42161e.qj5ha1kn1igguu4.top Open in urlscan Pro
16.162.142.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://42161g.com/
Effective URL:
https://42161e.qj5ha1kn1igguu4.top:16688/
Submission: On June 07 via api (June 7th 2024, 12:47:35 am UTC) from BE — Scanned from DE

Summary HTTP 122 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 122 HTTP transactions. The main IP is 16.162.142.148, located in and belongs to . The main domain is 42161e.qj5ha1kn1igguu4.top.
TLS certificate: Issued by R3 on June 4th 2024. Valid for: 3 months.

This is the only time 42161e.qj5ha1kn1igguu4.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.163.57.171 18.163.57.171	16509 (AMAZON-02) (AMAZON-02)
27	90.84.161.22 90.84.161.22	2285 (OCB_HONEY...) (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN)
2	14.215.182.140 14.215.182.140	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
2	16.162.142.148 16.162.142.148	() ()
28	223.121.15.24 223.121.15.24	() ()
122	6

1 18.163.57.171 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-163-57-171.ap-east-1.compute.amazonaws.com

42161g.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 90.84.161.22 (France)

ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR)

io1.c2.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
io2.c2.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.215.182.140 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 16.162.142.148 (None, )

ASN- ()

42161e.qj5ha1kn1igguu4.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 223.121.15.24 (None, )

ASN- ()

io1.c2.ddcsdt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	ddcsdt.com io1.c2.ddcsdt.com io2.c2.ddcsdt.com io4.c2.ddcsdt.com Failed io5.c2.ddcsdt.com Failed io3.c2.ddcsdt.com Failed io9.c1.ddcsdt.com Failed io6.c1.ddcsdt.com Failed io8.c1.ddcsdt.com Failed io5.c1.ddcsdt.com Failed io7.c1.ddcsdt.com Failed	444 KB
2	qj5ha1kn1igguu4.top 42161e.qj5ha1kn1igguu4.top	6 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 10409	12 KB
1	42161g.com 42161g.com	1 KB
122	4

	Domain	Requested by
32	io1.c2.ddcsdt.com	42161g.com 42161e.qj5ha1kn1igguu4.top io1.c2.ddcsdt.com
23	io2.c2.ddcsdt.com	42161g.com 42161e.qj5ha1kn1igguu4.top
2	42161e.qj5ha1kn1igguu4.top	42161g.com
2	hm.baidu.com	42161g.com 42161e.qj5ha1kn1igguu4.top
1	42161g.com
0	io7.c1.ddcsdt.com Failed	io1.c2.ddcsdt.com
0	io5.c1.ddcsdt.com Failed	io1.c2.ddcsdt.com
0	io8.c1.ddcsdt.com Failed	io1.c2.ddcsdt.com
0	io6.c1.ddcsdt.com Failed	io1.c2.ddcsdt.com
0	io9.c1.ddcsdt.com Failed	io1.c2.ddcsdt.com
0	io3.c2.ddcsdt.com Failed	42161e.qj5ha1kn1igguu4.top io1.c2.ddcsdt.com
0	io5.c2.ddcsdt.com Failed	42161e.qj5ha1kn1igguu4.top io1.c2.ddcsdt.com
0	io4.c2.ddcsdt.com Failed	42161e.qj5ha1kn1igguu4.top io1.c2.ddcsdt.com
122	13

This site contains no links.

Subject Issuer	Validity	Valid
42161.com R3	`2024-06-05` - `2024-09-03`	3 months	crt.sh
c2.ddcsdt.com R3	`2024-06-06` - `2024-09-04`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
kwdzoa0ei93s1kj.top R3	`2024-06-04` - `2024-09-02`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://42161e.qj5ha1kn1igguu4.top:16688/
Frame ID: 400BF5C8C15265FEFD3F489608FE0798
Requests: 125 HTTP requests in this frame

Frame: https://42161e.qj5ha1kn1igguu4.top:16688/iframe/3/0.html
Frame ID: F1FA68BE8622C622F6573C8937916C9D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://42161g.com/ Page URL
https://42161e.qj5ha1kn1igguu4.top:16688/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

49 %
HTTPS

0 %
IPv6

4
Domains

13
Subdomains

6
IPs

3
Countries

464 kB
Transfer

2162 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://42161g.com/ Page URL
https://42161e.qj5ha1kn1igguu4.top:16688/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

122 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
42161g.com/ 2 KB
1 KB 777ms
241ms Document
text/html 18.163.57.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://42161g.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.163.57.171 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-163-57-171.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d27ada727be1a41e4e12ba016b6def9a5810f8c281ebb3fde36653e8c1f235af

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8 text/html; charset=utf-8
date: Fri, 07 Jun 2024 00:47:27 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 lazysizes-umd.min.js Show response
io1.c2.ddcsdt.com/static/label/ 8 KB
4 KB 3023ms
10ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/lazysizes-umd.min.js

Requested by

Host: 42161g.com
URL: https://42161g.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161g.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE5[4],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,0],EU-GER-frankfurt-GLOBAL1-CACHE1[288],EU-GER-frankfurt-GLOBAL1-CACHE7[284,TCP_MISS,286]
age: 758888
alt-svc: h3=":443"; ma=2592000
content-length: 3655
last-modified: Fri, 03 May 2024 07:11:24 GMT
server: openresty
etag: W/"66348e1c-1ee0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: ad24107dc2cfd4b54f82551e859af027
x-ccdn-expires: 1833135
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Wed, 05 Jun 2024 05:59:21 GMT

GET
H2 200 label-com4.js Show response
io1.c2.ddcsdt.com/static/label/ 6 KB
3 KB 3032ms
20ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/label-com4.js

Requested by

Host: 42161g.com
URL: https://42161g.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

7e1bb46307f9533bd884999a404c30df1de8ac6254b79b3337ae8342e95f082a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161g.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE5[13],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,0],EU-GER-frankfurt-GLOBAL1-CACHE7[285],EU-GER-frankfurt-GLOBAL1-CACHE14[281,TCP_MISS,284]
age: 579953
alt-svc: h3=":443"; ma=2592000
content-length: 2223
last-modified: Fri, 03 May 2024 07:11:24 GMT
server: openresty
etag: W/"66348e1c-174b"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 4d5a43b21afee46aa89d5bc02fbace9d
x-ccdn-expires: 2012070
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Fri, 07 Jun 2024 07:41:37 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
io1.c2.ddcsdt.com/static/label/ 2 KB
1 KB 3032ms
20ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/ls.unveilhooks.min.js

Requested by

Host: 42161g.com
URL: https://42161g.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161g.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE5[12],EU-GER-frankfurt-EDGE5-CACHE6[0,TCP_HIT,0],EU-GER-frankfurt-GLOBAL1-CACHE8[277],EU-GER-frankfurt-GLOBAL1-CACHE6[274,TCP_MISS,276]
age: 758888
alt-svc: h3=":443"; ma=2592000
content-length: 850
last-modified: Fri, 03 May 2024 07:11:24 GMT
server: openresty
etag: W/"66348e1c-750"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: fba90fcc78c7243fe19b65e85c3fa004
x-ccdn-expires: 1833135
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Wed, 05 Jun 2024 05:59:21 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
io1.c2.ddcsdt.com/static/label/ 91 KB
36 KB 3036ms
25ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/jquery-1.10.2.min.js

Requested by

Host: 42161g.com
URL: https://42161g.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161g.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE5[13],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,0],EU-GER-frankfurt-GLOBAL1-CACHE12[286],EU-GER-frankfurt-GLOBAL1-CACHE2[282,TCP_MISS,285]
age: 758888
alt-svc: h3=":443"; ma=2592000
content-length: 36015
last-modified: Fri, 03 May 2024 07:11:24 GMT
server: openresty
etag: W/"66348e1c-16bac"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: f48e69a9abe17b812066590b1a2bf1ce
x-ccdn-expires: 1833135
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Wed, 05 Jun 2024 05:59:21 GMT

