urlscan.io logo urlscan.io
SecurityTrails logo

000242k.lf6c8n09.live Open in urlscan Pro
18.163.96.176  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://000242d.com/
Effective URL: https://000242k.lf6c8n09.live:16688/
Submission: On May 12 via api from BY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 4 domains to perform 47 HTTP transactions. The main IP is 18.163.96.176, located in and belongs to . The main domain is 000242k.lf6c8n09.live.
TLS certificate: Issued by R3 on April 23rd 2024. Valid for: 3 months.
This is the only time 000242k.lf6c8n09.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 43.199.37.239 16509 (AMAZON-02)
21 223.121.15.24 58453 (CMI-INT-H...)
1 199.91.74.175 21859 (ZEN-ECN)
2 111.45.3.198 56040 (CMNET-GUA...)
2 18.163.96.176 ()
5 90.84.161.22 ()
4 23.90.149.106 ()
1 14.215.183.79 ()
47 9
1    43.199.37.239 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-199-37-239.ap-east-1.compute.amazonaws.com
000242d.com
21    223.121.15.24 (Hong Kong)

ASN58453 (CMI-INT-HK China Mobile International Limited, HK)
io1.c2.ddcsdt.com
io2.c2.ddcsdt.com
io4.c2.ddcsdt.com
1    199.91.74.175 (Mexico)

ASN21859 (ZEN-ECN, US)
io3.c2.ddcsdt.com
2    111.45.3.198 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)
hm.baidu.com
2    18.163.96.176 (None, )

ASN- ()
000242k.lf6c8n09.live
5    90.84.161.22 (None, )

ASN- ()
io5.c2.ddcsdt.com
4    23.90.149.106 (None, )

ASN- ()
io3.c2.ddcsdt.com
1    14.215.183.79 (None, )

ASN- ()
hm.baidu.com
Domain Requested by
12 io1.c2.ddcsdt.com 000242d.com
000242k.lf6c8n09.live
6 io4.c2.ddcsdt.com 000242k.lf6c8n09.live
5 io5.c2.ddcsdt.com 000242k.lf6c8n09.live
5 io3.c2.ddcsdt.com 000242d.com
000242k.lf6c8n09.live
io1.c2.ddcsdt.com
3 io2.c2.ddcsdt.com 000242k.lf6c8n09.live
3 hm.baidu.com 000242d.com
000242k.lf6c8n09.live
2 000242k.lf6c8n09.live 000242d.com
000242k.lf6c8n09.live
1 000242d.com
0 io7.c1.ddcsdt.com Failed io1.c2.ddcsdt.com
0 io9.c1.ddcsdt.com Failed io1.c2.ddcsdt.com
0 io6.c1.ddcsdt.com Failed io1.c2.ddcsdt.com
47 11

This site contains no links.

Subject Issuer Validity Valid
000242.com
R3		 2024-04-21 -
2024-07-20		 3 months crt.sh
c2.ddcsdt.com
R3		 2024-03-26 -
2024-06-24		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
2elkb0gn.live
R3		 2024-04-23 -
2024-07-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://000242k.lf6c8n09.live:16688/
Frame ID: 615C280C1B74D4A3A9B7DC4A439FD836
Requests: 46 HTTP requests in this frame

Frame: https://000242k.lf6c8n09.live:16688/iframe/3/11.html
Frame ID: FD85BC1D165CB4A3EC2E50B36D426E14
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://000242d.com/ HTTP 307
    https://000242d.com/ Page URL
  2. https://000242k.lf6c8n09.live:16688/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

79 %
HTTPS

0 %
IPv6

4
Domains

11
Subdomains

9
IPs

3
Countries

363 kB
Transfer

1941 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://000242d.com/ HTTP 307
    https://000242d.com/ Page URL
  2. https://000242k.lf6c8n09.live:16688/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://000242d.com/ HTTP 307
  • https://000242d.com/

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
000242d.com/
Redirect Chain
  • http://000242d.com/
  • https://000242d.com/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://000242d.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.199.37.239 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-199-37-239.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8c6c8a1d90c8911d8a591099a29cf8c1ee80a3d5616a71c35faf3ca42f8dcbdd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8 text/html; charset=utf-8
date
Sun, 12 May 2024 07:28:38 GMT
server
nginx
vary
Accept-Encoding

