www.94aixx.com Open in urlscan Pro
107.160.158.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://94aixx.com/
Effective URL:
http://www.94aixx.com/index.php
Submission Tags: falconsandbox
Submission: On March 28 via api (March 28th 2021, 9:04:51 am UTC) from US

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 13 domains to perform 64 HTTP transactions. The main IP is 107.160.158.47, located in United States and belongs to AS40676, US. The main domain is www.94aixx.com.

This is the only time www.94aixx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	107.160.158.47 107.160.158.47	40676 (AS40676) (AS40676)
2	39.156.68.163 39.156.68.163	9808 (CMNET-GD ...) (CMNET-GD Guangdong Mobile Communication Co.Ltd.)
5	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	122.228.91.87 122.228.91.87	134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU)
1	198.16.53.162 198.16.53.162	40065 (CNSERVERS) (CNSERVERS)
4	192.151.223.155 192.151.223.155	40065 (CNSERVERS) (CNSERVERS)
1 17	23.225.6.220 23.225.6.220	40065 (CNSERVERS) (CNSERVERS)
18	2606:4700:10:... 2606:4700:10::6816:2452	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	240e:ff:f101:... 240e:ff:f101:10::14b	4816 (CHINANET-...) (CHINANET-IDC-GD China Telecom (Group))
1 1	61.160.221.140 61.160.221.140	23650 (CHINANET-...) (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone)
1	2a01:53c0:ff0... 2a01:53c0:ff0d::b	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	203.205.254.152 203.205.254.152	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	2606:4700:303... 2606:4700:3032::6815:5b7d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	163.181.56.252 163.181.56.252	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
4	52.51.89.237 52.51.89.237	16509 (AMAZON-02) (AMAZON-02)
64	15

4 107.160.158.47 (United States) 1 redirects

ASN40676 (AS40676, US)

94aixx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.94aixx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 39.156.68.163 (China)

ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 122.228.91.87 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.16.53.162 (United States)

ASN40065 (CNSERVERS, US)

api-niuthree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.151.223.155 (United States)

ASN40065 (CNSERVERS, US)

a40d6ae.niuys35.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 23.225.6.220 (United States) 1 redirects

ASN40065 (CNSERVERS, US)

rmwzacfp.niuys99.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:10::6816:2452 (United States)

ASN13335 (CLOUDFLARENET, US)

pic.lbtp88.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 240e:ff:f101:10::14b (China)

ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN)

p.qlogo.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.160.221.140 (China) 1 redirects

ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN)

img.downk.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:53c0:ff0d::b (United States)

ASN54994 (QUANTILNETWORKS, US)

p1-tt-ipv6.byteimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.205.254.152 (Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

p.qlogo.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:5b7d (United States)

ASN13335 (CLOUDFLARENET, US)

77piclive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.181.56.252 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cbu01.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.51.89.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-89-237.eu-west-1.compute.amazonaws.com

cdn.gf.qubo.longshenghaigongmao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	lbtp88.com pic.lbtp88.com	153 KB
17	niuys99.work 1 redirects rmwzacfp.niuys99.work	129 KB
7	baidu.com push.zhanzhang.baidu.com hm.baidu.com api.share.baidu.com	30 KB
5	qlogo.cn p.qlogo.cn	2 MB
4	longshenghaigongmao.com cdn.gf.qubo.longshenghaigongmao.com	455 KB
4	niuys35.com a40d6ae.niuys35.com	39 KB
4	94aixx.com 1 redirects 94aixx.com www.94aixx.com	4 KB
2	alicdn.com cbu01.alicdn.com	1 MB
1	77piclive.com 77piclive.com	528 KB
1	byteimg.com p1-tt-ipv6.byteimg.com	313 KB
1	downk.cc 1 redirects img.downk.cc	103 B
1	api-niuthree.com api-niuthree.com	590 B
1	51.la js.users.51.la ia.51.la Failed	3 KB
64	13

	Domain	Requested by
18	pic.lbtp88.com	rmwzacfp.niuys99.work
17	rmwzacfp.niuys99.work	1 redirects a40d6ae.niuys35.com www.94aixx.com rmwzacfp.niuys99.work
5	p.qlogo.cn	rmwzacfp.niuys99.work
5	hm.baidu.com	www.94aixx.com a40d6ae.niuys35.com rmwzacfp.niuys99.work
4	cdn.gf.qubo.longshenghaigongmao.com	rmwzacfp.niuys99.work
4	a40d6ae.niuys35.com	www.94aixx.com a40d6ae.niuys35.com
3	www.94aixx.com	www.94aixx.com
2	cbu01.alicdn.com	rmwzacfp.niuys99.work
1	77piclive.com	rmwzacfp.niuys99.work
1	p1-tt-ipv6.byteimg.com	rmwzacfp.niuys99.work
1	img.downk.cc	1 redirects
1	api-niuthree.com	www.94aixx.com
1	api.share.baidu.com	www.94aixx.com
1	js.users.51.la	www.94aixx.com
1	push.zhanzhang.baidu.com	www.94aixx.com
1	94aixx.com	1 redirects
0	ia.51.la Failed	www.94aixx.com
64	17

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-04-19`	2 years	crt.sh
api-niuthree.com R3	`2021-02-12` - `2021-05-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-09-18` - `2021-09-18`	a year	crt.sh
*.qpic.cn GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-16` - `2021-06-17`	a year	crt.sh
*.byteimg.com RapidSSL RSA CA 2018	`2019-11-29` - `2022-01-27`	2 years	crt.sh
*.alicdn.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-08-11` - `2021-08-12`	a year	crt.sh
cdn.gf.qubo.longshenghaigongmao.com R3	`2021-03-19` - `2021-06-17`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.94aixx.com/index.php
Frame ID: 4C524682C95D3ECE03A546ADB0F105B5
Requests: 10 HTTP requests in this frame

Frame: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Frame ID: E9271D5029EAD9D68DABCC5A0927210C
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://94aixx.com/ HTTP 301
http://www.94aixx.com/index.php Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

64
Requests

59 %
HTTPS

27 %
IPv6

13
Domains

17
Subdomains

15
IPs

4
Countries

5104 kB
Transfer

5454 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://94aixx.com/ HTTP 301
http://www.94aixx.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

http://rmwzacfp.niuys99.work/?hgdgzi=t05om HTTP 307
http://rmwzacfp.niuys99.work/?hgdgzi=t05om

Request Chain 51

https://img.downk.cc/item/5fe4637b35bec759f8ce598d.gif HTTP 302
https://p1-tt-ipv6.byteimg.com/origin/pgc-image/e11691761564477d9f308a739dcb254f

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
www.94aixx.com/
Redirect Chain

http://94aixx.com/
http://www.94aixx.com/index.php

787 B
928 B

318ms
294ms

Document
text/html

107.160.158.47
AS40676

General

Check archive.org

Show headers Download Go to

Full URL: http://www.94aixx.com/index.php
Protocol: HTTP/1.1
Server: 107.160.158.47 , United States, ASN40676 (AS40676, US),
Reverse DNS
Software: nginx /
Resource Hash: 21f42dda04dd4a4f7331abc111850d75e7dcc12eaa2b392a97e73a2a4b1b3b2d

Request headers

Host: www.94aixx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx
Date: Sun, 28 Mar 2021 09:04:11 GMT
Content-Type: text/html
Content-Length: 787
Connection: keep-alive

Redirect headers

Server: nginx
Date: Sun, 28 Mar 2021 09:04:11 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.94aixx.com/index.php

GET
H/1.1 200
OK tj.js Show response
www.94aixx.com/ 366 B
522 B 156ms
155ms Script
application/x-javascript 107.160.158.47
AS40676

General

Check archive.org

Show headers Download Go to

Full URL: http://www.94aixx.com/tj.js
Requested by: Host: www.94aixx.com
URL: http://www.94aixx.com/index.php
Protocol: HTTP/1.1
Server: 107.160.158.47 , United States, ASN40676 (AS40676, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ea020b0b1413878aec534ff56463126aa1b70540062895f4d4dbd6e067f02e7