GET
H2 200 856d75150ab3e83c.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 7 KB
4 KB 2361ms
10ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/856d75150ab3e83c.js

Requested by

Host: 42161g.com
URL: https://42161g.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

9b18d7adc7b2589dc4f226cddb5781b6cb640590e6327512bfc3169a3d057667

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161g.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 00:47:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE5[3],EU-GER-frankfurt-EDGE5-CACHE1[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE9[4],EU-FRA-paris-GLOBAL1-CACHE29[0,TCP_HIT,3]
age: 6
alt-svc: h3=":443"; ma=2592000
content-length: 3033
last-modified: Thu, 06 Jun 2024 14:54:04 GMT
server: openresty
etag: W/"6661cd8c-1d10"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: deee5b3eb346c8ce06909aa705037603
x-ccdn-expires: 2560845
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 16:08:09 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 746ms
273ms Script
application/javascript 14.215.182.140
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?edd94c426599867ca8045d6c570422a5

Requested by

Host: 42161g.com
URL: https://42161g.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

12accad0de13e400d340cc2e99774c6353c01a69bed20162baf25b8e508df046

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161g.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 07 Jun 2024 00:47:31 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 91115e9592a0badba18d609287f396ae
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11260

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 277ms
277ms Image
image/gif 14.215.182.140
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=41355004&si=edd94c426599867ca8045d6c570422a5&v=1.3.0&lv=1&sn=48902&r=0&ww=1600&u=https%3A%2F%2F42161g.com%2F&tt=%E7%99%BE%E5%BA%A6%E4%B8%80%E4%B8%8B

Requested by

Host: 42161g.com
URL: https://42161g.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161g.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Pragma: no-cache
Date: Fri, 07 Jun 2024 00:47:31 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 Primary Request / Show response
42161e.qj5ha1kn1igguu4.top/ 12 KB
3 KB 692ms
228ms Document
text/html 16.162.142.148

General

Check archive.org

Show headers Download Go to

Full URL: https://42161e.qj5ha1kn1igguu4.top:16688/
Requested by: Host: 42161g.com
URL: https://42161g.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 16.162.142.148 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 08d4b5efee59f89577c70d08096862f27d716fd80daaa3694e634038d8a07ff7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://42161g.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8 text/html; charset=utf-8
date: Fri, 07 Jun 2024 00:47:34 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 lazysizes-umd.min.js Show response
io1.c2.ddcsdt.com/static/label/ 8 KB
4 KB 51ms
23ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/lazysizes-umd.min.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[4],EU-GER-frankfurt-EDGE2-CACHE7[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE14[305],EU-FRA-paris-GLOBAL1-CACHE7[301,TCP_MISS,304]
age: 1086644
alt-svc: h3=":443"; ma=2592000
content-length: 3655
last-modified: Fri, 03 May 2024 07:11:24 GMT
server: openresty
etag: W/"66348e1c-1ee0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 3ee7e48dd6643d7eb6a7108cb0fbea7e
x-ccdn-expires: 1505382
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Sat, 01 Jun 2024 10:56:50 GMT

GET
H2 200 label-com4.js Show response
io1.c2.ddcsdt.com/static/label/ 6 KB
3 KB 62ms
34ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/label-com4.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

7e1bb46307f9533bd884999a404c30df1de8ac6254b79b3337ae8342e95f082a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[6],EU-GER-frankfurt-EDGE2-CACHE15[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE7[2],EU-FRA-paris-GLOBAL1-CACHE30[0,TCP_HIT,1]
age: 579755
alt-svc: h3=":443"; ma=2592000
content-length: 2223
last-modified: Fri, 03 May 2024 07:11:24 GMT
server: openresty
etag: W/"66348e1c-174b"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: ef2dc76b0705db21588cceb5d2311ecc
x-ccdn-expires: 2012271
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Fri, 07 Jun 2024 07:39:29 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
io1.c2.ddcsdt.com/static/label/ 2 KB
1 KB 61ms
33ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/ls.unveilhooks.min.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[4],EU-GER-frankfurt-EDGE2-CACHE6[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE15[3],EU-FRA-paris-GLOBAL1-CACHE6[0,TCP_HIT,2]
age: 1086644
alt-svc: h3=":443"; ma=2592000
content-length: 850
last-modified: Fri, 03 May 2024 07:11:24 GMT
server: openresty
etag: W/"66348e1c-750"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 830ee7b5addf7d225e6e5454805ecf6b
x-ccdn-expires: 1505381
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Sat, 01 Jun 2024 10:52:23 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
io1.c2.ddcsdt.com/static/label/ 91 KB
36 KB 55ms
28ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/label/jquery-1.10.2.min.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[6],EU-GER-frankfurt-EDGE2-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE9[2],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,2]
age: 1086644
alt-svc: h3=":443"; ma=2592000
content-length: 36015
last-modified: Fri, 03 May 2024 07:11:24 GMT
server: openresty
etag: W/"66348e1c-16bac"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 660904a1c23ed71ed89085b1d355478e
x-ccdn-expires: 1505381
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Sat, 01 Jun 2024 10:52:25 GMT

GET
H2 200 68807cf2b859b151.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 45 KB
19 KB 72ms
43ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/68807cf2b859b151.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

42b03569d113e62a286abc709a2d128998ad8c4b65cc123cb6f8b5d09a54936f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[7],EU-GER-frankfurt-EDGE5-CACHE6[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE29[4],EU-FRA-paris-GLOBAL1-CACHE9[0,TCP_HIT,3]
age: 4072
alt-svc: h3=":443"; ma=2592000
content-length: 18425
last-modified: Thu, 06 Jun 2024 22:30:02 GMT
server: openresty
etag: W/"6662386a-b4f0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: e3a50b580685b0c0960268e73da862f2
x-ccdn-expires: 2587936
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET
H2 200 87448902970743fe.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 18 KB
7 KB 62ms
34ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/87448902970743fe.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

1339244a81215999b724d759bd26551d2d203dd3cbd9bbde9165eb99715b60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[10],EU-GER-frankfurt-EDGE5-CACHE1[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE27[2],EU-FRA-paris-GLOBAL1-CACHE8[0,TCP_HIT,2]
age: 30239
alt-svc: h3=":443"; ma=2592000
content-length: 6296
last-modified: Thu, 06 Jun 2024 14:40:01 GMT
server: openresty
etag: W/"6661ca41-47b0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: f9c8946df80e9322ee670817688f65a0
x-ccdn-expires: 2561769
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 14:40:30 GMT

GET
H2 200 3d607437e8f34119.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 31 KB
7 KB 67ms
39ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/3d607437e8f34119.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

0569092b49a5ff68c96d8d045167f745abb9de5ad5cf24156701f84d27bb1576

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[11],EU-GER-frankfurt-EDGE5-CACHE6[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE6[6],EU-FRA-paris-GLOBAL1-CACHE18[0,TCP_HIT,3]
age: 4072
alt-svc: h3=":443"; ma=2592000
content-length: 6820
last-modified: Thu, 06 Jun 2024 22:30:02 GMT
server: openresty
etag: W/"6662386a-7bb8"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 55f39301e4fcea9b153ab5ad3c7bcdee
x-ccdn-expires: 2587936
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET
H2 200 e652da25240e903a.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 41 KB
13 KB 61ms
33ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/e652da25240e903a.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

63620516dc82dde776b41d94563783dbf840b1b9e396134e9aa60dda0cee19cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[9],EU-GER-frankfurt-EDGE5-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE19[2],EU-FRA-paris-GLOBAL1-CACHE27[0,TCP_HIT,2]
age: 4072
alt-svc: h3=":443"; ma=2592000
content-length: 12374
last-modified: Thu, 06 Jun 2024 22:30:02 GMT
server: openresty
etag: W/"6662386a-a398"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 12e8e7f271fd864496423c5049c8a658
x-ccdn-expires: 2587936
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET
H2 200 850c35c4cfc02de9.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 71 KB
11 KB 70ms
42ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/850c35c4cfc02de9.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

af0b4aaa6e2b9a508a7a7de993fd8dd591d0a9b0f573445db1a3d3f820e973e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[10],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE7[4],EU-FRA-paris-GLOBAL1-CACHE14[0,TCP_HIT,3]
age: 4072
alt-svc: h3=":443"; ma=2592000
content-length: 10272
last-modified: Thu, 06 Jun 2024 22:30:02 GMT
server: openresty
etag: W/"6662386a-11be4"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 90daba1f2eb421d10951ac79b72a56ee
x-ccdn-expires: 2587936
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET db2ce2a5b96ee18e.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET 571ebf89933f6c75.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 f1438e5b19260586.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 23 KB
6 KB 46ms
21ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/f1438e5b19260586.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