Redirect headers

Location
https://000242d.com/
Non-Authoritative-Reason
HttpsUpgrades
lazysizes-umd.min.js
io1.c2.ddcsdt.com/static/label/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/lazysizes-umd.min.js
Requested by
Host: 000242d.com
URL: https://000242d.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242d.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 12 May 2024 07:28:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE12[15],EU-GER-frankfurt-EDGE2-CACHE7[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE11[10],EU-FRA-paris-GLOBAL1-CACHE7[0,TCP_HIT,3]
age
1456609
alt-svc
h3=":443"; ma=2592000
content-length
3501
last-modified
Wed, 24 Apr 2024 02:32:22 GMT
server
openresty
etag
W/"66286f36-1ee0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
6db72a551d3af0b0c11b64c5b836dc7f
x-ccdn-expires
1135391
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Thu, 02 May 2024 10:48:35 GMT
label-com4.js
io1.c2.ddcsdt.com/static/label/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/label-com4.js
Requested by
Host: 000242d.com
URL: https://000242d.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
7e1bb46307f9533bd884999a404c30df1de8ac6254b79b3337ae8342e95f082a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242d.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 12 May 2024 07:28:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE12[13],EU-GER-frankfurt-EDGE2-CACHE15[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE21[2],EU-FRA-paris-GLOBAL1-CACHE30[0,TCP_HIT,2]
age
949430
alt-svc
h3=":443"; ma=2592000
content-length
2106
last-modified
Mon, 29 Apr 2024 08:23:03 GMT
server
openresty
etag
W/"662f58e7-174b"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
cb3437351cb5fa1904caf8bc3a1bee79
x-ccdn-expires
1642570
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Wed, 08 May 2024 07:38:36 GMT
ls.unveilhooks.min.js
io1.c2.ddcsdt.com/static/label/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/ls.unveilhooks.min.js
Requested by
Host: 000242d.com
URL: https://000242d.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242d.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 12 May 2024 07:28:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE12[8],EU-GER-frankfurt-EDGE2-CACHE6[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE30[3],EU-FRA-paris-GLOBAL1-CACHE6[0,TCP_HIT,2]
age
1456609
alt-svc
h3=":443"; ma=2592000
content-length
828
last-modified
Wed, 24 Apr 2024 02:32:22 GMT
server
openresty
etag
W/"66286f36-750"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
f9f3ede714670d1d6f4b7e7699816c95
x-ccdn-expires
1135391
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Thu, 02 May 2024 10:48:36 GMT
jquery-1.10.2.min.js
io1.c2.ddcsdt.com/static/label/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/jquery-1.10.2.min.js
Requested by
Host: 000242d.com
URL: https://000242d.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242d.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 12 May 2024 07:28:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE12[15],EU-GER-frankfurt-EDGE2-CACHE2[0,TCP_HIT,3],EU-FRA-paris-GLOBAL1-CACHE5[3],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,2]
age
1456783
alt-svc
h3=":443"; ma=2592000
content-length
33078
last-modified
Wed, 24 Apr 2024 02:32:22 GMT
server
openresty
etag
W/"66286f36-16bac"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
8a9eeb948f55082bbf87ece190ea8b36
x-ccdn-expires
1135217
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Thu, 02 May 2024 10:48:36 GMT
88b40cfa44b709f6.js
io3.c2.ddcsdt.com/upload/script/05/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/script/05/88b40cfa44b709f6.js
Requested by
Host: 000242d.com
URL: https://000242d.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.91.74.175 , Mexico, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
aeb8c911236b8b339833d394f5fd338420f68d61ed63f7dfd8a226cf84d886d5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242d.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 12 May 2024 07:28:40 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
LA-MEX-queretaro-EDGE1-CACHE2[4],LA-MEX-queretaro-EDGE1-CACHE2[0,TCP_HIT,2],LA-MEX-mexicocity-GLOBAL1-CACHE34[456],LA-MEX-mexicocity-GLOBAL1-CACHE27[453,TCP_MISS,455]
age
938644
alt-svc
h3=":443"; ma=2592000
content-length
2999
last-modified
Tue, 30 Apr 2024 16:52:18 GMT
server
openresty
etag
W/"663121c2-1cb8"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
fa3fab8161010f960cf5412a440bbf90
x-ccdn-expires
1653356
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Wed, 08 May 2024 10:44:36 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?edd94c426599867ca8045d6c570422a5
Requested by
Host: 000242d.com
URL: https://000242d.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
