www.noickjr.com Open in urlscan Pro
45.201.250.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://noickjr.com/
Effective URL:
http://www.noickjr.com/
Submission: On June 14 via api (June 14th 2022, 7:53:07 pm UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 8 countries across 18 domains to perform 89 HTTP transactions. The main IP is 45.201.250.49, located in United States and belongs to HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK. The main domain is www.noickjr.com.

This is the only time www.noickjr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	45.201.250.49 45.201.250.49	139646 (HKMTC-AS-...) (HKMTC-AS-AP HONG KONG Megalayer Technology Co.)
2	115.91.26.61 115.91.26.61	138195 (MOACKCOLT...) (MOACKCOLTD-AS-AP MOACK.Co.LTD)
9	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
2 2	137.220.244.177 137.220.244.177	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
24	202.79.167.88 202.79.167.88	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
10	47.75.19.141 47.75.19.141	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
8	47.254.187.172 47.254.187.172	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
4	20.239.177.209 20.239.177.209	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	20.239.178.148 20.239.178.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	185.10.104.115 185.10.104.115	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
4	2606:4700:303... 2606:4700:3036::ac43:8289	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::ac43:95e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.38.15.39 185.38.15.39	58073 (YISP-AS) (YISP-AS)
4	194.53.53.250 194.53.53.250	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
89	15

4 45.201.250.49 (United States) 1 redirects

ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)

noickjr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.noickjr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 115.91.26.61 (Goyang-si, Korea, Republic Of)

ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR)

xphthe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 137.220.244.177 (Tokyo, Japan) 2 redirects

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

137.220.244.177	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 202.79.167.88 (Singapore)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

tg006.i8p80lev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 47.75.19.141 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

u0064.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u0057.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u0062.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 47.254.187.172 (Frankfurt am Main, Germany)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

n0355.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
n0399.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.239.177.209 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

29873398.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 20.239.178.148 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

28758891.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.10.104.115 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

pic.rmb.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::ac43:8289 (United States)

ASN13335 (CLOUDFLARENET, US)

image.qkf7jq3b.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:95e6 (United States)

ASN13335 (CLOUDFLARENET, US)

image.kkoc5eg1.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.38.15.39 (Netherlands)

ASN58073 (YISP-AS, NL)

siwazywcdn2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 194.53.53.250 (Moscow Oblast, Russian Federation)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

ad.xmmnsl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	i8p80lev.com tg006.i8p80lev.com	175 KB
9	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7748	47 KB
4	xmmnsl.com ad.xmmnsl.com — Cisco Umbrella Rank: 391280	2 MB
4	siwazywcdn2.com siwazywcdn2.com — Cisco Umbrella Rank: 359321	2 MB
4	kkoc5eg1.space image.kkoc5eg1.space	683 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 444	3 MB
4	qkf7jq3b.space image.qkf7jq3b.space	1 MB
4	bdstatic.com pic.rmb.bdstatic.com — Cisco Umbrella Rank: 30064	2 MB
4	n0399.com n0399.com	1 MB
4	28758891.com 28758891.com	690 KB
4	29873398.com 29873398.com	964 KB
4	u0057.com u0057.com	1 MB
4	n0355.com n0355.com	3 MB
4	u0064.com u0064.com — Cisco Umbrella Rank: 469866	1 MB
4	noickjr.com 1 redirects noickjr.com www.noickjr.com	7 KB
2	u0062.com u0062.com	568 KB
2	xphthe.com xphthe.com	787 B
0	51.la Failed js.users.51.la Failed
89	18

	Domain	Requested by
24	tg006.i8p80lev.com	www.noickjr.com tg006.i8p80lev.com
9	hm.baidu.com	www.noickjr.com tg006.i8p80lev.com hm.baidu.com
4	ad.xmmnsl.com	tg006.i8p80lev.com
4	siwazywcdn2.com	tg006.i8p80lev.com
4	image.kkoc5eg1.space	tg006.i8p80lev.com
4	cdn.jsdelivr.net	tg006.i8p80lev.com
4	image.qkf7jq3b.space	tg006.i8p80lev.com
4	pic.rmb.bdstatic.com	tg006.i8p80lev.com
4	n0399.com	tg006.i8p80lev.com
4	28758891.com	tg006.i8p80lev.com
4	29873398.com	tg006.i8p80lev.com
4	u0057.com	tg006.i8p80lev.com
4	n0355.com	tg006.i8p80lev.com
4	u0064.com	tg006.i8p80lev.com
3	www.noickjr.com	www.noickjr.com
2	u0062.com	tg006.i8p80lev.com
2	xphthe.com	www.noickjr.com
1	noickjr.com	1 redirects
0	js.users.51.la Failed	www.noickjr.com
89	19

This site contains no links.

Subject Issuer	Validity	Valid
plavsf.com R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2021-11-15` - `2022-08-02`	9 months	crt.sh
i8p80lev.com ZeroSSL RSA Domain Secure Site CA	`2022-06-01` - `2022-08-30`	3 months	crt.sh
u0064.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-03` - `2023-01-03`	a year	crt.sh
n0355.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
u0057.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-03` - `2023-01-03`	a year	crt.sh
29873398.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
28758891.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
n0399.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
pic.rmb.bdstatic.com TrustAsia TLS RSA CA	`2022-01-21` - `2023-02-21`	a year	crt.sh
*.qkf7jq3b.space E1	`2022-04-20` - `2022-07-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
u0062.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-03` - `2023-01-03`	a year	crt.sh
*.siwazywcdn2.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-28` - `2022-09-28`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://www.noickjr.com/
Frame ID: 534583F3F68E5F515CBCF0DBE359E7AD
Requests: 10 HTTP requests in this frame

Frame: https://tg006.i8p80lev.com:14168/
Frame ID: 9926EC3497E77A47354F1F2938263F79
Requests: 41 HTTP requests in this frame

Frame: https://tg006.i8p80lev.com:14168/
Frame ID: E62C0A22F70F90B99E0CBF6758D8F120
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

周口绷勾商贸有限公司周口绷勾商贸有限公司

Page URL History Show full URLs

http://noickjr.com/ HTTP 301
http://www.noickjr.com/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

89
Requests

96 %
HTTPS

20 %
IPv6

18
Domains

19
Subdomains

15
IPs

8
Countries

19016 kB
Transfer

21130 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://noickjr.com/ HTTP 301
http://www.noickjr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://137.220.244.177/tg.php HTTP 302
https://tg006.i8p80lev.com:14168/