123f01e84501d2cdc0a288a038ec438990ecab3b00edfbc2bfebc577eaaa00dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[5],EU-GER-frankfurt-EDGE2-CACHE6[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE23[4],EU-FRA-paris-GLOBAL1-CACHE6[0,TCP_HIT,3]
age: 28908
alt-svc: h3=":443"; ma=2592000
content-length: 5583
last-modified: Thu, 06 Jun 2024 16:01:02 GMT
server: openresty
etag: W/"6661dd3e-5d68"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 8df7dc9f3b2756920ab245642bd158c6
x-ccdn-expires: 2563095
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 16:03:15 GMT

GET
H2 200 ff3245b33beee63a.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 22 KB
4 KB 46ms
22ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/ff3245b33beee63a.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

3515a00fbbd8c6ec54578e59f25b45db6bfe10fa2583323f3a1f0a3df3b62c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[5],EU-GER-frankfurt-EDGE2-CACHE8[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE18[11],EU-FRA-paris-GLOBAL1-CACHE8[0,TCP_HIT,5]
age: 6764
alt-svc: h3=":443"; ma=2592000
content-length: 3839
last-modified: Thu, 06 Jun 2024 22:30:02 GMT
server: openresty
etag: W/"6662386a-574c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 54724460f4f84a25e14ceec10f9f0063
x-ccdn-expires: 2585239
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:39 GMT

GET cd08b168f6f9f78c.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 33e01dc174437db7.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 68 KB
11 KB 57ms
33ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/33e01dc174437db7.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

07130a74d155d9ac221b6cfd31bded85798590e77fa149cd9368fcc5ce1c54cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[6],EU-GER-frankfurt-EDGE2-CACHE15[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE2[9],EU-FRA-paris-GLOBAL1-CACHE16[0,TCP_HIT,8]
age: 6764
alt-svc: h3=":443"; ma=2592000
content-length: 10232
last-modified: Thu, 06 Jun 2024 22:30:02 GMT
server: openresty
etag: W/"6662386a-11048"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: d3c822b34fae932a88789df15178abaa
x-ccdn-expires: 2585259
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET 1f2408d15ce3cc46.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET edc49629357d98d2.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 57e9cb7c26a09e9e.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 61 KB
13 KB 58ms
34ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/57e9cb7c26a09e9e.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

584ab8171208060e40ec5580a0d135107d96433bc2b290e7873051b945c7db56

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[5],EU-GER-frankfurt-EDGE2-CACHE5[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE27[3],EU-FRA-paris-GLOBAL1-CACHE15[0,TCP_HIT,2]
age: 6764
alt-svc: h3=":443"; ma=2592000
content-length: 12735
last-modified: Thu, 06 Jun 2024 22:30:02 GMT
server: openresty
etag: W/"6662386a-f208"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: de36452dedbe246b37b23168d2afad79
x-ccdn-expires: 2585239
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:39 GMT

GET 8e42ff5968a1e27d.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET f77927c578b80ca8.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET 883b6fcad593544e.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET a14182fe1d0ff0df.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET e11975ea42832f88.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 990c05f9f124e7c0.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 69 KB
11 KB 49ms
25ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/990c05f9f124e7c0.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

8f29d66ffcf5eaeb2a258b2699004628d4508aa6183e3c2b39b4888bdb034d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[14],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE26[3],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,1]
age: 4072
alt-svc: h3=":443"; ma=2592000
content-length: 10424
last-modified: Thu, 06 Jun 2024 22:30:02 GMT
server: openresty
etag: W/"6662386a-1136c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 2f454ec3e9e5e99fa3c2e0af8e732b13
x-ccdn-expires: 2587936
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET
H2 200 cfba6ec9d33e5c06.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 11 KB
4 KB 42ms
20ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/cfba6ec9d33e5c06.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

8d581fb5392a15558bde9e41f97ff11e8aa2b5b083144af3d9d041eaaf07e110

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[8],EU-GER-frankfurt-EDGE2-CACHE10[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE18[2],EU-FRA-paris-GLOBAL1-CACHE30[0,TCP_HIT,0]
age: 18630
alt-svc: h3=":443"; ma=2592000
content-length: 3735
last-modified: Thu, 06 Jun 2024 19:00:02 GMT
server: openresty
etag: W/"66620732-2b60"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 51c0691607b8172a8baf7c288b6ea79f
x-ccdn-expires: 2573373
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 19:00:38 GMT

GET
H2 200 93101eba36daba6f.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 77 KB
14 KB 50ms
26ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/93101eba36daba6f.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

3273a955d8674ea4e87cb3073828ebf51a5c97cb63b3046cfd72907eca8e1574

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[13],EU-GER-frankfurt-EDGE5-CACHE6[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE10[3],EU-FRA-paris-GLOBAL1-CACHE26[0,TCP_HIT,2]
age: 4072
alt-svc: h3=":443"; ma=2592000
content-length: 14000
last-modified: Thu, 06 Jun 2024 22:30:02 GMT
server: openresty
etag: W/"6662386a-13248"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 1677471a9d33ef445af0ed615ece9802
x-ccdn-expires: 2587936
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET
H2 200 598d905669c6025c.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 48 KB
7 KB 35ms
13ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/598d905669c6025c.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

24af1995003f4409a6d931b5f1a587941f9a1ce900f26097529317b40287bbdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[6],EU-GER-frankfurt-EDGE2-CACHE5[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE9[5],EU-FRA-paris-GLOBAL1-CACHE5[0,TCP_HIT,1]
age: 6764
alt-svc: h3=":443"; ma=2592000
content-length: 6905
last-modified: Thu, 06 Jun 2024 22:30:02 GMT
server: openresty
etag: W/"6662386a-bf70"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 65c35d38558cad9271a85354d8dafc16
x-ccdn-expires: 2585239
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET
H2 200 88e75949f89cfbf8.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 55 KB
10 KB 60ms
37ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/88e75949f89cfbf8.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

dc37e9879e8bd83ee25a326bf61c628509a66e92efa5624fa6d34f8d7f096b9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[16],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE14[8],EU-FRA-paris-GLOBAL1-CACHE17[0,TCP_HIT,3]
age: 4072
alt-svc: h3=":443"; ma=2592000
content-length: 9734
last-modified: Thu, 06 Jun 2024 22:30:02 GMT
server: openresty
etag: W/"6662386a-dd38"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 0f918d2ad3d4ab321b68ff297ead8d52
x-ccdn-expires: 2587936
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET 24d0fa044b44d70e.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET 1431f6dcbe95fda5.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 f6c10e129a0d174c.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 246 KB
38 KB 58ms
35ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/f6c10e129a0d174c.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

463eb47cd2254c4b5863f7b0820a98be0d7f2935dd6296cefd798b4a391e8b7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[17],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE6[12],EU-FRA-paris-GLOBAL1-CACHE24[0,TCP_HIT,10]
age: 4072
alt-svc: h3=":443"; ma=2592000
content-length: 38552
last-modified: Thu, 06 Jun 2024 22:30:03 GMT
server: openresty
etag: W/"6662386b-3d844"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 3538f5b5f73bb926c0559f3ac00cab81
x-ccdn-expires: 2587936
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET
H2 200 8772935ff7e8c75d.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 60 KB
11 KB 65ms
43ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/8772935ff7e8c75d.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

fe3a08422f86a7008497501815a0cc29ae050b24e8e93fb6eb279f17775c5b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[8],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE26[3],EU-FRA-paris-GLOBAL1-CACHE12[0,TCP_HIT,1]
age: 19835
alt-svc: h3=":443"; ma=2592000
content-length: 10918
last-modified: Thu, 06 Jun 2024 19:00:02 GMT
server: openresty
etag: W/"66620732-f1e0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 5408e175072df7f7aa493eaaef3232ca
x-ccdn-expires: 2572173
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 19:02:38 GMT