d74babf32be9f8676fe58a1331cc4851cad645a49704dadaa0459e80b005c532
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242d.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 12 May 2024 07:28:42 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
04c018d9f1491ca49081595cd61d88d4
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11260
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=662765202&si=edd94c426599867ca8045d6c570422a5&v=1.3.0&lv=1&sn=54762&r=0&ww=1600&u=https%3A%2F%2F000242d.com%2F&tt=%E7%99%BE%E5%BA%A6%E4%B8%80%E4%B8%8B
Requested by
Host: 000242d.com
URL: https://000242d.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242d.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 12 May 2024 07:28:42 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
Primary Request /
000242k.lf6c8n09.live/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://000242k.lf6c8n09.live:16688/
Requested by
Host: 000242d.com
URL: https://000242d.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.163.96.176 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
661b820e8ca4577d673602f3fe0dfc57717f7d43b4c3ce69e8802820952cf27f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://000242d.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8 text/html; charset=utf-8
date
Sun, 12 May 2024 07:28:44 GMT
server
nginx
vary
Accept-Encoding
lazysizes-umd.min.js
io1.c2.ddcsdt.com/static/label/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/lazysizes-umd.min.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 12 May 2024 07:28:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE11[15],EU-GER-frankfurt-EDGE2-CACHE7[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE11[10],EU-FRA-paris-GLOBAL1-CACHE7[0,TCP_HIT,3]
age
1456613
alt-svc
h3=":443"; ma=2592000
content-length
3501
last-modified
Wed, 24 Apr 2024 02:32:22 GMT
server
openresty
etag
W/"66286f36-1ee0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
6d738821361972480529ba85b5a61d7d
x-ccdn-expires
1135391
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Thu, 02 May 2024 10:48:35 GMT
label-com4.js
io1.c2.ddcsdt.com/static/label/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/label-com4.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
7e1bb46307f9533bd884999a404c30df1de8ac6254b79b3337ae8342e95f082a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 12 May 2024 07:28:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE11[15],EU-GER-frankfurt-EDGE2-CACHE15[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE21[2],EU-FRA-paris-GLOBAL1-CACHE30[0,TCP_HIT,2]
age
949434
alt-svc
h3=":443"; ma=2592000
content-length
2106
last-modified
Mon, 29 Apr 2024 08:23:03 GMT
server
openresty
etag
W/"662f58e7-174b"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
fea50a18cc0b3b0fe2c4d167fb5d441c
x-ccdn-expires
1642570
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Wed, 08 May 2024 07:38:36 GMT
ls.unveilhooks.min.js
io1.c2.ddcsdt.com/static/label/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/ls.unveilhooks.min.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 12 May 2024 07:28:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE11[15],EU-GER-frankfurt-EDGE2-CACHE6[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE30[3],EU-FRA-paris-GLOBAL1-CACHE6[0,TCP_HIT,2]
age
1456613
alt-svc
h3=":443"; ma=2592000
content-length
828
last-modified
Wed, 24 Apr 2024 02:32:22 GMT
server
openresty
etag
W/"66286f36-750"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
bf5aea7c7fc8edf6058ec5e249608dc6
x-ccdn-expires
1135391
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Thu, 02 May 2024 10:48:36 GMT
jquery-1.10.2.min.js
io1.c2.ddcsdt.com/static/label/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/jquery-1.10.2.min.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 12 May 2024 07:28:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE11[15],EU-GER-frankfurt-EDGE2-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE5[3],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,2]
age
1456787
alt-svc
h3=":443"; ma=2592000
content-length
33078
last-modified
Wed, 24 Apr 2024 02:32:22 GMT
server
openresty
etag
W/"66286f36-16bac"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
f2052db0aa262b0c6e318a0986ec0b96
x-ccdn-expires
1135217
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Thu, 02 May 2024 10:48:36 GMT
b78ae4859e39146f.js
io2.c2.ddcsdt.com/upload/script/05/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io2.c2.ddcsdt.com/upload/script/05/b78ae4859e39146f.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
53b910efe509b474bc88f73274b32009aeb93242a560ef011bc5d912aa3d5155
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE5[632],EU-GER-frankfurt-EDGE2-CACHE9[625,TCP_MISS,628],EU-FRA-paris-GLOBAL1-CACHE21[608],EU-FRA-paris-GLOBAL1-CACHE9[605,TCP_MISS,608]