Request Chain 8

http://137.220.244.177/tg.php HTTP 302
https://tg006.i8p80lev.com:14168/

89 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.noickjr.com/
Redirect Chain

http://noickjr.com/
http://www.noickjr.com/

2 KB
2 KB

798ms
181ms

Document
text/html

45.201.250.49
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.noickjr.com/
Protocol: HTTP/1.1
Server: 45.201.250.49 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: e69ffc8492116d7134da168e20a0c4a30205326ddb861297c201c1d0ffe84d67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 1554
Content-Type: text/html
Date: Tue, 14 Jun 2022 19:52:32 GMT
Server: nginx

Redirect headers

Content-Length: 0
Content-Type: text/html
Location: http://www.noickjr.com/
Server: nginx

GET
H/1.1 200
OK common.js Show response
www.noickjr.com/ 4 KB
4 KB 181ms
180ms Script
application/x-javascript 45.201.250.49
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.noickjr.com/common.js
Requested by: Host: www.noickjr.com
URL: http://www.noickjr.com/
Protocol: HTTP/1.1
Server: 45.201.250.49 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 1584fd65e334ed3113142524b93be47516451f864a5b254a8646786b5344f693

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 19:52:32 GMT
Server: nginx
Content-Length: 4429
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.noickjr.com/ 630 B
762 B 184ms
183ms Script
application/x-javascript 45.201.250.49
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.noickjr.com/tj.js
Requested by: Host: www.noickjr.com
URL: http://www.noickjr.com/
Protocol: HTTP/1.1
Server: 45.201.250.49 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: ad068ffb21505dc9e56a6bf0b774b6d590ebe42ac21e2a3821e6fa7e1a786e70

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 19:52:32 GMT
Server: nginx
Content-Length: 630
Content-Type: application/x-javascript

GET
H2 200 juzi_common.php Show response
xphthe.com/ 94 B
394 B 1299ms
317ms XHR
text/html 115.91.26.61
MOACKCOLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://xphthe.com:4568/juzi_common.php?val=juzitv7&t=0.7657715333161315?v=007442382307431572

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

115.91.26.61 Goyang-si, Korea, Republic Of, ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR),

Reverse DNS

Software

nginx /

Resource Hash

74b74bec8c7b1c76fbd41aeed86e718179917e0ce47f132349655fdba34532e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: text/html;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H2 200 juzi_common.php Show response
xphthe.com/ 94 B
393 B 1300ms
319ms XHR
text/html 115.91.26.61
MOACKCOLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://xphthe.com:4568/juzi_common.php?val=juzitv7&t=0.12079141005357696?v=04040284653004933

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

115.91.26.61 Goyang-si, Korea, Republic Of, ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR),

Reverse DNS

Software

nginx /

Resource Hash

74b74bec8c7b1c76fbd41aeed86e718179917e0ce47f132349655fdba34532e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: text/html;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET 21156481.js
js.users.51.la/ 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1411ms
429ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?87efa7579eb12bcdbe7b05a8f9ea2f51

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

a02123266e568ef543ae1d95d5618c0ca2b6944c0d2b5aeaa6c607532750da9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 19:52:37 GMT
Content-Encoding: gzip
Server: apache
Etag: 31afe238bf2a37f34b1317bbc2bf72b7
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11294

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 451ms
451ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?749a867ae77418caf4ad7751cc318a62

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

4fc76fb7c66a74566b63718ea885177fc3a00ac6ceca121e686fbd06fa99bf26

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 19:52:37 GMT
Content-Encoding: gzip
Server: apache
Etag: 679d4f69390d46d40aa8a378f6eba597
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11296

GET
H2

200

/ Show response
tg006.i8p80lev.com/ Frame 9926
Redirect Chain

http://137.220.244.177/tg.php
https://tg006.i8p80lev.com:14168/

65 KB
11 KB

1784ms
724ms

Document
text/html

202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/
Requested by: Host: www.noickjr.com
URL: http://www.noickjr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 287dfccbe4ad78235c3d39e1c8486ad0150f292b238c5bdfbfe6424ce793782b

Request headers

Referer: http://www.noickjr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=10801
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 14 Jun 2022 19:52:39 GMT
expires: Tue, 14 Jun 2022 22:52:40 GMT
last-modified: Tue, 14 Jun 2022 19:22:39 GMT
server: nginx
vary: Accept-Encoding
x-proxy-cache: HIT

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 14 Jun 2022 19:56:32 GMT
Location: https://tg006.i8p80lev.com:14168
Server: nginx
Transfer-Encoding: chunked

GET
H2

200

/ Show response
tg006.i8p80lev.com/ Frame E62C
Redirect Chain

http://137.220.244.177/tg.php
https://tg006.i8p80lev.com:14168/

65 KB
11 KB

1764ms
717ms

Document
text/html

202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/
Requested by: Host: www.noickjr.com
URL: http://www.noickjr.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 287dfccbe4ad78235c3d39e1c8486ad0150f292b238c5bdfbfe6424ce793782b

Request headers

Referer: http://www.noickjr.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=10801
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 14 Jun 2022 19:52:39 GMT
expires: Tue, 14 Jun 2022 22:52:40 GMT
last-modified: Tue, 14 Jun 2022 19:22:39 GMT
server: nginx
vary: Accept-Encoding
x-proxy-cache: HIT

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 14 Jun 2022 19:56:32 GMT
Location: https://tg006.i8p80lev.com:14168
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 418ms
418ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=212109153&si=87efa7579eb12bcdbe7b05a8f9ea2f51&v=1.2.94&lv=1&sn=18863&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.noickjr.com%2F&tt=%E5%91%A8%E5%8F%A3%E7%BB%B7%E5%8B%BE%E5%95%86%E8%B4%B8%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 19:52:38 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 440ms
438ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=779350345&si=749a867ae77418caf4ad7751cc318a62&v=1.2.94&lv=1&sn=18863&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.noickjr.com%2F&tt=%E5%91%A8%E5%8F%A3%E7%BB%B7%E5%8B%BE%E5%95%86%E8%B4%B8%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 19:52:38 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 111.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame E62C 87 KB
31 KB 363ms
362ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/111.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: f9dea21b477e41ade4a28860d20976acf5483af251aa9d4deb66eba6bd426d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Fri, 10 Jun 2022 14:59:43 GMT
server: nginx
etag: W/"62a35c5f-15bdc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 style.css
tg006.i8p80lev.com/template/@mitaoxz_1//css/ Frame E62C 38 KB
10 KB 723ms
721ms Stylesheet
text/css 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1//css/style.css
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: aa535a087e361c3e3c8f14f8a2927e4f80e35079baf8daa8c15840b73d1f4948