Request headers

Referer: http://www.94aixx.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:12 GMT
Server: nginx
Connection: keep-alive
Content-Length: 366
Content-Type: application/x-javascript

GET
H/1.1 200
OK common.js Show response
www.94aixx.com/ 4 KB
2 KB 323ms
308ms Script
application/x-javascript 107.160.158.47
AS40676

General

Check archive.org

Show headers Download Go to

Full URL: http://www.94aixx.com/common.js
Requested by: Host: www.94aixx.com
URL: http://www.94aixx.com/index.php
Protocol: HTTP/1.1
Server: 107.160.158.47 , United States, ASN40676 (AS40676, US),
Reverse DNS
Software: nginx /
Resource Hash: d7f9f6d5742ee02e1a77c3bc41243690130607916bf54de20457a19e25146752

Request headers

Referer: http://www.94aixx.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:12 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK push.js Show response
push.zhanzhang.baidu.com/ 281 B
752 B 484ms
467ms Script
text/javascript 39.156.68.163
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to

Full URL: http://push.zhanzhang.baidu.com/push.js
Requested by: Host: www.94aixx.com
URL: http://www.94aixx.com/index.php
Protocol: HTTP/1.1
Server: 39.156.68.163 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: apache /
Resource Hash: 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

Referer: http://www.94aixx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
Server: apache
Etag: "4078521116"
Vary: Accept-Encoding
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 227
Expires: Mon, 28 Mar 2022 09:04:16 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 39 KB
14 KB 1028ms
501ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?8dd815ed8a74dfcd3b2b500a05515950

Requested by

Host: www.94aixx.com
URL: http://www.94aixx.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

2bc38d38e04fb43f5eb0bb3764f3ae618a4ea3309c3a1cb8bd0f7b0a6beff667

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://www.94aixx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:17 GMT
Content-Encoding: gzip
Server: apache
Etag: bdeb34ef4112ada77ae152b4a6d93413
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14041

GET
H/1.1 200
OK 20476367.js Show response
js.users.51.la/ 5 KB
3 KB 772ms
258ms Script
application/javascript 122.228.91.87
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20476367.js
Requested by: Host: www.94aixx.com
URL: http://www.94aixx.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 122.228.91.87 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 02816116650b4ff2d4961d21fcbe196562349e3c45103e494813430b432033a6

Request headers

Referer: http://www.94aixx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-id: 20476367
Date: Sun, 28 Mar 2021 09:04:16 GMT
Content-Encoding: gzip
X-Ws-Request-Id: 60604690_ianxin170_19379-52503
Age: 46514
Transfer-Encoding: chunked
X-Via: 1.1 PSjsczsxlx66:8 (Cdn Cache Server V2.0)[1 200 0], 1.1 PSjsyzdx6oq57:1 (Cdn Cache Server V2.0)[31 200 2], 1.1 xin113:10 (Cdn Cache Server V2.0)[0 200 0]
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
Request-Id: 0000017827D87C64904B5182565FAA36
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSxujX4GMgcaVE0Hi1QXD3ItTUetwUDY
Last-Modified: Tue Nov 12 21:03:38 CST 2019
Server: nginx/1.14.0
ETag: "f0a9016a34fc30ebb6f311e99617f415"
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
version-id: G001116E5FB660F8FFFF904B7085F82D

GET
H/1.1 200
OK s.gif
api.share.baidu.com/ 0
116 B 593ms
577ms Image
text/plain 39.156.68.163
CMNET-GD Guangdon...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.share.baidu.com/s.gif?l=http://www.94aixx.com/index.php
Requested by: Host: www.94aixx.com
URL: http://www.94aixx.com/index.php
Protocol: HTTP/1.1
Server: 39.156.68.163 , China, ASN9808 (CMNET-GD Guangdong Mobile Communication Co.Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.94aixx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:17 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET go1
ia.51.la/ 0
0

GET
H/1.1 200
OK common.php Show response
api-niuthree.com/ 121 B
590 B 1187ms
303ms XHR
text/html 198.16.53.162
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-niuthree.com/common.php?val=niuniutv&t=0.4982964030245083?v=010139142472652862

Requested by

Host: www.94aixx.com
URL: http://www.94aixx.com/common.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

198.16.53.162 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

843c730618e30dadd86fa2cc51241f4ed415741ddfdebef03ea2f0f554947907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://www.94aixx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:03:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST,GET,OPTIONS,DELETE
Content-Type: text/html;charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Cache: MISS from gia
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H/1.1 200
OK / Show response
a40d6ae.niuys35.com/ Frame E927 528 B
758 B 881ms
717ms Document
text/html 192.151.223.155
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://a40d6ae.niuys35.com/
Requested by: Host: www.94aixx.com
URL: http://www.94aixx.com/index.php
Protocol: HTTP/1.1
Server: 192.151.223.155 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: f1b5d30016ed1b7dd29a88ca954e49af97d2d5e83489b22796f13f8fa16b2449

Request headers

Host: a40d6ae.niuys35.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.94aixx.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.94aixx.com/

Response headers

ETag: "5ff46cdb-210"
Server: nginx
Date: Sun, 28 Mar 2021 09:03:31 GMT
Content-Type: text/html
Last-Modified: Tue, 05 Jan 2021 13:42:51 GMT
Accept-Ranges: bytes
X-Cache: MISS from hk
Content-Length: 528

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 364ms
364ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1274490494&si=8dd815ed8a74dfcd3b2b500a05515950&v=1.2.80&lv=1&sn=42738&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.94aixx.com%2Findex.php&tt=%E9%81%82%E5%AE%81%E5%8E%AE%E7%BA%AA%E5%B9%BF%E5%91%8A%E4%BC%A0%E5%AA%92%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.94aixx.com
URL: http://www.94aixx.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.94aixx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Mar 2021 09:04:18 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
a40d6ae.niuys35.com/js/ Frame E927 87 KB
34 KB 530ms
529ms Script
application/javascript 192.151.223.155
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://a40d6ae.niuys35.com/js/jquery-3.5.1.min.js
Requested by: Host: a40d6ae.niuys35.com
URL: http://a40d6ae.niuys35.com/
Protocol: HTTP/1.1
Server: 192.151.223.155 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

Referer: http://a40d6ae.niuys35.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:03:32 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 12:17:50 GMT
Server: nginx
ETag: W/"5ff458ee-15d86"
Vary: Accept-Encoding
X-Cache: MISS from hk
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Expires: Sun, 28 Mar 2021 21:03:32 GMT

GET
H/1.1 200
OK json.js Show response
a40d6ae.niuys35.com/js/ Frame E927 5 KB
2 KB 717ms
702ms Script
application/javascript 192.151.223.155
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://a40d6ae.niuys35.com/js/json.js
Requested by: Host: a40d6ae.niuys35.com
URL: http://a40d6ae.niuys35.com/
Protocol: HTTP/1.1
Server: 192.151.223.155 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 001e365445f04741e152f6f24e2c6a065454b652b193fdaf2573a3419975920b

Request headers

Referer: http://a40d6ae.niuys35.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:03:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 Feb 2021 12:36:35 GMT
Server: nginx
ETag: W/"602e5f53-1558"
Vary: Accept-Encoding
X-Cache: MISS from hk
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Expires: Sun, 28 Mar 2021 21:03:32 GMT

GET
H/1.1 200
OK config.json Show response
a40d6ae.niuys35.com/js/ Frame E927 732 B
969 B 520ms
519ms XHR
application/json 192.151.223.155
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://a40d6ae.niuys35.com/js/config.json?refresh=2021328Sun%20Mar%2028%202021%2011:04:19%20GMT+0200%20(Central%20European%20Summer%20Time)
Requested by: Host: a40d6ae.niuys35.com
URL: http://a40d6ae.niuys35.com/js/jquery-3.5.1.min.js
Protocol: HTTP/1.1
Server: 192.151.223.155 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: bce7b8d3a1a47a9e5147af139f45cceb3e9303cff6bd4c3aaffb1675e92a27e8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://a40d6ae.niuys35.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:03:33 GMT
Last-Modified: Sun, 28 Mar 2021 08:07:45 GMT
Server: nginx
ETag: "60603951-2dc"
X-Cache: MISS from hk
Content-Type: application/json
Accept-Ranges: bytes
Content-Length: 732