age
1
x-ccdn-origin-time
605
alt-svc
h3=":443"; ma=2592000
last-modified
Fri, 10 May 2024 06:15:34 GMT
server
openresty
etag
W/"663dbb86-417c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
e46b461b1ea894284a42bc3470921dd3
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
3fcaafbb7aa6c35c.js
io4.c2.ddcsdt.com/upload/script/05/ 		199 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io4.c2.ddcsdt.com/upload/script/05/3fcaafbb7aa6c35c.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
db5c6a981e9faf84a873ba80e29fedf0f11240fec6ac5bd3e0bca0489cebb9f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE1[969],EU-GER-frankfurt-EDGE2-CACHE2[951,TCP_MISS,954],EU-FRA-paris-GLOBAL1-CACHE30[609],EU-FRA-paris-GLOBAL1-CACHE26[605,TCP_MISS,608]
age
1
x-ccdn-origin-time
605
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 06:19:39 GMT
server
openresty
etag
W/"66405f7b-31c6c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
81e09ab0f6231a3975f92dc7b231fb16
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
b84dcf6108871dc2.js
io2.c2.ddcsdt.com/upload/script/05/ 		85 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io2.c2.ddcsdt.com/upload/script/05/b84dcf6108871dc2.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
6e1dd73c49e5e972607308a8b1dd7474ad0aced9092d2ed587a17d61b9a34582
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE5[666],EU-GER-frankfurt-EDGE2-CACHE12[651,TCP_MISS,654],EU-FRA-paris-GLOBAL1-CACHE4[608],EU-FRA-paris-GLOBAL1-CACHE29[605,TCP_MISS,607]
age
1
x-ccdn-origin-time
605
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 05:15:24 GMT
server
openresty
etag
W/"6640506c-155c0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
4aa27ae088ee052e71b55b2eb12ddecf
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
d7f30b9031e48a2f.js
io2.c2.ddcsdt.com/upload/script/05/ 		83 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io2.c2.ddcsdt.com/upload/script/05/d7f30b9031e48a2f.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
06301278c0a95fbcdea11806646573716d819319d6c3bcf98631f78e5facea68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE5[657],EU-GER-frankfurt-EDGE2-CACHE2[641,TCP_MISS,644],EU-FRA-paris-GLOBAL1-CACHE29[625],EU-FRA-paris-GLOBAL1-CACHE1[621,TCP_MISS,624]
age
1
x-ccdn-origin-time
621
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 05:15:24 GMT
server
openresty
etag
W/"6640506c-14df4"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
8a660af6cc358f0c9edccb0e18b71b4d
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
75978291a2c8a981.js
io5.c2.ddcsdt.com/upload/script/05/ 		78 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/05/75978291a2c8a981.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
b4c5ef1ce3404c80b31ba8f7f7d3ae0d1f85f91150dcd5ad5d41067ae18e52ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE6[579],EU-GER-frankfurt-EDGE5-CACHE5[564,TCP_MISS,576],EU-GER-frankfurt-GLOBAL1-CACHE5[554],EU-GER-frankfurt-GLOBAL1-CACHE14[551,TCP_MISS,553]
age
1
x-ccdn-origin-time
551
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 06:19:40 GMT
server
openresty
etag
W/"66405f7c-13834"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
a92fd622af6e17b2ba34928ab6c461c2
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
7a2e252fddad332e.js
io5.c2.ddcsdt.com/upload/script/05/ 		45 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/05/7a2e252fddad332e.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
94fe8d2ccf434252d8963ee5d34e13fb911dd0b8705caefa2d914abc56aea280
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE6[575],EU-GER-frankfurt-EDGE5-CACHE4[571,TCP_MISS,574],EU-GER-frankfurt-GLOBAL1-CACHE7[568],EU-GER-frankfurt-GLOBAL1-CACHE4[565,TCP_MISS,568]
age
1
x-ccdn-origin-time
565
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 05:15:24 GMT
server
openresty
etag
W/"6640506c-b370"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
f5490972d8ef14070a3dc30562d0fb6f
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
a09e904aa73774a7.js
io5.c2.ddcsdt.com/upload/script/05/ 		35 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/05/a09e904aa73774a7.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
ddaac0ab671db547ebd7e4f13a8fdba391534a0f513138f82874b88cfeb74fa9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE6[580],EU-GER-frankfurt-EDGE5-CACHE2[576,TCP_MISS,578],EU-GER-frankfurt-GLOBAL1-CACHE6[572],EU-GER-frankfurt-GLOBAL1-CACHE2[569,TCP_MISS,571]
age
1
x-ccdn-origin-time
569
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 05:15:24 GMT
server
openresty
etag
W/"6640506c-8af4"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
aff0cdd8831addd83b9e5a3d29e40e19
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
0e42a1e9b13fa9ef.js