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 03:16:28 GMT
server: nginx
etag: W/"62427a0c-9651"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 LazyLoad.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame E62C 10 KB
3 KB 724ms
723ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/LazyLoad.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 807bb79306e6d8f7a9786eaff9ea37115dd6339cdc6659a441997fc6471dffb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:06 GMT
server: nginx
etag: W/"6242512e-261f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 clipboard.min.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame E62C 10 KB
3 KB 725ms
724ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/clipboard.min.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 6664f6292081457176d90f2b4157d9ffeb88e85ee1c75af39de4a347b1c98919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:18 GMT
server: nginx
etag: W/"6242513a-29a5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 shareNative_ec.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame E62C 6 KB
2 KB 725ms
725ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/shareNative_ec.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 8842d7bd1c377e15084fe597f756264773ce04bc03e47ff474244cb2a1ae7815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:22 GMT
server: nginx
etag: W/"6242513e-17d6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 qrcode.min.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame E62C 19 KB
7 KB 726ms
725ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/qrcode.min.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:28 GMT
server: nginx
etag: W/"62425144-4dd7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 jquery.qrcode.min.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame E62C 14 KB
5 KB 726ms
726ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/jquery.qrcode.min.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:36 GMT
server: nginx
etag: W/"6242514c-36ab"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 FileSaver.min.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame E62C 2 KB
1 KB 727ms
726ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/FileSaver.min.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 14f249b7c9c0fb12f8454ebf82cae203ca7cc4078b19ab68c938e576f40a19d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:42 GMT
server: nginx
etag: W/"62425152-98e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 home.js Show response
tg006.i8p80lev.com/static/js/ Frame E62C 37 KB
9 KB 727ms
727ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/static/js/home.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 06:28:32 GMT
server: nginx
etag: W/"61249190-95a5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H/1.1 200
OK 0bb2e1557e2749a2ae443b3144b10ae4.gif
u0064.com/ Frame E62C 261 KB
261 KB 2115ms
297ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0064.com/0bb2e1557e2749a2ae443b3144b10ae4.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 0b3c459e0e147103f8ddf00ac058d6bce8b42ca7aa06006f2b412bf840a4ac96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:42 GMT
x-oss-request-id: 62A8E70A0E14E43030D858A7
Last-Modified: Sun, 29 May 2022 12:06:44 GMT
Server: AliyunOSS
Content-MD5: V06q2He2YJcABWZEQiwatA==
ETag: "574EAAD877B6609700056644422C1AB4"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3295716594252235150
Content-Length: 267005
x-oss-server-time: 1

GET
H/1.1 200
OK 3edd2e024d3a4df898a1f8ea6d509668.gif
n0355.com/ Frame E62C 818 KB
818 KB 2523ms
191ms Image
image/gif 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0355.com/3edd2e024d3a4df898a1f8ea6d509668.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d9429598b058a2ab2cd6176f123b304f3275d9e91d558a382c05c6c53da1da71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:43 GMT
x-oss-request-id: 62A8E70BEDBE26721427ED94
Last-Modified: Sun, 15 May 2022 16:03:00 GMT
Server: AliyunOSS
Content-MD5: Ai30YsWSJf6yoN2Yzp/XoQ==
ETag: "022DF462C59225FEB2A0DD98CE9FD7A1"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 9124519372634757098
Content-Length: 837142
x-oss-server-time: 1

GET
H/1.1 200
OK 1774d8dcd8614d7494bc1ce7ab244f05.gif
u0057.com/ Frame E62C 292 KB
293 KB 2487ms
281ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0057.com/1774d8dcd8614d7494bc1ce7ab244f05.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 74a263c02b3163c6f9352e1725567ddf470e1dbe74048c5f2d39a1c74ef16213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:43 GMT
x-oss-request-id: 62A8E70BF27FBE3434FE6AD7
Last-Modified: Wed, 30 Mar 2022 07:57:36 GMT
Server: AliyunOSS
Content-MD5: lN/ibW0UXCH1nAKJ6O9saA==
ETag: "94DFE26D6D145C21F59C0289E8EF6C68"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 14486142499861843651
Content-Length: 299413
x-oss-server-time: 1

GET
H/1.1 200
OK ec8ceeaf1f6b444f9fca88cb2e8a2cc0.gif
29873398.com/ Frame E62C 423 KB
241 KB 2136ms
448ms Image
image/gif 20.239.177.209
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://29873398.com/ec8ceeaf1f6b444f9fca88cb2e8a2cc0.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.177.209 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 6f5f34ff6d19a3cbe65f139c78194cbccda07fbb05ac2c3a036e18aed00f4721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 19:52:42 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 12:07:30 GMT
Server: WAF/2.4-12.1
ETag: W/"62936202-69b6f"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 19ddcf9255e142b7acc6bba0cd812351.gif
28758891.com/ Frame E62C 405 KB
173 KB 2606ms
661ms Image
image/gif 20.239.178.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://28758891.com/19ddcf9255e142b7acc6bba0cd812351.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.178.148 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: df309eee357692ba25343a2df4c3b4990ebca664fd9311f873612ce01c7ac429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:42 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 12:08:04 GMT
server: WAF/2.4-12.1
etag: W/"62936224-655c5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/gif

GET
H/1.1 200
OK 3557853be0c64decb33ae5e4f2cb6217.gif
n0399.com/ Frame E62C 290 KB
291 KB 2278ms
190ms Image
image/gif 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0399.com/3557853be0c64decb33ae5e4f2cb6217.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 3a9dc223b563b33b84cb6492b3c35d03db2153924ae23f0ed9b4a76b69fa4bf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:42 GMT
x-oss-request-id: 62A8E70AEDBE26721427ED28
Last-Modified: Sun, 29 May 2022 13:39:10 GMT
Server: AliyunOSS
Content-MD5: 5jcov9d0fswKJb/bK4UTZQ==
ETag: "E63728BFD7747ECC0A25BFDB2B851365"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 10713480351589070444
Content-Length: 297356
x-oss-server-time: 1

