www.cztycoon.com Open in urlscan Pro
154.95.141.155 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cztycoon.com/
Effective URL:
http://www.cztycoon.com/index.php
Submission: On May 30 via api (May 30th 2022, 2:23:14 pm UTC) from DE — Scanned from DE

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 50 domains to perform 89 HTTP transactions. The main IP is 154.95.141.155, located in Hong Kong and belongs to SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK. The main domain is www.cztycoon.com.

This is the only time www.cztycoon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	154.95.141.155 154.95.141.155	134175 (SH2206-AP...) (SH2206-AP UNIT A17)
1	14.17.102.110 14.17.102.110	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	154.208.77.235 154.208.77.235	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
10	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 1	104.37.214.218 104.37.214.218	399195 (PEGTECHIN...) (PEGTECHINC-AP-04)
8	156.251.162.156 156.251.162.156	40065 (CNSERVERS) (CNSERVERS)
2	47.75.19.141 47.75.19.141	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	20.247.96.118 20.247.96.118	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	47.254.187.172 47.254.187.172	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	207.46.155.160 207.46.155.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	103.170.15.71 103.170.15.71	() ()
1	45.61.212.126 45.61.212.126	53587 (AZT) (AZT)
2	45.61.212.216 45.61.212.216	53587 (AZT) (AZT)
1	47.75.19.245 47.75.19.245	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
2 2	107.148.17.189 107.148.17.189	398823 (PEGTECHIN...) (PEGTECHINC-AP-02)
1	2606:4700:303... 2606:4700:3033::ac43:bdcb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	66.150.130.123 66.150.130.123	35913 (DEDIPATH-LLC) (DEDIPATH-LLC)
1	2606:4700:303... 2606:4700:3038::6815:eac9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	104.143.94.110 104.143.94.110	201106 (SPARTANHOST) (SPARTANHOST)
1	2606:4700:303... 2606:4700:3035::6815:210c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	98.126.214.50 98.126.214.50	() ()
1	2606:4700:303... 2606:4700:3038::6815:ea86	() ()
1	2a06:98c1:312... 2a06:98c1:3121::3	() ()
2 2	45.154.214.239 45.154.214.239	() ()
2	2606:4700:303... 2606:4700:3038::6815:eba9	() ()
1	2606:4700:303... 2606:4700:3038::6815:eb5f	() ()
10	104.193.88.112 104.193.88.112	() ()
1	2408:874c:1ff... 2408:874c:1ff:32:28::1	() ()
1	2408:8721:820... 2408:8721:820:230::64	() ()
1	2606:4700:303... 2606:4700:3038::6815:e9fe	() ()
2	2606:4700::68... 2606:4700::6810:5714	() ()
89	26

4 154.95.141.155 (Hong Kong) 1 redirects

ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK)

cztycoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cztycoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 14.17.102.110 (Foshan, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.208.77.235 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

4se-jump.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.37.214.218 (United States) 1 redirects

ASN399195 (PEGTECHINC-AP-04, US)

user-redirect-url.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 156.251.162.156 (Hong Kong)

ASN40065 (CNSERVERS, US)

bdns-01.2ucg3ip5y.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.75.19.141 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

u0067.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u0069.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.247.96.118 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

17265111.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 47.254.187.172 (Frankfurt am Main, Germany)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

n0404.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
n0233.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.46.155.160 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

29873398.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.170.15.71 (None, )

ASN- ()

unpfqc9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nrxduw5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tmrhoe2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.126 (United States)

ASN53587 (AZT, US)

rzgvdm5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.61.212.216 (United States)

ASN53587 (AZT, US)

exwytd7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rrtwda9.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.75.19.245 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

xvrrd7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.148.17.189 (United States) 2 redirects

ASN398823 (PEGTECHINC-AP-02, US)

kvezz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kveww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:bdcb (United States)

ASN13335 (CLOUDFLARENET, US)

acoozzh.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.150.130.123 (Seattle, United States) 1 redirects

ASN35913 (DEDIPATH-LLC, US)

kzeaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eac9 (United States)

ASN13335 (CLOUDFLARENET, US)

acoossi.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.143.94.110 (Seattle, United States) 2 redirects

ASN201106 (SPARTANHOST, GB)

kzerr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kzecc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:210c (United States)

ASN13335 (CLOUDFLARENET, US)

kvhooo.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.126.214.50 (None, ) 1 redirects

ASN- ()

kveii.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:ea86 (None, )

ASN- ()

kvhnnn.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (None, )

ASN- ()

kvhrrr.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.154.214.239 (None, ) 2 redirects

ASN- ()

kvemm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eba9 (None, )

ASN- ()

acoossf.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eb5f (None, )

ASN- ()

acooss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.193.88.112 (None, )

ASN- ()

pic.rmb.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:874c:1ff:32:28::1 (None, )

ASN- ()

s.pc.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:8721:820:230::64 (None, )

ASN- ()

p26.toutiaoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:e9fe (None, )

ASN- ()

gif.naigou1002.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	bdstatic.com pic.rmb.bdstatic.com	10 MB
10	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8357	69 KB
8	2ucg3ip5y.com bdns-01.2ucg3ip5y.com	71 KB
4	cztycoon.com 1 redirects cztycoon.com www.cztycoon.com	3 KB
2	jsdelivr.net cdn.jsdelivr.net	1 MB
2	acoossf.top acoossf.top	1 MB
2	kvemm.com 2 redirects kvemm.com	264 B
2	n0233.com n0233.com	301 KB
2	n0404.com n0404.com	466 KB
1	naigou1002.top gif.naigou1002.top	129 KB
1	toutiaoimg.com p26.toutiaoimg.com
1	tmrhoe2.com tmrhoe2.com	411 KB
1	nrxduw5.com nrxduw5.com	305 KB
1	qq.com s.pc.qq.com	100 KB
1	acooss.com acooss.com	1 MB
1	kzecc.com 1 redirects kzecc.com	132 B
1	kvhrrr.top kvhrrr.top	1 MB
1	kveww.com 1 redirects kveww.com — Cisco Umbrella Rank: 383133	133 B
1	kvhnnn.top kvhnnn.top	238 KB
1	kveii.com 1 redirects kveii.com	133 B
1	kvhooo.top kvhooo.top	1 MB
1	kzerr.com 1 redirects kzerr.com	132 B
1	acoossi.top acoossi.top	1 MB
1	kzeaa.com 1 redirects kzeaa.com	132 B
1	acoozzh.top acoozzh.top — Cisco Umbrella Rank: 711015	503 KB
1	kvezz.com 1 redirects kvezz.com — Cisco Umbrella Rank: 336471	133 B
1	xvrrd7.com xvrrd7.com — Cisco Umbrella Rank: 636103	708 KB
1	rrtwda9.com rrtwda9.com — Cisco Umbrella Rank: 930941	1 MB
1	exwytd7.com exwytd7.com	200 KB
1	rzgvdm5.com rzgvdm5.com — Cisco Umbrella Rank: 447523	975 KB
1	unpfqc9.com unpfqc9.com	664 KB
1	29873398.com 29873398.com	173 KB
1	17265111.com 17265111.com	93 KB
1	u0069.com u0069.com	818 KB
1	u0067.com u0067.com	261 KB
1	user-redirect-url.com 1 redirects user-redirect-url.com	124 B
1	4se-jump.com 4se-jump.com	728 B
1	51.la js.users.51.la — Cisco Umbrella Rank: 56817
0	djxfar6.com Failed djxfar6.com Failed
0	qbyyvg3.com Failed qbyyvg3.com Failed
0	trdez9.com Failed trdez9.com Failed
0	kqvkvc3.com Failed kqvkvc3.com Failed
0	u0054.com Failed u0054.com Failed
0	n0466.com Failed n0466.com Failed
0	u0057.com Failed u0057.com Failed
0	n0422.com Failed n0422.com Failed
0	kvhccc.top Failed kvhccc.top Failed
0	k68tkg.com Failed k68tkg.com Failed
0	mvfge3.com Failed mvfge3.com Failed
0	wdwhyy.com Failed wdwhyy.com Failed
89	50

	Domain	Requested by
10	pic.rmb.bdstatic.com	bdns-01.2ucg3ip5y.com
10	hm.baidu.com	www.cztycoon.com bdns-01.2ucg3ip5y.com
8	bdns-01.2ucg3ip5y.com	4se-jump.com bdns-01.2ucg3ip5y.com
3	www.cztycoon.com	www.cztycoon.com
2	cdn.jsdelivr.net	bdns-01.2ucg3ip5y.com
2	acoossf.top	bdns-01.2ucg3ip5y.com
2	kvemm.com	2 redirects bdns-01.2ucg3ip5y.com
2	n0233.com	bdns-01.2ucg3ip5y.com
2	n0404.com	bdns-01.2ucg3ip5y.com
1	gif.naigou1002.top	bdns-01.2ucg3ip5y.com
1	p26.toutiaoimg.com	bdns-01.2ucg3ip5y.com
1	tmrhoe2.com	bdns-01.2ucg3ip5y.com
1	nrxduw5.com	bdns-01.2ucg3ip5y.com
1	s.pc.qq.com	bdns-01.2ucg3ip5y.com
1	acooss.com	bdns-01.2ucg3ip5y.com
1	kzecc.com	1 redirects bdns-01.2ucg3ip5y.com
1	kvhrrr.top	bdns-01.2ucg3ip5y.com
1	kveww.com	1 redirects bdns-01.2ucg3ip5y.com
1	kvhnnn.top	bdns-01.2ucg3ip5y.com
1	kveii.com	1 redirects bdns-01.2ucg3ip5y.com
1	kvhooo.top	bdns-01.2ucg3ip5y.com
1	kzerr.com	1 redirects bdns-01.2ucg3ip5y.com
1	acoossi.top	bdns-01.2ucg3ip5y.com
1	kzeaa.com	1 redirects bdns-01.2ucg3ip5y.com
1	acoozzh.top	bdns-01.2ucg3ip5y.com
1	kvezz.com	1 redirects bdns-01.2ucg3ip5y.com
1	xvrrd7.com	bdns-01.2ucg3ip5y.com
1	rrtwda9.com	bdns-01.2ucg3ip5y.com
1	exwytd7.com	bdns-01.2ucg3ip5y.com
1	rzgvdm5.com	bdns-01.2ucg3ip5y.com
1	unpfqc9.com	bdns-01.2ucg3ip5y.com
1	29873398.com	bdns-01.2ucg3ip5y.com
1	17265111.com	bdns-01.2ucg3ip5y.com
1	u0069.com	bdns-01.2ucg3ip5y.com
1	u0067.com	bdns-01.2ucg3ip5y.com
1	user-redirect-url.com	1 redirects
1	4se-jump.com	www.cztycoon.com
1	js.users.51.la	www.cztycoon.com 4se-jump.com
1	cztycoon.com	1 redirects
0	djxfar6.com Failed	bdns-01.2ucg3ip5y.com
0	qbyyvg3.com Failed	bdns-01.2ucg3ip5y.com
0	trdez9.com Failed	bdns-01.2ucg3ip5y.com
0	kqvkvc3.com Failed	bdns-01.2ucg3ip5y.com
0	u0054.com Failed	bdns-01.2ucg3ip5y.com
0	n0466.com Failed	bdns-01.2ucg3ip5y.com
0	u0057.com Failed	bdns-01.2ucg3ip5y.com
0	n0422.com Failed	bdns-01.2ucg3ip5y.com
0	kvhccc.top Failed	bdns-01.2ucg3ip5y.com
0	k68tkg.com Failed	bdns-01.2ucg3ip5y.com
0	mvfge3.com Failed	bdns-01.2ucg3ip5y.com
0	wdwhyy.com Failed	bdns-01.2ucg3ip5y.com
89	51

This site contains no links.

