urlscan.io logo urlscan.io
SecurityTrails logo

tiantia.xyz Open in urlscan Pro
103.104.104.155  Public Scan

Go To Rescan Add Verdict Report
URL: http://tiantia.xyz/
Submission: On June 01 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 16 domains to perform 50 HTTP transactions. The main IP is 103.104.104.155, located in China and belongs to ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK. The main domain is tiantia.xyz.
This is the only time tiantia.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 103.104.104.155 137443 (ANCHGLOBA...)
8 103.15.182.23 46844 (ST-BGP)
2 103.15.182.7 46844 (ST-BGP)
9 64.32.23.18 46844 (ST-BGP)
10 10 23.252.160.204 26484 (IKGUL-26484)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 205.185.208.52 20446 (HIGHWINDS3)
1 43.230.112.189 26484 (IKGUL-26484)
1 163.171.128.16 54994 (QUANTILNE...)
5 23.225.155.58 40065 (CNSERVERS)
2 103.235.46.191 55967 (CNNIC-BAI...)
1 192.154.110.202 53850 (GORILLASE...)
50 12
6    103.104.104.155 (China)

ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK)
tiantia.xyz
8    103.15.182.23 (Hong Kong)

ASN46844 (ST-BGP - Sharktech, US)
bbs.paopaoleg.com
www.haocai1688.com
imagetupian.nypd520.com
2    103.15.182.7 (Hong Kong)

ASN46844 (ST-BGP - Sharktech, US)
www.haocai1688.com
9    64.32.23.18 (Chicago, United States)

ASN46844 (ST-BGP - Sharktech, US)
PTR: smtp43.nestorsbakery.com
img.jztmgy.com
img4.lltaohuaxiang.com
img1.jztmgy.com
imge.cfcglx.com
10    23.252.160.204 (Rowland Heights, United States)

ASN26484 (IKGUL-26484 - Internet Keeper Global, US)
live.9ccmsapi.com
10    2606:4700::6810:2f37 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
roomimg.stream.highwebmedia.com
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
1    43.230.112.189 (Hong Kong)

ASN26484 (IKGUL-26484 - Internet Keeper Global, US)
api.9ccmsapi.com
1    163.171.128.16 (Germany)

ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US)
js.users.51.la
5    23.225.155.58 (Los Angeles, United States)

ASN40065 (CNSERVERS - CNSERVERS LLC, US)
s.syads.me
2    103.235.46.191 (Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    192.154.110.202 (Los Angeles, United States)

ASN53850 (GORILLASERVERS - GorillaServers, Inc., US)
PTR: 192-154-110-202.static.gorillaservers.com
www.boparadise.com
Domain Requested by
10 roomimg.stream.highwebmedia.com tiantia.xyz
10 live.9ccmsapi.com 10 redirects
6 tiantia.xyz tiantia.xyz
5 s.syads.me tiantia.xyz
5 bbs.paopaoleg.com tiantia.xyz
4 img1.jztmgy.com tiantia.xyz
4 www.haocai1688.com tiantia.xyz
3 img.jztmgy.com tiantia.xyz
2 hm.baidu.com api.9ccmsapi.com
tiantia.xyz
1 www.boparadise.com api.9ccmsapi.com
1 js.users.51.la tiantia.xyz
1 api.9ccmsapi.com tiantia.xyz
1 code.jquery.com tiantia.xyz
1 imge.cfcglx.com tiantia.xyz
1 img4.lltaohuaxiang.com tiantia.xyz
1 imagetupian.nypd520.com tiantia.xyz
0 count8.51yes.com Failed api.9ccmsapi.com
0 yatingcn.com Failed tiantia.xyz
50 18

This site contains links to these domains. Also see Links.