GET
H2 200 7ca139f514df9a43ad4a01d9d821ca98.gif
pic.rmb.bdstatic.com/bjh/ Frame E62C 756 KB
757 KB 1894ms
48ms Image
image/gif 185.10.104.115
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/7ca139f514df9a43ad4a01d9d821ca98.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: d196c2a94e19aa4d42d9693522a7d6312489fd7c27f3048033f2c9b01b45c47a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ohc-file-size: 774247
date: Tue, 14 Jun 2022 19:52:42 GMT
content-md5: fKE59RTfmkOtSgHZ2CHKmA==
age: 2023598
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 774247
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [2]
last-modified: Mon, 07 Mar 2022 17:39:53 GMT
server: JSP3/2.0.14
etag: "7ca139f514df9a43ad4a01d9d821ca98"
x-bce-request-id: d1e4d981-67e9-4a08-a7c9-782e6b9b4e1f
content-type: image/gif
x-bce-debug-id: OGPpxgS0I0AqaToSy+fhnrOAuhWX0kT5WhFJ1zsCCpLzZzNiKg81JQECG5WpFNITymwdQJ9ErsPSYlmonCpn0A==
accept-ranges: bytes
x-bce-content-crc32: 2094010609
expires: Wed, 25 May 2022 04:54:27 GMT

GET
H2 200 Rai6kVZRbQ.gif
image.qkf7jq3b.space/ch1/ Frame E62C 338 KB
339 KB 153ms
45ms Image
image/gif 2606:4700:3036::ac43:8289
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.qkf7jq3b.space/ch1/Rai6kVZRbQ.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8289 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b17a169320e6f3b3de70b334d7ff9345326b15a6e817e8e7ff6dd17d4b998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
access-control-allow-methods: GET,POST,DELETE
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2717
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 346240
last-modified: Sat, 15 Jan 2022 03:10:28 GMT
server: cloudflare
etag: "61e23b24-54880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SY1L6o%2B6GePcdQCWJ5%2BZH1Q%2BQwr4qaKWYyj%2BkBcjJDnViG%2FEfH%2B1WS22Q8VbHTcAG7nuVM%2BFHWlU3fBgtqaPjk3ZSv6lTLBGe8%2FKxrthuGJ%2BIru9RX8PspqwoxS1DHsmATr%2BOsUPj8D9L6g6oX1lUuifxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=432000
access-control-allow-header: Content-Type,*
accept-ranges: bytes
cf-ray: 71b59b97495d9b7d-FRA

GET
H2 200 mitao.d
cdn.jsdelivr.net/gh/te89899/vips@main/ Frame E62C 285 KB
286 KB 187ms
87ms Image
application/octet-stream 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/te89899/vips@main/mitao.d

Requested by

Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78b40995f101bfaa55c0f70e2ab3d988aa8d63bf7581fd6aa45a2123ce847772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18830
x-jsd-version: main
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 291712
x-served-by: cache-fra19130-FRA, cache-cdg20743-CDG
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"47380-WHd3zqQXAXG0+9XGVCq8MLFmF/M"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tiu5Cp2AaEOq4IzzZFZqfSwJ2D%2BC3TMFkmnFYNFyULpGApcy7RQbJnNZny1H2P9%2B7zDizCkx3ju0Q5hjuKa0uFze%2BuaXn4HN9zZ3SV14KCFlAjy51Stf5SqIgrKmYHq5WWIsBq9ZtQPFh1lrseo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 71b59b9739289293-FRA

GET
H2 200 tianxia3.b
cdn.jsdelivr.net/gh/te89899/vips@main/ Frame E62C 1 MB
1 MB 147ms
48ms Image
application/octet-stream 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/te89899/vips@main/tianxia3.b

Requested by

Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef2fe2f602a7de59759399ed6e193215d4b1b941e8a09f0b16120b2434e0351e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 33608
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1283322
x-served-by: cache-fra19147-FRA, cache-hhn4023-HHN
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"1394fa-AUaLaTTgy98Ndo3OuVluY7j3s9o"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HelxNQ8XrrwON%2FRhhCqRsVTpxKnK%2BH8nyMrBKcEvqNjaJ1aUnRFgTrIcpWVKKWi%2BTKRtO8fmJ4UGg9wotHbA3TIQa3nkAq9S%2BSvEmoyL5oJodk50Fg%2B%2BnIcyOpw4ByPx0gHICC%2BSzZzLhrgtvsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 71b59b9739299293-FRA

GET
H2 200 defaec6ae6a7f5084b25d525a2a72fdb.gif
pic.rmb.bdstatic.com/bjh/ Frame E62C 84 KB
84 KB 1992ms
242ms Image
image/gif 185.10.104.115
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/defaec6ae6a7f5084b25d525a2a72fdb.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 11b1a7c3a7bdf41f22ca188b7c42e297c079796ae09a878c50712fb92d8f5346

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ohc-file-size: 85514
date: Tue, 14 Jun 2022 19:52:42 GMT
content-md5: 3vrsauan9QhLJdUloqcv2w==
age: 402578
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 85514
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache98 [2], suzix98 [1]
last-modified: Wed, 30 Mar 2022 10:49:26 GMT
server: JSP3/2.0.14
etag: "defaec6ae6a7f5084b25d525a2a72fdb"
x-bce-request-id: e78ae561-f7ad-453a-9396-ca8e7c487d0a
content-type: image/gif
x-bce-debug-id: gN5FwzKVHkf1w/jwKx4Am4ELI3xdnzl9W0ewuwgcZ5TjrVjOe9TJA7Q/QD7ZFgikFC+e2nWyUmIVi3ymLYs/oA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1127968300
expires: Wed, 01 Jun 2022 10:49:29 GMT

GET
H/1.1 200
OK e84a5f96afb9477789099597bc818e45.gif
u0062.com/ Frame E62C 284 KB
284 KB 2497ms
282ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0062.com/e84a5f96afb9477789099597bc818e45.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: e98f3a4cc094ac745db07606c19479eb107a6086379a0fe89f548cd946e48992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:43 GMT
x-oss-request-id: 62A8E70B8A23F7353034B3A5
Last-Modified: Sun, 29 May 2022 13:35:19 GMT
Server: AliyunOSS
Content-MD5: WIB3mwX0QtL2zVkJ8yI9bA==
ETag: "5880779B05F442D2F6CD5909F3223D6C"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8986337657064707261
Content-Length: 290505
x-oss-server-time: 2