GET 34f30a4a4dbb36a6.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 a8cc2c4e65934e18.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 36 KB
7 KB 68ms
45ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/a8cc2c4e65934e18.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

370b6d53b0e018222ef59b744698335c4dcfe4d4f910cca6abdc07570aadb872

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[9],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE25[3],EU-FRA-paris-GLOBAL1-CACHE20[0,TCP_HIT,2]
age: 19835
alt-svc: h3=":443"; ma=2592000
content-length: 6258
last-modified: Thu, 06 Jun 2024 19:00:02 GMT
server: openresty
etag: W/"66620732-9158"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: c6918ffea57a2c51028ed48c27dc1e81
x-ccdn-expires: 2572173
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 19:02:38 GMT

GET 9d824e7dd4580eaa.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 fb9c4c19d3107c92.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 67 KB
11 KB 68ms
46ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/fb9c4c19d3107c92.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

63c93e14064307529e1d12a95bac7ff038a370bf984eb5d10fc38fb365359300

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[10],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE23[3],EU-FRA-paris-GLOBAL1-CACHE5[0,TCP_HIT,2]
age: 4072
alt-svc: h3=":443"; ma=2592000
content-length: 10221
last-modified: Thu, 06 Jun 2024 22:30:03 GMT
server: openresty
etag: W/"6662386b-10c3c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 01d1310ea42bc2479352dfd128cab50b
x-ccdn-expires: 2587936
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET
H2 200 996aad8f246e63cd.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 50 KB
10 KB 35ms
15ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/996aad8f246e63cd.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

c2c830c63d3bd655e4cd950becc032c7da3487865206714b38e3a54d2fcf10b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[6],EU-GER-frankfurt-EDGE2-CACHE11[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE12[1],EU-FRA-paris-GLOBAL1-CACHE11[0,TCP_HIT,0]
age: 18630
alt-svc: h3=":443"; ma=2592000
content-length: 9815
last-modified: Thu, 06 Jun 2024 19:00:02 GMT
server: openresty
etag: W/"66620732-c950"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 8f43ab741b53d7d7413f2acf632b74dc
x-ccdn-expires: 2573393
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 19:02:39 GMT

GET
H2 200 b9fd919021b8f783.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 4 KB
2 KB 56ms
35ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/b9fd919021b8f783.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

a50ff35710943b8b0c6dfaaf0b7e0cb36355e0b1edb18b2d69eac7d31cb5f1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[7],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE25[3],EU-FRA-paris-GLOBAL1-CACHE9[0,TCP_HIT,1]
age: 63049
alt-svc: h3=":443"; ma=2592000
content-length: 1742
last-modified: Thu, 06 Jun 2024 06:00:02 GMT
server: openresty
etag: W/"66615062-f84"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 4fb8a5d8bcc8cf3f49a348e3d9f2a428
x-ccdn-expires: 2528959
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 06:08:45 GMT

GET ed0a07af441fbe0b.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET 83882d2ccebbad0c.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET 861cd1cd360e0b04.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET 93f6d987591dff51.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET 04767f36e841d3e0.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 fe2c1d10ab0254c9.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 19 KB
4 KB 28ms
9ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/fe2c1d10ab0254c9.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

8e46f8a60987f5f0addadc6a97b316de57b3d98f2d6bdfda3370011cc9229611

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[2],EU-GER-frankfurt-EDGE2-CACHE7[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE30[2],EU-FRA-paris-GLOBAL1-CACHE26[0,TCP_HIT,0]
age: 18630
alt-svc: h3=":443"; ma=2592000
content-length: 3134
last-modified: Thu, 06 Jun 2024 19:00:02 GMT
server: openresty
etag: W/"66620732-4a38"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 55412582d7b7748a6284a8f1e6b984a5
x-ccdn-expires: 2573373
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 19:02:40 GMT

GET 15afd8ab611504fd.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 0d7b496ccecdb9e2.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 116 KB
19 KB 64ms
45ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/0d7b496ccecdb9e2.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

30d20bcf8a5226355a5fffab5a07826f3b18048227104405e2de529d3d84f23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[11],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE20[3],EU-FRA-paris-GLOBAL1-CACHE21[0,TCP_HIT,1]
age: 19835
alt-svc: h3=":443"; ma=2592000
content-length: 18561
last-modified: Thu, 06 Jun 2024 19:00:02 GMT
server: openresty
etag: W/"66620732-1ce6c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: e5d869052c389a8f04172c945ad0760d
x-ccdn-expires: 2572173
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 19:02:41 GMT

GET e2fbe2932a2bbaf7.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET 6cab0b497cf32265.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET 97f5b47003f2f354.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET 6d469253da4005d0.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 22744429c957e860.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 109 KB
12 KB 31ms
12ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/22744429c957e860.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

67a1c641b0c431ac633ad2351ecb5197a68ec0602792b880e5f884eb1df9fda7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[6],EU-GER-frankfurt-EDGE5-CACHE1[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE23[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,2]
age: 19835
alt-svc: h3=":443"; ma=2592000
content-length: 11908
last-modified: Thu, 06 Jun 2024 19:00:03 GMT
server: openresty
etag: W/"66620733-1b2bc"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: c833f7231eaecb72012ae0588fcb07af
x-ccdn-expires: 2572173
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 19:02:42 GMT

GET
H2 200 e962d579432c016f.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 17 KB
5 KB 31ms
13ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/e962d579432c016f.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

30ce313046871d784429113f3a33c118a6a4db0b3ba664d8fba17ad98fcbd446

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[5],EU-GER-frankfurt-EDGE5-CACHE4[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE4[2],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,2]
age: 65496
alt-svc: h3=":443"; ma=2592000
content-length: 4383
last-modified: Thu, 06 Jun 2024 04:32:14 GMT
server: openresty
etag: W/"66613bce-4450"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: dc09ede9883c01c5ad62341b42c87c29
x-ccdn-expires: 2526512
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 04:33:08 GMT

GET 7688dba77635b2dc.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET 1472bb48e09178a6.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET f0c0e07b33131ecf.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET cc65f67b344ba636.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 0eb197b9c97a8e90.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 38 KB
9 KB 38ms
22ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/0eb197b9c97a8e90.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

d4b5f6a91241be810355362c4f61e88bfd1e8a7eb6985f591995da01950916c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[14],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE14[3],EU-FRA-paris-GLOBAL1-CACHE20[0,TCP_HIT,2]
age: 63049
alt-svc: h3=":443"; ma=2592000
content-length: 8685
last-modified: Thu, 06 Jun 2024 06:00:02 GMT
server: openresty
etag: W/"66615062-96d8"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 55f745d7de4910aef055ac41fcdda46a
x-ccdn-expires: 2528959
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 06:08:45 GMT

GET 69ea06d526746c70.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET 991ea744ff657ab9.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 8152115e82af4169.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 52 B
679 B 35ms
22ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/8152115e82af4169.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

289d32138f67d7ac5ec63415bb25c675b932d3ed24c1f8389573e6973de34c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE2-CACHE4[7],EU-GER-frankfurt-EDGE2-CACHE12[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE27[2],EU-FRA-paris-GLOBAL1-CACHE26[0,TCP_HIT,1]
x-ccdn-cachettl: 2592000
content-encoding: br
age: 548634
alt-svc: h3=":443"; ma=2592000
last-modified: Fri, 31 May 2024 16:01:04 GMT
server: openresty
etag: W/"6659f440-34"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: f009eb798f64b09e70b8e35acf8e6414
x-ccdn-expires: 2043389
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Fri, 07 Jun 2024 16:01:49 GMT