Subject Issuer	Validity	Valid
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh
4se-jump.com TrustAsia TLS RSA CA	`2022-01-12` - `2023-01-11`	a year	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-02-21` - `2022-08-02`	5 months	crt.sh
2ucg3ip5y.com ZeroSSL RSA Domain Secure Site CA	`2022-04-01` - `2022-06-30`	3 months	crt.sh
u0067.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-03` - `2023-01-03`	a year	crt.sh
u0069.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-03` - `2023-01-03`	a year	crt.sh
17265111.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
n0404.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
n0233.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
29873398.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
unpfqc9.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-23` - `2023-03-23`	a year	crt.sh
rzgvdm5.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-23` - `2023-03-23`	a year	crt.sh
exwytd7.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-23` - `2023-03-23`	a year	crt.sh
rrtwda9.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-23` - `2023-03-23`	a year	crt.sh
xvrrd7.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-30` - `2023-03-30`	a year	crt.sh
pic.rmb.bdstatic.com TrustAsia TLS RSA CA	`2022-01-21` - `2023-02-21`	a year	crt.sh
s.pc.qq.com DigiCert Secure Site CN CA G3	`2022-04-29` - `2023-05-30`	a year	crt.sh
nrxduw5.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-23` - `2023-03-23`	a year	crt.sh
tmrhoe2.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-03-21`	a year	crt.sh
*.toutiaoimg.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-29` - `2022-08-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-27` - `2022-12-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.cztycoon.com/index.php
Frame ID: 43FF6268BA813BB2C46D93EC5174EB01
Requests: 12 HTTP requests in this frame

Frame: https://bdns-01.2ucg3ip5y.com:667/
Frame ID: 6D72C93886209BFF030D43AED353DDC1
Requests: 78 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

澄迈展狈汽车服务有限公司漂亮的岳坶三浦理惠子,云中君把瑶干到下不了,我用身体孝顺公么日本,欧美熟妇dOdK巨大澄迈展狈汽车服务有限公司

Page URL History Show full URLs

http://cztycoon.com/ HTTP 301
http://www.cztycoon.com/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

56 %
HTTPS

35 %
IPv6

50
Domains

51
Subdomains

26
IPs

4
Countries

24891 kB
Transfer

25640 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cztycoon.com/ HTTP 301
http://www.cztycoon.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://user-redirect-url.com:33636/Moon/Visual_color.php HTTP 302
https://bdns-01.2ucg3ip5y.com:667/

Request Chain 28

https://kvezz.com/ff82ede81a5bf7b5ff047745ebd831ad.gif HTTP 301
https://acoozzh.top/ff82ede81a5bf7b5ff047745ebd831ad.gif

Request Chain 29

https://kzeaa.com/52324facff4bd070699ce4cddb8e2c5d.gif HTTP 301
https://acoossi.top/52324facff4bd070699ce4cddb8e2c5d.gif

Request Chain 30

https://kzerr.com/3e56d4c29903a2b84fe3f12871fd7ad2.gif HTTP 301
https://kvhooo.top/3e56d4c29903a2b84fe3f12871fd7ad2.gif

Request Chain 31

https://kveii.com/2f63247ac47b1dfb4d31a1a5cede5717.gif HTTP 301
https://kvhnnn.top/2f63247ac47b1dfb4d31a1a5cede5717.gif

Request Chain 32

https://kveww.com/52ad51581676b141e04e969f79f7582f.gif HTTP 301
https://kvhrrr.top/52ad51581676b141e04e969f79f7582f.gif

Request Chain 33

https://kvemm.com/506ecb037709bdebda4fc3847726ae97.gif HTTP 301
https://acoossf.top/506ecb037709bdebda4fc3847726ae97.gif

Request Chain 34

https://kzecc.com/999149e7aa693e6e03bd782308afc4a4.gif HTTP 301
https://acooss.com/999149e7aa693e6e03bd782308afc4a4.gif

Request Chain 35

https://kvemm.com/e48970f4052a7ec9d8b871d168e2b2ab.gif HTTP 301
https://acoossf.top/e48970f4052a7ec9d8b871d168e2b2ab.gif

Request Chain 51

https://kveaa.com/c02f3c271713a2d3e35ad3f5a34688ee.gif HTTP 301
https://kvhccc.top/c02f3c271713a2d3e35ad3f5a34688ee.gif

89 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
www.cztycoon.com/
Redirect Chain

http://cztycoon.com/
http://www.cztycoon.com/index.php

2 KB
1 KB

1186ms
197ms

Document
text/html

154.95.141.155
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cztycoon.com/index.php
Protocol: HTTP/1.1
Server: 154.95.141.155 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software: nginx /
Resource Hash: 6530d53784c3d2468c6114fc7de91f12a85b256ac369348692c91569751febed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 30 May 2022 14:23:04 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Mon, 30 May 2022 14:23:02 GMT
Location: http://www.cztycoon.com/index.php
Server: nginx

GET
H/1.1 200
OK common.js Show response
www.cztycoon.com/ 1 KB
916 B 208ms
208ms Script
application/x-javascript 154.95.141.155
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cztycoon.com/common.js
Requested by: Host: www.cztycoon.com
URL: http://www.cztycoon.com/index.php
Protocol: HTTP/1.1
Server: 154.95.141.155 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software: nginx /
Resource Hash: aa574a19fc02b73ee0e0b92a9d14d62a6b48e20e1688c269f0c06b7a0e9f3594

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.cztycoon.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 14:23:04 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.cztycoon.com/ 811 B
967 B 419ms
210ms Script
application/x-javascript 154.95.141.155
SH2206-AP UNIT A17

General

Check archive.org

Show headers Download Go to

Full URL: http://www.cztycoon.com/tj.js
Requested by: Host: www.cztycoon.com
URL: http://www.cztycoon.com/index.php
Protocol: HTTP/1.1
Server: 154.95.141.155 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software: nginx /
Resource Hash: a9e426ebae372ab9cb38a41f2c27b6c52f38ef0528c563be7b17fa3148550be8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.cztycoon.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 14:23:04 GMT
Server: nginx
Connection: keep-alive
Content-Length: 811
Content-Type: application/x-javascript

GET
H/1.1 403
Forbidden 21135919.js
js.users.51.la/ 0
0 828ms
222ms Script
application/javascript 14.17.102.110
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21135919.js
Requested by: Host: www.cztycoon.com
URL: http://www.cztycoon.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.17.102.110 Foshan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.cztycoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 14:23:05 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8

GET
H2 200 i.html Show response
4se-jump.com/ Frame 6D72 575 B
728 B 579ms
183ms Document
text/html 154.208.77.235
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://4se-jump.com:6789/i.html

Requested by

Host: www.cztycoon.com
URL: http://www.cztycoon.com/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.208.77.235 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

b67085a337e0197931bbd02d0ac8bb0f5bf399cf0aaf9c32425ad3ebc785e0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.cztycoon.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 575
content-type: text/html
date: Mon, 30 May 2022 14:23:05 GMT
etag: "60f113f2-23f"
last-modified: Fri, 16 Jul 2021 05:06:58 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1213ms
407ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?28e46411efe21c42aadf340f553e7cb2

Requested by

Host: www.cztycoon.com
URL: http://www.cztycoon.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

b22ed3cdba281924075a290ab98ee910109726c30e50ee6078ddacb9ca8e536f

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.cztycoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 14:23:05 GMT
Content-Encoding: gzip
Server: apache
Etag: 8462d91a73477471b9c3f02a76349202
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11138

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1217ms
412ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?d552113f6edcd4f19d4e7d0df9413e2b

Requested by

Host: www.cztycoon.com
URL: http://www.cztycoon.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

f31eff1588ddf409973f8d0587940a0d0a9f22f9dd9fd13d6323ed3431f667fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.cztycoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 14:23:05 GMT
Content-Encoding: gzip
Server: apache
Etag: 9b1d3211f425f12b4769e035323af0f3
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11138

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1229ms
415ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?82a68fc268b7d12e10eb46f67c1e60df

Requested by

Host: www.cztycoon.com
URL: http://www.cztycoon.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

c38d87f383b9c312c52c126c6adf2fcb625e97aa563e37f2f06ac54e95aa5fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.cztycoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 14:23:05 GMT
Content-Encoding: gzip
Server: apache
Etag: a29d9b245463b94dbe4c933dfa0e0c48
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11138

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1235ms
413ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?4af258f32ded13d2b03b8aedbf702c5d

Requested by

Host: www.cztycoon.com
URL: http://www.cztycoon.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

ba16ebb8363dd8acb87275cf0a47456bcb7228c1139ac5d3eaeabe4bc42bcc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.cztycoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 14:23:05 GMT
Content-Encoding: gzip
Server: apache
Etag: f656f90e8752f1fcd1d4abdf2c1ec69b
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11141

GET 21135919.js
js.users.51.la/ Frame 6D72 0
0

GET
H2

200

/ Show response
bdns-01.2ucg3ip5y.com/ Frame 6D72
Redirect Chain

https://user-redirect-url.com:33636/Moon/Visual_color.php
https://bdns-01.2ucg3ip5y.com:667/

79 KB
13 KB

632ms
193ms

Document
text/html

156.251.162.156
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:667/

Requested by

Host: 4se-jump.com
URL: https://4se-jump.com:6789/i.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.251.162.156 , Hong Kong, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

6a581bc74d864eaf8c730e8de03f3573d23c85377b0cd6ba1e4feb023e1250c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://4se-jump.com:6789/i.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=10800
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Mon, 30 May 2022 14:23:06 GMT
expires: Mon, 30 May 2022 17:23:06 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding Accept-Encoding
x-proxy-cache: HIT

Redirect headers

content-type: text/html; charset=UTF-8
date: Mon, 30 May 2022 14:23:06 GMT
location: https://bdns-01.2ucg3ip5y.com:667/
server: nginx
strict-transport-security: max-age=31536000