GET
H2 200 uWNByr3QSq.gif
image.qkf7jq3b.space/ch1/ Frame E62C 255 KB
256 KB 95ms
85ms Image
image/gif 2606:4700:3036::ac43:8289
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.qkf7jq3b.space/ch1/uWNByr3QSq.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8289 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ad08c1cf5eff391116433ffdd657d5ab43b7fdfc9be9b5fc51cb063a0572e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
access-control-allow-methods: GET,POST,DELETE
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6726
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 261377
last-modified: Sat, 15 Jan 2022 03:18:26 GMT
server: cloudflare
etag: "61e23d02-3fd01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15p%2BNrZ39UyG4Wy763%2FnS9d%2BilclHw568TFAgkOlPRebkWVLIgbEfpA%2FfNdspHxK6RYch%2FvbC6rMo7U%2FOZE%2BwISmwqlVLeoCvK3N21YUugJrITc2e7raGh%2FrO9DiJD4TV0tBB7fnFvaSJAGM%2FmdTa6fKvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=432000
access-control-allow-header: Content-Type,*
accept-ranges: bytes
cf-ray: 71b59b97495f9b7d-FRA

GET
H2 200 1S3MpS84aL.gif
image.kkoc5eg1.space/ch1/ Frame E62C 170 KB
171 KB 678ms
572ms Image
image/gif 2606:4700:3037::ac43:95e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.kkoc5eg1.space/ch1/1S3MpS84aL.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:95e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea329d84c71430a166f5acd99969479902ba3faf3c56ce527789262cd9c2992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
access-control-allow-methods: GET,POST,DELETE
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 174331
last-modified: Sat, 15 Jan 2022 03:13:36 GMT
server: cloudflare
etag: "61e23be0-2a8fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrBCwUOs5qBK7I8LbyMsVmuN5fO3L9Lj%2BuJg7d3KYLx5O2YG66wcQoI8ptwToDsv8MS2llCPUn6EHz8uUn%2BuDwY926d26cu%2FtpYyEe8t6Yztzv4x6pYM518uwtVgN88N5upV5Knwprs2q9v6Iwc3So8u%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-header: Content-Type,*
accept-ranges: bytes
cf-ray: 71b59b97ef979049-FRA

GET
H2 200 3.png
siwazywcdn2.com/cvguochanzipai/FVue7xQH/ Frame E62C 402 KB
403 KB 382ms
38ms Image
image/png 185.38.15.39
YISP-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siwazywcdn2.com:5278/cvguochanzipai/FVue7xQH/3.png
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.38.15.39 , Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: cacec0a97d3ffd87ad22b1a75bdb8beab49cb26d59f18818dbc8750b073998a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
last-modified: Mon, 28 Feb 2022 11:20:47 GMT
server: nginx
etag: "621cb00f-64967"
x-cache-status: HIT, HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 412007

GET
H2 200 a0.png
siwazywcdn2.com/cvguochanzipai/Wg5nQ47R/ Frame E62C 384 KB
385 KB 458ms
114ms Image
image/png 185.38.15.39
YISP-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siwazywcdn2.com:5278/cvguochanzipai/Wg5nQ47R/a0.png
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.38.15.39 , Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0639b083ebdeab29791cb0475628bba09867ee1ac88190eaf8f78c910a1b88e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
last-modified: Tue, 22 Feb 2022 08:54:53 GMT
server: nginx
etag: "6214a4dd-600ad"
x-cache-status: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 393389

GET
H2 200 loading.gif
tg006.i8p80lev.com/template/@mitaoxz_1/images/ Frame E62C 3 KB
3 KB 363ms
358ms Image
image/gif 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/images/loading.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 3b523d332424ad3c899d5dceb70ac224bb55f9973b49361ba5b8656b56fb2200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
last-modified: Tue, 29 Mar 2022 01:38:02 GMT
server: nginx
etag: "624262fa-b0b"
content-type: image/gif
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
accept-ranges: bytes
content-length: 2827
x-proxy-cache: HIT

GET
H2 200 1647261668.gif
ad.xmmnsl.com/uploads/images/ Frame E62C 423 KB
424 KB 143ms
50ms Image
image/gif 194.53.53.250
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.xmmnsl.com/uploads/images/1647261668.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.53.53.250 Moscow Oblast, Russian Federation, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f667bfc6db2bc234f3e23a7e399a5801bf7467432f0b246bb0432f03c0c3c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Mar 2022 12:41:08 GMT
server: cloudflare
age: 4294
etag: W/"622f37e4-69baf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ei9uIzsx3%2FVulDhIVsTqplxR8mU%2F3SXfJi0Q7aKoNMvToQp7lvZSpBfI1NsvoWjrYFLvmWWiWDW9QnNu2qgTpXRWLiyBJv%2FDJT3TA5wKZssO7coWVfOHj3k%2FOf0aK1ni"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71b59b97ddd69b33-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 111.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame 9926 87 KB
31 KB 718ms
717ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/111.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: f9dea21b477e41ade4a28860d20976acf5483af251aa9d4deb66eba6bd426d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Fri, 10 Jun 2022 14:59:43 GMT
server: nginx
etag: W/"62a35c5f-15bdc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 style.css
tg006.i8p80lev.com/template/@mitaoxz_1//css/ Frame 9926 38 KB
10 KB 719ms
718ms Stylesheet
text/css 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1//css/style.css
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: aa535a087e361c3e3c8f14f8a2927e4f80e35079baf8daa8c15840b73d1f4948

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 03:16:28 GMT
server: nginx
etag: W/"62427a0c-9651"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 LazyLoad.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame 9926 10 KB
3 KB 719ms
718ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/LazyLoad.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 807bb79306e6d8f7a9786eaff9ea37115dd6339cdc6659a441997fc6471dffb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:06 GMT
server: nginx
etag: W/"6242512e-261f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 clipboard.min.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame 9926 10 KB
3 KB 720ms
718ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/clipboard.min.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 6664f6292081457176d90f2b4157d9ffeb88e85ee1c75af39de4a347b1c98919

