www.msidot.net Open in urlscan Pro
206.238.25.136 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://msidot.net/
Effective URL:
http://www.msidot.net/
Submission: On January 12 via api (January 12th 2023, 12:58:07 pm UTC) from US — Scanned from US

Summary HTTP 63 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 13 domains to perform 63 HTTP transactions. The main IP is 206.238.25.136, located in Midrand, South Africa and belongs to TERAEXCH, US. The main domain is www.msidot.net.

This is the only time www.msidot.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	206.238.25.136 206.238.25.136	399077 (TERAEXCH) (TERAEXCH)
1	180.101.212.103 180.101.212.103	134770 (CHINANET-...) (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network)
5	103.143.19.103 103.143.19.103	134760 (CHINANET-...) (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network)
1	182.61.201.94 182.61.201.94	38365 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	168.76.43.189 168.76.43.189	137951 (CLAYERLIM...) (CLAYERLIMITED-AS-AP Clayer Limited)
1	168.76.42.144 168.76.42.144	137951 (CLAYERLIM...) (CLAYERLIMITED-AS-AP Clayer Limited)
1	168.76.42.147 168.76.42.147	137951 (CLAYERLIM...) (CLAYERLIMITED-AS-AP Clayer Limited)
1	168.76.42.148 168.76.42.148	137951 (CLAYERLIM...) (CLAYERLIMITED-AS-AP Clayer Limited)
1	168.76.42.142 168.76.42.142	137951 (CLAYERLIM...) (CLAYERLIMITED-AS-AP Clayer Limited)
7	168.76.42.143 168.76.42.143	137951 (CLAYERLIM...) (CLAYERLIMITED-AS-AP Clayer Limited)
9	154.208.100.51 154.208.100.51	134548 (DXTL-HK D...) (DXTL-HK DXTL Tseung Kwan O Service)
20	2606:4700:10:... 2606:4700:10::6816:dd6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.83.155.45 172.83.155.45	201106 (SPARTANHOST) (SPARTANHOST)
1	104.127.176.115 104.127.176.115	16625 (AKAMAI-AS) (AKAMAI-AS)
1	240e:97c:2f:5... 240e:97c:2f:5::3b	58466 (CT-GUANGZ...) (CT-GUANGZHOU-IDC CHINANET Guangdong province network)
1	2606:4700:303... 2606:4700:3031::6815:3361	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:d9a6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	154.23.151.41 154.23.151.41	140224 (SGPL-AS-A...) (SGPL-AS-AP STARCLOUD GLOBAL PTE.)
63	19

4 206.238.25.136 (Midrand, South Africa) 1 redirects

ASN399077 (TERAEXCH, US)

msidot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.msidot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 180.101.212.103 (China)

ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.61.201.94 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.76.43.189 (South Africa)

ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK)

168.76.43.189	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.76.42.144 (South Africa)

ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK)

168.76.42.144	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.76.42.147 (South Africa)

ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK)

168.76.42.147	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.76.42.148 (South Africa)

ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK)

168.76.42.148	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.76.42.142 (South Africa)

ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK)

168.76.42.142	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 168.76.42.143 (South Africa)

ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK)

168.76.42.143	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 154.208.100.51 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)

cpa688.bffh-vbj5882.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:10::6816:dd6 (United States)

ASN13335 (CLOUDFLARENET, US)

lbfm.lbpictupian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.83.155.45 (Seattle, United States)

ASN201106 (SPARTANHOST, GB)

kvegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kzeoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.127.176.115 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-176-115.deploy.static.akamaitechnologies.com

dimg04.c-ctrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:97c:2f:5::3b (China)

ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN)

p.qlogo.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6815:3361 (United States)

ASN13335 (CLOUDFLARENET, US)

tupkku.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:d9a6 (United States)

ASN13335 (CLOUDFLARENET, US)

iu301655.xieruyi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.23.151.41 (United States)

ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG)

kg.ijtomh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	lbpictupian.com lbfm.lbpictupian.com — Cisco Umbrella Rank: 311764	216 KB
9	bffh-vbj5882.top cpa688.bffh-vbj5882.top	8 KB
5	51.la js.users.51.la — Cisco Umbrella Rank: 77349 ia.51.la — Cisco Umbrella Rank: 72880	8 KB
4	msidot.net 1 redirects msidot.net www.msidot.net	2 KB
2	baidu.com push.zhanzhang.baidu.com — Cisco Umbrella Rank: 102048 api.share.baidu.com — Cisco Umbrella Rank: 77222	868 B
1	ijtomh.com kg.ijtomh.com	11 KB
1	xieruyi.com iu301655.xieruyi.com
1	tupkku.top tupkku.top	2 MB
1	qlogo.cn p.qlogo.cn — Cisco Umbrella Rank: 65483	1 MB
1	c-ctrip.com dimg04.c-ctrip.com — Cisco Umbrella Rank: 87050	314 KB
1	kzeoo.com kzeoo.com — Cisco Umbrella Rank: 354143	131 KB
1	kvegg.com kvegg.com — Cisco Umbrella Rank: 440274	235 KB
0	Failed function sub() { [native code] }. Failed
63	13

	Domain	Requested by
20	lbfm.lbpictupian.com	168.76.42.143
9	cpa688.bffh-vbj5882.top	168.76.42.143
3	js.users.51.la	www.msidot.net 168.76.42.143
3	www.msidot.net	www.msidot.net
2	ia.51.la	www.msidot.net
1	kg.ijtomh.com	www.msidot.net
1	iu301655.xieruyi.com	168.76.42.143
1	tupkku.top	168.76.42.143
1	p.qlogo.cn	168.76.42.143
1	dimg04.c-ctrip.com	168.76.42.143
1	kzeoo.com	168.76.42.143
1	kvegg.com	168.76.42.143
1	api.share.baidu.com	www.msidot.net
1	push.zhanzhang.baidu.com	www.msidot.net
1	msidot.net	1 redirects
0	168.76.42.148 Failed	168.76.43.189
0	168.76.42.147 Failed	168.76.43.189
0	168.76.42.144 Failed	168.76.43.189
0	168.76.42.142 Failed	168.76.43.189
63	19

This site contains no links.