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 403ms
402ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=851010136&si=d552113f6edcd4f19d4e7d0df9413e2b&v=1.2.93&lv=1&sn=13791&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.cztycoon.com%2Findex.php&tt=%E6%BE%84%E8%BF%88%E5%B1%95%E7%8B%88%E6%B1%BD%E8%BD%A6%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.cztycoon.com
URL: http://www.cztycoon.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.cztycoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 May 2022 14:23:06 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 410ms
410ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1551805362&si=4af258f32ded13d2b03b8aedbf702c5d&v=1.2.93&lv=1&sn=13791&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.cztycoon.com%2Findex.php&tt=%E6%BE%84%E8%BF%88%E5%B1%95%E7%8B%88%E6%B1%BD%E8%BD%A6%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.cztycoon.com
URL: http://www.cztycoon.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.cztycoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 May 2022 14:23:06 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 388ms
388ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1649277941&si=28e46411efe21c42aadf340f553e7cb2&v=1.2.93&lv=1&sn=13791&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.cztycoon.com%2Findex.php&tt=%E6%BE%84%E8%BF%88%E5%B1%95%E7%8B%88%E6%B1%BD%E8%BD%A6%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.cztycoon.com
URL: http://www.cztycoon.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.cztycoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 May 2022 14:23:06 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 399ms
399ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1852010134&si=82a68fc268b7d12e10eb46f67c1e60df&v=1.2.93&lv=1&sn=13792&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.cztycoon.com%2Findex.php&tt=%E6%BE%84%E8%BF%88%E5%B1%95%E7%8B%88%E6%B1%BD%E8%BD%A6%E6%9C%8D%E5%8A%A1%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.cztycoon.com
URL: http://www.cztycoon.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.cztycoon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 May 2022 14:23:06 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 jquery-2.2.4.min.js Show response
bdns-01.2ucg3ip5y.com/template/uuu/js/ Frame 6D72 84 KB
29 KB 201ms
200ms Script
application/javascript 156.251.162.156
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:667/template/uuu/js/jquery-2.2.4.min.js

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.251.162.156 , Hong Kong, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bdns-01.2ucg3ip5y.com:667/
Origin: https://bdns-01.2ucg3ip5y.com:667
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:07 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 20:54:50 GMT
server: nginx
etag: W/"6243721a-14e4a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Mon, 30 May 2022 17:23:07 GMT
cache-control: max-age=10800
strict-transport-security: max-age=31536000
x-proxy-cache: HIT

GET
H2 200 style.css
bdns-01.2ucg3ip5y.com/template/uuu/css/ Frame 6D72 34 KB
10 KB 393ms
393ms Stylesheet
text/css 156.251.162.156
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:667/template/uuu/css/style.css

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.251.162.156 , Hong Kong, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

524b95237ff243a0f3e3fc956644c474532d969c9dbded95d311b8222fab732b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:07 GMT
content-encoding: gzip
last-modified: Sat, 09 Apr 2022 09:46:49 GMT
server: nginx
etag: W/"62515609-8720"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
expires: Mon, 30 May 2022 17:23:07 GMT
cache-control: max-age=10800
strict-transport-security: max-age=31536000
x-proxy-cache: HIT

GET
H2 200 home.js Show response
bdns-01.2ucg3ip5y.com/static/js/ Frame 6D72 37 KB
9 KB 396ms
395ms Script
application/javascript 156.251.162.156
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:667/static/js/home.js

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.251.162.156 , Hong Kong, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:07 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 06:28:32 GMT
server: nginx
etag: W/"61249190-95a5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Mon, 30 May 2022 17:23:07 GMT
cache-control: max-age=10800
strict-transport-security: max-age=31536000
x-proxy-cache: HIT

GET
H/1.1 200
OK 6838c50c82994b56a6ce94f22a58d019.gif
u0067.com/ Frame 6D72 261 KB
261 KB 1952ms
299ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0067.com/6838c50c82994b56a6ce94f22a58d019.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 0b3c459e0e147103f8ddf00ac058d6bce8b42ca7aa06006f2b412bf840a4ac96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 30 May 2022 14:23:09 GMT
x-oss-request-id: 6294D34D7E084E38392B0484
Last-Modified: Sun, 29 May 2022 07:38:45 GMT
Server: AliyunOSS
Content-MD5: V06q2He2YJcABWZEQiwatA==
ETag: "574EAAD877B6609700056644422C1AB4"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3295716594252235150
Content-Length: 267005
x-oss-server-time: 1

GET
H/1.1 200
OK b2c421156ece440593f727ba76b8b357.gif
u0069.com/ Frame 6D72 818 KB
818 KB 1328ms
315ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0069.com/b2c421156ece440593f727ba76b8b357.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d9429598b058a2ab2cd6176f123b304f3275d9e91d558a382c05c6c53da1da71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 30 May 2022 14:23:08 GMT
x-oss-request-id: 6294D34C22C82A3836FB2E04
Last-Modified: Sun, 15 May 2022 15:44:35 GMT
Server: AliyunOSS
Content-MD5: Ai30YsWSJf6yoN2Yzp/XoQ==
ETag: "022DF462C59225FEB2A0DD98CE9FD7A1"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 9124519372634757098
Content-Length: 837142
x-oss-server-time: 2

GET
H/1.1 200
OK c0049f41fc404819bcd918f80d4c9761.gif
17265111.com/ Frame 6D72 292 KB
93 KB 1649ms
389ms Image
image/gif 20.247.96.118
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://17265111.com/c0049f41fc404819bcd918f80d4c9761.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.247.96.118 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: e95a0b1c3ca9617a58f0960113ef5003cfed0e5ed27b5552ea279700b21b5595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 14:23:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Apr 2022 07:04:21 GMT
Server: WAF/2.4-12.1
ETag: W/"624be9f5-49195"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK 7e24312cfcde4eed822423f78d2acca5.gif
n0404.com/ Frame 6D72 423 KB
423 KB 1092ms
188ms Image
image/gif 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0404.com/7e24312cfcde4eed822423f78d2acca5.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 6f5f34ff6d19a3cbe65f139c78194cbccda07fbb05ac2c3a036e18aed00f4721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 30 May 2022 14:23:08 GMT
x-oss-request-id: 6294D34C275E05510BCF7DE1
Last-Modified: Sun, 29 May 2022 07:41:14 GMT
Server: AliyunOSS
Content-MD5: HlxIhX9mSxO50+X/xYz8Tg==
ETag: "1E5C48857F664B13B9D3E5FFC58CFC4E"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 309924205632574798
Content-Length: 433007
x-oss-server-time: 1

GET
H/1.1 200
OK b87bfafc3da143bfbdc4ca7fae301387.gif
n0233.com/ Frame 6D72 290 KB
291 KB 1103ms
174ms Image
image/gif 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0233.com/b87bfafc3da143bfbdc4ca7fae301387.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 3a9dc223b563b33b84cb6492b3c35d03db2153924ae23f0ed9b4a76b69fa4bf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 30 May 2022 14:23:08 GMT
x-oss-request-id: 6294D34CDCC28B753818EA0D
Last-Modified: Sun, 29 May 2022 07:40:08 GMT
Server: AliyunOSS
Content-MD5: 5jcov9d0fswKJb/bK4UTZQ==
ETag: "E63728BFD7747ECC0A25BFDB2B851365"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 10713480351589070444
Content-Length: 297356
x-oss-server-time: 1

GET
H2 200 227cd47884634aa293c753536206f6fb.gif
29873398.com/ Frame 6D72 405 KB
173 KB 865ms
193ms Image
image/gif 207.46.155.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://29873398.com/227cd47884634aa293c753536206f6fb.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 207.46.155.160 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: df309eee357692ba25343a2df4c3b4990ebca664fd9311f873612ce01c7ac429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:08 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 07:39:08 GMT
server: WAF/2.4-12.1
etag: W/"6293231c-655c5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/gif

GET
H/1.1 200
OK 5020cb0cd9274a8f8283c3a3492f63ef.gif
unpfqc9.com/ Frame 6D72 663 KB
664 KB 2481ms
152ms Image
image/gif 103.170.15.71

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://unpfqc9.com/5020cb0cd9274a8f8283c3a3492f63ef.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.71 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: a8de43276d16854ef7935475d9bb2cece4d62f93628a0546dc6587c147a135fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 23:35:31 GMT
Last-Modified: Fri, 27 May 2022 15:45:25 GMT
Server: nginx
ETag: "6290f215-a5cf2"
X-Cache: HIT from yd11_13-cdn-g01-la2-01
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 679154

GET
H/1.1 200
OK 4db18251f40146ae9e185d5b6aff6165.gif
rzgvdm5.com/ Frame 6D72 975 KB
975 KB 2175ms
322ms Image
image/gif 45.61.212.126
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rzgvdm5.com/4db18251f40146ae9e185d5b6aff6165.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.126 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 8898543cc7e3c5578317155444c2ceaaf7aef4989b47a4aac5776c328d437d70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 14:14:46 GMT
Last-Modified: Fri, 27 May 2022 13:57:52 GMT
Server: nginx
ETag: "6290d8e0-f3b67"
X-Cache: HIT from cloud-us2-cdnb-26
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 998247

GET
H/1.1 200
OK 547564e91052428b9e9bcaf597bebeda.gif
exwytd7.com/ Frame 6D72 200 KB
200 KB 2581ms
144ms Image
image/gif 45.61.212.216
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exwytd7.com/547564e91052428b9e9bcaf597bebeda.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.216 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 3549f7f43225c6ad611e4d0ce1013126b16e41c6cf9a8f3d9a06f31182721477

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 13:00:55 GMT
Last-Modified: Sun, 29 May 2022 10:52:31 GMT
Server: nginx
ETag: "6293506f-31f6c"
X-Cache: HIT from cloud-us3-cdnb-16
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 204652

GET
H/1.1 200
OK 71af3cd8f52d411f92936039992da4e9.gif
rrtwda9.com/ Frame 6D72 1 MB
1 MB 2197ms
144ms Image
image/gif 45.61.212.216
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrtwda9.com/71af3cd8f52d411f92936039992da4e9.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.216 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ace1b5c0f2727363a4658a1bcf91fef88d58e8dc274232712e326a8e86cd4f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 11:43:13 GMT
Last-Modified: Mon, 30 May 2022 07:37:25 GMT
Server: nginx
ETag: "62947435-100f21"
X-Cache: HIT from cloud-us3-cdnb-16
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1052449