Domain
www.qnhoo.xyz
wx89.xyz
www.slydh.me
www.ppx47.xyz
www.69luoli.live
laocxxdh.com
ppx69.xyz
b32.xyz
www.9akp.com
88se.top
b79.xyz
www.j9j.top
www.qysdh1.xyz
guidao.xyz
www.zfydh.xyz
www.dcdh.xyz
www.wzjdh.xyz
www.ygfdh.xyz
www.fxldh.xyz
www.djdh.xyz
www.zjdh.xyz
www.mjndh.xyz
www.mrxdh.xyz
www.jingtdh.xyz
www.hkdh.xyz
www.zydh.xyz
www.fydh.xyz
www.imsdh.xyz
www.lyfdh.xyz
www.twdh.xyz
www.anyxdh.xyz
www.jinpdh.xyz
www.whhdh.xyz
www.us08.com
www.saonv123.com
www.shsdh.top
www.laoseguidaohang.com
www.seguidaohang.com
www.bldh.xyz
www.bkdh.xyz
www.bsjdh.xyz
www.btdh.xyz
www.byddh.xyz
www.bzdh.xyz
www.kubr6.xyz
www.flldh.xyz
www.lbjndh.xyz
www.lhdh.xyz
www.lslsdh.xyz
www.shh5.xyz
www.mzddh.xyz
www.rwdh.xyz
www.xddh.xyz
www.yesdh1.xyz
www.ltrdh.me
www.shgdh.info
www.8bdh.com
zaolaot.top
www.dljpdh.xyz
www.18bse.com
www.5206.xyz
st34.xyz
ii33.xyz
ij78.xyz
uu78.xyz
rs23.xyz
vv55.xyz
bb90.xyz
st46.xyz
www.hrdh.life
www.jqavdh.xyz
www.avjpsp1.xyz
xingba.cf
www.688dh.xyz
91xiannvge.com
www.i088.net
www.sebi.xyz
www.juyoudh.xyz
www.momodh.net
jd339.info
www.xmmdh.ml
www.luolav.xyz
sexyloli.ml
dh.saozi.pw
www.dhwyz.com
www.xishidh.xyz
www.lvchadh.com
j.viporn.vip
a.viporn.vip
b.viporn.vip
www.viporn.vip
d.viporn.vip
f.viporn.vip
g.viporn.vip
s834.com
mys1.xyz
jingwumen.xyz
www.plyboy.ml
x46.xyz
x71.xyz
x34.xyz
x37.xyz
x32.xyz
x74.xyz
cpikm.cn
www.doufuru.xyz
nonghu1.com
www.999dh.info
51smdh.xyz
aiav.cf
lxyh1.xyz
www.9ooooo.cn
jcmm.xyz
yjll.xyz
wytdh1.xyz
ty998.net
www.sepao.xyz
www.selao.xyz
dh.kaobi8.com
51hmwdh.xyz
hsdh.tk
www.ivovi.top
www.dh01.xyz
xunh.xyz
xianjing8.xyz
fuliji.xyz
www.jwh2019.xyz
www.xxyygg.xyz
www.dh1688.live
2048dh.me
www.cndh.xyz
18tt.org
citylr.xyz
www.1odh.xyz
bsjdh.xyz
www.e600k.com
xxe0.com
nn34.xyz
mn05.xyz
no33.xyz
nn44.xyz
www.hr3cdh.xyz
mn89.xyz
nn45.xyz
www.gigi.org.cn
qqc12.xyz
gjcdh.xyz
www.aajjxx.xyz
www.youluoli.xyz
www.hrdh123.xyz
omdq.xyz
se10.xyz
nn55.xyz
nvqs.xyz
1tsrj.xyz
wtcc.xyz
gxzx.xyz
renyudh.xyz
www.ggmvod.net
www.9mdh.top
saoh.xyz
xsmjh.xyz
douqu.info
qwfuli.xyz
92luba.com
sfdq.xyz
cdsl.xyz
www.qqavw.xyz
fnmx.xyz
www.yql8.xyz
xmimei.xyz
www.sezu.xyz
www.sesi.xyz
www.sequ.xyz
www.sepo.xyz
www.senv.xyz
www.senu.xyz
www.seju.xyz
www.seci.xyz
www.seli.xyz
www.seji.xyz
www.sehe.xyz
www.seqi.xyz
www.darendh05.info
www.chaosedh03.xyz
www.xxdh03.xyz
www.3b2gdh02.xyz
www.nanrendh02.xyz
www.hlddh05.xyz
www.lansedh02.xyz
www.ggdh02.xyz
www.saltydh05.xyz
www.tiandh02.xyz
www.sfldh.xyz
xsgls.xyz
jdtp1.xyz
cxuemei.xyz
cbav1.club
qqszdq.com
www.656004.com
tesedh.xyz
laohtc.xyz
jqydh.xyz
rlsz.xyz
lolikon.xyz
lofeng.xyz
yyfldh.xyz
kuaisxc.xyz
378dh.xyz
nszc.xyz
www.5169c.com
225302.com
www.ccjjgg.xyz
zlldh.xyz
88lu.top
www.qzdh.xyz
hxzdh.xyz
qqcdh1.xyz
www.4438dh.com
fanqie23.xyz
www.115dh.ml
www.rqdh.xyz
www.158.biz.st
www.avnav.top
srgu.xyz
mzby.xyz
sqsj.xyz
sqfls.xyz
sexyg.xyz
zbdq.xyz
wscsp.xyz
snzp.xyz
aqwz.xyz
sfbj.xyz
www.fnxxxx1.xyz
tianxin.space
lzndh.xyz
nayiye.xyz
xiaomishu.xyz
laotie.xyz
tongchengdh.xyz
smallbees.xyz
360qs.xyz
lsyj.xyz
xxnw.xyz
unwmdh.xyz
jwcangjiao.xyz
xfjk.xyz
2000baby.xyz
xingqimeng.xyz
lssf.xyz
saojigo.xyz
mihunxiang.xyz
9yue1.top
69ht.xyz
www.asiasexdh.com
khuo.xyz
mgavdh.xyz
wanhual.xyz
qunfangl.xyz
www.3158dh.com
www.6668.gq
www.b2066.com
www.fldh.ml
www.xo69.top
www.qqfldhq.com
www.165dh.me
www.ynzydh.xyz
yjnm.xyz
yzsba.xyz
7xcdn.com
91pdh.xyz
axdh.xyz
xhcdh.xyz
fg11.xyz
qc66.xyz
www.avfl.vip
Subject Issuer Validity Valid
bbs.paopaoleg.com
TrustAsia TLS RSA CA		 2019-03-09 -
2020-03-08		 a year crt.sh
haocai1688.com
TrustAsia TLS RSA CA		 2019-03-14 -
2020-03-13		 a year crt.sh
*.stream.highwebmedia.com
DigiCert ECC Secure Server CA		 2016-08-24 -
2019-10-28		 3 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
api.9ccmsapi.com
TrustAsia TLS RSA CA		 2019-05-13 -
2020-05-12		 a year crt.sh
s.syads.me
Let's Encrypt Authority X3		 2019-05-29 -
2019-08-27		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2019-05-09 -
2020-06-25		 a year crt.sh

This page contains 1 frames:

Primary Page: http://tiantia.xyz/
Frame ID: ACEA6BD2641B8BBCB3F1B5ACAFD1ED81
Requests: 50 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