Subject Issuer	Validity	Valid
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh
fsfsgs.iq900.com R3	`2022-11-16` - `2023-02-14`	3 months	crt.sh
*.lbpictupian.com E1	`2022-12-05` - `2023-03-05`	3 months	crt.sh
kvegg.com R3	`2022-12-29` - `2023-03-29`	3 months	crt.sh
kzeoo.com R3	`2022-11-28` - `2023-02-26`	3 months	crt.sh
trip.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-09` - `2023-09-13`	a year	crt.sh
*.qpic.cn GlobalSign Organization Validation CA - SHA256 - G2	`2022-04-06` - `2023-05-08`	a year	crt.sh
*.tupkku.top E1	`2022-12-27` - `2023-03-27`	3 months	crt.sh
*.xieruyi.com E1	`2023-01-10` - `2023-04-10`	3 months	crt.sh
kg.ijtomh.com CerSign DV SSL CA	`2022-11-17` - `2023-02-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://www.msidot.net/
Frame ID: B9A1F2556B2090466E1ECFDEF22400B3
Requests: 9 HTTP requests in this frame

Frame: http://168.76.42.143/
Frame ID: 4B8239DB487CECA71E4402E7B5023B11
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

南宁吠仙娱乐有限公司南宁吠仙娱乐有限公司

Page URL History Show full URLs

http://msidot.net/ HTTP 301
http://www.msidot.net/ Page URL

Page Statistics

63
Requests

60 %
HTTPS

22 %
IPv6

13
Domains

19
Subdomains

19
IPs

4
Countries

4016 kB
Transfer

4212 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://msidot.net/ HTTP 301
http://www.msidot.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.msidot.net/
Redirect Chain

http://msidot.net/
http://www.msidot.net/

792 B
933 B

896ms
228ms

Document
text/html

206.238.25.136
TERAEXCH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.msidot.net/
Protocol: HTTP/1.1
Server: 206.238.25.136 Midrand, South Africa, ASN399077 (TERAEXCH, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ecc3d8bc1bd7ceaa1e24d09808f196036b19f10f3efe3a8ac1078f5d3217851

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 792
Content-Type: text/html
Date: Thu, 12 Jan 2023 12:57:37 GMT
Server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Thu, 12 Jan 2023 12:57:35 GMT
Location: http://www.msidot.net/
Server: nginx

GET
H/1.1 200
OK tj.js Show response
www.msidot.net/ 208 B
364 B 234ms
234ms Script
application/x-javascript 206.238.25.136
TERAEXCH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.msidot.net/tj.js
Requested by: Host: www.msidot.net
URL: http://www.msidot.net/
Protocol: HTTP/1.1
Server: 206.238.25.136 Midrand, South Africa, ASN399077 (TERAEXCH, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d4d705a30bfaf4bbde01f76285ca98fb86e1916f585602f4b09c18fdbe2e820

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.msidot.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:57:37 GMT
Server: nginx
Connection: keep-alive
Content-Length: 208
Content-Type: application/x-javascript

GET
H/1.1 200
OK common.js Show response
www.msidot.net/ 1 KB
915 B 261ms
261ms Script
application/x-javascript 206.238.25.136
TERAEXCH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.msidot.net/common.js
Requested by: Host: www.msidot.net
URL: http://www.msidot.net/
Protocol: HTTP/1.1
Server: 206.238.25.136 Midrand, South Africa, ASN399077 (TERAEXCH, US),
Reverse DNS
Software: nginx /
Resource Hash: 279a02b68d45e529affe06d53f3f516dccdec2b7eb57f5bcadc60b4eca60b558

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.msidot.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:57:37 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK push.js Show response
push.zhanzhang.baidu.com/ 281 B
752 B 3579ms
262ms Script
text/javascript 180.101.212.103
CHINANET-JIANGSU-...

General

Check archive.org

Show headers Download Go to

Full URL: http://push.zhanzhang.baidu.com/push.js
Requested by: Host: www.msidot.net
URL: http://www.msidot.net/
Protocol: HTTP/1.1
Server: 180.101.212.103 , China, ASN134770 (CHINANET-JIANGSU-SUZHOU-TAIHU-IDC CHINANET Jiangsu province Suzhou taihu IDC network, CN),
Reverse DNS
Software: apache /
Resource Hash: 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.msidot.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:57:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
Server: apache
Etag: "4078521116"
Vary: Accept-Encoding
Content-Type: text/javascript
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 227
Expires: Fri, 12 Jan 2024 12:57:46 GMT

GET
H/1.1 200
OK 21487657.js Show response
js.users.51.la/ 5 KB
3 KB 1125ms
296ms Script
application/javascript 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21487657.js
Requested by: Host: www.msidot.net
URL: http://www.msidot.net/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: d3c4cdabf1e70f5c69d211204506b1c486de2a3aa0f3db670bc1e56aaca4c37d

Request headers

Referer: http://www.msidot.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 12 Jan 2023 12:57:43 GMT
Content-Encoding: gzip
Server: CloudWAF
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 21487659.js Show response
js.users.51.la/ 5 KB
3 KB 15775ms
14648ms Script
application/javascript 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21487659.js
Requested by: Host: www.msidot.net
URL: http://www.msidot.net/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: 4f2dc9795723c668d488ee851219c4d1fbd02ef4b32d8b6d9fbe144c7bff1f15

Request headers

Referer: http://www.msidot.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 12 Jan 2023 12:57:44 GMT
Content-Encoding: gzip
Server: CloudWAF
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200 go1
ia.51.la/ 0
215 B 15065ms
1559ms Image
text/plain 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=21487657&rt=1673528263905&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1673528263905&tt=%25E5%258D%2597%25E5%25AE%2581%25E5%2590%25A0%25E4%25BB%2599%25E5%25A8%25B1%25E4%25B9%2590%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.msidot.net%252F&pu=
Requested by: Host: www.msidot.net
URL: http://www.msidot.net/
Protocol: HTTP/1.1
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.msidot.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:58:00 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK s.gif
api.share.baidu.com/ 0
116 B 1859ms
241ms Image
text/plain 182.61.201.94
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.share.baidu.com/s.gif?l=http://www.msidot.net/
Requested by: Host: www.msidot.net
URL: http://www.msidot.net/
Protocol: HTTP/1.1
Server: 182.61.201.94 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.msidot.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:58:00 GMT
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200 go1
ia.51.la/ 0
215 B 8181ms
5316ms Image
text/plain 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=21487659&rt=1673528278555&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=2&ekc=&sid=1673528278555&tt=%25E5%258D%2597%25E5%25AE%2581%25E5%2590%25A0%25E4%25BB%2599%25E5%25A8%25B1%25E4%25B9%2590%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=&cu=http%253A%252F%252Fwww.msidot.net%252F&pu=
Requested by: Host: www.msidot.net
URL: http://www.msidot.net/
Protocol: HTTP/1.1
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.msidot.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:58:01 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 679.html Show response
168.76.43.189/ Frame 4B82 655 B
886 B 431ms
215ms Document
text/html 168.76.43.189
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: http://168.76.43.189/679.html
Requested by: Host: www.msidot.net
URL: http://www.msidot.net/
Protocol: HTTP/1.1
Server: 168.76.43.189 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: c94e3f03a4750c872b3f274ccd287b73ba8822b132b44d95d91b59a8fb5b29b4