GET
H/1.1 200
OK 60c5adf73e9f4f5ead733b6fbd553ad3.gif
xvrrd7.com/ Frame 6D72 708 KB
708 KB 1853ms
310ms Image
image/gif 47.75.19.245
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://xvrrd7.com/60c5adf73e9f4f5ead733b6fbd553ad3.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.245 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: c677f7601d68004a5c0af802407899ba001333fd3c69e8993a8a757a8521b20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 30 May 2022 14:23:09 GMT
x-oss-request-id: 6294D34DE46B1631339C736F
Last-Modified: Tue, 26 Apr 2022 08:47:59 GMT
Server: AliyunOSS
Content-MD5: F9cna+xR3mEjhUiS9dHU7A==
ETag: "17D7276BEC51DE6123854892F5D1D4EC"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 808789839217959962
Content-Length: 724869
x-oss-server-time: 1

GET
H2

200

ff82ede81a5bf7b5ff047745ebd831ad.gif
acoozzh.top/ Frame 6D72
Redirect Chain

https://kvezz.com/ff82ede81a5bf7b5ff047745ebd831ad.gif
https://acoozzh.top/ff82ede81a5bf7b5ff047745ebd831ad.gif

502 KB
503 KB

115ms
71ms

Image
image/gif

2606:4700:3033::ac43:bdcb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoozzh.top/ff82ede81a5bf7b5ff047745ebd831ad.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Server: 2606:4700:3033::ac43:bdcb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 754e73a6a2a86f8533f15bf92061610fa505787bce36a52c9e1944b44ae15364

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 513789
last-modified: Mon, 02 May 2022 19:22:05 GMT
server: cloudflare
etag: "62702f5d-7d6fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auMc%2B8jtGLQX1M4%2Fm2X4ynAlcFMp9TfRLwMFoIEnylX6rz8mDo3ObPSDMlyGyROEP%2BE%2F2XtPvIEoHZJiXfNcybCR8VfKDQW1o5BeWST7y2ekOIDJl1nslau9zgVNtkVaXDcwFPgxlfUD4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7138203faff991f3-FRA
expires: Mon, 27 Jun 2022 23:57:03 GMT

Redirect headers

location: https://acoozzh.top/ff82ede81a5bf7b5ff047745ebd831ad.gif
date: Mon, 30 May 2022 14:23:08 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

52324facff4bd070699ce4cddb8e2c5d.gif
acoossi.top/ Frame 6D72
Redirect Chain

https://kzeaa.com/52324facff4bd070699ce4cddb8e2c5d.gif
https://acoossi.top/52324facff4bd070699ce4cddb8e2c5d.gif

1 MB
1 MB

78ms
22ms

Image
image/gif

2606:4700:3038::6815:eac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoossi.top/52324facff4bd070699ce4cddb8e2c5d.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Server: 2606:4700:3038::6815:eac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29b8db3afafa2d2558af310a1c0da25048104389f4126b5fc19b458dc3b0af46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4518
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1298074
last-modified: Wed, 25 May 2022 13:49:49 GMT
server: cloudflare
etag: "628e33fd-13ce9a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBElg8rIAktN0Dv560XanqnO9Z6gFAhwPdkfSyVF0utlwlynogjTL3uFU4c86y4vMUSkYDp8BF3KtwXrVgwJ6NAugQ0JCyqkEobwlYhgz4Rw9AIlh6Nu1KAEuq1JmF7h11QVeyFXl5Mx6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71382047999d9bb9-FRA
expires: Wed, 29 Jun 2022 13:07:52 GMT

Redirect headers

location: https://acoossi.top/52324facff4bd070699ce4cddb8e2c5d.gif
date: Mon, 30 May 2022 14:23:09 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

3e56d4c29903a2b84fe3f12871fd7ad2.gif
kvhooo.top/ Frame 6D72
Redirect Chain

https://kzerr.com/3e56d4c29903a2b84fe3f12871fd7ad2.gif
https://kvhooo.top/3e56d4c29903a2b84fe3f12871fd7ad2.gif

1 MB
1 MB

73ms
28ms

Image
image/gif

2606:4700:3035::6815:210c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhooo.top/3e56d4c29903a2b84fe3f12871fd7ad2.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Server: 2606:4700:3035::6815:210c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1030d7e1cb60c5781a2739709793f71312cdde92654373c5cb3bc2ab70544997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81464
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1087821
last-modified: Wed, 25 May 2022 13:37:01 GMT
server: cloudflare
etag: "628e30fd-10994d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6lHhMeQ1pxXlM%2FblLKIBtp0O8FrBj%2F7PYgXyK9e%2Ft6KrUImSmPIrgzccKTkaABPmw%2B%2B%2FV7kkyK65y2GFPpT3cxN8sD9Uol7eIbb7SNITCGKr2bkVoXLf6KUzA2LdPp0QKbka6fTjjBd"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71382047bd259b98-FRA
expires: Tue, 28 Jun 2022 15:45:26 GMT

Redirect headers

location: https://kvhooo.top/3e56d4c29903a2b84fe3f12871fd7ad2.gif
date: Mon, 30 May 2022 14:23:09 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

2f63247ac47b1dfb4d31a1a5cede5717.gif
kvhnnn.top/ Frame 6D72
Redirect Chain

https://kveii.com/2f63247ac47b1dfb4d31a1a5cede5717.gif
https://kvhnnn.top/2f63247ac47b1dfb4d31a1a5cede5717.gif

237 KB
238 KB

80ms
30ms

Image
image/gif

2606:4700:3038::6815:ea86

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhnnn.top/2f63247ac47b1dfb4d31a1a5cede5717.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Server: 2606:4700:3038::6815:ea86 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 406b2f32818b522b4e5c2f7f5de504b89ca9a4e8b3cdfe823f2c16cd6542c807

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 169093
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 242675
last-modified: Wed, 23 Mar 2022 06:37:17 GMT
server: cloudflare
etag: "623ac01d-3b3f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0lv9A%2BzFKmDIlbygZ6jhUSxKdEsnYQLss95eQMTQN9t3a9f7MHH1BP0sFA9BY5y1i1HHX4DNtcY06rLIdY%2Fc6TjUSssAuM%2FnE1wi8PjqCLGcNVo9OH7CIeQHKnHK0kvJGC2CHhKTBgY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 713820490df768f7-FRA
expires: Mon, 27 Jun 2022 15:24:57 GMT

Redirect headers

location: https://kvhnnn.top/2f63247ac47b1dfb4d31a1a5cede5717.gif
date: Mon, 30 May 2022 14:23:10 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

52ad51581676b141e04e969f79f7582f.gif
kvhrrr.top/ Frame 6D72
Redirect Chain

https://kveww.com/52ad51581676b141e04e969f79f7582f.gif
https://kvhrrr.top/52ad51581676b141e04e969f79f7582f.gif

1 MB
1 MB

203ms
28ms

Image
image/gif

2a06:98c1:3121::3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvhrrr.top/52ad51581676b141e04e969f79f7582f.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Server: 2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a4f131884413555900ad6642a89688deae3b91e879733a6ede890608ba6b02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2394585
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1196314
last-modified: Mon, 02 May 2022 18:18:53 GMT
server: cloudflare
etag: "6270208d-12411a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTL7iGE%2F%2BP9IRpHpEeqLorgEIgkJUfkNEO1WhYKqSCoJvvJ966aPH2IwiudeGdtOjhWNQhW5UZb7%2FFcvWsdybM%2BYXWX82FW%2FDzKXXDUWm%2FaD8WyzABiDAowbX32pO1OcvjWFT2hYZ47N"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 71382047fafd8ffa-FRA
expires: Wed, 01 Jun 2022 21:13:25 GMT

Redirect headers

location: https://kvhrrr.top/52ad51581676b141e04e969f79f7582f.gif
date: Mon, 30 May 2022 14:23:09 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

506ecb037709bdebda4fc3847726ae97.gif
acoossf.top/ Frame 6D72
Redirect Chain

https://kvemm.com/506ecb037709bdebda4fc3847726ae97.gif
https://acoossf.top/506ecb037709bdebda4fc3847726ae97.gif

470 KB
471 KB

72ms
26ms

Image
image/gif

2606:4700:3038::6815:eba9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoossf.top/506ecb037709bdebda4fc3847726ae97.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Server: 2606:4700:3038::6815:eba9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ba244d8035d4e99190c03c9f8f01b27f3ddafbddddba1a69bb99a09266b5eedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 124948
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 480777
last-modified: Thu, 17 Mar 2022 15:46:34 GMT
server: cloudflare
etag: "623357da-75609"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8sSZ7N2enDF8YEGAtQMjqoQh7rONIl83VelyVssGLBGfsBMSnAVp31%2Bn3iD9vZ1Ssr9wmi4SU2PxDZgrNlpURQ6752EiJJm3D3CuTkzcTYbRq1PeICY8SAMrd92Ww94QFxIAM0IudXwjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7138204c3b249088-FRA
expires: Tue, 28 Jun 2022 03:40:42 GMT

Redirect headers

location: https://acoossf.top/506ecb037709bdebda4fc3847726ae97.gif
date: Mon, 30 May 2022 14:23:10 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

999149e7aa693e6e03bd782308afc4a4.gif
acooss.com/ Frame 6D72
Redirect Chain

https://kzecc.com/999149e7aa693e6e03bd782308afc4a4.gif
https://acooss.com/999149e7aa693e6e03bd782308afc4a4.gif

1 MB
1 MB

96ms
29ms

Image
image/gif

2606:4700:3038::6815:eb5f

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acooss.com/999149e7aa693e6e03bd782308afc4a4.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Server: 2606:4700:3038::6815:eb5f -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e4b0af5ea20219fe6a01ce9d0af29c168566849ccc647a35a924b1e37968e61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:12 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1049600
last-modified: Wed, 25 May 2022 14:06:29 GMT
server: cloudflare
etag: "628e37e5-100400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JrrfrgDhdcgKrwPyC9q4HIFRwtxc%2FLQaQact2IR2TCPfpUCK%2Bki8HnEBY5cImSQqzCEVFbR4LeUoIab6szjlmLhra7JEKsPgHnu4S6YX2dA7rNK3opQlLSjKOKQkhfhlL82ylVdDh4Zs"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 713820552a9c9b95-FRA
expires: Wed, 29 Jun 2022 13:13:12 GMT

Redirect headers

location: https://acooss.com/999149e7aa693e6e03bd782308afc4a4.gif
date: Mon, 30 May 2022 14:23:12 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

e48970f4052a7ec9d8b871d168e2b2ab.gif
acoossf.top/ Frame 6D72
Redirect Chain

https://kvemm.com/e48970f4052a7ec9d8b871d168e2b2ab.gif
https://acoossf.top/e48970f4052a7ec9d8b871d168e2b2ab.gif