GET
H/1.1 200
OK hm.js
hm.baidu.com/ Frame E927 13 KB
0 352ms
352ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3

Requested by

Host: a40d6ae.niuys35.com
URL: http://a40d6ae.niuys35.com/js/json.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://a40d6ae.niuys35.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:20 GMT
Content-Encoding: gzip
Server: apache
Etag: 878d3783c7775373053c8234ae25edb6
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 14034

GET
H/1.1 200
OK / Show response
rmwzacfp.niuys99.work/ Frame E927 915 B
1 KB 327ms
301ms Document
text/html 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/
Requested by: Host: a40d6ae.niuys35.com
URL: http://a40d6ae.niuys35.com/js/json.js
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: /
Resource Hash: 6cf5b7ecd015d24fb2ce7ecd5f93d7021faf6c2310c3f0124b22890fb4ce6776

Request headers

Host: rmwzacfp.niuys99.work
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://a40d6ae.niuys35.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://a40d6ae.niuys35.com/

Response headers

Content-Type: text/html
Content-Length: 915
Pragma: no-cache
Cache-control: no-store

GET
H/1.1

200
OK

/ Show response
rmwzacfp.niuys99.work/ Frame E927
Redirect Chain

http://rmwzacfp.niuys99.work/?hgdgzi=t05om
http://rmwzacfp.niuys99.work/?hgdgzi=t05om

16 KB
4 KB

406ms
390ms

Document
text/html

23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Requested by: Host: www.94aixx.com
URL: http://www.94aixx.com/index.php
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f6807ac07674cdb38b8753f4caa68eaf0418ec84a9510f6c76068eef353529f

Request headers

Host: rmwzacfp.niuys99.work
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://rmwzacfp.niuys99.work/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://rmwzacfp.niuys99.work/

Response headers

Server: nginx
Date: Sun, 28 Mar 2021 09:04:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Location: /?hgdgzi=t05om
Connection: Close

GET
H/1.1 200
OK jquery.min.js Show response
rmwzacfp.niuys99.work/template/se119_3_22/js/ Frame E927 84 KB
33 KB 167ms
166ms Script
application/javascript 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/js/jquery.min.js
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e09aa31f396ea41d698f437dc5fc7125e931d400eb2873f5b68ef78c1e6f3a6

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 Mar 2021 17:14:10 GMT
Server: nginx
ETag: W/"60577ee2-14e4c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Mar 2021 21:04:21 GMT

GET
H/1.1 200
OK jquery.config.js Show response
rmwzacfp.niuys99.work/template/se119_3_22/js/ Frame E927 9 KB
3 KB 477ms
159ms Script
application/javascript 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/js/jquery.config.js
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: c2045a589040192ac774c568e06b1749d47cd1777457c07896bd70f95630a05d

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Mar 2021 14:05:19 GMT
Server: nginx
ETag: W/"6059f59f-230a"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Mar 2021 21:04:21 GMT

GET
H/1.1 200
OK bootstrap.min.css
rmwzacfp.niuys99.work/template/se119_3_22/css/ Frame E927 115 KB
23 KB 322ms
305ms Stylesheet
text/css 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/css/bootstrap.min.css
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 3b530cd9ca638c8ac54077118c792179de451ee7248d4dfb86c7614f497a06cd

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 12:45:18 GMT
Server: nginx
ETag: W/"5ed649de-1cb55"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Mar 2021 21:04:21 GMT

GET
H/1.1 200
OK style.css
rmwzacfp.niuys99.work/template/se119_3_22/css/ Frame E927 8 KB
3 KB 327ms
311ms Stylesheet
text/css 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/css/style.css
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 437d3a35d46d8efb9d3cc8e50dcfb42ab3340722171fc2874d3979fdd934551b

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 12:45:18 GMT
Server: nginx
ETag: W/"5ed649de-209f"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Mar 2021 21:04:21 GMT

GET
H/1.1 200
OK bootstrap-theme-flat-light-orange.css
rmwzacfp.niuys99.work/template/se119_3_22/css/ Frame E927 13 KB
3 KB 310ms
294ms Stylesheet
text/css 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/css/bootstrap-theme-flat-light-orange.css
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 26259b1f80d93a0a47b9e8a31b1e157cd784c74586d7e5a9543cc83826e1a6b9

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 12:45:18 GMT
Server: nginx
ETag: W/"5ed649de-32a8"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Mar 2021 21:04:21 GMT

GET
H/1.1 200
OK responsivepx.css
rmwzacfp.niuys99.work/template/se119_3_22/css/ Frame E927 19 KB
4 KB 318ms
302ms Stylesheet
text/css 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/css/responsivepx.css
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: ce1eeda299d37003ae8df77d116228b56232a777711e940514b32245f2b992ae

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 12:45:18 GMT
Server: nginx
ETag: W/"5ed649de-4b58"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Mar 2021 21:04:21 GMT

GET
H/1.1 200
OK css.css
rmwzacfp.niuys99.work/template/se119_3_22/css/ Frame E927 5 KB
2 KB 314ms
298ms Stylesheet
text/css 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/css/css.css
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 90eac3e5914e6168cbf856153890c1b03b07eb6454cab526e5c5bed0f45f1609

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Content-Encoding: gzip
Last-Modified: Sun, 21 Mar 2021 16:38:56 GMT
Server: nginx
ETag: W/"605776a0-131a"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Mar 2021 21:04:21 GMT

GET
H/1.1 200
OK index.css
rmwzacfp.niuys99.work/template/se119_3_22/css/ Frame E927 14 KB
4 KB 464ms
154ms Stylesheet
text/css 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/css/index.css
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: a23896dc3ad7c220a49cd95f81a2cff437818dba5f1e46a45e2ac6b70d83e7bd

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Mar 2021 16:01:16 GMT
Server: nginx
ETag: W/"6058bf4c-36f3"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Mar 2021 21:04:21 GMT

GET
H/1.1 200
OK home.css
rmwzacfp.niuys99.work/static/css/ Frame E927 21 KB
6 KB 473ms
159ms Stylesheet
text/css 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/static/css/home.css
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 14176ccce205f8d93c4e4a5ac9d5616eb7e7e98db90168b69854e4494946ed7c

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Aug 2020 02:10:40 GMT
Server: nginx
ETag: W/"5f39e720-5337"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Mar 2021 21:04:21 GMT

GET
H/1.1 200
OK home.js Show response
rmwzacfp.niuys99.work/static/js/ Frame E927 38 KB
11 KB 478ms
160ms Script
application/javascript 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/static/js/home.js
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c3a6ec3d46d0232dfbe258fc9ae849d7e29435f2ae66e388d0f6e5c42132417

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Apr 2020 14:28:02 GMT
Server: nginx
ETag: W/"5ea83d72-994e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 28 Mar 2021 21:04:21 GMT

GET
H/1.1 200
OK logo.png
rmwzacfp.niuys99.work/template/se119_3_22/img/ Frame E927 10 KB
10 KB 159ms
159ms Image
image/png 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/img/logo.png
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: f644bfd80cded8e1dcabe9b07e7e796c754b8dde1c8860665151313dcd732a7a

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Last-Modified: Mon, 22 Mar 2021 16:32:17 GMT
Server: nginx
ETag: "6058c691-260f"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9743
Expires: Tue, 27 Apr 2021 09:04:21 GMT

GET
H/1.1 200
OK 1.gif
rmwzacfp.niuys99.work/template/se119_3_22/img/ Frame E927 254 B
556 B 160ms
160ms Image
image/gif 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/img/1.gif
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Last-Modified: Tue, 02 Jun 2020 12:47:04 GMT
Server: nginx
ETag: "5ed64a48-fe"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 254
Expires: Tue, 27 Apr 2021 09:04:21 GMT