io1.c2.ddcsdt.com/upload/script/05/ 		51 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/upload/script/05/0e42a1e9b13fa9ef.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
f4c8c59f08bcd719261cd6a4239ee34ccfe4cf70dfdc03c2eb0e542817fb401a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE11[642],EU-GER-frankfurt-EDGE2-CACHE6[631,TCP_MISS,634],EU-FRA-paris-GLOBAL1-CACHE19[614],EU-FRA-paris-GLOBAL1-CACHE26[611,TCP_MISS,614]
age
1
x-ccdn-origin-time
611
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 06:19:40 GMT
server
openresty
etag
W/"66405f7c-cc98"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
ecd9e82f331f8c974b56867dd21a690e
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
6b774df5f65bfbd3.js
io4.c2.ddcsdt.com/upload/script/05/ 		90 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io4.c2.ddcsdt.com/upload/script/05/6b774df5f65bfbd3.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
80bdb1511160985bad90eef8399859be47128aee245bec21d98a59d8f8d21c99
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE1[687],EU-GER-frankfurt-EDGE2-CACHE3[669,TCP_MISS,673],EU-FRA-paris-GLOBAL1-CACHE18[608],EU-FRA-paris-GLOBAL1-CACHE3[605,TCP_MISS,607]
age
1
x-ccdn-origin-time
605
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 06:19:40 GMT
server
openresty
etag
W/"66405f7c-1679c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
2182220976c5317c78f8b84f8f08d5f2
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
6188f8aad638a7c6.js
io1.c2.ddcsdt.com/upload/script/05/ 		72 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/upload/script/05/6188f8aad638a7c6.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
0ee50b81088420bd5f59c52299858dfc11d22428f6d9ff42c871685fbfc8c014
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE11[646],EU-GER-frankfurt-EDGE2-CACHE5[628,TCP_MISS,631],EU-FRA-paris-GLOBAL1-CACHE22[617],EU-FRA-paris-GLOBAL1-CACHE30[613,TCP_MISS,615]
age
1
x-ccdn-origin-time
613
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 06:19:40 GMT
server
openresty
etag
W/"66405f7c-12080"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
8e0e1c1a2a641b21b434a7bb843d9202
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
33fd106f022bd040.js
io4.c2.ddcsdt.com/upload/script/05/ 		59 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io4.c2.ddcsdt.com/upload/script/05/33fd106f022bd040.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
454aa86e722818734f81d6e022d88446009d791189e2885270e4c237d3969b71
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE1[654],EU-GER-frankfurt-EDGE2-CACHE3[638,TCP_MISS,641],EU-FRA-paris-GLOBAL1-CACHE2[622],EU-FRA-paris-GLOBAL1-CACHE3[618,TCP_MISS,620]
age
1
x-ccdn-origin-time
618
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 05:15:24 GMT
server
openresty
etag
W/"6640506c-eb88"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
88d2b9b212d9ddd2dfc552beede4a5de
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
4c7f502e44ddb559.js
io3.c2.ddcsdt.com/upload/script/05/ 		88 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/script/05/4c7f502e44ddb559.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE2[1058],EU-GER-frankfurt-EDGE4-CACHE2[852,TCP_MISS,1057],EU-GER-frankfurt-GLOBAL1-CACHE6[569],EU-GER-frankfurt-GLOBAL1-CACHE11[564,TCP_MISS,568]
age
1
x-ccdn-origin-time
564
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 06:19:40 GMT
server
openresty
etag
W/"66405f7c-16144"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
a89c7826826dce16ddb2afdee36496ca
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
14c428e0ed67f85e.js
io5.c2.ddcsdt.com/upload/script/05/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/05/14c428e0ed67f85e.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
e251bba1277d75f752280ccb48d82e6405346caaf8be3343e315cc58748f4ced
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE6[549],EU-GER-frankfurt-EDGE5-CACHE5[545,TCP_MISS,548],EU-GER-frankfurt-GLOBAL1-CACHE1[542],EU-GER-frankfurt-GLOBAL1-CACHE12[539,TCP_MISS,542]
age
1
x-ccdn-origin-time
539
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 06:19:40 GMT
server
openresty
etag
W/"66405f7c-d3c0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
5fade2349c82199108b042304387caae
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
f56fb2640c3accee.js
io4.c2.ddcsdt.com/upload/script/05/ 		64 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io4.c2.ddcsdt.com/upload/script/05/f56fb2640c3accee.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
1aadfd3683c39dd7403ff171de4b1317783c4761fa7f9fdfd052caff6d550334
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE1[646],EU-GER-frankfurt-EDGE2-CACHE1[631,TCP_MISS,634],EU-FRA-paris-GLOBAL1-CACHE1[616],EU-FRA-paris-GLOBAL1-CACHE2[608,TCP_MISS,611]
age
1
x-ccdn-origin-time
608