GET cd755cc55f18c9ff.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET fc93f9b690e1b3ac.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 db8ea42aecdf2d45.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 9 KB
4 KB 28ms
16ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/db8ea42aecdf2d45.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

40f7fd4e0e003be2de414259df529914bd1fb3902407d7b4c8f8f9030cc625ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[6],EU-GER-frankfurt-EDGE2-CACHE3[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE24[3],EU-FRA-paris-GLOBAL1-CACHE3[0,TCP_HIT,1]
age: 28908
alt-svc: h3=":443"; ma=2592000
content-length: 3002
last-modified: Thu, 06 Jun 2024 14:40:04 GMT
server: openresty
etag: W/"6661ca44-22e0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 7548d759066d4f65530055cdde138078
x-ccdn-expires: 2563095
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 14:40:30 GMT

GET 1a7e2e136eee1c43.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 fca9f818bc1797ab.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 6 KB
3 KB 52ms
38ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/fca9f818bc1797ab.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

610faadcced0571606098dd6ffdadd9d2b9f7a0f0670dcb93afd6bcb844abe89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[16],EU-GER-frankfurt-EDGE5-CACHE5[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE2[4],EU-FRA-paris-GLOBAL1-CACHE30[0,TCP_HIT,3]
age: 19835
alt-svc: h3=":443"; ma=2592000
content-length: 1973
last-modified: Thu, 06 Jun 2024 19:00:04 GMT
server: openresty
etag: W/"66620734-1730"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: d59b08966392ac983b874f5f98ac09bd
x-ccdn-expires: 2572173
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 19:02:45 GMT

GET 7cdc802479ab68b1.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 86410cce186cc02d.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 88 KB
9 KB 37ms
26ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/86410cce186cc02d.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

1e8542e688a8e111a58fcf4d817016fdfaabb435d0dc5e0eb14bfcde410e028f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[7],EU-GER-frankfurt-EDGE2-CACHE5[0,TCP_HIT,5],EU-FRA-paris-GLOBAL1-CACHE14[3],EU-FRA-paris-GLOBAL1-CACHE5[0,TCP_HIT,1]
age: 6764
alt-svc: h3=":443"; ma=2592000
content-length: 8605
last-modified: Thu, 06 Jun 2024 22:30:05 GMT
server: openresty
etag: W/"6662386d-15e5c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 5803ac8f7bc029e0d6d4db51c1fad9da
x-ccdn-expires: 2585239
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:39 GMT

GET
H2 200 14c782b896b79ad0.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 32 KB
8 KB 30ms
19ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/14c782b896b79ad0.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

8aca42d1458378c95cc451123d24b1b150ffa5d5cbaeee322ba414f191856119

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[6],EU-GER-frankfurt-EDGE2-CACHE11[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE11[3],EU-FRA-paris-GLOBAL1-CACHE23[0,TCP_HIT,0]
age: 18630
alt-svc: h3=":443"; ma=2592000
content-length: 7507
last-modified: Thu, 06 Jun 2024 19:00:05 GMT
server: openresty
etag: W/"66620735-7e60"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 2eb7e2540ff2e0a10916233eb91fa623
x-ccdn-expires: 2573393
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 19:02:45 GMT

GET 891116bd8f97d223.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET 6128a4943993728d.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET 733eaa5435634164.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET 84883c545345d6c8.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 2e8c7ff7e32d07f6.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 10 KB
3 KB 41ms
30ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/2e8c7ff7e32d07f6.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

c3ba0a7171fa6b49cf2aa86668e3e204edeba1dd7b6c5dd3dc0bdcb2a6855655

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[11],EU-GER-frankfurt-EDGE5-CACHE1[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE29[4],EU-FRA-paris-GLOBAL1-CACHE21[0,TCP_HIT,2]
age: 4072
alt-svc: h3=":443"; ma=2592000
content-length: 2539
last-modified: Thu, 06 Jun 2024 22:30:05 GMT
server: openresty
etag: W/"6662386d-29cc"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 1dcdd7f0ea310e53920e569bddd58f91
x-ccdn-expires: 2587936
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET
H2 200 28aa62cb5a61affa.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 98 KB
13 KB 40ms
29ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/28aa62cb5a61affa.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

d7a3d544e81b9ccee76a82806314041dedd6f458a003ba7130c7e6d13d421397

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[11],EU-GER-frankfurt-EDGE5-CACHE6[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE26[4],EU-FRA-paris-GLOBAL1-CACHE25[0,TCP_HIT,3]
age: 19835
alt-svc: h3=":443"; ma=2592000
content-length: 12202
last-modified: Thu, 06 Jun 2024 19:00:05 GMT
server: openresty
etag: W/"66620735-18778"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 32d5107c83889aa2060bda677f9b15e7
x-ccdn-expires: 2572173
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 19:02:46 GMT

GET
H2 200 36ac292442ff8b9c.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 776 B
1 KB 49ms
38ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/36ac292442ff8b9c.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

7e9a23b398ab640cd9c7bd56759ffa59e1dfe2847c8738547fdea4ea0ba8b749

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[12],EU-GER-frankfurt-EDGE5-CACHE6[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE30[8],EU-FRA-paris-GLOBAL1-CACHE25[0,TCP_HIT,4]
age: 19835
alt-svc: h3=":443"; ma=2592000
content-length: 606
last-modified: Thu, 06 Jun 2024 19:00:05 GMT
server: openresty
etag: W/"66620735-308"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: aefe06d2b1f6c4a28ba0a53a994b4472
x-ccdn-expires: 2572173
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 19:02:46 GMT

GET 8a65cf19ecdf3b20.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 9d12729ae58f1f1c.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 170 KB
18 KB 33ms
25ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/9d12729ae58f1f1c.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

512b59750d98b6b2fa785b24c1ae506dada9bebd0892cf57963a08667100a367

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[6],EU-GER-frankfurt-EDGE2-CACHE6[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE21[3],EU-FRA-paris-GLOBAL1-CACHE6[0,TCP_HIT,2]
age: 6764
alt-svc: h3=":443"; ma=2592000
content-length: 17985
last-modified: Thu, 06 Jun 2024 22:30:05 GMT
server: openresty
etag: W/"6662386d-2a930"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: e3c9a91837a9a80ee90d9c43aa11bc6f
x-ccdn-expires: 2585239
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 22:30:40 GMT

GET 54883b5ba712742f.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET 33155d5a81d37fba.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET fa9ed23a0da43474.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET de4966e82050da48.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET 6d97944d0b07ef8a.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 c35c30c1f2ce05ca.js Show response
io2.c2.ddcsdt.com/upload/script/06/ 13 KB
4 KB 39ms
30ms Script
application/javascript 90.84.161.22
OCB_HONEY_CDN_ASN...