50
Requests

42 %
HTTPS

8 %
IPv6

16
Domains

18
Subdomains

12
IPs

4
Countries

2091 kB
Transfer

2454 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=sellapink HTTP 302
  • https://roomimg.stream.highwebmedia.com/ri/sellapink.jpg?1559387896
Request Chain 24
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=arikajoy HTTP 302
  • https://roomimg.stream.highwebmedia.com/ri/arikajoy.jpg?1559387896
Request Chain 25
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=indiansweety HTTP 302
  • https://roomimg.stream.highwebmedia.com/ri/indiansweety.jpg?1559387896
Request Chain 26
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=mila_ HTTP 302
  • https://roomimg.stream.highwebmedia.com/ri/mila_.jpg?1559387896
Request Chain 27
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=fitcouple23 HTTP 302
  • https://roomimg.stream.highwebmedia.com/ri/fitcouple23.jpg?1559387896
Request Chain 28
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=sweetie__pie HTTP 302
  • https://roomimg.stream.highwebmedia.com/ri/sweetie__pie.jpg?1559387896
Request Chain 29
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=mashayang HTTP 302
  • https://roomimg.stream.highwebmedia.com/ri/mashayang.jpg?1559387897
Request Chain 30
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=fairy_yuki HTTP 302
  • https://roomimg.stream.highwebmedia.com/ri/fairy_yuki.jpg?1559387897
Request Chain 31
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=mrs_jones HTTP 302
  • https://roomimg.stream.highwebmedia.com/ri/mrs_jones.jpg?1559387897
Request Chain 32
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=ameli_xs HTTP 302
  • https://roomimg.stream.highwebmedia.com/ri/ameli_xs.jpg?1559387897

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tiantia.xyz/ 		84 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.104.104.155 , China, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software
nginx / PHP/5.6.40
Resource Hash
84bd1e863aba765624897070aad4be1e3553b8b8deb281107560db30c87b1088

Request headers

Host
tiantia.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Sat, 01 Jun 2019 11:18:26 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.6.40
Content-Encoding
gzip
style.css
tiantia.xyz/template/013qqc/css/ 		285 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://tiantia.xyz/template/013qqc/css/style.css
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.104.104.155 , China, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
b9c06f1c8acec5c65a5f30624070ae631ae6d339184b8a3ad855174ef3bda8c5

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:18:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Apr 2019 06:39:58 GMT
Server
nginx
ETag
W/"5ca303be-47480"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 01 Jun 2019 23:18:27 GMT
1
tiantia.xyz/ 		548 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tiantia.xyz/1
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.104.104.155 , China, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:18:28 GMT
Server
nginx
Connection
keep-alive
Content-Length
548
Content-Type
text/html
nl.png
tiantia.xyz/template/013qqc/images/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tiantia.xyz/template/013qqc/images/nl.png
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.104.104.155 , China, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
65ab5bf25d5341483797d11b5a43aa598e60276ab69bd170f0b07d8956294670

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:18:28 GMT
Last-Modified
Thu, 21 Mar 2019 03:21:58 GMT
Server
nginx
ETag
"5c930356-650e"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25870
Expires
Mon, 01 Jul 2019 11:18:28 GMT
YOZ-359.jpg
bbs.paopaoleg.com/pic/uploadimg/2019-2/PS/ 		839 KB
839 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bbs.paopaoleg.com/pic/uploadimg/2019-2/PS/YOZ-359.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.15.182.23 , Hong Kong, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
4f5c3bb228349b899ad9246939ad391605b4a3dee994d67546a18a833b43a503

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:12 GMT
X-CDN-SUPERCACHE
HIT
Last-Modified
Sat, 16 Feb 2019 07:33:57 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"5c67bce5-d1a1f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
858655
Expires
Sat, 11 May 2019 07:30:30 GMT
818201901010085.jpg
www.haocai1688.com/pic/uploadimg/2019-1/PS/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.haocai1688.com/pic/uploadimg/2019-1/PS/818201901010085.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.15.182.23 , Hong Kong, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e3f3d0a276ae06b0ed6bcf3e4b733320b97c8ef98511e89b2a1546d8649b9789

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:11 GMT
X-CDN-SUPERCACHE
MISS
Last-Modified
Sun, 30 Dec 2018 18:27:08 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"5c290dfc-758e"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
30094
Expires
Thu, 02 May 2019 04:12:30 GMT
MIAE-302.jpg
bbs.paopaoleg.com/pic/uploadimg/2018-10/PS/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bbs.paopaoleg.com/pic/uploadimg/2018-10/PS/MIAE-302.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.15.182.23 , Hong Kong, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
44303bfb35a28739e0778319cee86e09cb37583de787467be6c3a813e3870eed

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:13 GMT
X-CDN-SUPERCACHE
MISS
Last-Modified
Mon, 18 Feb 2019 08:32:47 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"5c6a6daf-c20b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
49675
Expires
Sat, 11 May 2019 04:22:08 GMT
818201902150189.jpg
www.haocai1688.com/pic/uploadimg/2019-2/PS/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.haocai1688.com/pic/uploadimg/2019-2/PS/818201902150189.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.15.182.7 , Hong Kong, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
5f8ef46f0ddfb646e36bcd1a415809a55b2ccf5b5b38009918d383b7fc79f224