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 05:15:25 GMT
server
openresty
etag
W/"6640506d-fe30"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
36c4a8c7b48b0139d72e9c610fd76cea
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
bb6fd4e2d7edfd0b.js
io5.c2.ddcsdt.com/upload/script/05/ 		56 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/05/bb6fd4e2d7edfd0b.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
2c1fac7ec1bc87bd7d0587aaba8feb3552e1587fdab45c5f2df55c7c2c2d9e75
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE6[581],EU-GER-frankfurt-EDGE5-CACHE6[576,TCP_MISS,580],EU-GER-frankfurt-GLOBAL1-CACHE14[564],EU-GER-frankfurt-GLOBAL1-CACHE6[559,TCP_MISS,562]
age
1
x-ccdn-origin-time
559
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 05:15:25 GMT
server
openresty
etag
W/"6640506d-dee8"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
c3c7b35d6cf4478ac1697e1093912431
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
df8b31bcdaddd828.js
io3.c2.ddcsdt.com/upload/script/05/ 		67 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/script/05/df8b31bcdaddd828.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
de875a2699008cb3e2456b58ebad291eed6f9fece617243583e448309a07d6ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE2[767],EU-GER-frankfurt-EDGE4-CACHE1[560,TCP_MISS,766],EU-GER-frankfurt-GLOBAL1-CACHE6[558],EU-GER-frankfurt-GLOBAL1-CACHE1[553,TCP_MISS,555]
age
1
x-ccdn-origin-time
553
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 05:15:25 GMT
server
openresty
etag
W/"6640506d-10cb8"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
33b15f574c8f7cc7a5dc2cd4339d8cfa
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
7be32ad39b54489b.js
io4.c2.ddcsdt.com/upload/script/05/ 		54 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io4.c2.ddcsdt.com/upload/script/05/7be32ad39b54489b.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
4201cedadab9f22e28f0abb545f2e962bbcbf27bdaea997fede3f1859d3b3c69
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE1[700],EU-GER-frankfurt-EDGE2-CACHE8[686,TCP_MISS,688],EU-FRA-paris-GLOBAL1-CACHE3[623],EU-FRA-paris-GLOBAL1-CACHE8[618,TCP_MISS,621]
age
1
x-ccdn-origin-time
618
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 05:15:25 GMT
server
openresty
etag
W/"6640506d-d9a0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
9be46767683c69c702e5939c9c9f7d6a
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
b34425b519722456.js
io1.c2.ddcsdt.com/upload/script/05/ 		85 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/upload/script/05/b34425b519722456.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
146a7790f73d321a5da4993fca09a63f86ccbb2590fe60d8fe347be0ab77ab1d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE11[638],EU-GER-frankfurt-EDGE2-CACHE12[621,TCP_MISS,623],EU-FRA-paris-GLOBAL1-CACHE6[609],EU-FRA-paris-GLOBAL1-CACHE12[606,TCP_MISS,609]
age
1
x-ccdn-origin-time
606
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 05:15:25 GMT
server
openresty
etag
W/"6640506d-15498"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
24c6106854fd11f4917bfead916f01a6
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
ebedf31a9e9ee90e.js
io3.c2.ddcsdt.com/upload/script/05/ 		93 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/script/05/ebedf31a9e9ee90e.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
d5e29009f39026021de64092736a3264ef1657908b4cbab80fbda5b1abea5f1b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE2[740],EU-GER-frankfurt-EDGE4-CACHE1[571,TCP_MISS,738],EU-GER-frankfurt-GLOBAL1-CACHE12[569],EU-GER-frankfurt-GLOBAL1-CACHE1[563,TCP_MISS,566]
age
1
x-ccdn-origin-time
563
alt-svc
h3=":443"; ma=2592000
last-modified
Sun, 12 May 2024 06:19:40 GMT
server
openresty
etag
W/"66405f7c-1754c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
bf8fd8fd38ce41d5147223ccfded7fdf
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
202699ecd8cd4dc1.js
io4.c2.ddcsdt.com/upload/script/05/ 		171 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io4.c2.ddcsdt.com/upload/script/05/202699ecd8cd4dc1.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
d71fe472217f79451ca5e7fe7accb498e4ae53192fe0965baeda11638be29c77
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE1[973],EU-GER-frankfurt-EDGE2-CACHE6[968,TCP_MISS,969],EU-FRA-paris-GLOBAL1-CACHE29[619],EU-FRA-paris-GLOBAL1-CACHE6[616,TCP_MISS,617]
age
1
x-ccdn-origin-time
616
alt-svc
h3=":443"; ma=2592000
last-modified
Tue, 30 Apr 2024 19:14:29 GMT
server
openresty
etag
W/"66314315-2abac"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
64d4f4f14f657fa952b96d0b54e59455
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
cf65440b1fd7006c.js
io3.c2.ddcsdt.com/upload/script/05/ 		84 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/script/05/cf65440b1fd7006c.js