General

Check archive.org

Show headers Download Go to

Full URL

https://io2.c2.ddcsdt.com/upload/script/06/c35c30c1f2ce05ca.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),

Reverse DNS

Software

openresty /

Resource Hash

ba3af5b16c108f9cbb2a6a3d75af8a9f0206a0a51f789e38170fd9b84538de63

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE5-CACHE4[10],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE27[2],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,0]
age: 30239
alt-svc: h3=":443"; ma=2592000
content-length: 3649
last-modified: Thu, 06 Jun 2024 16:01:05 GMT
server: openresty
etag: W/"6661dd41-3518"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 5a8df782ec8fe7bb8efec58990ddcd37
x-ccdn-expires: 2561769
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Thu, 13 Jun 2024 16:06:16 GMT

GET 5badde4d27723e8e.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET 3b8e83ebc408e8ba.js
io3.c2.ddcsdt.com/upload/script/06/ 0
0

GET e3dc1d04a35b47f2.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET 559ed799e04c2e57.js
io4.c2.ddcsdt.com/upload/script/06/ 0
0

GET
H2 200 a994d27b7d7d47eb.js Show response
io1.c2.ddcsdt.com/upload/script/06/ 5 KB
3 KB 30ms
23ms Script
application/javascript 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/script/06/a994d27b7d7d47eb.js

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

9d9fa91efca949be633d332a768dd5f14721fb1514242b00553a6d0e157394ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[5],EU-GER-frankfurt-EDGE2-CACHE15[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE22[3],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,2]
age: 548634
alt-svc: h3=":443"; ma=2592000
content-length: 2484
last-modified: Fri, 31 May 2024 16:01:06 GMT
server: openresty
etag: W/"6659f442-14e0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: cedb53227f0d0ad19624f954f24e258d
x-ccdn-expires: 2043389
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Fri, 07 Jun 2024 16:01:49 GMT

GET 4f0bc1080e55d8c5.js
io5.c2.ddcsdt.com/upload/script/06/ 0
0

GET hm.js
hm.baidu.com/ 0
0

GET 33804ee369825fcf86eef0b7dded71
io9.c1.ddcsdt.com/upload/epy/img/202405/20/ 0
0

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e12eec8bbdcfc4ca8debc2103765b7c51eb550f569c90faa305cc88cd97fb

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0.html Show response
42161e.qj5ha1kn1igguu4.top/iframe/3/ Frame F1FA 14 KB
4 KB 229ms
228ms Document
text/html 16.162.142.148

General

Check archive.org

Show headers Download Go to

Full URL: https://42161e.qj5ha1kn1igguu4.top:16688/iframe/3/0.html
Requested by: Host: 42161g.com
URL: https://42161g.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 16.162.142.148 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 22fa510fc8cb5ebb71d15e2f7d66ae83c7fcd1a23035d3db347f1501883189e0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8 text/html; charset=utf-8
date: Fri, 07 Jun 2024 00:47:34 GMT
server: nginx
vary: Accept-Encoding

GET d064d9a0dfd9967199f3fb0d7adc4f
io6.c1.ddcsdt.com/upload/epy/img/202405/0b/ 0
0

GET faa9e2f21cc7a4bfaddd58f389c7c1
io4.c2.ddcsdt.com/upload/epy/img/202307/64/ 0
0

GET 1c9ad867857475fcd019af4e901e11
io8.c1.ddcsdt.com/upload/epy/img/202405/7d/ 0
0

GET d71b82d3cfc1fc2597be882b6a48bc
io3.c2.ddcsdt.com/upload/epy/img/202312/a2/ 0
0

GET e2a6e45ce9f8c18dda5176cf635633
io4.c2.ddcsdt.com/upload/epy/img/202405/d1/ 0
0

GET 94b4c81f2885431b9d61c8caf480e6
io5.c1.ddcsdt.com/upload/epy/img/202405/92/ 0
0

GET
H3 200 749bca18fbee499325cefb1a63ffc8 Show response
io1.c2.ddcsdt.com/upload/epy/img/202401/52/ 2 KB
3 KB 26ms
12ms XHR
application/octet-stream 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/epy/img/202401/52/749bca18fbee499325cefb1a63ffc8

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

QUIC, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

a2f06914439face5c64c453c0cd46057e48088f85a9c16ca692c029d99d1a0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE2-CACHE9[4],EU-GER-frankfurt-EDGE2-CACHE15[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE19[462],EU-FRA-paris-GLOBAL1-CACHE14[457,TCP_MISS,460]
x-ccdn-cachettl: 2592000
age: 5596537
alt-svc: h3=":443"; ma=2592000
content-length: 2117
last-modified: Sun, 28 Jan 2024 04:43:36 GMT
server: openresty
etag: "65b5db78-845"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: bf22a783632fc46234c8c7879e9cc3dc
x-ccdn-expires: 2188997
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET
H3 200 749bca18fbee499325cefb1a63ffc8 Show response
io1.c2.ddcsdt.com/upload/epy/img/202401/52/ 2 KB
552 B 34ms
9ms XHR
application/octet-stream 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/epy/img/202401/52/749bca18fbee499325cefb1a63ffc8

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

QUIC, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

a2f06914439face5c64c453c0cd46057e48088f85a9c16ca692c029d99d1a0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:34 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE2-CACHE9[2],EU-GER-frankfurt-EDGE2-CACHE15[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE19[462],EU-FRA-paris-GLOBAL1-CACHE14[457,TCP_MISS,460]
x-ccdn-cachettl: 2592000
age: 5596537
alt-svc: h3=":443"; ma=2592000
content-length: 2117
last-modified: Sun, 28 Jan 2024 04:43:36 GMT
server: openresty
etag: "65b5db78-845"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: db4e8149b46a8e524b8b3d9ccda1e1a9
x-ccdn-expires: 2188997
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET 604779e2eccd1
io3.c2.ddcsdt.com/upload/epy/2021/03/09/ 0
0

GET 9c9327fd50e91c3daef6d39de62c84
io7.c1.ddcsdt.com/upload/epy/img/202202/4a/ 0
0

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9be846c18af51a3afe4ae5926237234faa293785eac585f4122eb8c8e1ddebac

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 kj.css
io1.c2.ddcsdt.com/static/css/ Frame F1FA 11 KB
8 KB 9ms
8ms Stylesheet
text/css 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/static/css/kj.css

Requested by

Host: 42161e.qj5ha1kn1igguu4.top
URL: https://42161e.qj5ha1kn1igguu4.top:16688/iframe/3/0.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

9a84da90097a7ae33791c6fe8be6ea54df542eeea48808f584537235b3637809

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
x-ccdn-cachettl: 2592000
via: EU-GER-frankfurt-EDGE2-CACHE4[2],EU-GER-frankfurt-EDGE2-CACHE10[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE29[2],EU-FRA-paris-GLOBAL1-CACHE10[0,TCP_HIT,1]
age: 752628
alt-svc: h3=":443"; ma=2592000
content-length: 7696
last-modified: Fri, 03 May 2024 07:11:23 GMT
server: openresty
etag: W/"66348e1b-2b9a"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 8808fdfd99ed2af1204bd0c1378afea4
x-ccdn-expires: 1839377
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1
expires: Wed, 05 Jun 2024 06:06:14 GMT

GET 609d070dd5575
io4.c2.ddcsdt.com/upload/epy/2021/05/13/ 0
0

GET
H3 200 star Show response
io1.c2.ddcsdt.com/upload/epy/skin/image/ 4 KB
4 KB 11ms
9ms XHR
application/octet-stream 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/epy/skin/image/star

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

QUIC, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

007394374725260ef08004fb4e08267e131604e4a83e6b10a017758bdf2d3259

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE2-CACHE9[2],EU-GER-frankfurt-EDGE2-CACHE7[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE1[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
age: 219327
alt-svc: h3=":443"; ma=2592000
content-length: 4019
last-modified: Fri, 24 Sep 2021 07:11:32 GMT
server: openresty
etag: "614d7a24-fb3"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: d5cf5e9579fb128ad9aefedbe9e3628f
x-ccdn-expires: 2372678
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET
H3 200 star Show response
io1.c2.ddcsdt.com/upload/epy/skin/image/ 4 KB
0 11ms
11ms XHR
application/octet-stream 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL: https://io1.c2.ddcsdt.com/upload/epy/skin/image/star
Requested by: Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 223.121.15.24 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 007394374725260ef08004fb4e08267e131604e4a83e6b10a017758bdf2d3259

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:35 GMT
via: EU-GER-frankfurt-EDGE2-CACHE9[2],EU-GER-frankfurt-EDGE2-CACHE7[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE1[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
age: 219327
alt-svc: h3=":443"; ma=2592000
content-length: 4019
last-modified: Fri, 24 Sep 2021 07:11:32 GMT
server: openresty
etag: "614d7a24-fb3"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: d5cf5e9579fb128ad9aefedbe9e3628f
x-ccdn-expires: 2372678
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET
H3 200 star Show response
io1.c2.ddcsdt.com/upload/epy/skin/image/ 4 KB
0 12ms
11ms XHR
application/octet-stream 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL: https://io1.c2.ddcsdt.com/upload/epy/skin/image/star
Requested by: Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 223.121.15.24 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 007394374725260ef08004fb4e08267e131604e4a83e6b10a017758bdf2d3259