GET
H2 200 jdlksmcjxje1202jdlksmcjxje2329056.jpg
pic.lbtp88.com/upload/vod/2020/04-30/12/ Frame E927 7 KB
7 KB 48ms
17ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-30/12/jdlksmcjxje1202jdlksmcjxje2329056.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a2ba05e392980551c4fe1abdcec5bef35f1f7a79ab8c000591850eba263fc9f

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3465
cf-polished: qual=85, origFmt=jpeg, origSize=8889
content-disposition: inline; filename="jdlksmcjxje1202jdlksmcjxje2329056.webp"
content-length: 6936
cf-request-id: 0919acd1230000dff328025000000001
last-modified: Thu, 30 Apr 2020 04:02:23 GMT
server: cloudflare
etag: "6dc3fb26a41ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c83b03dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 xdsjtk504ym1202xdsjtk504ym2329060.jpg
pic.lbtp88.com/upload/vod/2020/04-30/12/ Frame E927 8 KB
8 KB 58ms
27ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-30/12/xdsjtk504ym1202xdsjtk504ym2329060.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b27911537ea17e2c95106f24fcc3d6316d59c3d4d766bff811f9e9ebe691fb8

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3465
cf-polished: qual=85, origFmt=jpeg, origSize=10583
content-disposition: inline; filename="xdsjtk504ym1202xdsjtk504ym2329060.webp"
content-length: 8216
cf-request-id: 0919acd1230000dff33e095000000001
last-modified: Thu, 30 Apr 2020 04:02:24 GMT
server: cloudflare
etag: "94488127a41ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c83b04dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 wxn4eeswlyr1202wxn4eeswlyr2429064.jpg
pic.lbtp88.com/upload/vod/2020/04-30/12/ Frame E927 4 KB
4 KB 53ms
23ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-30/12/wxn4eeswlyr1202wxn4eeswlyr2429064.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf449ab6d336a3fc525583562d1e8375fc09fd9552dd6736667a5ad65424820

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3465
cf-polished: qual=85, origFmt=jpeg, origSize=6008
content-disposition: inline; filename="wxn4eeswlyr1202wxn4eeswlyr2429064.webp"
content-length: 3924
cf-request-id: 0919acd1250000dff33e096000000001
last-modified: Thu, 30 Apr 2020 04:02:24 GMT
server: cloudflare
etag: "558228a41ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c83b05dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 xf5u2po1qjt1202xf5u2po1qjt1729026.jpg
pic.lbtp88.com/upload/vod/2020/04-30/12/ Frame E927 8 KB
9 KB 52ms
22ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-30/12/xf5u2po1qjt1202xf5u2po1qjt1729026.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6b6763fa9346579b69d6540b8d8416002347a5f00a1c06515db559e179601c4

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3656
cf-polished: qual=85, origFmt=jpeg, origSize=10521
content-disposition: inline; filename="xf5u2po1qjt1202xf5u2po1qjt1729026.webp"
content-length: 8524
cf-request-id: 0919acd1230000dff3d0b22000000001
last-modified: Thu, 30 Apr 2020 04:02:17 GMT
server: cloudflare
etag: "aba86c23a41ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c83b06dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 n51jxj2ps101202n51jxj2ps101729032.jpg
pic.lbtp88.com/upload/vod/2020/04-30/12/ Frame E927 9 KB
9 KB 46ms
16ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-30/12/n51jxj2ps101202n51jxj2ps101729032.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50925e6d702399a3c1442fe1f1ae2802b087a00c52d93c8b0532dba0bbe697d9

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3656
cf-polished: qual=85, origFmt=jpeg, origSize=10495
content-disposition: inline; filename="n51jxj2ps101202n51jxj2ps101729032.webp"
content-length: 9076
cf-request-id: 0919acd1240000dff302856000000001
last-modified: Thu, 30 Apr 2020 04:02:18 GMT
server: cloudflare
etag: "fa67ed23a41ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c83b07dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 va4bxi4khgn1202va4bxi4khgn1829036.jpg
pic.lbtp88.com/upload/vod/2020/04-30/12/ Frame E927 8 KB
8 KB 50ms
20ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-30/12/va4bxi4khgn1202va4bxi4khgn1829036.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd7e5944189ec14bd5352e229d6b7b1addeaa29f387a9ee9d2a774a969188bf8

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3656
cf-polished: qual=85, origFmt=jpeg, origSize=9411
content-disposition: inline; filename="va4bxi4khgn1202va4bxi4khgn1829036.webp"
content-length: 8372
cf-request-id: 0919acd1240000dff3311d5000000001
last-modified: Thu, 30 Apr 2020 04:02:18 GMT
server: cloudflare
etag: "e2bf7024a41ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c83b08dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 bmjo0lgizf11202bmjo0lgizf11929040.jpg
pic.lbtp88.com/upload/vod/2020/04-30/12/ Frame E927 6 KB
6 KB 16ms
14ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-30/12/bmjo0lgizf11202bmjo0lgizf11929040.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ada6d61e12a588c6bb73799755cd4e568387bbe8c2974241c9abcc6562a9519

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3656
cf-polished: qual=85, origFmt=jpeg, origSize=7249
content-disposition: inline; filename="bmjo0lgizf11202bmjo0lgizf11929040.webp"
content-length: 5900
cf-request-id: 0919acd1360000dff3d88d3000000001
last-modified: Thu, 30 Apr 2020 04:02:19 GMT
server: cloudflare
etag: "aa9df124a41ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b19dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 puvtigj1fx21202puvtigj1fx22029044.jpg
pic.lbtp88.com/upload/vod/2020/04-30/12/ Frame E927 6 KB
6 KB 15ms
13ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-30/12/puvtigj1fx21202puvtigj1fx22029044.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e80790f5e9f4c69d3d118e9bbad1eab04a8a9eaa1567e753f5b6259758b2f73

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3656
cf-polished: qual=85, origFmt=jpeg, origSize=8197
content-disposition: inline; filename="puvtigj1fx21202puvtigj1fx22029044.webp"
content-length: 5894
cf-request-id: 0919acd1360000dff31c2a5000000001
last-modified: Thu, 30 Apr 2020 04:02:20 GMT
server: cloudflare
etag: "255d7225a41ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b1adff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 uhev2z1gelq0603uhev2z1gelq5732378.jpg
pic.lbtp88.com/upload/vod/2020/05-01/06/ Frame E927 7 KB
7 KB 22ms
20ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/05-01/06/uhev2z1gelq0603uhev2z1gelq5732378.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e37a664af1399d1bc18c16c46ba25ae26cab4a83c1e50c8c254c086b6755229d

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3785
cf-polished: qual=85, origFmt=jpeg, origSize=9513
content-disposition: inline; filename="uhev2z1gelq0603uhev2z1gelq5732378.webp"
content-length: 7020
cf-request-id: 0919acd1360000dff32da94000000001
last-modified: Thu, 30 Apr 2020 22:03:57 GMT
server: cloudflare
etag: "eaac3d3f3b1fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b1bdff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 b1pdsky3ril0603b1pdsky3ril5832382.jpg
pic.lbtp88.com/upload/vod/2020/05-01/06/ Frame E927 12 KB
12 KB 21ms
19ms Image
image/jpeg 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/05-01/06/b1pdsky3ril0603b1pdsky3ril5832382.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab820193eb452c2d1d711b3b88da6d7be866f6251c3f639feecd2411c82ec319

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3785
cf-polished: origSize=12696, status=webp_bigger
content-length: 12110
cf-request-id: 0919acd1360000dff3dab7e000000001
last-modified: Thu, 30 Apr 2020 22:03:58 GMT
server: cloudflare
etag: "d3f5c73f3b1fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b1ddff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 lupm0psklz10603lupm0psklz15932386.jpg
pic.lbtp88.com/upload/vod/2020/05-01/06/ Frame E927 8 KB
8 KB 22ms
21ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/05-01/06/lupm0psklz10603lupm0psklz15932386.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2afe3524dcfc7efad5d9fd7da7cf363681e4b8b16b166a74f5d431b72ed0b0da