Request headers

Referer: http://www.msidot.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 655
Content-Type: text/html
Date: Thu, 12 Jan 2023 12:57:58 GMT
ETag: "63bfc8f0-28f"
Last-Modified: Thu, 12 Jan 2023 08:46:40 GMT
Server: nginx

GET
H/1.1 404
Not Found 0.35874055464594745
168.76.42.144/ Frame 4B82 0
0 428ms
214ms Image
text/html 168.76.42.144
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://168.76.42.144/0.35874055464594745
Requested by: Host: 168.76.43.189
URL: http://168.76.43.189/679.html
Protocol: HTTP/1.1
Server: 168.76.42.144 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.43.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 404
Not Found 0.2588378152076367
168.76.42.147/ Frame 4B82 0
0 428ms
214ms Image
text/html 168.76.42.147
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://168.76.42.147/0.2588378152076367
Requested by: Host: 168.76.43.189
URL: http://168.76.43.189/679.html
Protocol: HTTP/1.1
Server: 168.76.42.147 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.43.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 404
Not Found 0.23846008098722904
168.76.42.148/ Frame 4B82 0
0 439ms
219ms Image
text/html 168.76.42.148
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://168.76.42.148/0.23846008098722904
Requested by: Host: 168.76.43.189
URL: http://168.76.43.189/679.html
Protocol: HTTP/1.1
Server: 168.76.42.148 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.43.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 404
Not Found 0.6429993937839364
168.76.42.142/ Frame 4B82 0
0 402ms
201ms Image
text/html 168.76.42.142
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://168.76.42.142/0.6429993937839364
Requested by: Host: 168.76.43.189
URL: http://168.76.43.189/679.html
Protocol: HTTP/1.1
Server: 168.76.42.142 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.43.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 404
Not Found 0.8663726171270665
168.76.42.143/ Frame 4B82 0
0 440ms
220ms Image
text/html 168.76.42.143
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://168.76.42.143/0.8663726171270665
Requested by: Host: 168.76.43.189
URL: http://168.76.43.189/679.html
Protocol: HTTP/1.1
Server: 168.76.42.143 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.43.189/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET /
168.76.42.142/ Frame 4B82 0
0

GET /
168.76.42.144/ Frame 4B82 0
0

GET /
168.76.42.147/ Frame 4B82 0
0

GET /
168.76.42.148/ Frame 4B82 0
0

GET
H/1.1 200
OK / Show response
168.76.42.143/ Frame 4B82 42 KB
10 KB 458ms
247ms Document
text/html 168.76.42.143
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: http://168.76.42.143/
Requested by: Host: 168.76.43.189
URL: http://168.76.43.189/679.html
Protocol: HTTP/1.1
Server: 168.76.42.143 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: d859b9cc0e650b86614f18bc3992882c4e422c722ae222b852bff096c887e680

Request headers

Referer: http://168.76.43.189/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;Charset=utf-8;charset=UTF-8
Date: Thu, 12 Jan 2023 12:57:59 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK ate.css
168.76.42.143/template/m1938/css/ Frame 4B82 74 KB
6 KB 213ms
212ms Stylesheet
text/css 168.76.42.143
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: http://168.76.42.143/template/m1938/css/ate.css
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: HTTP/1.1
Server: 168.76.42.143 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 9a9afeb3b64f2b7ccce5b842929a2fed579e24450e6c436386e7956b2de8e12a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:58:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Mar 2021 04:24:42 GMT
Server: nginx
ETag: W/"6044558a-126e5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 13 Jan 2023 00:58:00 GMT

GET
H/1.1 200
OK zui.css
168.76.42.143/template/m1938/css/ Frame 4B82 94 KB
22 KB 428ms
214ms Stylesheet
text/css 168.76.42.143
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to

Full URL: http://168.76.42.143/template/m1938/css/zui.css
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: HTTP/1.1
Server: 168.76.42.143 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 68a39e40e886b3688e8a160b716398b25bce8bf1713984a9894ccc25eacccde5

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:58:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Apr 2022 16:48:10 GMT
Server: nginx
ETag: W/"624b214a-17838"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Fri, 13 Jan 2023 00:58:00 GMT

GET
H/1.1 200
OK 1.png
168.76.42.143/template/m1938//images/ Frame 4B82 128 KB
128 KB 423ms
215ms Image
image/png 168.76.42.143
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://168.76.42.143/template/m1938//images/1.png
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: HTTP/1.1
Server: 168.76.42.143 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: c76759b4b711b9211c9f0f2b6b8c9f6fece02c1654d7048beeaaa0d1b9f93134

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:58:00 GMT
Last-Modified: Wed, 09 Mar 2022 05:51:14 GMT
Server: nginx
ETag: "62284052-1fe53"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 130643
Expires: Sat, 11 Feb 2023 12:58:00 GMT

GET
H/1.1 200
OK 1.gif
168.76.42.143/template/m1938/images/ Frame 4B82 254 B
556 B 431ms
214ms Image
image/gif 168.76.42.143
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://168.76.42.143/template/m1938/images/1.gif
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: HTTP/1.1
Server: 168.76.42.143 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:58:00 GMT
Last-Modified: Mon, 04 Apr 2022 14:58:52 GMT
Server: nginx
ETag: "624b07ac-fe"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 254
Expires: Sat, 11 Feb 2023 12:58:00 GMT

GET
H2 200 sq.js Show response
cpa688.bffh-vbj5882.top/av679/ Frame 4B82 3 KB
1 KB 779ms
229ms Script
application/javascript 154.208.100.51
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://cpa688.bffh-vbj5882.top/av679/sq.js