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:18 GMT
server: nginx
etag: W/"6242513a-29a5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 shareNative_ec.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame 9926 6 KB
2 KB 720ms
719ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/shareNative_ec.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 8842d7bd1c377e15084fe597f756264773ce04bc03e47ff474244cb2a1ae7815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:22 GMT
server: nginx
etag: W/"6242513e-17d6"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 qrcode.min.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame 9926 19 KB
7 KB 721ms
720ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/qrcode.min.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:28 GMT
server: nginx
etag: W/"62425144-4dd7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 jquery.qrcode.min.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame 9926 14 KB
5 KB 721ms
720ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/jquery.qrcode.min.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:36 GMT
server: nginx
etag: W/"6242514c-36ab"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 FileSaver.min.js Show response
tg006.i8p80lev.com/template/@mitaoxz_1/js/ Frame 9926 2 KB
1 KB 721ms
721ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/js/FileSaver.min.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 14f249b7c9c0fb12f8454ebf82cae203ca7cc4078b19ab68c938e576f40a19d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 00:22:42 GMT
server: nginx
etag: W/"62425152-98e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H2 200 home.js Show response
tg006.i8p80lev.com/static/js/ Frame 9926 37 KB
9 KB 722ms
722ms Script
application/javascript 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://tg006.i8p80lev.com:14168/static/js/home.js
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:40 GMT
content-encoding: gzip
last-modified: Tue, 24 Aug 2021 06:28:32 GMT
server: nginx
etag: W/"61249190-95a5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
expires: Tue, 14 Jun 2022 22:52:40 GMT
cache-control: max-age=10800
x-proxy-cache: HIT

GET
H/1.1 200
OK 0bb2e1557e2749a2ae443b3144b10ae4.gif
u0064.com/ Frame 9926 261 KB
261 KB 1803ms
304ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0064.com/0bb2e1557e2749a2ae443b3144b10ae4.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 0b3c459e0e147103f8ddf00ac058d6bce8b42ca7aa06006f2b412bf840a4ac96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:42 GMT
x-oss-request-id: 62A8E70AD0409B3430AA6179
Last-Modified: Sun, 29 May 2022 12:06:44 GMT
Server: AliyunOSS
Content-MD5: V06q2He2YJcABWZEQiwatA==
ETag: "574EAAD877B6609700056644422C1AB4"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3295716594252235150
Content-Length: 267005
x-oss-server-time: 2

GET
H/1.1 200
OK 3edd2e024d3a4df898a1f8ea6d509668.gif
n0355.com/ Frame 9926 818 KB
818 KB 2196ms
201ms Image
image/gif 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0355.com/3edd2e024d3a4df898a1f8ea6d509668.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d9429598b058a2ab2cd6176f123b304f3275d9e91d558a382c05c6c53da1da71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:43 GMT
x-oss-request-id: 62A8E70B114ABC683B889D6D
Last-Modified: Sun, 15 May 2022 16:03:00 GMT
Server: AliyunOSS
Content-MD5: Ai30YsWSJf6yoN2Yzp/XoQ==
ETag: "022DF462C59225FEB2A0DD98CE9FD7A1"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 9124519372634757098
Content-Length: 837142
x-oss-server-time: 1

GET
H/1.1 200
OK 1774d8dcd8614d7494bc1ce7ab244f05.gif
u0057.com/ Frame 9926 292 KB
293 KB 2165ms
285ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0057.com/1774d8dcd8614d7494bc1ce7ab244f05.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 74a263c02b3163c6f9352e1725567ddf470e1dbe74048c5f2d39a1c74ef16213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:43 GMT
x-oss-request-id: 62A8E70BD0409B37341B6379
Last-Modified: Wed, 30 Mar 2022 07:57:36 GMT
Server: AliyunOSS
Content-MD5: lN/ibW0UXCH1nAKJ6O9saA==
ETag: "94DFE26D6D145C21F59C0289E8EF6C68"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 14486142499861843651
Content-Length: 299413
x-oss-server-time: 1

GET
H/1.1 200
OK ec8ceeaf1f6b444f9fca88cb2e8a2cc0.gif
29873398.com/ Frame 9926 423 KB
241 KB 1801ms
447ms Image
image/gif 20.239.177.209
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://29873398.com/ec8ceeaf1f6b444f9fca88cb2e8a2cc0.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.177.209 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 6f5f34ff6d19a3cbe65f139c78194cbccda07fbb05ac2c3a036e18aed00f4721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 19:52:42 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 12:07:30 GMT
Server: WAF/2.4-12.1
ETag: W/"62936202-69b6f"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 19ddcf9255e142b7acc6bba0cd812351.gif
28758891.com/ Frame 9926 405 KB
173 KB 2273ms
661ms Image
image/gif 20.239.178.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://28758891.com/19ddcf9255e142b7acc6bba0cd812351.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.178.148 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: df309eee357692ba25343a2df4c3b4990ebca664fd9311f873612ce01c7ac429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:42 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 12:08:04 GMT
server: WAF/2.4-12.1
etag: W/"62936224-655c5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/gif

GET
H/1.1 200
OK 3557853be0c64decb33ae5e4f2cb6217.gif
n0399.com/ Frame 9926 290 KB
291 KB 1950ms
196ms Image
image/gif 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0399.com/3557853be0c64decb33ae5e4f2cb6217.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 3a9dc223b563b33b84cb6492b3c35d03db2153924ae23f0ed9b4a76b69fa4bf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:42 GMT
x-oss-request-id: 62A8E70A9BA4CD3A1256FB17
Last-Modified: Sun, 29 May 2022 13:39:10 GMT
Server: AliyunOSS
Content-MD5: 5jcov9d0fswKJb/bK4UTZQ==
ETag: "E63728BFD7747ECC0A25BFDB2B851365"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 10713480351589070444
Content-Length: 297356
x-oss-server-time: 1