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3785
cf-polished: qual=85, origFmt=jpeg, origSize=9609
content-disposition: inline; filename="lupm0psklz10603lupm0psklz15932386.webp"
content-length: 8198
cf-request-id: 0919acd1390000dff3fa961000000001
last-modified: Thu, 30 Apr 2020 22:03:59 GMT
server: cloudflare
etag: "8cb548403b1fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b1fdff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 14ugpymk21f060414ugpymk21f0032390.jpg
pic.lbtp88.com/upload/vod/2020/05-01/06/ Frame E927 8 KB
9 KB 15ms
14ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/05-01/06/14ugpymk21f060414ugpymk21f0032390.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53a5256e695b24bc972a4736bef8ded6b421095714b00666cacd8b6f9f675e93

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3785
cf-polished: qual=85, origFmt=jpeg, origSize=9514
content-disposition: inline; filename="14ugpymk21f060414ugpymk21f0032390.webp"
content-length: 8666
cf-request-id: 0919acd1370000dff34116c000000001
last-modified: Thu, 30 Apr 2020 22:04:00 GMT
server: cloudflare
etag: "e2b0c4403b1fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b21dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 b0jyxstakg00604b0jyxstakg00132394.jpg
pic.lbtp88.com/upload/vod/2020/05-01/06/ Frame E927 15 KB
15 KB 15ms
13ms Image
image/jpeg 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/05-01/06/b0jyxstakg00604b0jyxstakg00132394.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c931dd8d3df1aefb6e0f062bf87ebce68b5563e20ef6921eac98d6b480e2fd3

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3785
cf-polished: origSize=15842, status=webp_bigger
content-length: 15083
cf-request-id: 0919acd1370000dff311898000000001
last-modified: Thu, 30 Apr 2020 22:04:01 GMT
server: cloudflare
etag: "73354a413b1fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b22dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 iafj2cgw5jc0604iafj2cgw5jc0232398.jpg
pic.lbtp88.com/upload/vod/2020/05-01/06/ Frame E927 11 KB
11 KB 21ms
20ms Image
image/jpeg 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/05-01/06/iafj2cgw5jc0604iafj2cgw5jc0232398.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88546d79614efade39e39a7cdeaca3eb64f4a410a3606c4483a7b3f29b136668

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 2599
cf-polished: origSize=11241, status=webp_bigger
content-length: 10803
cf-request-id: 0919acd1380000dff341b82000000001
last-modified: Thu, 30 Apr 2020 22:04:02 GMT
server: cloudflare
etag: "5ff4ca413b1fd61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b23dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 mu0bi0mplst1804mu0bi0mplst1626464.jpg
pic.lbtp88.com/upload/vod/2020/04-29/18/ Frame E927 7 KB
8 KB 26ms
25ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-29/18/mu0bi0mplst1804mu0bi0mplst1626464.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15b6efa953b286daf81afdded8536f71d41cdeb229083b9ce503fd425206e41f

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3086
cf-polished: qual=85, origFmt=jpeg, origSize=8670
content-disposition: inline; filename="mu0bi0mplst1804mu0bi0mplst1626464.webp"
content-length: 7582
cf-request-id: 0919acd1380000dff3f7ae3000000001
last-modified: Wed, 29 Apr 2020 10:04:16 GMT
server: cloudflare
etag: "4fdb58ad1ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b24dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 a1gavdabxj31804a1gavdabxj31726472.jpg
pic.lbtp88.com/upload/vod/2020/04-29/18/ Frame E927 7 KB
7 KB 17ms
16ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-29/18/a1gavdabxj31804a1gavdabxj31726472.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e58be73ac0dce41f8fa016b54c8b773e366eb6ad458f9398a97cc82caf153fa8

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 3086
cf-polished: qual=85, origFmt=jpeg, origSize=8418
content-disposition: inline; filename="a1gavdabxj31804a1gavdabxj31726472.webp"
content-length: 7392
cf-request-id: 0919acd1380000dff3e3126000000001
last-modified: Wed, 29 Apr 2020 10:04:17 GMT
server: cloudflare
etag: "bfa8428bd1ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b25dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 kveknf2i3oz1804kveknf2i3oz1826482.jpg
pic.lbtp88.com/upload/vod/2020/04-29/18/ Frame E927 9 KB
9 KB 18ms
17ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-29/18/kveknf2i3oz1804kveknf2i3oz1826482.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a023636540da2f3662fb22a71e10e73fe28cab3e78b1aa439de58d4fb7fffaa

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 2527
cf-polished: qual=85, origFmt=jpeg, origSize=10024
content-disposition: inline; filename="kveknf2i3oz1804kveknf2i3oz1826482.webp"
content-length: 9278
cf-request-id: 0919acd1380000dff31392d000000001
last-modified: Wed, 29 Apr 2020 10:04:18 GMT
server: cloudflare
etag: "c3f1cc8bd1ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b26dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 sjx0emjp2v01804sjx0emjp2v01926490.jpg
pic.lbtp88.com/upload/vod/2020/04-29/18/ Frame E927 9 KB
9 KB 19ms
18ms Image
image/webp 2606:4700:10::6816:2452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.lbtp88.com/upload/vod/2020/04-29/18/sjx0emjp2v01804sjx0emjp2v01926490.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6519d3a2162d04699731398c251a344230e6a7ef413ee2506ec7df12b123627

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
cf-cache-status: HIT
age: 2283
cf-polished: qual=85, origFmt=jpeg, origSize=10393
content-disposition: inline; filename="sjx0emjp2v01804sjx0emjp2v01926490.webp"
content-length: 9380
cf-request-id: 0919acd1380000dff336837000000001
last-modified: Wed, 29 Apr 2020 10:04:19 GMT
server: cloudflare
etag: "3876528cd1ed61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 636fb0c85b27dff3-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame E927 39 KB
14 KB 1106ms
598ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?e7191e5689b911df153e7a3714bcb7c3

Requested by

Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

414b8f25fd3def63c194e7769b2c71424cd8b1ae3fcd154951134df57c8f181f

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:22 GMT
Content-Encoding: gzip
Server: apache
Etag: b1a1cb8245931dc267af17e939c9978e
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14034

GET
H/1.1 200
OK banner.json Show response
rmwzacfp.niuys99.work/template/se119_3_22/html/advertised/ Frame E927 13 KB
13 KB 160ms
160ms XHR
application/json 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/html/advertised/banner.json?refresh=2021328Sun%20Mar%2028%202021%2011:04:21%20GMT+0200%20(Central%20European%20Summer%20Time)
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/template/se119_3_22/js/jquery.min.js
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: e6af3458e5e9045f3f7216004cccea7fa8163863d6ed1a9779fea4444812b0cf

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Last-Modified: Sat, 27 Mar 2021 14:21:50 GMT
Server: nginx
ETag: "605f3f7e-324a"
Content-Type: application/json
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12874

GET
H/1.1 200
OK loading.gif
rmwzacfp.niuys99.work/template/se119_3_22/images/ Frame E927 10 KB
10 KB 159ms
159ms Image
image/gif 23.225.6.220
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://rmwzacfp.niuys99.work/template/se119_3_22/images/loading.gif
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/template/se119_3_22/css/style.css
Protocol: HTTP/1.1
Server: 23.225.6.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: f644bfd80cded8e1dcabe9b07e7e796c754b8dde1c8860665151313dcd732a7a

Request headers

Referer: http://rmwzacfp.niuys99.work/template/se119_3_22/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:21 GMT
Last-Modified: Mon, 22 Mar 2021 17:07:32 GMT
Server: nginx
ETag: "6058ced4-260f"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9743
Expires: Tue, 27 Apr 2021 09:04:21 GMT

GET
H/1.1 200
OK 0
p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956NibqCe7kWfvE0r6mkgnshhPxAv8oev7UdCEDzx9JsgcMDK0/ Frame E927 275 KB
275 KB 1762ms
930ms Image
image/gif 240e:ff:f101:10::14b
CHINANET-IDC-GD C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956NibqCe7kWfvE0r6mkgnshhPxAv8oev7UdCEDzx9JsgcMDK0/0
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:ff:f101:10::14b , China, ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN),
Reverse DNS
Software: NWSs /
Resource Hash: 7bcabac31b5ed1f9d3d0cfc81221b8db58268bd3f9d948a57d6d30c4bb5ab3fe