Requested by

Host: 168.76.42.143
URL: http://168.76.42.143/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.208.100.51 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

b12ca1bb24b01d4a5fd6032b315caf7d76c54461f19d86c42a90838bf77e6424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 07 Jan 2023 11:30:30 GMT
server: nginx
etag: W/"63b957d6-b68"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 13 Jan 2023 00:58:00 GMT

GET
H2 200 mmgoosdnl1s0601mmgoosdnl1s403021.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 12 KB
12 KB 101ms
36ms Image
image/jpeg 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/mmgoosdnl1s0601mmgoosdnl1s403021.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dca6e0da3c1cb32a213c9e55ac953ededf8a0be710fb66db14cec0568ed3ab83

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:40 GMT
server: cloudflare
age: 2934
cf-polished: origSize=12765, status=webp_bigger
etag: "5f288944-31dd"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78860fa76bc78704-ORD
content-length: 12205

GET
H2 200 kdtyzxjjnck0601kdtyzxjjnck403023.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 11 KB
11 KB 34ms
31ms Image
image/webp 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/kdtyzxjjnck0601kdtyzxjjnck403023.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd6dc4944cd4ca68b4091e00bf35ce91b7b2369412c8140d6603af54b6254190

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:40 GMT
server: cloudflare
age: 2934
cf-polished: qual=85, origFmt=jpeg, origSize=12209
etag: "5f288944-2fb1"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="kdtyzxjjnck0601kdtyzxjjnck403023.webp"
accept-ranges: bytes
cf-ray: 78860fa79c3a8704-ORD
content-length: 11116

GET
H2 200 m10u310qduf0601m10u310qduf413025.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 12 KB
12 KB 44ms
41ms Image
image/jpeg 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/m10u310qduf0601m10u310qduf413025.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eb0db370c8f5610f052f944abaed2408634d51ba3509d480dd4097517175cb3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:41 GMT
server: cloudflare
age: 2934
cf-polished: origSize=12429, status=webp_bigger
etag: "5f288945-308d"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78860fa79c3b8704-ORD
content-length: 11891

GET
H2 200 gfro0hysrf10601gfro0hysrf1423027.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 13 KB
13 KB 43ms
40ms Image
image/jpeg 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/gfro0hysrf10601gfro0hysrf1423027.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0681da088b89823053d313d06af95cfbda8da3ab186271e4a06a46f9b7d1e286

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:42 GMT
server: cloudflare
age: 2934
cf-polished: origSize=13649, status=webp_bigger
etag: "5f288946-3551"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78860fa7ac3e8704-ORD
content-length: 13062

GET
H2 200 v2pgnwpa2sl0601v2pgnwpa2sl423029.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 11 KB
11 KB 45ms
42ms Image
image/jpeg 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/v2pgnwpa2sl0601v2pgnwpa2sl423029.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70a75cb590ecf75a167b4878c93a15b33a7e743ff39fec63694ffa05b4e8c9d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:43 GMT
server: cloudflare
age: 2934
cf-polished: origSize=11607, status=webp_bigger
etag: "5f288947-2d57"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78860fa7ac408704-ORD
content-length: 11086

GET
H2 200 dxfms2nq0zd0601dxfms2nq0zd433031.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 8 KB
8 KB 43ms
41ms Image
image/webp 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/dxfms2nq0zd0601dxfms2nq0zd433031.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1d331968210c75099105920fbf1780f5256878408f3d5ca14f48d93892df0e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:43 GMT
server: cloudflare
age: 2934
cf-polished: qual=85, origFmt=jpeg, origSize=9227
etag: "5f288947-240b"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="dxfms2nq0zd0601dxfms2nq0zd433031.webp"
accept-ranges: bytes
cf-ray: 78860fa7ac428704-ORD
content-length: 8434

GET
H2 200 x3zmyoefzmw0601x3zmyoefzmw443033.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 9 KB
9 KB 56ms
54ms Image
image/webp 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/x3zmyoefzmw0601x3zmyoefzmw443033.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ffd279261c5f65d9ea6f62c44b2aff1a061fe5705ecbefab11d0359399a4abc

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:44 GMT
server: cloudflare
age: 2933
cf-polished: qual=85, origFmt=jpeg, origSize=10320
etag: "5f288948-2850"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="x3zmyoefzmw0601x3zmyoefzmw443033.webp"
accept-ranges: bytes
cf-ray: 78860fa7ac438704-ORD
content-length: 9086

GET
H2 200 1r1uga015nt06011r1uga015nt463037.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 12 KB
12 KB 66ms
63ms Image
image/jpeg 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/1r1uga015nt06011r1uga015nt463037.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 749a062132f4c14a399b2eec48c3e38ef970b1c5de7ab6451ca90c139f764b86

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:46 GMT
server: cloudflare
age: 2933
cf-polished: origSize=12427, status=webp_bigger
etag: "5f28894a-308b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78860fa7ac448704-ORD
content-length: 11787

GET
H2 200 pyzjvbc5gnl0601pyzjvbc5gnl473041.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 12 KB
12 KB 65ms
63ms Image
image/jpeg 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/pyzjvbc5gnl0601pyzjvbc5gnl473041.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f218bf97d5c5ee67a6aed1a643043d4baafaf687d57bb0f0275648b9e06d444f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:47 GMT
server: cloudflare
age: 2933
cf-polished: origSize=12838, status=webp_bigger
etag: "5f28894b-3226"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78860fa7ac458704-ORD
content-length: 12269

GET
H2 200 ls3h0qmryup0601ls3h0qmryup473045.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 11 KB
12 KB 66ms
64ms Image
image/jpeg 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ls3h0qmryup0601ls3h0qmryup473045.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43890b77a32200b32f741dff95578e187535f1811f3321b019b4a1f1a1aa1f93

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:47 GMT
server: cloudflare
age: 2933
cf-polished: origSize=12309, status=webp_bigger
etag: "5f28894b-3015"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78860fa7ac468704-ORD
content-length: 11749

GET
H2 200 1cabe3ckvf506011cabe3ckvf5483049.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 10 KB
10 KB 80ms
77ms Image
image/webp 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/1cabe3ckvf506011cabe3ckvf5483049.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae5dcb3f7cc4446d774aedcefda637eba1240b52f45068ce622097fb0295808e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:48 GMT
server: cloudflare
age: 2933
cf-polished: qual=85, origFmt=jpeg, origSize=10469
etag: "5f28894c-28e5"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="1cabe3ckvf506011cabe3ckvf5483049.webp"
accept-ranges: bytes
cf-ray: 78860fa7cc6d8704-ORD
content-length: 9840