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
2b39e206a4585d0b04d25dc463e545ec0bd2e67a6bcb72c3b4b350e79d832aff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 12 May 2024 07:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE2[741],EU-GER-frankfurt-EDGE4-CACHE2[573,TCP_MISS,739],EU-GER-frankfurt-GLOBAL1-CACHE4[572],EU-GER-frankfurt-GLOBAL1-CACHE6[568,TCP_MISS,570]
age
1
x-ccdn-origin-time
568
alt-svc
h3=":443"; ma=2592000
last-modified
Tue, 30 Apr 2024 16:15:27 GMT
server
openresty
etag
W/"6631191f-15094"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
379c13b93d24e816c57a109356bfab5b
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 19 May 2024 07:28:45 GMT
b426276f6409f7b5017a4ba3355f6c
io6.c1.ddcsdt.com/upload/epy/img/202306/82/ 		0
0
hm.js
hm.baidu.com/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?a402f64169e0f51d85c300728eeea889
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 -, , ASN (),
Reverse DNS
Software
apache /
Resource Hash
5e8d8aab4ceb723e40ca4369a3eb1a062ee937171c5e1164c1300c4c6f3121f0
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 12 May 2024 07:28:45 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
d49104f43bfbe62e5698ab063f56dce5
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11265
3a871a695369fe27da92a7b3b771fd
io9.c1.ddcsdt.com/upload/epy/img/202306/73/ 		0
0
11.html
000242k.lf6c8n09.live/iframe/3/ Frame FD85 		16 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://000242k.lf6c8n09.live:16688/iframe/3/11.html
Requested by
Host: 000242d.com
URL: https://000242d.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.163.96.176 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://000242k.lf6c8n09.live:16688/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8 text/html; charset=utf-8
date
Sun, 12 May 2024 07:28:45 GMT
server
nginx
vary
Accept-Encoding
259dbb1bb410729962af56645384da
io7.c1.ddcsdt.com/upload/epy/img/202405/3b/ 		0
0
''
000242k.lf6c8n09.live/ 		0
0
4f2ed5f617b9bf67edbaab56f11fc0ce
io3.c2.ddcsdt.com/upload/epy/2023/06/30/ 		0
0
4f2ed5f617b9bf67edbaab56f11fc0ce
io3.c2.ddcsdt.com/upload/epy/2023/06/30/ 		0
0
4f2ed5f617b9bf67edbaab56f11fc0ce
io3.c2.ddcsdt.com/upload/epy/2023/06/30/ 		0
0
4f2ed5f617b9bf67edbaab56f11fc0ce
io3.c2.ddcsdt.com/upload/epy/2023/06/30/ 		0
0
4f2ed5f617b9bf67edbaab56f11fc0ce
io3.c2.ddcsdt.com/upload/epy/2023/06/30/ 		0
0
truncated
/ 		568 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f64172e959cafba578762df77205d1a0adcb0a61ea41d951aa7f74c9fe9cb31f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
kj.css
io1.c2.ddcsdt.com/static/css/ Frame FD85 		11 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/css/kj.css
Requested by
Host: 000242k.lf6c8n09.live
URL: https://000242k.lf6c8n09.live:16688/iframe/3/11.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://000242k.lf6c8n09.live:16688/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 12 May 2024 07:28:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE11[3],EU-GER-frankfurt-EDGE2-CACHE10[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE11[2],EU-FRA-paris-GLOBAL1-CACHE10[0,TCP_HIT,2]
age
1123402
alt-svc
h3=":443"; ma=2592000
content-length
7638
last-modified
Fri, 26 Apr 2024 06:51:44 GMT
server
openresty
etag
W/"662b4f00-2b9a"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
12f6e42dc89d64b35617444c8320a3ef
x-ccdn-expires
1468598
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Mon, 06 May 2024 06:00:48 GMT
hm.gif
hm.baidu.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
io6.c1.ddcsdt.com
URL
https://io6.c1.ddcsdt.com/upload/epy/img/202306/82/b426276f6409f7b5017a4ba3355f6c
Domain
io9.c1.ddcsdt.com
URL
https://io9.c1.ddcsdt.com/upload/epy/img/202306/73/3a871a695369fe27da92a7b3b771fd
Domain
io7.c1.ddcsdt.com
URL
https://io7.c1.ddcsdt.com/upload/epy/img/202405/3b/259dbb1bb410729962af56645384da
Domain
000242k.lf6c8n09.live
URL
https://000242k.lf6c8n09.live:16688/''
Domain
io3.c2.ddcsdt.com
URL
https://io3.c2.ddcsdt.com/upload/epy/2023/06/30/4f2ed5f617b9bf67edbaab56f11fc0ce
Domain
io3.c2.ddcsdt.com
URL
https://io3.c2.ddcsdt.com/upload/epy/2023/06/30/4f2ed5f617b9bf67edbaab56f11fc0ce
Domain
io3.c2.ddcsdt.com
URL
https://io3.c2.ddcsdt.com/upload/epy/2023/06/30/4f2ed5f617b9bf67edbaab56f11fc0ce
Domain
io3.c2.ddcsdt.com
URL
https://io3.c2.ddcsdt.com/upload/epy/2023/06/30/4f2ed5f617b9bf67edbaab56f11fc0ce
Domain
io3.c2.ddcsdt.com
URL
https://io3.c2.ddcsdt.com/upload/epy/2023/06/30/4f2ed5f617b9bf67edbaab56f11fc0ce
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=359352712&si=a402f64169e0f51d85c300728eeea889&su=https%3A%2F%2F000242d.com%2F&v=1.3.0&lv=1&sn=54766&r=0&ww=1600&u=https%3A%2F%2F000242k.lf6c8n09.live%3A16688%2F&tt=%E6%BE%B3%E9%97%A8%E9%87%91%E5%A4%9A%E5%AE%9D%E4%BC%A0%E7%9C%9F