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-DataSrc: 2
Date: Sun, 28 Mar 2021 09:04:23 GMT
Size: 281180
Connection: keep-alive
Content-Length: 281180
X-Info: real data
X-ReqGue: 0
User-ReturnCode: 0
fid: 0
Last-Modified: Wed, 27 Jan 2021 14:25:24 GMT
Server: NWSs
X-Cpt: filename=0
Vary: Accept,Origin
chid: 0
X-Delay: 1919 us
Cache-Control: max-age=2592000
X-BCheck: 0_1
X-NWS-LOG-UUID: 36ca250a-9781-40a2-b71d-bd114e5f2c6b
Content-Type: image/gif

GET
H/1.1 200
OK 0
p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956NibqWwRR6aicQEJzictA4ZzU65iazn4Tj4ibictb3naoClWG4anc/ Frame E927 313 KB
313 KB 2556ms
1706ms Image
image/gif 240e:ff:f101:10::14b
CHINANET-IDC-GD C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956NibqWwRR6aicQEJzictA4ZzU65iazn4Tj4ibictb3naoClWG4anc/0
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:ff:f101:10::14b , China, ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN),
Reverse DNS
Software: NWSs /
Resource Hash: 37a739d0714efccac07329e65ec00896fa49e672fe9ca8a83e82ea7f2ae9f0e4

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-DataSrc: 2
Date: Sun, 28 Mar 2021 09:04:24 GMT
Size: 320198
Connection: keep-alive
Content-Length: 320198
X-Info: real data
X-ReqGue: 0
User-ReturnCode: 0
fid: 0
Last-Modified: Sun, 31 Jan 2021 12:40:42 GMT
Server: NWSs
X-Cpt: filename=0
Vary: Accept,Origin
chid: 0
X-Delay: 20339 us
Cache-Control: max-age=2592000
X-BCheck: 0_1
X-NWS-LOG-UUID: 676220b9-61d9-427b-8980-09bcc250a3b1
Content-Type: image/gif

GET
H2

200

e11691761564477d9f308a739dcb254f
p1-tt-ipv6.byteimg.com/origin/pgc-image/ Frame E927
Redirect Chain

https://img.downk.cc/item/5fe4637b35bec759f8ce598d.gif
https://p1-tt-ipv6.byteimg.com/origin/pgc-image/e11691761564477d9f308a739dcb254f

311 KB
313 KB

273ms
9ms

Image
image/gif

2a01:53c0:ff0d::b
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1-tt-ipv6.byteimg.com/origin/pgc-image/e11691761564477d9f308a739dcb254f
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:53c0:ff0d::b , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx / ImageX
Resource Hash: d8e2059a3a13106c052d2a3dae3b28e6ec4babb1ed5e7dd383323d8257ce5a0a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:23 GMT
x-response-lb: image
x-tt-trace-tag: id=00;cdn-cache=miss
age: 1
nw-session-id: 20210326100422010194098217012B1F7E-db4710ec-5af7-498c-aae6-8ef89e1a520602tt
x-powered-by: ImageX
x-via: 1.1 PSjszjsx4tk69:11 (Cdn Cache Server V2.0), 1.1 PShnlhwt2cj40:12 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2gb73:10 (Cdn Cache Server V2.0)
x-bdcdn-cache-status: TCP_MISS
server-timing: inner; dur=43
x-length: 318825
x-tt-trace-host: 016f474b376ce297a4c94ed4be0f787597c0cf32142f8047df0e2a41051d1353f4d4e9cd45a3d58f853be928447ed8aaabcec1591c14bd8565f55c57d5e56a65c200453b1ec73b052b0d5df326d788c685daf9f745758354252f8394710260409e
content-length: 318825
last-modified: Fri, 26 Mar 2021 10:04:22 GMT
server: nginx
x-tt-logid: 20210326100422010194098217012B1F7E
x-response-date: Fri, 26 Mar 2021 10:04:22 GMT
x-ws-request-id: 60604697_PSdgflkfFRA2lp7_63779-41407
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-03-26T10:04:22.539123156+08:00 30
cache-control: max-age=31536000
x-response-cinfo: 2a01:4f8:192:5414::2
x-response-cache: edge_hit
x-cache-new: HIT

Redirect headers

location: https://p1-tt-ipv6.byteimg.com/origin/pgc-image/e11691761564477d9f308a739dcb254f
referrer-policy: no-referrer

GET
H/1.1 200
OK 0
p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956NibqWwRR6aicQEJy7yhE0TlgVmkFWHyYb9tGqA28nk92ZnuA/ Frame E927 825 KB
825 KB 2072ms
1205ms Image
image/gif 240e:ff:f101:10::14b
CHINANET-IDC-GD C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956NibqWwRR6aicQEJy7yhE0TlgVmkFWHyYb9tGqA28nk92ZnuA/0
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:ff:f101:10::14b , China, ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN),
Reverse DNS
Software: NWSs /
Resource Hash: e0128961877cc026a9f20f742855b72471027b0b7bfa7ce2a2a957fe91485e03

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-DataSrc: 2
Date: Sun, 28 Mar 2021 09:04:22 GMT
Size: 844353
Connection: keep-alive
Content-Length: 844353
X-Info: real data
X-ReqGue: 0
User-ReturnCode: 0
fid: 0
Last-Modified: Sun, 31 Jan 2021 12:40:44 GMT
Server: NWSs
X-Cpt: filename=0
Vary: Accept,Origin
chid: 0
X-Delay: 7706 us
Cache-Control: max-age=2592000
X-BCheck: 0_1
X-NWS-LOG-UUID: 96b4da04-39b5-4b76-828c-3544f1447c78
Content-Type: image/gif

GET
H/1.1 200
OK 0
p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956NibqLzzykGgOUuxHt3Sj3wG3snldVnicYdYqV4lnYTtiaSoG8/ Frame E927 278 KB
279 KB 4676ms
3802ms Image
image/gif 240e:ff:f101:10::14b
CHINANET-IDC-GD C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956NibqLzzykGgOUuxHt3Sj3wG3snldVnicYdYqV4lnYTtiaSoG8/0
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:ff:f101:10::14b , China, ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN),
Reverse DNS
Software: NWSs /
Resource Hash: 76fcf9fa661a0215b87f8d3357c3d7eecf478826b9761f9c61622bd76802043a

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-DataSrc: 2
Date: Sun, 28 Mar 2021 09:04:26 GMT
Size: 284932
Connection: keep-alive
Content-Length: 284932
X-Info: real data
X-ReqGue: 0
User-ReturnCode: 0
fid: 0
Last-Modified: Thu, 24 Dec 2020 17:33:23 GMT
Server: NWSs
X-Cpt: filename=0
Vary: Accept,Origin
chid: 0
X-Delay: 66 us
Cache-Control: max-age=2592000
X-BCheck: 0_1
X-NWS-LOG-UUID: b0c918fc-10f1-4165-8583-cb1871cb65fd
Content-Type: image/gif

GET
H2 200 0
p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956NibqWwRR6aicQEJymPPd2UXC0dibprV4Qk6oxBOBJxKjl9V3Q/ Frame E927 543 KB
544 KB 1337ms
289ms Image
image/gif 203.205.254.152
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.qlogo.cn/qqmail_head/kfPrqqibXL5PH64066IckA0MruD956NibqWwRR6aicQEJymPPd2UXC0dibprV4Qk6oxBOBJxKjl9V3Q/0
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.205.254.152 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Qnginx/1.4.4 /
Resource Hash: 47106f78f97adb15283ddfaa0b7189d3fa4d969f40a09e28a9dbc4762418cda1

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-datasrc: 2
date: Sun, 28 Mar 2021 09:04:23 GMT
size: 556385
content-length: 556385
x-info: real data
x-reqgue: 0
user-returncode: 0
fid: 0
last-modified: Sun, 31 Jan 2021 12:40:40 GMT
server: Qnginx/1.4.4
x-cpt: filename=0
vary: Accept,Origin
chid: 0
x-delay: 34955 us
cache-control: max-age=2592000
x-bcheck: 0_1
x-nws-log-uuid: 7896212a-85e2-4aca-a0cd-66df46226f1d
content-type: image/gif