GET
H2 200 w0potw0xyby0601w0potw0xyby503057.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 10 KB
10 KB 81ms
79ms Image
image/webp 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/w0potw0xyby0601w0potw0xyby503057.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe317829bc8f98dc82fd6625aea814eefc97ceebb681ae8656fd71e5fe4f73c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:50 GMT
server: cloudflare
age: 2933
cf-polished: qual=85, origFmt=jpeg, origSize=11166
etag: "5f28894e-2b9e"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="w0potw0xyby0601w0potw0xyby503057.webp"
accept-ranges: bytes
cf-ray: 78860fa7cc6f8704-ORD
content-length: 9814

GET
H2 200 zdl5ihod3ou0601zdl5ihod3ou493053.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 12 KB
13 KB 80ms
78ms Image
image/jpeg 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/zdl5ihod3ou0601zdl5ihod3ou493053.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c2c2231493a951c091796d9cbfb70f00a1ebd4c07abe770b4a90624714ffc93

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:49 GMT
server: cloudflare
age: 2933
cf-polished: origSize=13323, status=webp_bigger
etag: "5f28894d-340b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78860fa7cc738704-ORD
content-length: 12666

GET
H2 200 rgm11dniziq0601rgm11dniziq513061.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 12 KB
13 KB 79ms
77ms Image
image/jpeg 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/rgm11dniziq0601rgm11dniziq513061.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c3add54b83a9f7dd51f73c6550b12381b6d94526a51bdd982e26f011d433dad

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:51 GMT
server: cloudflare
age: 2933
cf-polished: origSize=13347, status=webp_bigger
etag: "5f28894f-3423"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78860fa7cc778704-ORD
content-length: 12684

GET
H2 200 4y4zoeofxbj06014y4zoeofxbj523065.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 10 KB
10 KB 82ms
80ms Image
image/webp 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/4y4zoeofxbj06014y4zoeofxbj523065.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8ca48858ee8efd026754d086b9b981b0419a888f1942ffd6d043c9c880efc1a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:52 GMT
server: cloudflare
age: 2933
cf-polished: qual=85, origFmt=jpeg, origSize=13125
etag: "5f288950-3345"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="4y4zoeofxbj06014y4zoeofxbj523065.webp"
accept-ranges: bytes
cf-ray: 78860fa7cc7b8704-ORD
content-length: 10398

GET
H2 200 wljasncahyj0601wljasncahyj533069.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 9 KB
9 KB 80ms
78ms Image
image/webp 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/wljasncahyj0601wljasncahyj533069.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c011f852b37316ae539b68caae9232378d89585e60a7206bcb3aa81c252a7ce1

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:53 GMT
server: cloudflare
age: 2933
cf-polished: qual=85, origFmt=jpeg, origSize=10348
etag: "5f288951-286c"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="wljasncahyj0601wljasncahyj533069.webp"
accept-ranges: bytes
cf-ray: 78860fa7cc7d8704-ORD
content-length: 9258

GET
H2 200 xyf1cs3u3tb0601xyf1cs3u3tb543073.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 10 KB
10 KB 81ms
80ms Image
image/jpeg 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/xyf1cs3u3tb0601xyf1cs3u3tb543073.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf585f1a4c261abcc5790efe28ed55c3453f9771b4e81023d1aade6e609fd324

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:54 GMT
server: cloudflare
age: 2933
cf-polished: origSize=10803, status=webp_bigger
etag: "5f288952-2a33"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78860fa7cc808704-ORD
content-length: 10220

GET
H2 200 dcukjiwpwkh0601dcukjiwpwkh543077.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 9 KB
10 KB 81ms
79ms Image
image/webp 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/dcukjiwpwkh0601dcukjiwpwkh543077.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c423a5c1652a96e4b88596cae77da8c0f495b645bdca6e3679961e08f22b6038

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:55 GMT
server: cloudflare
age: 2933
cf-polished: qual=85, origFmt=jpeg, origSize=10479
etag: "5f288953-28ef"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="dcukjiwpwkh0601dcukjiwpwkh543077.webp"
accept-ranges: bytes
cf-ray: 78860fa7cc818704-ORD
content-length: 9644

GET
H2 200 oykebwx4azt0601oykebwx4azt553081.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 10 KB
10 KB 81ms
80ms Image
image/jpeg 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/oykebwx4azt0601oykebwx4azt553081.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc5c89fb0bac9fd1a93e81d42683f4a494bbf77dea18322668df8ae33685bf87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:56 GMT
server: cloudflare
age: 2933
cf-polished: origSize=10992, status=webp_bigger
etag: "5f288954-2af0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 78860fa7cc828704-ORD
content-length: 10425

GET
H2 200 qnkgcizaahd0601qnkgcizaahd563085.jpg
lbfm.lbpictupian.com/upload/vod/2020/08-04/06/ Frame 4B82 9 KB
10 KB 82ms
80ms Image
image/webp 2606:4700:10::6816:dd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2020/08-04/06/qnkgcizaahd0601qnkgcizaahd563085.jpg
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:dd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d351801281dc5b6f88a417772dfb94525f9647331a293ef773310532874e680a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Aug 2020 22:01:56 GMT
server: cloudflare
age: 2933
cf-polished: qual=85, origFmt=jpeg, origSize=10449
etag: "5f288954-28d1"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="qnkgcizaahd0601qnkgcizaahd563085.webp"
accept-ranges: bytes
cf-ray: 78860fa7cc838704-ORD
content-length: 9594

GET 21256773.js
js.users.51.la/ Frame 4B82 0
0

GET
H/1.1 200
OK 21481107.js Show response
js.users.51.la/ Frame 4B82 5 KB
3 KB 584ms
291ms Script
application/javascript 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: http://js.users.51.la/21481107.js
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: HTTP/1.1
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: 8627bcac64ea6d53b06c2a3da8c887c9058b7f7e0b135822654a52a939047238

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:58:00 GMT
Content-Encoding: gzip
Server: CloudWAF
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 dl.js Show response
cpa688.bffh-vbj5882.top/av679/ Frame 4B82 0
201 B 779ms
230ms Script
application/javascript 154.208.100.51
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://cpa688.bffh-vbj5882.top/av679/dl.js