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:35 GMT
via: EU-GER-frankfurt-EDGE2-CACHE9[2],EU-GER-frankfurt-EDGE2-CACHE7[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE1[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
age: 219327
alt-svc: h3=":443"; ma=2592000
content-length: 4019
last-modified: Fri, 24 Sep 2021 07:11:32 GMT
server: openresty
etag: "614d7a24-fb3"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: d5cf5e9579fb128ad9aefedbe9e3628f
x-ccdn-expires: 2372678
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET
H3 200 star Show response
io1.c2.ddcsdt.com/upload/epy/skin/image/ 4 KB
0 13ms
13ms XHR
application/octet-stream 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL: https://io1.c2.ddcsdt.com/upload/epy/skin/image/star
Requested by: Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 223.121.15.24 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 007394374725260ef08004fb4e08267e131604e4a83e6b10a017758bdf2d3259

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:35 GMT
via: EU-GER-frankfurt-EDGE2-CACHE9[2],EU-GER-frankfurt-EDGE2-CACHE7[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE1[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
age: 219327
alt-svc: h3=":443"; ma=2592000
content-length: 4019
last-modified: Fri, 24 Sep 2021 07:11:32 GMT
server: openresty
etag: "614d7a24-fb3"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: d5cf5e9579fb128ad9aefedbe9e3628f
x-ccdn-expires: 2372678
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET
H3 200 star Show response
io1.c2.ddcsdt.com/upload/epy/skin/image/ 4 KB
0 14ms
14ms XHR
application/octet-stream 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL: https://io1.c2.ddcsdt.com/upload/epy/skin/image/star
Requested by: Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 223.121.15.24 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 007394374725260ef08004fb4e08267e131604e4a83e6b10a017758bdf2d3259

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:35 GMT
via: EU-GER-frankfurt-EDGE2-CACHE9[2],EU-GER-frankfurt-EDGE2-CACHE7[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE1[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,2]
x-ccdn-cachettl: 2592000
age: 219327
alt-svc: h3=":443"; ma=2592000
content-length: 4019
last-modified: Fri, 24 Sep 2021 07:11:32 GMT
server: openresty
etag: "614d7a24-fb3"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: d5cf5e9579fb128ad9aefedbe9e3628f
x-ccdn-expires: 2372678
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET
H3 200 rz Show response
io1.c2.ddcsdt.com/upload/epy/skin/image/ 2 KB
2 KB 11ms
10ms XHR
application/octet-stream 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/epy/skin/image/rz

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

QUIC, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

bad7c894d8aacefd3381044a11bddb95d9f32c5348d93a5531b92ac921a19b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE2-CACHE9[2],EU-GER-frankfurt-EDGE2-CACHE9[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE20[15],EU-FRA-paris-GLOBAL1-CACHE9[0,TCP_HIT,10]
x-ccdn-cachettl: 2592000
age: 5942464
alt-svc: h3=":443"; ma=2592000
content-length: 1575
last-modified: Fri, 24 Sep 2021 07:11:44 GMT
server: openresty
etag: "614d7a30-627"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: b4202afb01dfdc576034c1f880f581db
x-ccdn-expires: 1833684
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET az
io4.c2.ddcsdt.com/upload/epy/skin/image/ 0
0

GET ios
io5.c2.ddcsdt.com/upload/epy/skin/image/ 0
0

GET
H3 200 web Show response
io1.c2.ddcsdt.com/upload/epy/skin/image/ 980 B
2 KB 11ms
11ms XHR
application/octet-stream 223.121.15.24

General

Check archive.org

Show headers Download Go to

Full URL

https://io1.c2.ddcsdt.com/upload/epy/skin/image/web

Requested by

Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js

Protocol

Security

QUIC, , AES_256_GCM

Server

223.121.15.24 -, , ASN (),

Reverse DNS

Software

openresty /

Resource Hash

1994c19a428c09b18760cefd8eba4d3f93bf71829865aa4f8ba4817219c3685a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://42161e.qj5ha1kn1igguu4.top:16688/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

nginx-hit: 1
date: Fri, 07 Jun 2024 00:47:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: EU-GER-frankfurt-EDGE2-CACHE9[2],EU-GER-frankfurt-EDGE2-CACHE9[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE16[9],EU-FRA-paris-GLOBAL1-CACHE21[0,TCP_HIT,9]
x-ccdn-cachettl: 2592000
age: 5942464
alt-svc: h3=":443"; ma=2592000
content-length: 980
last-modified: Fri, 24 Sep 2021 07:10:57 GMT
server: openresty
etag: "614d7a01-3d4"
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
x-ccdn-req-id-46b1: 06c17aaf0d83ca764bd881ce83df30d9
x-ccdn-expires: 1833684
accept-ranges: bytes
access-control-allow-headers: X-Requested-With,Content-Type
x-hcs-proxy-type: 1

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21bf8a133c5daffdb5e05c21e9e104c7f9cfb49e6e3bac0ee222c89a862aa574

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4694f8ed643b9e6c20f517441efe5e45082d454e07c3d5b7088cca06a095e81e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 972 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d02d7cdebcf292a9cbc0a9b82965fbcbb9628cef9007c0b2309daf515307c69b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/db2ce2a5b96ee18e.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/571ebf89933f6c75.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/cd08b168f6f9f78c.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/1f2408d15ce3cc46.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/edc49629357d98d2.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/8e42ff5968a1e27d.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/f77927c578b80ca8.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/883b6fcad593544e.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/a14182fe1d0ff0df.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/e11975ea42832f88.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/24d0fa044b44d70e.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/1431f6dcbe95fda5.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/34f30a4a4dbb36a6.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/9d824e7dd4580eaa.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/ed0a07af441fbe0b.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/83882d2ccebbad0c.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/861cd1cd360e0b04.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/93f6d987591dff51.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/04767f36e841d3e0.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/15afd8ab611504fd.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/e2fbe2932a2bbaf7.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/6cab0b497cf32265.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/97f5b47003f2f354.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/6d469253da4005d0.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/7688dba77635b2dc.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/1472bb48e09178a6.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/f0c0e07b33131ecf.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/cc65f67b344ba636.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/69ea06d526746c70.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/991ea744ff657ab9.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/cd755cc55f18c9ff.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/fc93f9b690e1b3ac.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/1a7e2e136eee1c43.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/7cdc802479ab68b1.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/891116bd8f97d223.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/6128a4943993728d.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/733eaa5435634164.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/84883c545345d6c8.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/8a65cf19ecdf3b20.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/54883b5ba712742f.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/33155d5a81d37fba.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/fa9ed23a0da43474.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/de4966e82050da48.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/6d97944d0b07ef8a.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/5badde4d27723e8e.js

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/script/06/3b8e83ebc408e8ba.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/e3dc1d04a35b47f2.js

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/559ed799e04c2e57.js

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/4f0bc1080e55d8c5.js

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.js?498c4d187790e18e5e3ed09ddfb806b1

Domain: io9.c1.ddcsdt.com
URL: https://io9.c1.ddcsdt.com/upload/epy/img/202405/20/33804ee369825fcf86eef0b7dded71

Domain: io6.c1.ddcsdt.com
URL: https://io6.c1.ddcsdt.com/upload/epy/img/202405/0b/d064d9a0dfd9967199f3fb0d7adc4f

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/epy/img/202307/64/faa9e2f21cc7a4bfaddd58f389c7c1

Domain: io8.c1.ddcsdt.com
URL: https://io8.c1.ddcsdt.com/upload/epy/img/202405/7d/1c9ad867857475fcd019af4e901e11

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/epy/img/202312/a2/d71b82d3cfc1fc2597be882b6a48bc

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/epy/img/202405/d1/e2a6e45ce9f8c18dda5176cf635633