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: C65948E0AE9DF414
.000242d.com/ Name: Hm_lvt_edd94c426599867ca8045d6c570422a5
Value: 1715498922
.000242d.com/ Name: Hm_lpvt_edd94c426599867ca8045d6c570422a5
Value: 1715498922

3 Console Messages

Source Level URL
Text
other warning URL: https://000242d.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://000242d.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://000242k.lf6c8n09.live:16688/(Line 45)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

000242d.com
000242k.lf6c8n09.live
hm.baidu.com
io1.c2.ddcsdt.com
io2.c2.ddcsdt.com
io3.c2.ddcsdt.com
io4.c2.ddcsdt.com
io5.c2.ddcsdt.com
io6.c1.ddcsdt.com
io7.c1.ddcsdt.com
io9.c1.ddcsdt.com
000242k.lf6c8n09.live
hm.baidu.com
io3.c2.ddcsdt.com
io6.c1.ddcsdt.com
io7.c1.ddcsdt.com
io9.c1.ddcsdt.com
111.45.3.198
14.215.183.79
18.163.96.176
199.91.74.175
223.121.15.24
23.90.149.106
43.199.37.239
90.84.161.22
06301278c0a95fbcdea11806646573716d819319d6c3bcf98631f78e5facea68
0ee50b81088420bd5f59c52299858dfc11d22428f6d9ff42c871685fbfc8c014
146a7790f73d321a5da4993fca09a63f86ccbb2590fe60d8fe347be0ab77ab1d
1aadfd3683c39dd7403ff171de4b1317783c4761fa7f9fdfd052caff6d550334
2b39e206a4585d0b04d25dc463e545ec0bd2e67a6bcb72c3b4b350e79d832aff
2c1fac7ec1bc87bd7d0587aaba8feb3552e1587fdab45c5f2df55c7c2c2d9e75
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747
4201cedadab9f22e28f0abb545f2e962bbcbf27bdaea997fede3f1859d3b3c69
454aa86e722818734f81d6e022d88446009d791189e2885270e4c237d3969b71
53b910efe509b474bc88f73274b32009aeb93242a560ef011bc5d912aa3d5155
5e8d8aab4ceb723e40ca4369a3eb1a062ee937171c5e1164c1300c4c6f3121f0
661b820e8ca4577d673602f3fe0dfc57717f7d43b4c3ce69e8802820952cf27f
6e1dd73c49e5e972607308a8b1dd7474ad0aced9092d2ed587a17d61b9a34582
7e1bb46307f9533bd884999a404c30df1de8ac6254b79b3337ae8342e95f082a
80bdb1511160985bad90eef8399859be47128aee245bec21d98a59d8f8d21c99
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8c6c8a1d90c8911d8a591099a29cf8c1ee80a3d5616a71c35faf3ca42f8dcbdd
94fe8d2ccf434252d8963ee5d34e13fb911dd0b8705caefa2d914abc56aea280
aeb8c911236b8b339833d394f5fd338420f68d61ed63f7dfd8a226cf84d886d5
b4c5ef1ce3404c80b31ba8f7f7d3ae0d1f85f91150dcd5ad5d41067ae18e52ad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5e29009f39026021de64092736a3264ef1657908b4cbab80fbda5b1abea5f1b
d71fe472217f79451ca5e7fe7accb498e4ae53192fe0965baeda11638be29c77
d74babf32be9f8676fe58a1331cc4851cad645a49704dadaa0459e80b005c532
db5c6a981e9faf84a873ba80e29fedf0f11240fec6ac5bd3e0bca0489cebb9f5
ddaac0ab671db547ebd7e4f13a8fdba391534a0f513138f82874b88cfeb74fa9
de875a2699008cb3e2456b58ebad291eed6f9fece617243583e448309a07d6ff
e251bba1277d75f752280ccb48d82e6405346caaf8be3343e315cc58748f4ced
f4c8c59f08bcd719261cd6a4239ee34ccfe4cf70dfdc03c2eb0e542817fb401a
f64172e959cafba578762df77205d1a0adcb0a61ea41d951aa7f74c9fe9cb31f