Requested by

Host: 168.76.42.143
URL: http://168.76.42.143/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.208.100.51 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 18 Aug 2022 09:10:25 GMT
server: nginx
etag: "62fe0201-0"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 0
expires: Fri, 13 Jan 2023 00:58:00 GMT

GET
H2 200 tj.js Show response
cpa688.bffh-vbj5882.top/av679/ Frame 4B82 0
201 B 779ms
231ms Script
application/javascript 154.208.100.51
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://cpa688.bffh-vbj5882.top/av679/tj.js

Requested by

Host: 168.76.42.143
URL: http://168.76.42.143/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.208.100.51 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 05 Aug 2022 14:30:18 GMT
server: nginx
etag: "62ed297a-0"
content-type: application/javascript
cache-control: max-age=43200
accept-ranges: bytes
content-length: 0
expires: Fri, 13 Jan 2023 00:58:00 GMT

GET
H2 200 tz.js Show response
cpa688.bffh-vbj5882.top/av679/ Frame 4B82 2 KB
904 B 779ms
231ms Script
application/javascript 154.208.100.51
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://cpa688.bffh-vbj5882.top/av679/tz.js

Requested by

Host: 168.76.42.143
URL: http://168.76.42.143/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.208.100.51 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

14327cdcb3a02a9a70c6321a6ec76ea878088cd74dfb09c73ebaee89b4e213a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 07 Jan 2023 13:36:37 GMT
server: nginx
etag: W/"63b97565-853"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 13 Jan 2023 00:58:00 GMT

GET
H2 200 qq2.js Show response
cpa688.bffh-vbj5882.top/av679/ Frame 4B82 11 KB
2 KB 780ms
232ms Script
application/javascript 154.208.100.51
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://cpa688.bffh-vbj5882.top/av679/qq2.js

Requested by

Host: 168.76.42.143
URL: http://168.76.42.143/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.208.100.51 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

d0bcfc42035cb33d5ef1d236545fa327df1a1c32b46da6e8032e50733f9847f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 07 Jan 2023 13:35:58 GMT
server: nginx
etag: W/"63b9753e-2de1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 13 Jan 2023 00:58:00 GMT

GET
H2 200 qq3.js Show response
cpa688.bffh-vbj5882.top/av679/ Frame 4B82 8 KB
1 KB 1013ms
466ms Script
application/javascript 154.208.100.51
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://cpa688.bffh-vbj5882.top/av679/qq3.js

Requested by

Host: 168.76.42.143
URL: http://168.76.42.143/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.208.100.51 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

d8546b456f88f89b0abcfbf410519920c7ab96d69eb516a3cc42a04c15b25241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 02 Jan 2023 09:11:05 GMT
server: nginx
etag: W/"63b29fa9-1f68"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 13 Jan 2023 00:58:00 GMT

GET
H2 200 dh.js Show response
cpa688.bffh-vbj5882.top/av679/ Frame 4B82 6 KB
1 KB 431ms
430ms Script
application/javascript 154.208.100.51
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://cpa688.bffh-vbj5882.top/av679/dh.js

Requested by

Host: 168.76.42.143
URL: http://168.76.42.143/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.208.100.51 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

5b86f05f05a9496b36a2c29b1344b505a3030187412b365fcc085478a3908e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 08 Jan 2023 08:40:00 GMT
server: nginx
etag: W/"63ba8160-169d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 13 Jan 2023 00:58:00 GMT

GET
H2 200 qq1.js Show response
cpa688.bffh-vbj5882.top/av679/ Frame 4B82 6 KB
1 KB 432ms
431ms Script
application/javascript 154.208.100.51
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL

https://cpa688.bffh-vbj5882.top/av679/qq1.js

Requested by

Host: 168.76.42.143
URL: http://168.76.42.143/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.208.100.51 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),

Reverse DNS

Software

nginx /

Resource Hash

a6dfec36ec6030e306fe187120f69134ee19ec3648d2645695c8ae257e5b55da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 08 Jan 2023 09:26:38 GMT
server: nginx
etag: W/"63ba8c4e-1981"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 13 Jan 2023 00:58:00 GMT

GET
H2 404 dht.js
cpa688.bffh-vbj5882.top/av679/ Frame 4B82 0
0 433ms
432ms Script
text/html 154.208.100.51
DXTL-HK DXTL Tseu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cpa688.bffh-vbj5882.top/av679/dht.js
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 154.208.100.51 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 32a5b957e230ebec42250e5a4a1cedde.gif
kvegg.com/ Frame 4B82 234 KB
235 KB 787ms
173ms Image
image/gif 172.83.155.45
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvegg.com/32a5b957e230ebec42250e5a4a1cedde.gif
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.83.155.45 Seattle, United States, ASN201106 (SPARTANHOST, GB),
Reverse DNS
Software: nginx /
Resource Hash: f2221414922c9bcc08485aba237fb88b36151583a6953d5a39483f208637b1a2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6693
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 239313
last-modified: Sun, 18 Dec 2022 07:33:00 GMT
server: nginx
etag: "639ec22c-3a6d1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fValP9qS2Vnw5LNsw9Zv2oDQM8I7tzsHhCbAf3WUlMx6QbH1qEXekk9FCKJyjC4jD%2B%2FCmLqlZxVTS4pZqf0kjuWsVD%2BqLxc%2BDihip3DzXnTMTRhtShTTdHboYuvI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 78769c0ba95b8411-YVR
expires: Fri, 13 Jan 2023 00:58:01 GMT

GET
H2 200 923940ff234392da5ad2e1e002570163.gif
kzeoo.com/ Frame 4B82 130 KB
131 KB 688ms
89ms Image
image/gif 172.83.155.45
SPARTANHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kzeoo.com/923940ff234392da5ad2e1e002570163.gif
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.83.155.45 Seattle, United States, ASN201106 (SPARTANHOST, GB),
Reverse DNS
Software: nginx /
Resource Hash: 21f1f13b446590b41bce1a74f4ad848c4a427f9c12e2145079bdad382e4f659d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15760
x-cache: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 133230
last-modified: Tue, 16 Aug 2022 11:18:28 GMT
server: nginx
etag: "62fb7d04-2086e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkjUf0%2BwfFjg20aWeGJEZBcYmqt2bsx%2FNtkkvCQSlNketKJt61Zpr5OPHV5%2BSwc%2BH1gLiJks3v5t7qnBanzWAtkznCsqEPJOivn%2BrtXqdwZE5KalysebkceeFnN2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 7875d5cd581fec88-SEA
expires: Fri, 13 Jan 2023 00:58:01 GMT