944 KB
945 KB

86ms
40ms

Image
image/gif

2606:4700:3038::6815:eba9

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoossf.top/e48970f4052a7ec9d8b871d168e2b2ab.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Server: 2606:4700:3038::6815:eba9 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: a37eaf9f04a634f3e85dcd7353eb1fa224ddefa8d1e04b65a946b3cebf97ea75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:10 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 966741
last-modified: Sat, 12 Mar 2022 15:18:45 GMT
server: cloudflare
etag: "622cb9d5-ec055"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VZ0EwpvgYqz4CzD6zfnBiKGb8MI83h2wDtvAn6PRcumqLM7U3QZZPDhp0f1DgTYzVny9vOCM%2BWY2b6u%2BNWTlo8MbQWmtCNAX4lHXOjYn%2FUMGnxJlZ8%2BW7fGLMwrUG7vwflVbq5GuT63VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7138204c3b279088-FRA
expires: Tue, 28 Jun 2022 16:46:33 GMT

Redirect headers

location: https://acoossf.top/e48970f4052a7ec9d8b871d168e2b2ab.gif
date: Mon, 30 May 2022 14:23:10 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 af737e86fc083a958d9f25203333f0be.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 1 MB
1 MB 2529ms
189ms Image
image/gif 104.193.88.112

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/af737e86fc083a958d9f25203333f0be.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.193.88.112 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 1495356
date: Mon, 30 May 2022 14:23:12 GMT
content-md5: r3N+hvwIOpWNnyUgMzPwvg==
age: 1810170
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1495356
ohc-cache-hit: sfo01-sys-jorcol03.sfo01.baidu.com [2], sfo01-sys-jorcol10.sfo01.baidu.com [2], zhuzuncache98 [2], qdix186 [3]
last-modified: Fri, 06 May 2022 10:47:15 GMT
server: JSP3/2.0.14
etag: "af737e86fc083a958d9f25203333f0be"
x-bce-request-id: d14e2ad0-00b0-4c97-9534-aa37a0c0a353
content-type: image/gif
x-bce-debug-id: VyfsrtB6pKklruJoY5XqVkNzOSLZEOV8kX4u9xPUC5mVHgj1VZoEIpLew4sCXQMKRw7pmf/oPHOITfztiUVRLg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 93757181
expires: Mon, 09 May 2022 10:49:36 GMT

GET
H2 200 c345c325b2dd601744e2fdf749337f8e.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 2 MB
2 MB 3277ms
1058ms Image
image/gif 104.193.88.112

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/c345c325b2dd601744e2fdf749337f8e.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.193.88.112 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 01e6d867c83b80e6e0dcacb7c4d09ea7118bb3cce0e8bf20457a54f3e172777e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 1794526
date: Mon, 30 May 2022 14:23:12 GMT
content-md5: w0XDJbLdYBdE4v33STN/jg==
age: 2519567
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1794526
ohc-cache-hit: sfo01-sys-jorcol04.sfo01.baidu.com [2], zhuzuncache95 [2], bdix60 [2]
last-modified: Sun, 01 May 2022 03:30:05 GMT
server: JSP3/2.0.14
etag: "c345c325b2dd601744e2fdf749337f8e"
x-bce-request-id: adaa1f50-8d3c-4ac7-b915-9466b76a575c
content-type: image/gif
x-bce-debug-id: WHetv8N6VAcklqxAqe0sA9PEsMBXirt/tJJfLgNaT3Qnmw8KZpo5/7mctf3iawBHlpDatImjAMNLV9M0ZSJBog==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1886000088
expires: Wed, 04 May 2022 03:31:20 GMT

GET
H2 200 1646786_1645724589.jpg
s.pc.qq.com/tousu/img/20220225/ Frame 6D72 100 KB
100 KB 2950ms
319ms Image
image/jpeg 2408:874c:1ff:32:28::1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pc.qq.com/tousu/img/20220225/1646786_1645724589.jpg
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2408:874c:1ff:32:28::1 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: 02f64eb8a8e43e033ed45d337711379d1a836188728b7911a8b281d421a6d991

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 23:00:29 GMT
x-cos-hash-crc64ecma: 9779877219317636932
last-modified: Thu, 24 Feb 2022 17:43:12 GMT
server: tencent-cos
etag: "548c90aeca6eb15b303826032afdbd30"
content-type: image/jpeg
x-cos-request-id: NjI5MTU4MGRfYjQxNDZiMGJfNzNhMl8yYTMxYTI=
x-cache-lookup: Cache Hit
x-nws-log-uuid: 1675837815457322624
accept-ranges: bytes
content-length: 102186

GET
H/1.1 200
OK 54087d83844a4465ba6fc622430e2dfc.gif
nrxduw5.com/ Frame 6D72 305 KB
305 KB 877ms
150ms Image
image/gif 103.170.15.71

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nrxduw5.com/54087d83844a4465ba6fc622430e2dfc.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.71 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b43392f83b85e6502d919333a4ee201ff773e433cba3934294dff8ca32a07b63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 00:48:50 GMT
Last-Modified: Sat, 21 May 2022 13:33:40 GMT
Server: nginx
ETag: "6288ea34-4c3da"
X-Cache: HIT from yd11_13-cdn-g01-la2-01
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 312282

GET
H2 200 3e2a08c45f216f23995e08dc45ed0e86.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 1 MB
1 MB 2905ms
1168ms Image
image/gif 104.193.88.112

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/3e2a08c45f216f23995e08dc45ed0e86.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.193.88.112 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: ffdceb96ee4670386b85d0e2389496569d7e5e9f16844c2f26e9656482a8f12f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 1411145
date: Mon, 30 May 2022 14:23:12 GMT
content-md5: PioIxF8hbyOZXgjcRe0Ohg==
age: 2539198
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1411145
ohc-cache-hit: sfo01-sys-jorcol09.sfo01.baidu.com [2], zhuzuncache81 [4], suzix81 [3]
last-modified: Sun, 01 May 2022 03:41:04 GMT
server: JSP3/2.0.14
etag: "3e2a08c45f216f23995e08dc45ed0e86"
x-bce-request-id: 02123f8f-4130-46fa-a825-541eba966c7c
content-type: image/gif
x-bce-debug-id: OKFcA/RKPIsudFaT7NV5aYBX30R1159L1yEeMa3qR/fSYOggbGE68e0hm8mOKs/iBjveOcPvAW9/s51HmcGsPA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 2708999633
expires: Wed, 04 May 2022 03:44:56 GMT

GET
H2 200 357e6e06560206a5ecf7fce325137c74.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 2 MB
2 MB 2870ms
1168ms Image
image/gif 104.193.88.112

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/357e6e06560206a5ecf7fce325137c74.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.193.88.112 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: ca2a8b8169cef019be237b08e6e3e075934d76d733aa9937a0cfaca96c5dda23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 2283193
date: Mon, 30 May 2022 14:23:12 GMT
content-md5: NX5uBlYCBqXs9/zjJRN8dA==
age: 22528
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 2283193
ohc-cache-hit: sfo01-sys-jorcol09.sfo01.baidu.com [2], zhuzuncache80 [2], suzix80 [1]
last-modified: Wed, 30 Mar 2022 10:51:24 GMT
server: JSP3/2.0.14
etag: "357e6e06560206a5ecf7fce325137c74"
x-bce-request-id: e4148958-ca00-4947-bd45-ee2147bad017
content-type: image/gif
x-bce-debug-id: cTBuekd7WVm1UOkt9+LgSxkVFun7QneZpzwqRmyRqeZcXqn94bEI6HFx9hwUawTJ1WGajQdt0c4wi19kByAF8g==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3864824590
expires: Wed, 01 Jun 2022 10:51:27 GMT

GET
H2 200 6217e697e5bcdcf05bce5b844cda6ddc.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 1007 KB
1009 KB 2848ms
1169ms Image
image/gif 104.193.88.112

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/6217e697e5bcdcf05bce5b844cda6ddc.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.193.88.112 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: d0f2fe7b11ea4b5daae1619e4c8307b7df14866c79f6ded60ba0401bf8350d46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 1031440
date: Mon, 30 May 2022 14:23:12 GMT
content-md5: Yhfml+W83PBbzluETNpt3A==
age: 28340
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1031440
ohc-cache-hit: sfo01-sys-jorcol03.sfo01.baidu.com [2], zhuzuncache142 [2], czix190 [1]
last-modified: Mon, 21 Feb 2022 15:50:19 GMT
server: JSP3/2.0.14
etag: "6217e697e5bcdcf05bce5b844cda6ddc"
x-bce-request-id: ac8a8cb4-467e-4c11-a210-5fbc303f905e
content-type: image/gif
x-bce-debug-id: XC5yZChdhhchAbUAj5hgejRi/IlMbYjjPS90JFdWyWF57r3NzeDJxytNT5BKHDjg0xztQPDLfzhRrA19mT5cTw==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3262800787
expires: Mon, 16 May 2022 14:29:52 GMT

GET
H/1.1 200
OK 20c91d24c9fb48e8b598744586a1f98d.gif
tmrhoe2.com/ Frame 6D72 411 KB
411 KB 2066ms
150ms Image
image/gif 103.170.15.71

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tmrhoe2.com/20c91d24c9fb48e8b598744586a1f98d.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.170.15.71 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7b560d4fa279d9f4603c2515f55d9a537d537bfd9f2aa78476091531003a4520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sun, 29 May 2022 00:25:15 GMT
Last-Modified: Sat, 21 May 2022 13:41:23 GMT
Server: nginx
ETag: "6288ec03-66c4a"
X-Cache: HIT from yd11_13-cdn-g01-la2-01
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 420938

GET
H2 200 8ad03d2715b2723dcf6bbc454634a53d.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 233 KB
234 KB 2413ms
1169ms Image
image/gif 104.193.88.112

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/8ad03d2715b2723dcf6bbc454634a53d.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.193.88.112 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: aee23690176001a85989514d82f7a668f5a6ff0c3161ab49fba0bdc76cf9b773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 238977
date: Mon, 30 May 2022 14:23:12 GMT
content-md5: itA9JxWycj3Pa7xFRjSlPQ==
age: 28333
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 238977
ohc-cache-hit: sfo01-sys-jorcol03.sfo01.baidu.com [2], zhuzuncache149 [2], xaix221 [1]
last-modified: Wed, 30 Mar 2022 10:33:32 GMT
server: JSP3/2.0.14
etag: "8ad03d2715b2723dcf6bbc454634a53d"
x-bce-request-id: 1113340f-39e6-454b-b535-ef8ca2b94d16
content-type: image/gif
x-bce-debug-id: qlC8o+vP6/XnPiQSEqEy8VuQWIrdWj26kPjdII8qDNJ5+M1CQTfRK2FkWDclgmpGaUfaWrHH8cZZpxUWbzLHEg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3883531014
expires: Wed, 01 Jun 2022 10:50:14 GMT