GET
H2 200 hf.gif
77piclive.com/niuniu/ Frame E927 526 KB
528 KB 52ms
22ms Image
image/gif 2606:4700:3032::6815:5b7d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://77piclive.com/niuniu/hf.gif

Requested by

Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:5b7d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca3a7d697e683d45c16abf4ff7113804fc6a358b4f74f5a65768c645acd5ff53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 09:04:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1709649
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 539122
cf-request-id: 0919acd1d80000c2e500aeb000000001
last-modified: Sat, 30 Jan 2021 04:43:57 GMT
server: cloudflare
etag: "6014e40d-839f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ylOXE8YTGuESNz08Mi6pO0FrKXu7Cq%2BL7IBx3tI%2Fs5HKuOWj4B1cb7ixupg%2BBWPOyRrBg8eiRDdP357xCbaZt3ogn88tmtk9FA3Aw2xfB%2Fz1xMiTT96Ucd5h"}],"max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 636fb0c95ef3c2e5-FRA
expires: Wed, 07 Apr 2021 14:10:12 GMT

GET
H2 200 8576049372_872274545.jpg
cbu01.alicdn.com/img/ibank/2018/273/940/ Frame E927 24 KB
25 KB 92ms
39ms Image
image/gif 163.181.56.252
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbu01.alicdn.com/img/ibank/2018/273/940/8576049372_872274545.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.252 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 69c5b8122b980defa03a59ee4caeb318726602c01771d6b483836d5f091b9e8e

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 15:44:35 GMT
via: cache23.l2de2[0,200-0,H], cache3.l2de2[1,0], cache3.l2de2[1,0], cache8.de3[0,0,200-0,H], cache11.de3[1,0]
age: 8270387
x-cache: HIT TCP_MEM_HIT dirn:13:421142783
x-swift-cachetime: 23806247
x-swift-savetime: Mon, 22 Mar 2021 02:53:48 GMT
content-length: 24854
last-modified: Fri, 09 Mar 2018 12:39:57 GMT
server: Tengine
ali-swift-global-savetime: 1608651875
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
eagleid: a3b5389f16169222620164149e
expires: Wed, 22 Dec 2021 15:44:35 GMT

GET
H2 200 9730974820_1165462224.jpg
cbu01.alicdn.com/img/ibank/2018/028/479/ Frame E927 1 MB
1 MB 103ms
49ms Image
image/gif 163.181.56.252
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbu01.alicdn.com/img/ibank/2018/028/479/9730974820_1165462224.jpg
Requested by: Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.252 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: a16ce8928c8d0a9aa6f8562d1d111bb9442b591f6d77318533a8831bd616a068

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Dec 2020 19:00:30 GMT
via: cache13.l2de2[0,200-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache10.de3[0,0,200-0,H], cache11.de3[1,0]
age: 8258632
x-cache: HIT TCP_MEM_HIT dirn:13:225807061
x-swift-cachetime: 27804177
x-swift-savetime: Wed, 03 Feb 2021 23:37:33 GMT
content-length: 1216473
last-modified: Sun, 25 Nov 2018 06:07:11 GMT
server: Tengine
ali-swift-global-savetime: 1608663630
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
eagleid: a3b5389f16169222620164151e
expires: Wed, 22 Dec 2021 19:00:30 GMT

GET
H/1.1 200
OK ziyuanwei1.gif
cdn.gf.qubo.longshenghaigongmao.com/niu/niuniu/ Frame E927 218 KB
218 KB 709ms
53ms Image
image/gif 52.51.89.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.gf.qubo.longshenghaigongmao.com/niu/niuniu/ziyuanwei1.gif

Requested by

Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.89.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-89-237.eu-west-1.compute.amazonaws.com

Software

NWS_Oversea_AP /

Resource Hash

2bcba35aa3d338638907e84a2e61aafdfccc1935c68d1c9b0e1679d744113e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:22 GMT
X-Cache-Lookup: Hit From Disktank3
Last-Modified: Sun, 08 Nov 2020 04:57:34 GMT
Server: NWS_Oversea_AP
ETag: "5fa77abe-3678b"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: d058e9d5-7798-4ee3-acb4-971c9b94cfd5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 223115
Expires: Sun, 18 Apr 2021 02:32:33 GMT

GET
H/1.1 200
OK ziyuanwei2.gif
cdn.gf.qubo.longshenghaigongmao.com/niu/niuniu/ Frame E927 26 KB
27 KB 718ms
54ms Image
image/gif 52.51.89.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.gf.qubo.longshenghaigongmao.com/niu/niuniu/ziyuanwei2.gif

Requested by

Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.89.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-89-237.eu-west-1.compute.amazonaws.com

Software

NWS_Oversea_AP /

Resource Hash

305aae2b41afa7bff80f40ec54d61e0722ca8f90a969a4e8fc92bbad4056f9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:22 GMT
X-Cache-Lookup: Hit From Disktank3
Last-Modified: Sun, 08 Nov 2020 04:57:40 GMT
Server: NWS_Oversea_AP
ETag: "5fa77ac4-6881"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: a40d87b3-96a5-4a73-a5a9-97e8265db90d
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26753
Expires: Sun, 18 Apr 2021 02:32:40 GMT

GET
H/1.1 200
OK 151.gif
cdn.gf.qubo.longshenghaigongmao.com/niu/niuniu/ Frame E927 29 KB
30 KB 722ms
57ms Image
image/gif 52.51.89.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.gf.qubo.longshenghaigongmao.com/niu/niuniu/151.gif

Requested by

Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.89.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-89-237.eu-west-1.compute.amazonaws.com

Software

NWS_Oversea_AP /

Resource Hash

7684351c61396652f1d8a65ef9a10b95a86a17cd0272348fc4c7d2f473b526f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:22 GMT
X-Cache-Lookup: Hit From Disktank3
Last-Modified: Sun, 08 Nov 2020 04:57:30 GMT
Server: NWS_Oversea_AP
ETag: "5fa77aba-74fa"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: a086dd05-8d94-4792-b1e4-a029c13b20eb
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29946
Expires: Sun, 18 Apr 2021 02:30:11 GMT

GET
H/1.1 200
OK 2977.gif
cdn.gf.qubo.longshenghaigongmao.com/niu/niuniu/ Frame E927 180 KB
181 KB 725ms
60ms Image
image/gif 52.51.89.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.gf.qubo.longshenghaigongmao.com/niu/niuniu/2977.gif

Requested by

Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.89.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-89-237.eu-west-1.compute.amazonaws.com

Software

NWS_Oversea_AP /

Resource Hash

c56ec1c3ff2937e09f239be186b30204fd63ecfa79ce31256a179e61e26b7422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 09:04:22 GMT
X-Cache-Lookup: Hit From Disktank3
Last-Modified: Sun, 08 Nov 2020 04:57:44 GMT
Server: NWS_Oversea_AP
ETag: "5fa77ac8-2d104"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: max-age=2592000
X-NWS-LOG-UUID: b6a704c7-b87d-455f-a637-d3053b98269e
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 184580
Expires: Sun, 18 Apr 2021 02:24:38 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame E927 43 B
299 B 342ms
341ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1252691376&si=e7191e5689b911df153e7a3714bcb7c3&su=http%3A%2F%2Frmwzacfp.niuys99.work%2F&v=1.2.80&lv=1&sn=42743&r=0&ww=1600&ct=!!&u=http%3A%2F%2Frmwzacfp.niuys99.work%2F%3Fhgdgzi%3Dt05om&tt=%E7%89%9B%E7%89%9B%E5%BD%B1%E9%99%A2