GET
H2 200 0105z12000ae3bwlk6208.gif
dimg04.c-ctrip.com/images/ Frame 4B82 313 KB
314 KB 167ms
46ms Image
image/gif 104.127.176.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dimg04.c-ctrip.com/images/0105z12000ae3bwlk6208.gif?proc=autoorient
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.127.176.115 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-127-176-115.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 16df1f845970a1b49b6309d0af3dfabe40e54bb3a9bac381a2dac8ff1f9a6ff3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
last-modified: Tue, 12 May 2015 01:00:00 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=7250745
timing-allow-origin: *
content-length: 320396
expires: Thu, 06 Apr 2023 11:03:45 GMT

GET
H/1.1 200
OK 0
p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/ Frame 4B82 1 MB
1 MB 1117ms
519ms Image
image/gif 240e:97c:2f:5::3b
CT-GUANGZHOU-IDC ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.qlogo.cn/qqmail_head/ajNVdqHZLLBTqF8e2kN78G9Zt8uAv6By0U3zmELvuZSJJkZNBPXDBGibpXqaicajKqyibnCUUUEomk/0
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97c:2f:5::3b , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 7db80c626560b0016fd427d864bb6116a44a858eb7968728cd872814939a24b2

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

X-DataSrc: 2
Date: Thu, 12 Jan 2023 12:58:01 GMT
Size: 1362871
Connection: keep-alive
Content-Length: 1362871
X-Info: real data
X-ReqGue: 0
User-ReturnCode: 0
fid: 0
Last-Modified: Sat, 10 Jul 2021 16:21:47 GMT
Server: NWSs
X-Cpt: filename=0
Vary: Accept,Origin
Content-Type: image/gif
X-Delay: 682 us
chid: 0
Cache-Control: max-age=2592000
X-BCheck: 0_1
X-NWS-LOG-UUID: 7e478789-add3-44f8-9475-be34a542a542

GET
H2 200 hgsbtr01.gif
tupkku.top/logotp/ Frame 4B82 2 MB
2 MB 104ms
33ms Image
image/gif 2606:4700:3031::6815:3361
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tupkku.top/logotp/hgsbtr01.gif
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:3361 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 12 Jan 2023 12:58:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 963425
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1626999
last-modified: Sun, 31 Jul 2022 13:10:59 GMT
server: cloudflare
etag: "62e67f63-18d377"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pi%2FKC7CkOh5EN%2BcG3vp2dw4lU5vMcLBcudUksXvMJB0VaB10uW7eaoFVwKuLxKDKLw403kyOXm5RLVuhfhvlHieYTsLt9E22SStKqiOr%2FpTQBa%2BAyWRnGAl2aLEDyyAAp5GskA0IARqW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 78860faafa8e22ff-ORD
expires: Tue, 31 Jan 2023 09:19:45 GMT

GET
H2 404 48c5c2377386e3782dec8eeaa4cff5c0.gif
iu301655.xieruyi.com/upload/20221114/ Frame 4B82 0
0 479ms
403ms Image
text/html 2606:4700:3037::ac43:d9a6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iu301655.xieruyi.com/upload/20221114/48c5c2377386e3782dec8eeaa4cff5c0.gif
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:d9a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H/1.1 200
OK video-play.png
168.76.42.143/template/m1938/images/ Frame 4B82 2 KB
2 KB 211ms
211ms Image
image/png 168.76.42.143
CLAYERLIMITED-AS-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://168.76.42.143/template/m1938/images/video-play.png
Requested by: Host: 168.76.42.143
URL: http://168.76.42.143/template/m1938/css/zui.css
Protocol: HTTP/1.1
Server: 168.76.42.143 , South Africa, ASN137951 (CLAYERLIMITED-AS-AP Clayer Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/template/m1938/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 12 Jan 2023 12:58:00 GMT
Last-Modified: Fri, 29 May 2020 05:44:40 GMT
Server: nginx
ETag: "5ed0a148-61f"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1567
Expires: Sat, 11 Feb 2023 12:58:00 GMT

GET
H/1.1 200
OK 1889 Show response
kg.ijtomh.com/sc/ Frame 4B82 10 KB
11 KB 1619ms
220ms Script
text/javascript 154.23.151.41
SGPL-AS-AP STARCL...

General

Check archive.org

Show headers Download Go to

Full URL: https://kg.ijtomh.com/sc/1889?n=oyhmuaan
Requested by: Host: www.msidot.net
URL: http://www.msidot.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.23.151.41 , United States, ASN140224 (SGPL-AS-AP STARCLOUD GLOBAL PTE., LTD., SG),
Reverse DNS
Software: nginx/1.18.0 / PHP/5.6.31
Resource Hash: ada775f4ff8177c374e405b9bc1157f9ace3192b21e056a6c8d91fea4a0915c6

Request headers

accept-language: en-US,en;q=0.9
Referer: http://168.76.42.143/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: max-age=1800
Date: Thu, 12 Jan 2023 12:58:02 GMT
Server: nginx/1.18.0
X-Powered-By: PHP/5.6.31
Transfer-Encoding: chunked
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 168.76.42.142
URL: http://168.76.42.142/

Domain: 168.76.42.144
URL: http://168.76.42.144/

Domain: 168.76.42.147
URL: http://168.76.42.147/

Domain: 168.76.42.148
URL: http://168.76.42.148/

Domain: js.users.51.la
URL: https://js.users.51.la/21256773.js

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange string| titlestr function| setFrame

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.msidot.net/	1969-12-31 23:59:59	Name: __tins__21487657 Value: %7B%22sid%22%3A%201673528263905%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201673530063905%7D
www.msidot.net/	1969-12-31 23:59:59	Name: __51cke__ Value:
www.msidot.net/	1969-12-31 23:59:59	Name: __tins__21487659 Value: %7B%22sid%22%3A%201673528278555%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201673530078555%7D
www.msidot.net/	1969-12-31 23:59:59	Name: __51laig__ Value: 2

