ef4da4abca278a8f8b3cb5cbffc7efa9aaf3a0c6eb24a
24aaad36576e77aa8a02f85f5980090c045532d897db6bd849cb55a6f801c874
3103067594b757980145b5b09ca20a2ea5c6905bb3011babd1998c577053f729
32ae2da04a11272161f174b372dd1a905cc717315cacf821e1885adf165f593e
34557c214b3eb9661a22d53a765633f7537ae040a22080288842ebba31b14738
361563cb82a53684b744e119411f02f1d2c0f90737de1fefd6d808f17166f4c5
36c329535ef2b44378dd894b3758a0fbf282b2348d2ca75328ccf8a7763d697c
37ceed861ee85cae3b973f6c870a07b92885bf575ae8be13ad6149a6215da10c
40c3ef9e11d15a2e5eeaa0be711dc3d9b3aed6d3b373ad07d71614aeb90c5546
577bd28d392f5030da501dc57d55d16fab419bfabf016ccbce448330b2e1b313
6349ee389e023f8e7ac33463fc637c21cfe40d997fe52352658e79d0d3317e87
6351ee1e04938e3ebca40a1fabf4fa66f294312f637603e678f2cd7c3aa2d7bb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6896d724ddfe9458bcf728c3c7027ec0029f1fc72ee7ae3586e337ed4d66a8b5
7597be2a4832946dbcd61c09bd5ce3f91e0b71dc1ddff4ff79685416d2fd7ee0
7a231b769aa6ebc6d39ccb48c138f5957859b4d242037226054e3c7f39496303
7bce5d6dab24eebce124dd4414674c9ed82a738944e79cd5342706a9b35a69fa
846ec3fac7045638c3d569c756d70fd4f0a9322e264b1763a9da7ea3f31a55b6
85bd66edf4e40695e73124d1a5729b1cf7d1d1ec9f418b2dffaec379786e430a
8aa5eaf2756096e95465a86e525e4a263cd3360ecc168ef8a0855d2d9a1f529e
8eb19c4dc00c15c9111ea2948e8411c73b44ff82a8694495f1554fcd11468a24
9b6e66542dc67c64cb49e87e18686732b2baa1e63d6f34202c872533d20e26f0
a0bda31f6491bac637a7d7c6b66eb471a0017ec09959e2f5d5012497ee4dbc5d
a320f1ac7c2c99d53c18d7854c5906d2f1925746000f15308ca6f766a5a948fe
b44b1474497084bfa1343d1a831ace0585f40fd12b9a3dda32cb83d41a3675e5
b8a8cce21252c5ed0dee0219f9be810fbc202c0e69821ae33155a863636fd5ad
bbc3b5aab513e38c5690a6bd92c0e26780cc31080f25fd630151ddb23e8f0ba3
c5e4330437b25bc6ed6d5f29d453afd5711c81893f44550486e3c54b32a71c16
c8e7ea9f78192af62e4e211ccb246add5f2d9f4b024aa669abf1ed2aa089387c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d88d01f18205f218020281c54732ce7fa20acb68460684d1a9ec868fbc42d5ba
e7a6de0dd62eba88f0fb14fbd5e974fabb4ea1ad1b8b936b6b3ee6bc7f7e98c8
e887bffba0cb92177ac7fb325bc088f965fcfade996dd6d6c744a5a8a646ce54
ee3c575e4460622ce9ae6da7b3eefd2af9c0a427172cdd90eddcc54b7716b176
f2a244eb1748c34fb59c94b4576147ab29247b93edc1c77536c68aa4bbcdf368
f2fb1279ba798820127591b0aa5ce228e651a965ef106cc81b1cb05b7fde43d2
f5e92236ce4962db6fdd31fc4a824c6453eff80e64ef02ac48bc1a1ee4ff9f49
fa48770ea7ab75d58fb2328f9bd97994374fb284cbdf7c843a67bb6e8c42e116
fe6824ddcb874fc1248d7d376ab753799d234577e7552cb525d9bd83d5b7f14d

baidyouzi18.top Open in urlscan Pro 154.39.191.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

86 %HTTPS

21 %IPv6

16 Domains

16 Subdomains

12 IPs

6 Countries

5806 kBTransfer

6090 kBSize

3 Cookies

8 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

baidyouzi18.top Open in urlscan Pro
154.39.191.122 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

86 %
HTTPS

21 %
IPv6

16
Domains

16
Subdomains

12
IPs

6
Countries

5806 kB
Transfer

6090 kB
Size

3
Cookies

57 HTTP transactions
0 data transactions