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:18:13 GMT
X-CDN-SUPERCACHE
HIT
Last-Modified
Mon, 11 Feb 2019 12:53:33 GMT
Server
nginx/1.14.0
X-CDN-CACHE
HIT
ETag
"5c61704d-53b4"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
21428
Expires
Tue, 26 Mar 2019 01:19:14 GMT
idbd702-A.jpg
bbs.paopaoleg.com/pic/uploadimg/2019-4-15/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bbs.paopaoleg.com/pic/uploadimg/2019-4-15/idbd702-A.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.15.182.23 , Hong Kong, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
d3b4ded979d65299f5a1d7a8dadd376de43938dba77b555fa73e2b119dbfa965
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:26 GMT
X-CDN-SUPERCACHE
MISS
Last-Modified
Sun, 14 Apr 2019 15:02:58 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"5cb34ba2-20ff1"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
135153
Expires
Wed, 22 May 2019 04:20:12 GMT
AP-577.jpg
bbs.paopaoleg.com/pic/uploadimg/2018-10/PS/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bbs.paopaoleg.com/pic/uploadimg/2018-10/PS/AP-577.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.15.182.23 , Hong Kong, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
9fbfdaefb889ccabba626395b7a7c732c97e8816072aedb205beec4d6f7a150f

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:13 GMT
X-CDN-SUPERCACHE
HIT
Last-Modified
Mon, 18 Feb 2019 08:32:46 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"5c6a6dae-d5d8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
54744
Expires
Sat, 11 May 2019 04:20:58 GMT
818201901010265.jpg
www.haocai1688.com/pic/uploadimg/2019-1/PS/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.haocai1688.com/pic/uploadimg/2019-1/PS/818201901010265.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.15.182.23 , Hong Kong, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1faf904f2204dd8fdfa42ba94a069138f1805b4ee2da338b091fff1b1278760f

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:12 GMT
X-CDN-SUPERCACHE
HIT
Last-Modified
Mon, 31 Dec 2018 00:27:06 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"5c29625a-5dd8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
24024
Expires
Thu, 02 May 2019 03:23:25 GMT
818201903310003.jpg
www.haocai1688.com/pic/uploadimg/2019-3/PS/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.haocai1688.com/pic/uploadimg/2019-3/PS/818201903310003.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.15.182.7 , Hong Kong, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
e72637f0948d9f0bc6996d12907256eff32bb84e8633956c5e692ae50f407126
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:18:14 GMT
X-CDN-SUPERCACHE
MISS
Last-Modified
Tue, 19 Mar 2019 02:47:52 GMT
Server
nginx/1.14.0
X-CDN-CACHE
HIT
ETag
"5c905858-35f9"
Strict-Transport-Security
max-age=15768000
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
13817
Expires
Mon, 13 May 2019 01:05:38 GMT
WANZ-778.jpg
bbs.paopaoleg.com/pic/uploadimg/2018-9/PS/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bbs.paopaoleg.com/pic/uploadimg/2018-9/PS/WANZ-778.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.15.182.23 , Hong Kong, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
4acc806cedd366128c0312623aa0c13afeb817f603ddd1151ed08276f16f7e3c

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:12 GMT
X-CDN-SUPERCACHE
HIT
Last-Modified
Mon, 18 Feb 2019 08:32:55 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"5c6a6db7-3918"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
14616
Expires
Sat, 11 May 2019 04:20:41 GMT
MMND_101.jpg
imagetupian.nypd520.com/uploads/2019/03/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imagetupian.nypd520.com/uploads/2019/03/MMND_101.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.15.182.23 , Hong Kong, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
b901f61e435d870aafcf651c0fdfd5bf4480731a71c54f53c932edc59fa38447

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:12 GMT
X-CDN-SUPERCACHE
MISS
Last-Modified
Mon, 25 Mar 2019 04:58:19 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"9ece-584e40d98f38b"
Upgrade
h2
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
40654
1.jpg
img.jztmgy.com/20180726/C2hnTYeH/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.jztmgy.com/20180726/C2hnTYeH/1.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
64.32.23.18 Chicago, United States, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
smtp43.nestorsbakery.com
Software
nginx/1.14.2 /
Resource Hash
830ee9d5defe3500def260e339cc485d5136dd6bbf69533416fcbca4d16128d2

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:13 GMT
X-CDN-SUPERCACHE
HIT
Last-Modified
Fri, 12 Apr 2019 07:43:28 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"29dcdd6a3f1d41:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, api_key, Authorization
Content-Length
6678
11.jpg
img4.lltaohuaxiang.com/20190129/vdF4wnwj/ 		526 KB
527 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img4.lltaohuaxiang.com:8899/20190129/vdF4wnwj/11.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
64.32.23.18 Chicago, United States, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
smtp43.nestorsbakery.com
Software
nginx/1.14.2 /
Resource Hash
10334b085c34ad0ee3838a86b4cdfe4cb09ad2395f81c7d80e8a1dbf536bccb2

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:27 GMT
X-CDN-SUPERCACHE
HIT
Last-Modified
Mon, 28 Jan 2019 16:20:25 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"f8ead75f25b7d41:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, api_key, Authorization
Content-Length
538819
1.jpg
img1.jztmgy.com/20181101/MIZM0OJm/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img1.jztmgy.com/20181101/MIZM0OJm/1.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.0
Server
64.32.23.18 Chicago, United States, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
smtp43.nestorsbakery.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
1.jpg
img1.jztmgy.com/20180919/VAEXIa6D/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img1.jztmgy.com/20180919/VAEXIa6D/1.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.0
Server
64.32.23.18 Chicago, United States, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
smtp43.nestorsbakery.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
1.jpg
img.jztmgy.com/20180817/kwppfTiC/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.jztmgy.com/20180817/kwppfTiC/1.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
64.32.23.18 Chicago, United States, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
smtp43.nestorsbakery.com
Software
nginx/1.14.2 /
Resource Hash
74f590fae819388c91b3a9a3e1e0c20c2fb2d21178b22964a934bd3297565928