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.msidot.net/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21487657.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.msidot.net/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21487657.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.msidot.net/tj.js(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21487659.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://168.76.42.142/0.6429993937839364 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://168.76.42.144/0.35874055464594745 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://168.76.42.147/0.2588378152076367 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://168.76.42.148/0.23846008098722904 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://168.76.42.143/0.8663726171270665 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://cpa688.bffh-vbj5882.top/av679/dht.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://iu301655.xieruyi.com/upload/20221114/48c5c2377386e3782dec8eeaa4cff5c0.gif Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

168.76.42.142
168.76.42.144
168.76.42.147
168.76.42.148
api.share.baidu.com
cpa688.bffh-vbj5882.top
dimg04.c-ctrip.com
ia.51.la
iu301655.xieruyi.com
js.users.51.la
kg.ijtomh.com
kvegg.com
kzeoo.com
lbfm.lbpictupian.com
msidot.net
p.qlogo.cn
push.zhanzhang.baidu.com
tupkku.top
www.msidot.net
168.76.42.142
168.76.42.144
168.76.42.147
168.76.42.148
js.users.51.la
103.143.19.103
104.127.176.115
154.208.100.51
154.23.151.41
168.76.42.142
168.76.42.143
168.76.42.144
168.76.42.147
168.76.42.148
168.76.43.189
172.83.155.45
180.101.212.103
182.61.201.94
206.238.25.136
240e:97c:2f:5::3b
2606:4700:10::6816:dd6
2606:4700:3031::6815:3361
2606:4700:3037::ac43:d9a6
0681da088b89823053d313d06af95cfbda8da3ab186271e4a06a46f9b7d1e286
0d1d331968210c75099105920fbf1780f5256878408f3d5ca14f48d93892df0e
0d4d705a30bfaf4bbde01f76285ca98fb86e1916f585602f4b09c18fdbe2e820
0eb0db370c8f5610f052f944abaed2408634d51ba3509d480dd4097517175cb3
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
14327cdcb3a02a9a70c6321a6ec76ea878088cd74dfb09c73ebaee89b4e213a9
16df1f845970a1b49b6309d0af3dfabe40e54bb3a9bac381a2dac8ff1f9a6ff3
1c2c2231493a951c091796d9cbfb70f00a1ebd4c07abe770b4a90624714ffc93
1c3add54b83a9f7dd51f73c6550b12381b6d94526a51bdd982e26f011d433dad
1ffd279261c5f65d9ea6f62c44b2aff1a061fe5705ecbefab11d0359399a4abc
21f1f13b446590b41bce1a74f4ad848c4a427f9c12e2145079bdad382e4f659d
279a02b68d45e529affe06d53f3f516dccdec2b7eb57f5bcadc60b4eca60b558
43890b77a32200b32f741dff95578e187535f1811f3321b019b4a1f1a1aa1f93
4aed8c090aa7bff3de4c028efced6a87dd7645bc15d265cdddf106f3f5dd9435
4ecc3d8bc1bd7ceaa1e24d09808f196036b19f10f3efe3a8ac1078f5d3217851
4f2dc9795723c668d488ee851219c4d1fbd02ef4b32d8b6d9fbe144c7bff1f15
5b86f05f05a9496b36a2c29b1344b505a3030187412b365fcc085478a3908e1a
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
68a39e40e886b3688e8a160b716398b25bce8bf1713984a9894ccc25eacccde5
749a062132f4c14a399b2eec48c3e38ef970b1c5de7ab6451ca90c139f764b86
7db80c626560b0016fd427d864bb6116a44a858eb7968728cd872814939a24b2
8627bcac64ea6d53b06c2a3da8c887c9058b7f7e0b135822654a52a939047238
9a9afeb3b64f2b7ccce5b842929a2fed579e24450e6c436386e7956b2de8e12a
a6dfec36ec6030e306fe187120f69134ee19ec3648d2645695c8ae257e5b55da
ada775f4ff8177c374e405b9bc1157f9ace3192b21e056a6c8d91fea4a0915c6
ae5dcb3f7cc4446d774aedcefda637eba1240b52f45068ce622097fb0295808e
b12ca1bb24b01d4a5fd6032b315caf7d76c54461f19d86c42a90838bf77e6424
b8ca48858ee8efd026754d086b9b981b0419a888f1942ffd6d043c9c880efc1a
bbe317829bc8f98dc82fd6625aea814eefc97ceebb681ae8656fd71e5fe4f73c
bf585f1a4c261abcc5790efe28ed55c3453f9771b4e81023d1aade6e609fd324
c011f852b37316ae539b68caae9232378d89585e60a7206bcb3aa81c252a7ce1
c423a5c1652a96e4b88596cae77da8c0f495b645bdca6e3679961e08f22b6038
c70a75cb590ecf75a167b4878c93a15b33a7e743ff39fec63694ffa05b4e8c9d
c76759b4b711b9211c9f0f2b6b8c9f6fece02c1654d7048beeaaa0d1b9f93134
c94e3f03a4750c872b3f274ccd287b73ba8822b132b44d95d91b59a8fb5b29b4
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cc5c89fb0bac9fd1a93e81d42683f4a494bbf77dea18322668df8ae33685bf87
cd6dc4944cd4ca68b4091e00bf35ce91b7b2369412c8140d6603af54b6254190
d0bcfc42035cb33d5ef1d236545fa327df1a1c32b46da6e8032e50733f9847f9
d351801281dc5b6f88a417772dfb94525f9647331a293ef773310532874e680a
d3c4cdabf1e70f5c69d211204506b1c486de2a3aa0f3db670bc1e56aaca4c37d
d8546b456f88f89b0abcfbf410519920c7ab96d69eb516a3cc42a04c15b25241
d859b9cc0e650b86614f18bc3992882c4e422c722ae222b852bff096c887e680
dca6e0da3c1cb32a213c9e55ac953ededf8a0be710fb66db14cec0568ed3ab83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f218bf97d5c5ee67a6aed1a643043d4baafaf687d57bb0f0275648b9e06d444f
f2221414922c9bcc08485aba237fb88b36151583a6953d5a39483f208637b1a2

www.msidot.net Open in urlscan Pro 206.238.25.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

63 Requests

60 %HTTPS

22 %IPv6

13 Domains

19 Subdomains

19 IPs

4 Countries

4016 kBTransfer

4212 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.msidot.net Open in urlscan Pro
206.238.25.136 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

60 %
HTTPS

22 %
IPv6

13
Domains

19
Subdomains

19
IPs

4
Countries

4016 kB
Transfer

4212 kB
Size

4
Cookies

63 HTTP transactions
0 data transactions