GET
H2 200 loading.svg
bdns-01.2ucg3ip5y.com/template/@mitaoxz_4hu//images/ Frame 6D72 506 B
739 B 196ms
193ms Image
image/svg+xml 156.251.162.156
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdns-01.2ucg3ip5y.com:667/template/@mitaoxz_4hu//images/loading.svg

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.251.162.156 , Hong Kong, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:07 GMT
last-modified: Tue, 29 Mar 2022 21:16:10 GMT
server: nginx
etag: "6243771a-1fa"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
expires: Mon, 30 May 2022 17:23:07 GMT
cache-control: max-age=10800
accept-ranges: bytes
content-length: 506
x-proxy-cache: HIT

GET
H2 200 0d38476bae9ce2a19e7baf47c0305e96.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 208 KB
209 KB 1002ms
1002ms Image
image/gif 104.193.88.112

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/0d38476bae9ce2a19e7baf47c0305e96.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.193.88.112 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 1f79e978236e81f405e186385cb24d1e71352a7f1c7ad15fa59d4d7cd14a67ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 212947
date: Mon, 30 May 2022 14:23:12 GMT
content-md5: DThHa66c4qGee69HwDBelg==
age: 30471
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 212947
ohc-cache-hit: sfo01-sys-jorcol04.sfo01.baidu.com [2], zhuzuncache75 [2], czix163 [1]
last-modified: Mon, 21 Feb 2022 15:38:31 GMT
server: JSP3/2.0.14
etag: "0d38476bae9ce2a19e7baf47c0305e96"
x-bce-request-id: bba1a649-2288-4c6b-8563-1009945e1c73
content-type: image/gif
x-bce-debug-id: zpPJDTwuSpkn3q9JwCADRRFd0Q97ggfDuz/NRzrste6kO3JCa5cjHMQMBFWK1eMCMP8yV1OeKTQj9ohF37XH6w==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 2313097327
expires: Wed, 25 May 2022 15:38:45 GMT

GET
H2 200 8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/ Frame 6D72 59 KB
0 2347ms
369ms Image
image/gif 2408:8721:820:230::64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2408:8721:820:230::64 -, , ASN (),
Reverse DNS
Software: openresty / ImageX
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

nginx-hit: 1
date: Mon, 30 May 2022 14:23:14 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 5010285
nw-session-id: 2021123008073501015013614530ADE9B0dprsv01tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT, edge;dur=12
x-length: 677521
x-tt-trace-host: 016a2077e03b2041825c42669e9a23cec5ee04519515486308eb42b81315658df6aa5ed29ad219c7d25626d5b022cced5274c18183adcd43889f65e87a17fde2315b0226a7e5f07d4c19094125051b3e74699be800dd629619bc2141d5fb81fc89ccc76230d7d3e4f731a9d881f3cb16c4
content-length: 677521
via: CHN-HAzhengzhou-AREACUCC1-CACHE22[12],CHN-HAzhengzhou-AREACUCC1-CACHE35[0,TCP_HIT,9],CHN-TJ-GLOBAL1-CACHE52[20],CHN-TJ-GLOBAL1-CACHE35[0,TCP_HIT,10]
accept-ranges: bytes
last-modified: Thu, 30 Dec 2021 00:07:35 GMT
server: openresty
x-tt-logid: 2021123008073501015013614530ADE9B0
x-response-date: Thu, 30 Dec 2021 08:07:35 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-12-30T08:07:35.194015393+08:00 68
cache-control: max-age=31536000
x-response-cinfo: 2a03:1b20:6:f011::3e
imagex-fmt: gif2gif
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET 46d70b0eb9f54d0795230bd70b3799ab.gif
wdwhyy.com/ Frame 6D72 0
0

GET fa118fbc3ed54401b2c143027e76c8fd.gif
mvfge3.com/ Frame 6D72 0
0

GET 72c3494fb7ac48f79d0f838453c5580b.gif
k68tkg.com/ Frame 6D72 0
0

GET

c02f3c271713a2d3e35ad3f5a34688ee.gif
kvhccc.top/ Frame 6D72
Redirect Chain

https://kveaa.com/c02f3c271713a2d3e35ad3f5a34688ee.gif
https://kvhccc.top/c02f3c271713a2d3e35ad3f5a34688ee.gif

0
0

GET
H2 200 loading.svg
bdns-01.2ucg3ip5y.com/template/@mitaoxz_4hu/images/ Frame 6D72 506 B
739 B 196ms
194ms Image
image/svg+xml 156.251.162.156
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bdns-01.2ucg3ip5y.com:667/template/@mitaoxz_4hu/images/loading.svg

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.251.162.156 , Hong Kong, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:07 GMT
last-modified: Tue, 29 Mar 2022 21:16:10 GMT
server: nginx
etag: "6243771a-1fa"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
expires: Mon, 30 May 2022 17:23:07 GMT
cache-control: max-age=10800
accept-ranges: bytes
content-length: 506
x-proxy-cache: HIT

GET
H2 200 c4aec2fc715ed9100d40a15aa4b82c28.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 182 KB
183 KB 203ms
194ms Image
image/gif 104.193.88.112

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/c4aec2fc715ed9100d40a15aa4b82c28.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.193.88.112 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: b349c187657aac001daafe636bf8c97f2c81c13f526886cb3fc9bafc0b8cb6df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 186342
date: Mon, 30 May 2022 14:23:13 GMT
content-md5: xK7C/HFe2RANQKFapLgsKA==
age: 19683
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 186342
ohc-cache-hit: sfo01-sys-jorcol02.sfo01.baidu.com [2], zhuzuncache97 [2], xaix97 [1]
last-modified: Thu, 17 Mar 2022 10:05:44 GMT
server: JSP3/2.0.14
etag: "c4aec2fc715ed9100d40a15aa4b82c28"
x-bce-request-id: 9d74c0e7-4b6e-4341-9536-cb5fd9e03d5d
content-type: image/gif
x-bce-debug-id: 34vEsqaBKhGzVMC3Wqw7Vi1BTbyMfdb/MpuH65T0SNraZFIe4vc6gedQZF7rCbTKqnkdMb8D76wcLjJ4wime3w==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1158258736
expires: Thu, 19 May 2022 10:05:48 GMT

GET
H2 200 1da62db7a3fca4f1b284612aabb89564.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 608 KB
609 KB 203ms
194ms Image
image/gif 104.193.88.112

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/1da62db7a3fca4f1b284612aabb89564.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.193.88.112 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 122f22f589e3fd270116b7be282835a61cee9ef5cd6eda75866bc9018271b9e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 622451
date: Mon, 30 May 2022 14:23:13 GMT
content-md5: HaYtt6P8pPGyhGEqq7iVZA==
age: 19683
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 622451
ohc-cache-hit: sfo01-sys-jorcol02.sfo01.baidu.com [2], zhuzuncache124 [2], bdix200 [1]
last-modified: Thu, 17 Mar 2022 10:05:22 GMT
server: JSP3/2.0.14
etag: "1da62db7a3fca4f1b284612aabb89564"
x-bce-request-id: 258b9cc1-b077-4b9e-ad56-b56c45649b0f
content-type: image/gif
x-bce-debug-id: +FYid3x/AZWHbRxto8TpfxBI09VYIgvNEKV9TDTi1XD/RiG2XelAzxtGdyZqZa10Hmd8Wxo0rPaIXDVlt59vWw==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1078488734
expires: Thu, 19 May 2022 10:05:25 GMT

GET
H2 200 1241242.gif
gif.naigou1002.top/GIF/ Frame 6D72 128 KB
129 KB 186ms
22ms Image
image/gif 2606:4700:3038::6815:e9fe

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gif.naigou1002.top/GIF/1241242.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9fe -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: fcae9a5a0fca0a4535db37603f61e3f28ae856e73ce894c5da9570460e70d5c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2499731
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 131573
last-modified: Fri, 09 Jul 2021 04:50:33 GMT
server: cloudflare
etag: "60e7d599-201f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hxFrrqv4ruTcLW%2FunywqS4MjxA1Z4qn78IMynrj0xSyADFqO5C6N8gVTwnrVkLFfBCn7c68hIS0JbqTYXOT4wP9PJ2WcphP905JlUVtlIw%2FAPRGcvj6FVhxFhcUJ7iBmgn5cie5h1vWTfBv7UtiUlk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 713820604e109162-FRA
expires: Tue, 31 May 2022 16:01:01 GMT

GET
H2 200 112.ww
cdn.jsdelivr.net/gh/re341/ipad@main/ Frame 6D72 1 MB
1 MB 123ms
24ms Image
application/octet-stream 2606:4700::6810:5714

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/re341/ipad@main/112.ww

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a1dae3e6252e4cc2d7d8ef59a9b8b7484fd5e4a10f7276e975c3654f6c9391c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8478
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1127941
x-served-by: cache-fra19167-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"113605-HX8syPKxflKeUtK/RZS+Khk07yU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unrMn5l7ZsEI5IYYMW72o324b7BKZYO%2BjkslSUIhxNziRnvIJ2pfYrCAdz5KhtNH07HZjfLj%2FzOBLCf5pH4F7aKThwOu%2BDJQsZhvAfvqom994TA9jqyFmxMH7elzXhmYrlaF5LSlFxm4RrvF5Jw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 713820604e3a9bdc-FRA

GET
H2 200 b25a0b228054ad47210d907bb49882cb.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 995 KB
996 KB 160ms
160ms Image
image/gif 104.193.88.112

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/b25a0b228054ad47210d907bb49882cb.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.193.88.112 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 04247a05b62423345c279293b64a09af8b9e90dce2b80c478b09d0ab4a0f126b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 1018535
date: Mon, 30 May 2022 14:23:13 GMT
content-md5: sloLIoBUrUchDZB7tJiCyw==
age: 19685
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1018535
ohc-cache-hit: sfo01-sys-jorcol02.sfo01.baidu.com [2], zhuzuncache80 [2], bdix80 [2]
last-modified: Mon, 11 Apr 2022 07:42:26 GMT
server: JSP3/2.0.14
etag: "b25a0b228054ad47210d907bb49882cb"
x-bce-request-id: d497ef04-db6d-4855-b729-f85e902eabe9
content-type: image/gif
x-bce-debug-id: jscYFQRDFlVs8Ovlm68ob44cJUHWYDIJhRHJpEkYMS06UGr1FR2D/s7AMpl4In2ctL25m5ikEl5unSVyPgL/uQ==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1348030184
expires: Sun, 29 May 2022 08:16:03 GMT

GET
H2 200 7.ww
cdn.jsdelivr.net/gh/re341/ipad@main/ Frame 6D72 252 KB
252 KB 34ms
34ms Image
application/octet-stream 2606:4700::6810:5714