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:13 GMT
X-CDN-SUPERCACHE
MISS
Last-Modified
Fri, 12 Apr 2019 07:49:09 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"ae7b1e364f1d41:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, api_key, Authorization
Content-Length
8112
1.jpg
img1.jztmgy.com/20180827/fJpkY1jA/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img1.jztmgy.com/20180827/fJpkY1jA/1.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.0
Server
64.32.23.18 Chicago, United States, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
smtp43.nestorsbakery.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
759.jpg
imge.cfcglx.com/f2dgc/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://imge.cfcglx.com/f2dgc/759.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
64.32.23.18 Chicago, United States, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
smtp43.nestorsbakery.com
Software
nginx/1.14.2 / ASP.NET
Resource Hash
83b408def4e6b6fae7c51d1e824a351c87879545c423b77449cd0c409c72c390

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:12 GMT
X-CDN-SUPERCACHE
HIT
ETag
"6215f24a7838d41:0"
Last-Modified
Mon, 20 Aug 2018 11:24:00 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Content-Length
8647
1.jpg
img1.jztmgy.com/20180827/O5CUYVYS/ 		0
0
1.jpg
img.jztmgy.com/20180708/OhgT6XXz/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.jztmgy.com/20180708/OhgT6XXz/1.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
64.32.23.18 Chicago, United States, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
smtp43.nestorsbakery.com
Software
nginx/1.14.2 /
Resource Hash
4b2adaa27bac9210c03714fac3b72e68590657783e880edb6a236d578199f581

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:19:14 GMT
X-CDN-SUPERCACHE
HIT
Last-Modified
Fri, 12 Apr 2019 07:39:05 GMT
Server
nginx/1.14.2
X-CDN-CACHE
HIT
ETag
"a3dc51ce2f1d41:0"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
Access-Control-Allow-Headers
Content-Type, api_key, Authorization
Content-Length
6383
1.jpg
img1.jztmgy.com/20181006/UWpupPme/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img1.jztmgy.com/20181006/UWpupPme/1.jpg
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.0
Server
64.32.23.18 Chicago, United States, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
smtp43.nestorsbakery.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
sellapink.jpg
roomimg.stream.highwebmedia.com/ri/
Redirect Chain
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=sellapink
  • https://roomimg.stream.highwebmedia.com/ri/sellapink.jpg?1559387896
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/ri/sellapink.jpg?1559387896
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2f37 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07f15dcbc2febef0342942790d4c7cd5c98b0fff9bee42164e39d9e86afdfc0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 11:18:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=8482
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
8432
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
accept-ranges
bytes
cf-ray
4e00c9299f95c2b8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 01 Jun 2019 11:18:45 GMT

Redirect headers

location
https://roomimg.stream.highwebmedia.com/ri/sellapink.jpg?1559387896
Date
Sat, 01 Jun 2019 11:18:16 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
arikajoy.jpg
roomimg.stream.highwebmedia.com/ri/
Redirect Chain
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=arikajoy
  • https://roomimg.stream.highwebmedia.com/ri/arikajoy.jpg?1559387896
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/ri/arikajoy.jpg?1559387896
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2f37 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2725fa842fe4576974b9b2119106c131f1eb5b3fb751f2150c2d9196f5663904
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 11:18:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=8846
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
8798
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
accept-ranges
bytes
cf-ray
4e00c92a8a7bc2b8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 01 Jun 2019 11:18:45 GMT

Redirect headers

location
https://roomimg.stream.highwebmedia.com/ri/arikajoy.jpg?1559387896
Date
Sat, 01 Jun 2019 11:18:16 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
indiansweety.jpg
roomimg.stream.highwebmedia.com/ri/
Redirect Chain
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=indiansweety
  • https://roomimg.stream.highwebmedia.com/ri/indiansweety.jpg?1559387896
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/ri/indiansweety.jpg?1559387896
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2f37 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
988682c7248e238548392d4abf3fc108dc0238046b70b78932038a1381583fa7
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 11:18:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=9593
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
9558
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
accept-ranges
bytes
cf-ray
4e00c9278909c2b8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 01 Jun 2019 11:18:44 GMT

Redirect headers

location
https://roomimg.stream.highwebmedia.com/ri/indiansweety.jpg?1559387896
Date
Sat, 01 Jun 2019 11:18:16 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
mila_.jpg
roomimg.stream.highwebmedia.com/ri/
Redirect Chain
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=mila_
  • https://roomimg.stream.highwebmedia.com/ri/mila_.jpg?1559387896
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/ri/mila_.jpg?1559387896
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2f37 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfea2c4752a8f84f8948b4d5fff0474ada9f92c0752b83c55bd8ed3c3e90c023
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 11:18:14 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
15937
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
accept-ranges
bytes
cf-ray
4e00c926ef16c2b8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 01 Jun 2019 11:18:44 GMT

Redirect headers

location
https://roomimg.stream.highwebmedia.com/ri/mila_.jpg?1559387896
Date
Sat, 01 Jun 2019 11:18:16 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
fitcouple23.jpg
roomimg.stream.highwebmedia.com/ri/
Redirect Chain
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=fitcouple23
  • https://roomimg.stream.highwebmedia.com/ri/fitcouple23.jpg?1559387896
6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/ri/fitcouple23.jpg?1559387896
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2f37 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
64b759150f922d11cb14707fec0ef23a92af17bdc85bad147f95e55c2ec927f1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 11:18:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=5799
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
5769
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
accept-ranges
bytes
cf-ray
4e00c9288c15c2b8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 01 Jun 2019 11:18:45 GMT