Domain: io5.c1.ddcsdt.com
URL: https://io5.c1.ddcsdt.com/upload/epy/img/202405/92/94b4c81f2885431b9d61c8caf480e6

Domain: io3.c2.ddcsdt.com
URL: https://io3.c2.ddcsdt.com/upload/epy/2021/03/09/604779e2eccd1

Domain: io7.c1.ddcsdt.com
URL: https://io7.c1.ddcsdt.com/upload/epy/img/202202/4a/9c9327fd50e91c3daef6d39de62c84

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/epy/2021/05/13/609d070dd5575

Domain: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/epy/skin/image/az

Domain: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/epy/skin/image/ios

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-21 06:44:41	Name: HMACCOUNT_BFESS Value: 640E0A9F652D3F9E
.42161g.com/	1970-01-21 05:54:17	Name: Hm_lvt_edd94c426599867ca8045d6c570422a5 Value: 1717721252
.42161g.com/	1969-12-31 23:59:59	Name: Hm_lpvt_edd94c426599867ca8045d6c570422a5 Value: 1717721252

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://42161g.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://42161g.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42161e.qj5ha1kn1igguu4.top
42161g.com
hm.baidu.com
io1.c2.ddcsdt.com
io2.c2.ddcsdt.com
io3.c2.ddcsdt.com
io4.c2.ddcsdt.com
io5.c1.ddcsdt.com
io5.c2.ddcsdt.com
io6.c1.ddcsdt.com
io7.c1.ddcsdt.com
io8.c1.ddcsdt.com
io9.c1.ddcsdt.com
hm.baidu.com
io3.c2.ddcsdt.com
io4.c2.ddcsdt.com
io5.c1.ddcsdt.com
io5.c2.ddcsdt.com
io6.c1.ddcsdt.com
io7.c1.ddcsdt.com
io8.c1.ddcsdt.com
io9.c1.ddcsdt.com
14.215.182.140
16.162.142.148
18.163.57.171
223.121.15.24
90.84.161.22
007394374725260ef08004fb4e08267e131604e4a83e6b10a017758bdf2d3259
0569092b49a5ff68c96d8d045167f745abb9de5ad5cf24156701f84d27bb1576
07130a74d155d9ac221b6cfd31bded85798590e77fa149cd9368fcc5ce1c54cb
08d4b5efee59f89577c70d08096862f27d716fd80daaa3694e634038d8a07ff7
123f01e84501d2cdc0a288a038ec438990ecab3b00edfbc2bfebc577eaaa00dd
12accad0de13e400d340cc2e99774c6353c01a69bed20162baf25b8e508df046
1339244a81215999b724d759bd26551d2d203dd3cbd9bbde9165eb99715b60f7
1994c19a428c09b18760cefd8eba4d3f93bf71829865aa4f8ba4817219c3685a
1e8542e688a8e111a58fcf4d817016fdfaabb435d0dc5e0eb14bfcde410e028f
21bf8a133c5daffdb5e05c21e9e104c7f9cfb49e6e3bac0ee222c89a862aa574
22fa510fc8cb5ebb71d15e2f7d66ae83c7fcd1a23035d3db347f1501883189e0
24af1995003f4409a6d931b5f1a587941f9a1ce900f26097529317b40287bbdf
289d32138f67d7ac5ec63415bb25c675b932d3ed24c1f8389573e6973de34c4c
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
30ce313046871d784429113f3a33c118a6a4db0b3ba664d8fba17ad98fcbd446
30d20bcf8a5226355a5fffab5a07826f3b18048227104405e2de529d3d84f23a
3273a955d8674ea4e87cb3073828ebf51a5c97cb63b3046cfd72907eca8e1574
3515a00fbbd8c6ec54578e59f25b45db6bfe10fa2583323f3a1f0a3df3b62c42
370b6d53b0e018222ef59b744698335c4dcfe4d4f910cca6abdc07570aadb872
3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747
40f7fd4e0e003be2de414259df529914bd1fb3902407d7b4c8f8f9030cc625ca
42b03569d113e62a286abc709a2d128998ad8c4b65cc123cb6f8b5d09a54936f
463eb47cd2254c4b5863f7b0820a98be0d7f2935dd6296cefd798b4a391e8b7c
4694f8ed643b9e6c20f517441efe5e45082d454e07c3d5b7088cca06a095e81e
512b59750d98b6b2fa785b24c1ae506dada9bebd0892cf57963a08667100a367
584ab8171208060e40ec5580a0d135107d96433bc2b290e7873051b945c7db56
610faadcced0571606098dd6ffdadd9d2b9f7a0f0670dcb93afd6bcb844abe89
63620516dc82dde776b41d94563783dbf840b1b9e396134e9aa60dda0cee19cf
63c93e14064307529e1d12a95bac7ff038a370bf984eb5d10fc38fb365359300
67a1c641b0c431ac633ad2351ecb5197a68ec0602792b880e5f884eb1df9fda7
7e1bb46307f9533bd884999a404c30df1de8ac6254b79b3337ae8342e95f082a
7e9a23b398ab640cd9c7bd56759ffa59e1dfe2847c8738547fdea4ea0ba8b749
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8aca42d1458378c95cc451123d24b1b150ffa5d5cbaeee322ba414f191856119
8d581fb5392a15558bde9e41f97ff11e8aa2b5b083144af3d9d041eaaf07e110
8e46f8a60987f5f0addadc6a97b316de57b3d98f2d6bdfda3370011cc9229611
8f29d66ffcf5eaeb2a258b2699004628d4508aa6183e3c2b39b4888bdb034d2d
9a84da90097a7ae33791c6fe8be6ea54df542eeea48808f584537235b3637809
9b18d7adc7b2589dc4f226cddb5781b6cb640590e6327512bfc3169a3d057667
9be846c18af51a3afe4ae5926237234faa293785eac585f4122eb8c8e1ddebac
9d9fa91efca949be633d332a768dd5f14721fb1514242b00553a6d0e157394ab
a2f06914439face5c64c453c0cd46057e48088f85a9c16ca692c029d99d1a0c5
a50ff35710943b8b0c6dfaaf0b7e0cb36355e0b1edb18b2d69eac7d31cb5f1a6
af0b4aaa6e2b9a508a7a7de993fd8dd591d0a9b0f573445db1a3d3f820e973e3
ba3af5b16c108f9cbb2a6a3d75af8a9f0206a0a51f789e38170fd9b84538de63
bad7c894d8aacefd3381044a11bddb95d9f32c5348d93a5531b92ac921a19b7f
c2c830c63d3bd655e4cd950becc032c7da3487865206714b38e3a54d2fcf10b5
c37e12eec8bbdcfc4ca8debc2103765b7c51eb550f569c90faa305cc88cd97fb
c3ba0a7171fa6b49cf2aa86668e3e204edeba1dd7b6c5dd3dc0bdcb2a6855655
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02d7cdebcf292a9cbc0a9b82965fbcbb9628cef9007c0b2309daf515307c69b
d27ada727be1a41e4e12ba016b6def9a5810f8c281ebb3fde36653e8c1f235af
d4b5f6a91241be810355362c4f61e88bfd1e8a7eb6985f591995da01950916c2
d7a3d544e81b9ccee76a82806314041dedd6f458a003ba7130c7e6d13d421397
dc37e9879e8bd83ee25a326bf61c628509a66e92efa5624fa6d34f8d7f096b9d
fe3a08422f86a7008497501815a0cc29ae050b24e8e93fb6eb279f17775c5b89

42161e.qj5ha1kn1igguu4.top Open in urlscan Pro 16.162.142.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

49 %HTTPS

0 %IPv6

4 Domains

13 Subdomains

6 IPs

3 Countries

464 kBTransfer

2162 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

42161e.qj5ha1kn1igguu4.top Open in urlscan Pro
16.162.142.148 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

49 %
HTTPS

0 %
IPv6

4
Domains

13
Subdomains

6
IPs

3
Countries

464 kB
Transfer

2162 kB
Size

3
Cookies

122 HTTP transactions
5 data transactions