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/re341/ipad@main/7.ww

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c808633ff4d4c025ae4151460a6ab81b58837bc03584b7037b4ef2034cc8676c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:14 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19967
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 257689
x-served-by: cache-fra19153-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"3ee99-CRPcEsk3jZ1bxq7v26BC+tT5Xoo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFjZ2ie5xP6RF6Bi6eBq4vrZhmprR3sF0eDmvMDStCycncRD50bRmnD%2FC%2BRdF7NbBVKQmZGD6x%2Fb2aZe6z%2FrEb49QzRVl52efKEeSNTXWrkfvdwMFyNfmvvZnGiMQZRJk02rsHPD9qBnYMzY%2FKM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 713820608ee59bdc-FRA

GET bd9eb5049310400a82ca5036c8ef11c0.png
n0422.com/ Frame 6D72 0
0

GET d5d2abfb61f1445caed1c95cec4a0c6d.png
u0057.com/ Frame 6D72 0
0

GET eaca3035f9744176a037419ce8fa581d.png
n0466.com/ Frame 6D72 0
0

GET
H/1.1 200
OK 5c81b352cb3148448f9943040d7e9241.gif
n0233.com/ Frame 6D72 9 KB
10 KB 196ms
196ms Image
image/gif 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0233.com/5c81b352cb3148448f9943040d7e9241.gif
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 798f7747a44bfb4ffba28a3861b98ed35e496c585a5b12592c33a62c7baba78b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 30 May 2022 14:23:14 GMT
x-oss-request-id: 6294D3520D92D932C798DF5D
Last-Modified: Sun, 29 May 2022 07:41:26 GMT
Server: AliyunOSS
Content-MD5: kw7zXC1zYLAIQsljqzjunA==
ETag: "930EF35C2D7360B00842C963AB38EE9C"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 14282328817231240157
Content-Length: 9497
x-oss-server-time: 1

GET
H/1.1 200
OK 87278be9e4c444d6b6b3b43da9603ce9.png
n0404.com/ Frame 6D72 42 KB
42 KB 190ms
189ms Image
image/png 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0404.com/87278be9e4c444d6b6b3b43da9603ce9.png
Requested by: Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 5076f25b1a872f71b8e34ab0c6f20286e5d136d24ef66c4d090f495751fa457a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Mon, 30 May 2022 14:23:14 GMT
x-oss-request-id: 6294D3529BA4CD3A12DD8A8E
Last-Modified: Sun, 29 May 2022 07:39:54 GMT
Server: AliyunOSS
Content-MD5: NS0hnLyaYgBa8aU9kKq1WA==
ETag: "352D219CBC9A62005AF1A53D90AAB558"
Content-Type: image/png
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 17737224347628086412
Content-Length: 42852
x-oss-server-time: 1

GET 1c5efe371bc74e11b1b5d9540de75248.png
u0054.com/ Frame 6D72 0
0

GET c3f9ac4b6a2e4b8ba71741c1ba19d325.gif
mvfge3.com/ Frame 6D72 0
0

GET 3876817fa7044a799eaf82725c460478.gif
kqvkvc3.com/ Frame 6D72 0
0

GET 3cc55d97bc5d428e8e20be4ef7dbd32f.gif
trdez9.com/ Frame 6D72 0
0

GET b5cbbc77f8d217ceccb5b1ca44208554.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 0
0

GET 71bae233ea1e379c74b3b0c30a05abd5.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 0
0

GET 0565518c535dd6a9f6344aa1220c33ab.gif
pic.rmb.bdstatic.com/bjh/ Frame 6D72 0
0

GET 840f21556bd72cccbee97235c1998380.png
kvemm.com/ Frame 6D72 0
0

GET 2dafd276863e05cd86626a2b7b394960.gif
kzecc.com/ Frame 6D72 0
0

GET 2d9e99d0532fbc12eded53b70c20d64d.gif
kveww.com/ Frame 6D72 0
0

GET 088dd32a701a1e73cabc4ae46ece3879.gif
kzerr.com/ Frame 6D72 0
0

GET 57d302c9956928857573010dc47c3edf.gif
kzeaa.com/ Frame 6D72 0
0

GET d8766c5ff8e42ad5dafb8044a9ffd1e1.gif
kvezz.com/ Frame 6D72 0
0

GET c40d951e9ca7d27f1ecbeb5fd7c9285b.jpg
kveii.com/ Frame 6D72 0
0

GET 0d9faeb4ff7cc165c9a131eada7474a1.gif
kvemm.com/ Frame 6D72 0
0

GET 3967008_1645780244.jpg
s.pc.qq.com/tousu/img/20220225/ Frame 6D72 0
0

GET 9029db17a5924d179532e5eb4f3930fe.gif
qbyyvg3.com/ Frame 6D72 0
0

GET fe6d02b7f44143a4983a20b6e4332478.gif
djxfar6.com/ Frame 6D72 0
0

GET
H2 200 common.js Show response
bdns-01.2ucg3ip5y.com/template/uuu/js/ Frame 6D72 5 KB
2 KB 199ms
199ms Script
application/javascript 156.251.162.156
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:667/template/uuu/js/common.js

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.251.162.156 , Hong Kong, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

8a58208960c108855338d4fa896c2ace79802387d106ffb014aa0a75930f31ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:22:42 GMT
content-encoding: gzip
last-modified: Mon, 30 May 2022 13:53:07 GMT
server: nginx
etag: W/"6244a95c-131a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Mon, 30 May 2022 16:23:07 GMT
cache-control: max-age=7200
strict-transport-security: max-age=31536000
x-proxy-cache: HIT

GET
H2 200 base.js Show response
bdns-01.2ucg3ip5y.com/template/uuu/js/ Frame 6D72 18 KB
5 KB 195ms
195ms Script
application/javascript 156.251.162.156
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://bdns-01.2ucg3ip5y.com:667/template/uuu/js/base.js

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

156.251.162.156 , Hong Kong, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

13b8cb080e2780d82f7137960cf93d560a22baa2c79d9e9625356640f58fc479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 14:23:07 GMT
content-encoding: gzip
last-modified: Thu, 07 Apr 2022 14:59:34 GMT
server: nginx
etag: W/"624efc56-49b4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Mon, 30 May 2022 17:23:07 GMT
cache-control: max-age=10800
strict-transport-security: max-age=31536000
x-proxy-cache: HIT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame 6D72 29 KB
11 KB 414ms
414ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f38e40a2861736d44674d607010fd3f0

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

f9b915f48c678a705256846f5f3a81ff849bce15c77a24ef4b0b09353045231c

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 14:23:08 GMT
Content-Encoding: gzip
Server: apache
Etag: ce8a7d1edc1ec26c48da252bad3b2889
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11140

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame 6D72 29 KB
11 KB 407ms
406ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?4e02454c8c7915ec76bfff5d6609eebd

Requested by

Host: bdns-01.2ucg3ip5y.com
URL: https://bdns-01.2ucg3ip5y.com:667/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

0768175b29e3cff45b83ae5ebc208215dcaead29a86d857ac12fc5a084feea1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bdns-01.2ucg3ip5y.com:667/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Mon, 30 May 2022 14:23:08 GMT
Content-Encoding: gzip
Server: apache
Etag: 71b6095287d754616c35c6d6be74567f
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11138

GET
DATA 200
OK truncated
/ Frame 6D72 2 KB
2 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e

Request headers

Referer
Origin: https://bdns-01.2ucg3ip5y.com:667
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=utf-8

GET hm.gif
hm.baidu.com/ Frame 6D72 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.users.51.la
URL: https://js.users.51.la/21135919.js

Domain: wdwhyy.com
URL: https://wdwhyy.com/46d70b0eb9f54d0795230bd70b3799ab.gif

Domain: mvfge3.com
URL: https://mvfge3.com/fa118fbc3ed54401b2c143027e76c8fd.gif

Domain: k68tkg.com
URL: https://k68tkg.com/72c3494fb7ac48f79d0f838453c5580b.gif

Domain: kvhccc.top
URL: https://kvhccc.top/c02f3c271713a2d3e35ad3f5a34688ee.gif

Domain: n0422.com
URL: https://n0422.com/bd9eb5049310400a82ca5036c8ef11c0.png

Domain: u0057.com
URL: https://u0057.com/d5d2abfb61f1445caed1c95cec4a0c6d.png

Domain: n0466.com
URL: https://n0466.com/eaca3035f9744176a037419ce8fa581d.png

Domain: u0054.com
URL: https://u0054.com/1c5efe371bc74e11b1b5d9540de75248.png

Domain: mvfge3.com
URL: https://mvfge3.com/c3f9ac4b6a2e4b8ba71741c1ba19d325.gif

Domain: kqvkvc3.com
URL: https://kqvkvc3.com/3876817fa7044a799eaf82725c460478.gif

Domain: trdez9.com
URL: https://trdez9.com/3cc55d97bc5d428e8e20be4ef7dbd32f.gif

Domain: pic.rmb.bdstatic.com
URL: https://pic.rmb.bdstatic.com/bjh/b5cbbc77f8d217ceccb5b1ca44208554.gif

Domain: pic.rmb.bdstatic.com
URL: https://pic.rmb.bdstatic.com/bjh/71bae233ea1e379c74b3b0c30a05abd5.gif

Domain: pic.rmb.bdstatic.com
URL: https://pic.rmb.bdstatic.com/bjh/0565518c535dd6a9f6344aa1220c33ab.gif

Domain: kvemm.com
URL: https://kvemm.com/840f21556bd72cccbee97235c1998380.png

Domain: kzecc.com
URL: https://kzecc.com/2dafd276863e05cd86626a2b7b394960.gif

Domain: kveww.com
URL: https://kveww.com/2d9e99d0532fbc12eded53b70c20d64d.gif

Domain: kzerr.com
URL: https://kzerr.com/088dd32a701a1e73cabc4ae46ece3879.gif

Domain: kzeaa.com
URL: https://kzeaa.com/57d302c9956928857573010dc47c3edf.gif

Domain: kvezz.com
URL: https://kvezz.com/d8766c5ff8e42ad5dafb8044a9ffd1e1.gif

Domain: kveii.com
URL: https://kveii.com/c40d951e9ca7d27f1ecbeb5fd7c9285b.jpg

Domain: kvemm.com
URL: https://kvemm.com/0d9faeb4ff7cc165c9a131eada7474a1.gif

Domain: s.pc.qq.com
URL: https://s.pc.qq.com/tousu/img/20220225/3967008_1645780244.jpg

Domain: qbyyvg3.com
URL: https://qbyyvg3.com/9029db17a5924d179532e5eb4f3930fe.gif

Domain: djxfar6.com
URL: https://djxfar6.com/fe6d02b7f44143a4983a20b6e4332478.gif