Requested by

Host: rmwzacfp.niuys99.work
URL: http://rmwzacfp.niuys99.work/?hgdgzi=t05om

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://rmwzacfp.niuys99.work/?hgdgzi=t05om
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Mar 2021 09:04:23 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ia.51.la
URL: http://ia.51.la/go1?id=20476367&rt=1616922256776&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1616922256776&tt=%25E9%2581%2582%25E5%25AE%2581%25E5%258E%25AE%25E7%25BA%25AA%25E5%25B9%25BF%25E5%2591%258A%25E4%25BC%25A0%25E5%25AA%2592%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.94aixx.com%252Findex.php&pu=

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.94aixx.com/common.js(Line 6) Message: 1
console-api	log	URL: http://www.94aixx.com/common.js(Line 54) Message: 2
console-api	log	URL: http://www.94aixx.com/common.js(Line 59) Message: 0*DIVshowcloneshengxiaon
console-api	log	URL: http://www.94aixx.com/common.js(Line 59) Message: 1*STYLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

77piclive.com
94aixx.com
a40d6ae.niuys35.com
api-niuthree.com
api.share.baidu.com
cbu01.alicdn.com
cdn.gf.qubo.longshenghaigongmao.com
hm.baidu.com
ia.51.la
img.downk.cc
js.users.51.la
p.qlogo.cn
p1-tt-ipv6.byteimg.com
pic.lbtp88.com
push.zhanzhang.baidu.com
rmwzacfp.niuys99.work
www.94aixx.com
ia.51.la
103.235.46.191
107.160.158.47
122.228.91.87
163.181.56.252
192.151.223.155
198.16.53.162
203.205.254.152
23.225.6.220
240e:ff:f101:10::14b
2606:4700:10::6816:2452
2606:4700:3032::6815:5b7d
2a01:53c0:ff0d::b
39.156.68.163
52.51.89.237
61.160.221.140
001e365445f04741e152f6f24e2c6a065454b652b193fdaf2573a3419975920b
02816116650b4ff2d4961d21fcbe196562349e3c45103e494813430b432033a6
0c931dd8d3df1aefb6e0f062bf87ebce68b5563e20ef6921eac98d6b480e2fd3
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
14176ccce205f8d93c4e4a5ac9d5616eb7e7e98db90168b69854e4494946ed7c
15b6efa953b286daf81afdded8536f71d41cdeb229083b9ce503fd425206e41f
1a2ba05e392980551c4fe1abdcec5bef35f1f7a79ab8c000591850eba263fc9f
21f42dda04dd4a4f7331abc111850d75e7dcc12eaa2b392a97e73a2a4b1b3b2d
26259b1f80d93a0a47b9e8a31b1e157cd784c74586d7e5a9543cc83826e1a6b9
2a023636540da2f3662fb22a71e10e73fe28cab3e78b1aa439de58d4fb7fffaa
2afe3524dcfc7efad5d9fd7da7cf363681e4b8b16b166a74f5d431b72ed0b0da
2bc38d38e04fb43f5eb0bb3764f3ae618a4ea3309c3a1cb8bd0f7b0a6beff667
2bcba35aa3d338638907e84a2e61aafdfccc1935c68d1c9b0e1679d744113e70
2c3a6ec3d46d0232dfbe258fc9ae849d7e29435f2ae66e388d0f6e5c42132417
2ea020b0b1413878aec534ff56463126aa1b70540062895f4d4dbd6e067f02e7
305aae2b41afa7bff80f40ec54d61e0722ca8f90a969a4e8fc92bbad4056f9ef
37a739d0714efccac07329e65ec00896fa49e672fe9ca8a83e82ea7f2ae9f0e4
3b530cd9ca638c8ac54077118c792179de451ee7248d4dfb86c7614f497a06cd
414b8f25fd3def63c194e7769b2c71424cd8b1ae3fcd154951134df57c8f181f
437d3a35d46d8efb9d3cc8e50dcfb42ab3340722171fc2874d3979fdd934551b
47106f78f97adb15283ddfaa0b7189d3fa4d969f40a09e28a9dbc4762418cda1
50925e6d702399a3c1442fe1f1ae2802b087a00c52d93c8b0532dba0bbe697d9
53a5256e695b24bc972a4736bef8ded6b421095714b00666cacd8b6f9f675e93
5f6807ac07674cdb38b8753f4caa68eaf0418ec84a9510f6c76068eef353529f
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
69c5b8122b980defa03a59ee4caeb318726602c01771d6b483836d5f091b9e8e
6cf449ab6d336a3fc525583562d1e8375fc09fd9552dd6736667a5ad65424820
6cf5b7ecd015d24fb2ce7ecd5f93d7021faf6c2310c3f0124b22890fb4ce6776
6e80790f5e9f4c69d3d118e9bbad1eab04a8a9eaa1567e753f5b6259758b2f73
7684351c61396652f1d8a65ef9a10b95a86a17cd0272348fc4c7d2f473b526f6
76fcf9fa661a0215b87f8d3357c3d7eecf478826b9761f9c61622bd76802043a
7bcabac31b5ed1f9d3d0cfc81221b8db58268bd3f9d948a57d6d30c4bb5ab3fe
843c730618e30dadd86fa2cc51241f4ed415741ddfdebef03ea2f0f554947907
88546d79614efade39e39a7cdeaca3eb64f4a410a3606c4483a7b3f29b136668
8ada6d61e12a588c6bb73799755cd4e568387bbe8c2974241c9abcc6562a9519
8b27911537ea17e2c95106f24fcc3d6316d59c3d4d766bff811f9e9ebe691fb8
8e09aa31f396ea41d698f437dc5fc7125e931d400eb2873f5b68ef78c1e6f3a6
90eac3e5914e6168cbf856153890c1b03b07eb6454cab526e5c5bed0f45f1609
a16ce8928c8d0a9aa6f8562d1d111bb9442b591f6d77318533a8831bd616a068
a23896dc3ad7c220a49cd95f81a2cff437818dba5f1e46a45e2ac6b70d83e7bd
a6519d3a2162d04699731398c251a344230e6a7ef413ee2506ec7df12b123627
ab820193eb452c2d1d711b3b88da6d7be866f6251c3f639feecd2411c82ec319
bce7b8d3a1a47a9e5147af139f45cceb3e9303cff6bd4c3aaffb1675e92a27e8
c2045a589040192ac774c568e06b1749d47cd1777457c07896bd70f95630a05d
c56ec1c3ff2937e09f239be186b30204fd63ecfa79ce31256a179e61e26b7422
ca3a7d697e683d45c16abf4ff7113804fc6a358b4f74f5a65768c645acd5ff53
cd7e5944189ec14bd5352e229d6b7b1addeaa29f387a9ee9d2a774a969188bf8
ce1eeda299d37003ae8df77d116228b56232a777711e940514b32245f2b992ae
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6b6763fa9346579b69d6540b8d8416002347a5f00a1c06515db559e179601c4
d7f9f6d5742ee02e1a77c3bc41243690130607916bf54de20457a19e25146752
d8e2059a3a13106c052d2a3dae3b28e6ec4babb1ed5e7dd383323d8257ce5a0a
e0128961877cc026a9f20f742855b72471027b0b7bfa7ce2a2a957fe91485e03
e37a664af1399d1bc18c16c46ba25ae26cab4a83c1e50c8c254c086b6755229d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58be73ac0dce41f8fa016b54c8b773e366eb6ad458f9398a97cc82caf153fa8
e6af3458e5e9045f3f7216004cccea7fa8163863d6ed1a9779fea4444812b0cf
f1b5d30016ed1b7dd29a88ca954e49af97d2d5e83489b22796f13f8fa16b2449
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f644bfd80cded8e1dcabe9b07e7e796c754b8dde1c8860665151313dcd732a7a

www.94aixx.com Open in urlscan Pro 107.160.158.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

59 %HTTPS

27 %IPv6

13 Domains

17 Subdomains

15 IPs

4 Countries

5104 kBTransfer

5454 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.94aixx.com Open in urlscan Pro
107.160.158.47 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

59 %
HTTPS

27 %
IPv6

13
Domains

17
Subdomains

15
IPs

4
Countries

5104 kB
Transfer

5454 kB
Size

0
Cookies

64 HTTP transactions
0 data transactions