Redirect headers

location
https://roomimg.stream.highwebmedia.com/ri/fitcouple23.jpg?1559387896
Date
Sat, 01 Jun 2019 11:18:16 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
sweetie__pie.jpg
roomimg.stream.highwebmedia.com/ri/
Redirect Chain
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=sweetie__pie
  • https://roomimg.stream.highwebmedia.com/ri/sweetie__pie.jpg?1559387896
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/ri/sweetie__pie.jpg?1559387896
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2f37 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce17c0b7a3eb6502c800fc34dea2b5bfd6008ca91ba95e7b3ebe46211c948639
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 11:18:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=10199
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
10138
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
accept-ranges
bytes
cf-ray
4e00c92b8d6dc2b8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 01 Jun 2019 11:18:45 GMT

Redirect headers

location
https://roomimg.stream.highwebmedia.com/ri/sweetie__pie.jpg?1559387896
Date
Sat, 01 Jun 2019 11:18:16 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
mashayang.jpg
roomimg.stream.highwebmedia.com/ri/
Redirect Chain
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=mashayang
  • https://roomimg.stream.highwebmedia.com/ri/mashayang.jpg?1559387897
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/ri/mashayang.jpg?1559387897
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2f37 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
668a2c2176d1e6e9f1acf84dd41ebcc8b7f98f367238afb6e0523d367993a1f4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 11:18:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=7908
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
7849
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
accept-ranges
bytes
cf-ray
4e00c92c8898c2b8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 01 Jun 2019 11:18:45 GMT

Redirect headers

location
https://roomimg.stream.highwebmedia.com/ri/mashayang.jpg?1559387897
Date
Sat, 01 Jun 2019 11:18:17 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
fairy_yuki.jpg
roomimg.stream.highwebmedia.com/ri/
Redirect Chain
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=fairy_yuki
  • https://roomimg.stream.highwebmedia.com/ri/fairy_yuki.jpg?1559387897
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/ri/fairy_yuki.jpg?1559387897
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2f37 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c82cd22a1e012d1ceb0bae37e05bc41f3aac5eb4f09b225f2c2ee2396cbc6c8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 11:18:15 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
status=not_needed
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
10344
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
accept-ranges
bytes
cf-ray
4e00c92d8b46c2b8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 01 Jun 2019 11:18:45 GMT

Redirect headers

location
https://roomimg.stream.highwebmedia.com/ri/fairy_yuki.jpg?1559387897
Date
Sat, 01 Jun 2019 11:18:17 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
mrs_jones.jpg
roomimg.stream.highwebmedia.com/ri/
Redirect Chain
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=mrs_jones
  • https://roomimg.stream.highwebmedia.com/ri/mrs_jones.jpg?1559387897
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/ri/mrs_jones.jpg?1559387897
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2f37 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d80f9a6ae585e5406cdf6fc546bc38441d3f71ddcc90548858fadbdcb0b51a2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 11:18:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=8287
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
8113
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
accept-ranges
bytes
cf-ray
4e00c92e8e0ec2b8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 01 Jun 2019 11:18:46 GMT

Redirect headers

location
https://roomimg.stream.highwebmedia.com/ri/mrs_jones.jpg?1559387897
Date
Sat, 01 Jun 2019 11:18:17 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
ameli_xs.jpg
roomimg.stream.highwebmedia.com/ri/
Redirect Chain
  • http://live.9ccmsapi.com/zhibo1.0/curl_pic.php?token=ameli_xs
  • https://roomimg.stream.highwebmedia.com/ri/ameli_xs.jpg?1559387897
9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://roomimg.stream.highwebmedia.com/ri/ameli_xs.jpg?1559387897
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:2f37 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6faffccf14ef8c340607179741b9b7fba25a10f28d460a6266348d47ecaf626
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src data:; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 11:18:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cf-polished
origSize=9485
status
200
strict-transport-security
max-age=31536000; includeSubDomains
content-length
9400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
imgq:100
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=30
content-security-policy
default-src 'none'; img-src data:; style-src 'unsafe-inline'
accept-ranges
bytes
cf-ray
4e00c92f88e1c2b8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 01 Jun 2019 11:18:46 GMT

Redirect headers

location
https://roomimg.stream.highwebmedia.com/ri/ameli_xs.jpg?1559387897
Date
Sat, 01 Jun 2019 11:18:17 GMT
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
jquery-3.3.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:18:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1538f"
Vary
Accept-Encoding
X-HW
1559387893.dop007.fr8.shc,1559387893.dop007.fr8.t,1559387893.cds057.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30288
20190504.js
api.9ccmsapi.com/boss/ 		600 B
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.9ccmsapi.com/boss/20190504.js
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.230.112.189 , Hong Kong, ASN26484 (IKGUL-26484 - Internet Keeper Global, US),
Reverse DNS
Software
nginx /
Resource Hash
38a20025f371705c120b4e8a0a661c18be46a4bd35fa8bb02063e4f3fde02751

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sat, 01 Jun 2019 11:18:37 GMT
last-modified
Wed, 15 May 2019 18:23:51 GMT
server
nginx
etag
"5cdc5937-258"
content-type
application/javascript
status
200
cache-control
max-age=43200
accept-ranges
bytes
content-length
600
expires
Sat, 01 Jun 2019 23:18:37 GMT
20072939.js
js.users.51.la/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://js.users.51.la/20072939.js
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
163.171.128.16 , Germany, ASN54994 (QUANTILNETWORKS - QUANTIL NETWORKS INC, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
45e35f15d340a58bdf8524f71738f2e945086cd6e452d33dfb7c7d7eaaf1a458