GET
H2 200 7ca139f514df9a43ad4a01d9d821ca98.gif
pic.rmb.bdstatic.com/bjh/ Frame 9926 756 KB
757 KB 1721ms
207ms Image
image/gif 185.10.104.115
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/7ca139f514df9a43ad4a01d9d821ca98.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: d196c2a94e19aa4d42d9693522a7d6312489fd7c27f3048033f2c9b01b45c47a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ohc-file-size: 774247
date: Tue, 14 Jun 2022 19:52:42 GMT
content-md5: fKE59RTfmkOtSgHZ2CHKmA==
age: 2023598
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 774247
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [2]
last-modified: Mon, 07 Mar 2022 17:39:53 GMT
server: JSP3/2.0.14
etag: "7ca139f514df9a43ad4a01d9d821ca98"
x-bce-request-id: d1e4d981-67e9-4a08-a7c9-782e6b9b4e1f
content-type: image/gif
x-bce-debug-id: OGPpxgS0I0AqaToSy+fhnrOAuhWX0kT5WhFJ1zsCCpLzZzNiKg81JQECG5WpFNITymwdQJ9ErsPSYlmonCpn0A==
accept-ranges: bytes
x-bce-content-crc32: 2094010609
expires: Wed, 25 May 2022 04:54:27 GMT

GET
H3 200 Rai6kVZRbQ.gif
image.qkf7jq3b.space/ch1/ Frame 9926 338 KB
339 KB 136ms
50ms Image
image/gif 2606:4700:3036::ac43:8289
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.qkf7jq3b.space/ch1/Rai6kVZRbQ.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8289 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed5b17a169320e6f3b3de70b334d7ff9345326b15a6e817e8e7ff6dd17d4b998

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
access-control-allow-methods: GET,POST,DELETE
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2718
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 346240
last-modified: Sat, 15 Jan 2022 03:10:28 GMT
server: cloudflare
etag: "61e23b24-54880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUk%2BqdhBOFZJybN0wyrhnSt8f69GSGqijTEaxvcuZQ4coixqvoGJmRocDD4OwsOBHcsTDv%2BdJFX%2FnBLxWPAMev%2F1kqYTGl8V2ouaYyTQSd0t6a1KeVl7cEAt2OdHTgdo2%2BP%2FpVoStDcdc08BPkiED9Q1Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=432000
access-control-allow-header: Content-Type,*
accept-ranges: bytes
cf-ray: 71b59b993fe190bb-FRA

GET
H3 200 mitao.d
cdn.jsdelivr.net/gh/te89899/vips@main/ Frame 9926 285 KB
286 KB 142ms
96ms Image
application/octet-stream 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/te89899/vips@main/mitao.d

Requested by

Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78b40995f101bfaa55c0f70e2ab3d988aa8d63bf7581fd6aa45a2123ce847772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 279
x-jsd-version: main
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 291712
x-served-by: cache-fra19140-FRA, cache-itm18845-ITM
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"47380-WHd3zqQXAXG0+9XGVCq8MLFmF/M"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rzZ4NSDX2lCxWvEs0zFfggsTnbx60wGintEDEzkibbPCctXP%2FxSa8xktLSjX%2FKTTHTmfbvwT3Nbtf%2BsQ%2F9nI0V%2BIKpEKliGU5gI9pmdfF27tc%2B7axA8UMmQyGLrDgNdlHRYhErKZO0ew9UUWDo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 71b59b98fabc5c56-FRA

GET
H3 200 tianxia3.b
cdn.jsdelivr.net/gh/te89899/vips@main/ Frame 9926 1 MB
1 MB 104ms
58ms Image
application/octet-stream 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/te89899/vips@main/tianxia3.b

Requested by

Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef2fe2f602a7de59759399ed6e193215d4b1b941e8a09f0b16120b2434e0351e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 23317
x-jsd-version: main
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1283322
x-served-by: cache-fra19147-FRA, cache-hhn4022-HHN
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"1394fa-AUaLaTTgy98Ndo3OuVluY7j3s9o"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GA4%2Btv1loa%2Fs5luKeoSI0U98dm2JjrRnOfULFvMmu41rsLEhPiqGYtYwHmYjuEbNpgt13gUaGiz0v%2F0hUiuZ9CqU8zpSwJ5Knq%2BuuJsuInMUVZFsf0CKr%2Fux5W74gH3IqNxpDKiQmdPTEQSFc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 71b59b98fab55c56-FRA

GET
H2 200 defaec6ae6a7f5084b25d525a2a72fdb.gif
pic.rmb.bdstatic.com/bjh/ Frame 9926 84 KB
84 KB 1758ms
245ms Image
image/gif 185.10.104.115
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/defaec6ae6a7f5084b25d525a2a72fdb.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 11b1a7c3a7bdf41f22ca188b7c42e297c079796ae09a878c50712fb92d8f5346

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

ohc-file-size: 85514
date: Tue, 14 Jun 2022 19:52:42 GMT
content-md5: 3vrsauan9QhLJdUloqcv2w==
age: 402578
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 85514
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [2], zhuzuncache98 [2], suzix98 [1]
last-modified: Wed, 30 Mar 2022 10:49:26 GMT
server: JSP3/2.0.14
etag: "defaec6ae6a7f5084b25d525a2a72fdb"
x-bce-request-id: e78ae561-f7ad-453a-9396-ca8e7c487d0a
content-type: image/gif
x-bce-debug-id: gN5FwzKVHkf1w/jwKx4Am4ELI3xdnzl9W0ewuwgcZ5TjrVjOe9TJA7Q/QD7ZFgikFC+e2nWyUmIVi3ymLYs/oA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1127968300
expires: Wed, 01 Jun 2022 10:49:29 GMT

GET
H/1.1 200
OK e84a5f96afb9477789099597bc818e45.gif
u0062.com/ Frame 9926 284 KB
284 KB 2320ms
298ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0062.com/e84a5f96afb9477789099597bc818e45.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: e98f3a4cc094ac745db07606c19479eb107a6086379a0fe89f548cd946e48992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:43 GMT
x-oss-request-id: 62A8E70B9DB5783633110F36
Last-Modified: Sun, 29 May 2022 13:35:19 GMT
Server: AliyunOSS
Content-MD5: WIB3mwX0QtL2zVkJ8yI9bA==
ETag: "5880779B05F442D2F6CD5909F3223D6C"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8986337657064707261
Content-Length: 290505
x-oss-server-time: 1