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1942653803&si=4e02454c8c7915ec76bfff5d6609eebd&su=https%3A%2F%2F4se-jump.com%3A6789%2F&v=1.2.93&lv=1&sn=13793&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fbdns-01.2ucg3ip5y.com%3A667%2F&tt=%E8%A7%86%E8%89%B2

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=574185205&si=f38e40a2861736d44674d607010fd3f0&su=https%3A%2F%2F4se-jump.com%3A6789%2F&v=1.2.93&lv=1&sn=13794&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fbdns-01.2ucg3ip5y.com%3A667%2F&tt=%E8%A7%86%E8%89%B2

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 5AF951AD6BAE70EE
.www.cztycoon.com/	1970-01-20 12:10:56	Name: Hm_lvt_d552113f6edcd4f19d4e7d0df9413e2b Value: 1653920586
.www.cztycoon.com/	1969-12-31 23:59:59	Name: Hm_lpvt_d552113f6edcd4f19d4e7d0df9413e2b Value: 1653920586
.www.cztycoon.com/	1970-01-20 12:10:56	Name: Hm_lvt_4af258f32ded13d2b03b8aedbf702c5d Value: 1653920586
.www.cztycoon.com/	1969-12-31 23:59:59	Name: Hm_lpvt_4af258f32ded13d2b03b8aedbf702c5d Value: 1653920586
.www.cztycoon.com/	1970-01-20 12:10:56	Name: Hm_lvt_28e46411efe21c42aadf340f553e7cb2 Value: 1653920586
.www.cztycoon.com/	1969-12-31 23:59:59	Name: Hm_lpvt_28e46411efe21c42aadf340f553e7cb2 Value: 1653920586
.www.cztycoon.com/	1970-01-20 12:10:56	Name: Hm_lvt_82a68fc268b7d12e10eb46f67c1e60df Value: 1653920587
.www.cztycoon.com/	1969-12-31 23:59:59	Name: Hm_lpvt_82a68fc268b7d12e10eb46f67c1e60df Value: 1653920587

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://js.users.51.la/21135919.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
security	warning	URL: https://bdns-01.2ucg3ip5y.com:667/ Message: Mixed Content: The page at 'https://bdns-01.2ucg3ip5y.com:667/' was loaded over HTTPS, but requested an insecure element 'http://gif.naigou1002.top/GIF/1241242.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bdns-01.2ucg3ip5y.com:667/(Line 971) Message: Mixed Content: The page at 'https://bdns-01.2ucg3ip5y.com:667/' was loaded over HTTPS, but requested an insecure element 'http://gif.naigou1002.top/GIF/1241242.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17265111.com
29873398.com
4se-jump.com
acooss.com
acoossf.top
acoossi.top
acoozzh.top
bdns-01.2ucg3ip5y.com
cdn.jsdelivr.net
cztycoon.com
djxfar6.com
exwytd7.com
gif.naigou1002.top
hm.baidu.com
js.users.51.la
k68tkg.com
kqvkvc3.com
kveii.com
kvemm.com
kveww.com
kvezz.com
kvhccc.top
kvhnnn.top
kvhooo.top
kvhrrr.top
kzeaa.com
kzecc.com
kzerr.com
mvfge3.com
n0233.com
n0404.com
n0422.com
n0466.com
nrxduw5.com
p26.toutiaoimg.com
pic.rmb.bdstatic.com
qbyyvg3.com
rrtwda9.com
rzgvdm5.com
s.pc.qq.com
tmrhoe2.com
trdez9.com
u0054.com
u0057.com
u0067.com
u0069.com
unpfqc9.com
user-redirect-url.com
wdwhyy.com
www.cztycoon.com
xvrrd7.com
djxfar6.com
hm.baidu.com
js.users.51.la
k68tkg.com
kqvkvc3.com
kveii.com
kvemm.com
kveww.com
kvezz.com
kvhccc.top
kzeaa.com
kzecc.com
kzerr.com
mvfge3.com
n0422.com
n0466.com
pic.rmb.bdstatic.com
qbyyvg3.com
s.pc.qq.com
trdez9.com
u0054.com
u0057.com
wdwhyy.com
103.170.15.71
103.235.46.191
104.143.94.110
104.193.88.112
104.37.214.218
107.148.17.189
14.17.102.110
154.208.77.235
154.95.141.155
156.251.162.156
20.247.96.118
207.46.155.160
2408:8721:820:230::64
2408:874c:1ff:32:28::1
2606:4700:3033::ac43:bdcb
2606:4700:3035::6815:210c
2606:4700:3038::6815:e9fe
2606:4700:3038::6815:ea86
2606:4700:3038::6815:eac9
2606:4700:3038::6815:eb5f
2606:4700:3038::6815:eba9
2606:4700::6810:5714
2a06:98c1:3121::3
45.154.214.239
45.61.212.126
45.61.212.216
47.254.187.172
47.75.19.141
47.75.19.245
66.150.130.123
98.126.214.50
01e6d867c83b80e6e0dcacb7c4d09ea7118bb3cce0e8bf20457a54f3e172777e
02f64eb8a8e43e033ed45d337711379d1a836188728b7911a8b281d421a6d991
04247a05b62423345c279293b64a09af8b9e90dce2b80c478b09d0ab4a0f126b
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0768175b29e3cff45b83ae5ebc208215dcaead29a86d857ac12fc5a084feea1c
0b3c459e0e147103f8ddf00ac058d6bce8b42ca7aa06006f2b412bf840a4ac96
1030d7e1cb60c5781a2739709793f71312cdde92654373c5cb3bc2ab70544997
122f22f589e3fd270116b7be282835a61cee9ef5cd6eda75866bc9018271b9e5
13b8cb080e2780d82f7137960cf93d560a22baa2c79d9e9625356640f58fc479
1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311
1f79e978236e81f405e186385cb24d1e71352a7f1c7ad15fa59d4d7cd14a67ec
29b8db3afafa2d2558af310a1c0da25048104389f4126b5fc19b458dc3b0af46
3549f7f43225c6ad611e4d0ce1013126b16e41c6cf9a8f3d9a06f31182721477
3a9dc223b563b33b84cb6492b3c35d03db2153924ae23f0ed9b4a76b69fa4bf6
406b2f32818b522b4e5c2f7f5de504b89ca9a4e8b3cdfe823f2c16cd6542c807
5076f25b1a872f71b8e34ab0c6f20286e5d136d24ef66c4d090f495751fa457a
524b95237ff243a0f3e3fc956644c474532d969c9dbded95d311b8222fab732b
5e4b0af5ea20219fe6a01ce9d0af29c168566849ccc647a35a924b1e37968e61
6530d53784c3d2468c6114fc7de91f12a85b256ac369348692c91569751febed
6a581bc74d864eaf8c730e8de03f3573d23c85377b0cd6ba1e4feb023e1250c3
6ace1b5c0f2727363a4658a1bcf91fef88d58e8dc274232712e326a8e86cd4f9
6f5f34ff6d19a3cbe65f139c78194cbccda07fbb05ac2c3a036e18aed00f4721
754e73a6a2a86f8533f15bf92061610fa505787bce36a52c9e1944b44ae15364
798f7747a44bfb4ffba28a3861b98ed35e496c585a5b12592c33a62c7baba78b
7b560d4fa279d9f4603c2515f55d9a537d537bfd9f2aa78476091531003a4520
8898543cc7e3c5578317155444c2ceaaf7aef4989b47a4aac5776c328d437d70
8a58208960c108855338d4fa896c2ace79802387d106ffb014aa0a75930f31ff
a1dae3e6252e4cc2d7d8ef59a9b8b7484fd5e4a10f7276e975c3654f6c9391c8
a37eaf9f04a634f3e85dcd7353eb1fa224ddefa8d1e04b65a946b3cebf97ea75
a8de43276d16854ef7935475d9bb2cece4d62f93628a0546dc6587c147a135fa
a9e426ebae372ab9cb38a41f2c27b6c52f38ef0528c563be7b17fa3148550be8
aa574a19fc02b73ee0e0b92a9d14d62a6b48e20e1688c269f0c06b7a0e9f3594
aee23690176001a85989514d82f7a668f5a6ff0c3161ab49fba0bdc76cf9b773
b22ed3cdba281924075a290ab98ee910109726c30e50ee6078ddacb9ca8e536f
b349c187657aac001daafe636bf8c97f2c81c13f526886cb3fc9bafc0b8cb6df
b43392f83b85e6502d919333a4ee201ff773e433cba3934294dff8ca32a07b63
b67085a337e0197931bbd02d0ac8bb0f5bf399cf0aaf9c32425ad3ebc785e0cf
ba16ebb8363dd8acb87275cf0a47456bcb7228c1139ac5d3eaeabe4bc42bcc35
ba244d8035d4e99190c03c9f8f01b27f3ddafbddddba1a69bb99a09266b5eedc
c38d87f383b9c312c52c126c6adf2fcb625e97aa563e37f2f06ac54e95aa5fee
c677f7601d68004a5c0af802407899ba001333fd3c69e8993a8a757a8521b20d
c808633ff4d4c025ae4151460a6ab81b58837bc03584b7037b4ef2034cc8676c
ca2a8b8169cef019be237b08e6e3e075934d76d733aa9937a0cfaca96c5dda23
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f2fe7b11ea4b5daae1619e4c8307b7df14866c79f6ded60ba0401bf8350d46
d6a4f131884413555900ad6642a89688deae3b91e879733a6ede890608ba6b02
d9429598b058a2ab2cd6176f123b304f3275d9e91d558a382c05c6c53da1da71
df309eee357692ba25343a2df4c3b4990ebca664fd9311f873612ce01c7ac429
e1cf6ef72cde6e3f9bffa69e86e769e09e82d18f781a235fc977a5644e141a9a
e95a0b1c3ca9617a58f0960113ef5003cfed0e5ed27b5552ea279700b21b5595
f31eff1588ddf409973f8d0587940a0d0a9f22f9dd9fd13d6323ed3431f667fa
f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e
f9b915f48c678a705256846f5f3a81ff849bce15c77a24ef4b0b09353045231c
fa5ecaba8e7048ec0475ac862bec89853e8c87e84475e199f8657d6e89065dff
fcae9a5a0fca0a4535db37603f61e3f28ae856e73ce894c5da9570460e70d5c5
ffdceb96ee4670386b85d0e2389496569d7e5e9f16844c2f26e9656482a8f12f

www.cztycoon.com Open in urlscan Pro 154.95.141.155 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

56 %HTTPS

35 %IPv6

50 Domains

51 Subdomains

26 IPs

4 Countries

24891 kBTransfer

25640 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cztycoon.com Open in urlscan Pro
154.95.141.155 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

56 %
HTTPS

35 %
IPv6

50
Domains

51
Subdomains

26
IPs

4
Countries

24891 kB
Transfer

25640 kB
Size

9
Cookies

89 HTTP transactions
1 data transactions