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-id
20072939
Date
Sat, 01 Jun 2019 11:18:13 GMT
Content-Encoding
gzip
Age
16323
Transfer-Encoding
chunked
X-Via
1.1 ld90:0 (Cdn Cache Server V2.0)[479 200 2], 1.1 VMdgflkfFRA1ow64:3 (Cdn Cache Server V2.0)[18 200 0]
Content-Disposition
inline;filename=f.txt
Connection
keep-alive
request-id
0000016B0BC6B5659014BBDA36B51D53
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSznnD3qrOSjCCyjL5bZofSzf4Phs3Ss
Last-Modified
Wed May 29 23:24:24 CST 2019
Server
nginx/1.14.0
ETag
"992f089244013ff5b2a8db0ff3ceba2c"
Vary
Accept-Encoding
Content-Type
application/javascript;charset=UTF-8
version-id
G001116B04313D03FFFF904B000040BD
vs.php
s.syads.me/ 		72 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.syads.me/vs.php?id=118
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.155.58 Los Angeles, United States, ASN40065 (CNSERVERS - CNSERVERS LLC, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
64850c1caec82cca8a38c39f9cafeccf90671ff1af966d2e381d7d8cbe7b45e8

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 01 Jun 2019 11:18:17 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
text/html
vs.php
s.syads.me/ 		72 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.syads.me/vs.php?id=117
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.155.58 Los Angeles, United States, ASN40065 (CNSERVERS - CNSERVERS LLC, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
64850c1caec82cca8a38c39f9cafeccf90671ff1af966d2e381d7d8cbe7b45e8

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 01 Jun 2019 11:18:17 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
text/html
vs.php
s.syads.me/ 		72 B
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.syads.me/vs.php?id=119
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.155.58 Los Angeles, United States, ASN40065 (CNSERVERS - CNSERVERS LLC, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
64850c1caec82cca8a38c39f9cafeccf90671ff1af966d2e381d7d8cbe7b45e8

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 01 Jun 2019 11:18:17 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
text/html
vs.php
s.syads.me/ 		72 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.syads.me/vs.php?id=120
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.155.58 Los Angeles, United States, ASN40065 (CNSERVERS - CNSERVERS LLC, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
64850c1caec82cca8a38c39f9cafeccf90671ff1af966d2e381d7d8cbe7b45e8

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 01 Jun 2019 11:18:17 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
text/html
vs.php
s.syads.me/ 		72 B
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.syads.me/vs.php?id=121
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.225.155.58 Los Angeles, United States, ASN40065 (CNSERVERS - CNSERVERS LLC, US),
Reverse DNS
Software
nginx / PHP/5.4.45
Resource Hash
64850c1caec82cca8a38c39f9cafeccf90671ff1af966d2e381d7d8cbe7b45e8

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sat, 01 Jun 2019 11:18:17 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/5.4.45
vary
Accept-Encoding
content-type
text/html
cf.aspx
yatingcn.com/ 		0
0
cf.aspx
yatingcn.com/ 		0
0
head-slogan.png
tiantia.xyz/template/013qqc/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tiantia.xyz/template/013qqc/images/head-slogan.png
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.104.104.155 , China, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
d517844e939f00cc8d3f44578bf10bb3e038fc27a69679db6eed1b7a54375ac6

Request headers

Referer
http://tiantia.xyz/template/013qqc/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:18:28 GMT
Last-Modified
Thu, 21 Mar 2019 04:02:06 GMT
Server
nginx
ETag
"5c930cbe-fb7"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4023
Expires
Mon, 01 Jul 2019 11:18:28 GMT
sprite.png
tiantia.xyz/template/013qqc/images/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tiantia.xyz/template/013qqc/images/sprite.png
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Server
103.104.104.155 , China, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e56b6e208d9b4e6f141178a45b0d28b5d44d7725c8d5506f4cb9e1bb4122a5a0

Request headers

Referer
http://tiantia.xyz/template/013qqc/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:18:29 GMT
Last-Modified
Thu, 21 Mar 2019 04:02:12 GMT
Server
nginx
ETag
"5c930cc4-11fe0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
73696
Expires
Mon, 01 Jul 2019 11:18:29 GMT
hm.js
hm.baidu.com/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?b5946290f8cbacc8a4663dcce42d9caa
Requested by
Host: api.9ccmsapi.com
URL: https://api.9ccmsapi.com/boss/20190504.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
f74052aa86c8dc4d20d109059696f42f8bfdfb233ac97585011d027e2155e041
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 01 Jun 2019 11:18:15 GMT
Content-Encoding
gzip
Server
apache
Etag
ace9d96db1f526ffeb1f3099c3652eb1
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11880
click.aspx
count8.51yes.com/ 		0
0
seo.js
www.boparadise.com/ 		110 B
423 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.boparadise.com/seo.js
Requested by
Host: api.9ccmsapi.com
URL: https://api.9ccmsapi.com/boss/20190504.js
Protocol
HTTP/1.1
Server
192.154.110.202 Los Angeles, United States, ASN53850 (GORILLASERVERS - GorillaServers, Inc., US),
Reverse DNS
192-154-110-202.static.gorillaservers.com
Software
nginx /
Resource Hash
2147d4ca4c78d5b8607a12a36aaf6554d31c12508c603976b75a0d28f34458bc

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 01 Jun 2019 11:08:41 GMT
Last-Modified
Wed, 15 May 2019 18:18:16 GMT
Server
nginx
ETag
"5cdc57e8-6e"
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
110
Expires
Sat, 01 Jun 2019 23:08:41 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=985104522&si=b5946290f8cbacc8a4663dcce42d9caa&v=1.2.51&lv=1&sn=48106&ct=!!&tt=%E5%A4%A9%E5%A4%A9%E9%AB%98%E6%B8%85
Requested by
Host: tiantia.xyz
URL: http://tiantia.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://tiantia.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 01 Jun 2019 11:18:16 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
img1.jztmgy.com
URL
http://img1.jztmgy.com/20180827/O5CUYVYS/1.jpg
Domain
yatingcn.com
URL
http://yatingcn.com/cf.aspx?action=cycadget&ad_class=7&userid=36&lowunionusername=&clickstate=1&adshowtype=AdCode_diantan&ad_size=640x200&showsel=1&newadsel=1&maxadid=&prohibit=
Domain
yatingcn.com
URL
http://yatingcn.com/cf.aspx?action=cycadget&ad_class=7&userid=36&lowunionusername=&clickstate=2&adshowtype=AdCode_zydl&ad_size=160x600&showsel=1&newadsel=1&maxadid=&prohibit=
Domain
count8.51yes.com
URL
http://count8.51yes.com/click.aspx?id=82910255&logo=1

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| _hmt boolean| _bdhm_loaded_b5946290f8cbacc8a4663dcce42d9caa object| mini_tangram_log_ljkk4e

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.9ccmsapi.com
bbs.paopaoleg.com
code.jquery.com
count8.51yes.com
hm.baidu.com
imagetupian.nypd520.com
img.jztmgy.com
img1.jztmgy.com
img4.lltaohuaxiang.com
imge.cfcglx.com
js.users.51.la
live.9ccmsapi.com
roomimg.stream.highwebmedia.com
s.syads.me
tiantia.xyz
www.boparadise.com
www.haocai1688.com
yatingcn.com
count8.51yes.com
img1.jztmgy.com
yatingcn.com
103.104.104.155
103.15.182.23
103.15.182.7
103.235.46.191
163.171.128.16
192.154.110.202
205.185.208.52
23.225.155.58
23.252.160.204
2606:4700::6810:2f37
43.230.112.189
64.32.23.18
10334b085c34ad0ee3838a86b4cdfe4cb09ad2395f81c7d80e8a1dbf536bccb2
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1faf904f2204dd8fdfa42ba94a069138f1805b4ee2da338b091fff1b1278760f
2147d4ca4c78d5b8607a12a36aaf6554d31c12508c603976b75a0d28f34458bc
2725fa842fe4576974b9b2119106c131f1eb5b3fb751f2150c2d9196f5663904
38a20025f371705c120b4e8a0a661c18be46a4bd35fa8bb02063e4f3fde02751
44303bfb35a28739e0778319cee86e09cb37583de787467be6c3a813e3870eed
45e35f15d340a58bdf8524f71738f2e945086cd6e452d33dfb7c7d7eaaf1a458
4acc806cedd366128c0312623aa0c13afeb817f603ddd1151ed08276f16f7e3c
4b2adaa27bac9210c03714fac3b72e68590657783e880edb6a236d578199f581
4d80f9a6ae585e5406cdf6fc546bc38441d3f71ddcc90548858fadbdcb0b51a2
4f5c3bb228349b899ad9246939ad391605b4a3dee994d67546a18a833b43a503
5f8ef46f0ddfb646e36bcd1a415809a55b2ccf5b5b38009918d383b7fc79f224
64850c1caec82cca8a38c39f9cafeccf90671ff1af966d2e381d7d8cbe7b45e8
64b759150f922d11cb14707fec0ef23a92af17bdc85bad147f95e55c2ec927f1
65ab5bf25d5341483797d11b5a43aa598e60276ab69bd170f0b07d8956294670
668a2c2176d1e6e9f1acf84dd41ebcc8b7f98f367238afb6e0523d367993a1f4
6c82cd22a1e012d1ceb0bae37e05bc41f3aac5eb4f09b225f2c2ee2396cbc6c8
74f590fae819388c91b3a9a3e1e0c20c2fb2d21178b22964a934bd3297565928
830ee9d5defe3500def260e339cc485d5136dd6bbf69533416fcbca4d16128d2
83b408def4e6b6fae7c51d1e824a351c87879545c423b77449cd0c409c72c390
84bd1e863aba765624897070aad4be1e3553b8b8deb281107560db30c87b1088
988682c7248e238548392d4abf3fc108dc0238046b70b78932038a1381583fa7
9fbfdaefb889ccabba626395b7a7c732c97e8816072aedb205beec4d6f7a150f
b901f61e435d870aafcf651c0fdfd5bf4480731a71c54f53c932edc59fa38447
b9c06f1c8acec5c65a5f30624070ae631ae6d339184b8a3ad855174ef3bda8c5
bfea2c4752a8f84f8948b4d5fff0474ada9f92c0752b83c55bd8ed3c3e90c023
ce17c0b7a3eb6502c800fc34dea2b5bfd6008ca91ba95e7b3ebe46211c948639
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3b4ded979d65299f5a1d7a8dadd376de43938dba77b555fa73e2b119dbfa965
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d517844e939f00cc8d3f44578bf10bb3e038fc27a69679db6eed1b7a54375ac6
d6faffccf14ef8c340607179741b9b7fba25a10f28d460a6266348d47ecaf626
e07f15dcbc2febef0342942790d4c7cd5c98b0fff9bee42164e39d9e86afdfc0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f3d0a276ae06b0ed6bcf3e4b733320b97c8ef98511e89b2a1546d8649b9789
e56b6e208d9b4e6f141178a45b0d28b5d44d7725c8d5506f4cb9e1bb4122a5a0
e72637f0948d9f0bc6996d12907256eff32bb84e8633956c5e692ae50f407126
f74052aa86c8dc4d20d109059696f42f8bfdfb233ac97585011d027e2155e041