GET
H3 200 uWNByr3QSq.gif
image.qkf7jq3b.space/ch1/ Frame 9926 255 KB
256 KB 212ms
126ms Image
image/gif 2606:4700:3036::ac43:8289
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.qkf7jq3b.space/ch1/uWNByr3QSq.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:8289 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67ad08c1cf5eff391116433ffdd657d5ab43b7fdfc9be9b5fc51cb063a0572e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
access-control-allow-methods: GET,POST,DELETE
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6727
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 261377
last-modified: Sat, 15 Jan 2022 03:18:26 GMT
server: cloudflare
etag: "61e23d02-3fd01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWKthh8Rv7EPPluobAha3LXkEZta%2BVVZ5yNOHlmxFCHD4q5Nfwvr%2FDiDz6LlIBXOjucGH56VFRLi1XdfhJ%2FQ5mUjXOEAevGiO19A8HnJX7zVn8NNzJON9qWPwxtU5C2Ff5rrMHQccZBalCEz0P8iU%2BXe9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=432000
access-control-allow-header: Content-Type,*
accept-ranges: bytes
cf-ray: 71b59b993fe090bb-FRA

GET
H2 200 1S3MpS84aL.gif
image.kkoc5eg1.space/ch1/ Frame 9926 170 KB
171 KB 554ms
550ms Image
image/gif 2606:4700:3037::ac43:95e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.kkoc5eg1.space/ch1/1S3MpS84aL.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:95e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea329d84c71430a166f5acd99969479902ba3faf3c56ce527789262cd9c2992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
access-control-allow-methods: GET,POST,DELETE
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 174331
last-modified: Sat, 15 Jan 2022 03:13:36 GMT
server: cloudflare
etag: "61e23be0-2a8fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWnyyD7IaezPPkTUEicV79oGTXz3irmks01ZYHT4vsC6PgclPG%2BqE%2FeQ2w3TOzI5xoWtgpEpQ%2FVEb0m2vDHiArKQO6fx4oxsLAuLUBCs7fsbKpZYitJYEbHeO%2FefkYimu%2BRqJSMkNLst4aj2qmotNetIiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-header: Content-Type,*
accept-ranges: bytes
cf-ray: 71b59b98b8fd9049-FRA

GET
H2 200 3.png
siwazywcdn2.com/cvguochanzipai/FVue7xQH/ Frame 9926 402 KB
403 KB 221ms
115ms Image
image/png 185.38.15.39
YISP-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siwazywcdn2.com:5278/cvguochanzipai/FVue7xQH/3.png
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.38.15.39 , Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: cacec0a97d3ffd87ad22b1a75bdb8beab49cb26d59f18818dbc8750b073998a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
last-modified: Mon, 28 Feb 2022 11:20:47 GMT
server: nginx
etag: "621cb00f-64967"
x-cache-status: HIT, HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 412007

GET
H2 200 a0.png
siwazywcdn2.com/cvguochanzipai/Wg5nQ47R/ Frame 9926 384 KB
385 KB 194ms
115ms Image
image/png 185.38.15.39
YISP-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://siwazywcdn2.com:5278/cvguochanzipai/Wg5nQ47R/a0.png
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.38.15.39 , Netherlands, ASN58073 (YISP-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0639b083ebdeab29791cb0475628bba09867ee1ac88190eaf8f78c910a1b88e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
last-modified: Tue, 22 Feb 2022 08:54:53 GMT
server: nginx
etag: "6214a4dd-600ad"
x-cache-status: HIT, HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15768000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 393389

GET
H2 200 loading.gif
tg006.i8p80lev.com/template/@mitaoxz_1/images/ Frame 9926 3 KB
3 KB 361ms
358ms Image
image/gif 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/images/loading.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 3b523d332424ad3c899d5dceb70ac224bb55f9973b49361ba5b8656b56fb2200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
last-modified: Tue, 29 Mar 2022 01:38:02 GMT
server: nginx
etag: "624262fa-b0b"
content-type: image/gif
expires: Tue, 14 Jun 2022 22:52:41 GMT
cache-control: max-age=10800
accept-ranges: bytes
content-length: 2827
x-proxy-cache: HIT

GET
H3 200 1647261668.gif
ad.xmmnsl.com/uploads/images/ Frame 9926 423 KB
424 KB 170ms
168ms Image
image/gif 194.53.53.250
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.xmmnsl.com/uploads/images/1647261668.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.53.53.250 Moscow Oblast, Russian Federation, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f667bfc6db2bc234f3e23a7e399a5801bf7467432f0b246bb0432f03c0c3c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Mar 2022 12:41:08 GMT
server: cloudflare
age: 3746
etag: W/"622f37e4-69baf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOXvxt%2BGw2oFndbf8B6O1wVj10Pqiv2MZsBNpkYJw2Kh2ZwP%2FiV%2BXjew1yTWRHdNPFNm4tr6ueua6xYKcRaCLA0A0quFO4GBwVefM%2F%2BRm62okWImIoHObeM9pP41tIFS"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71b59b98bdfa929b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK 0bb2e1557e2749a2ae443b3144b10ae4.gif
u0064.com/ Frame E62C 261 KB
261 KB 1956ms
282ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0064.com/0bb2e1557e2749a2ae443b3144b10ae4.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 0b3c459e0e147103f8ddf00ac058d6bce8b42ca7aa06006f2b412bf840a4ac96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:42 GMT
x-oss-request-id: 62A8E70AE46B163935B96EF5
Last-Modified: Sun, 29 May 2022 12:06:44 GMT
Server: AliyunOSS
Content-MD5: V06q2He2YJcABWZEQiwatA==
ETag: "574EAAD877B6609700056644422C1AB4"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3295716594252235150
Content-Length: 267005
x-oss-server-time: 1

GET
H/1.1 200
OK 3edd2e024d3a4df898a1f8ea6d509668.gif
n0355.com/ Frame E62C 818 KB
818 KB 2419ms
193ms Image
image/gif 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0355.com/3edd2e024d3a4df898a1f8ea6d509668.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d9429598b058a2ab2cd6176f123b304f3275d9e91d558a382c05c6c53da1da71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:43 GMT
x-oss-request-id: 62A8E70B275E05510B417F1E
Last-Modified: Sun, 15 May 2022 16:03:00 GMT
Server: AliyunOSS
Content-MD5: Ai30YsWSJf6yoN2Yzp/XoQ==
ETag: "022DF462C59225FEB2A0DD98CE9FD7A1"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 9124519372634757098
Content-Length: 837142
x-oss-server-time: 1

GET
H/1.1 200
OK 1774d8dcd8614d7494bc1ce7ab244f05.gif
u0057.com/ Frame E62C 292 KB
293 KB 2375ms
278ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0057.com/1774d8dcd8614d7494bc1ce7ab244f05.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 74a263c02b3163c6f9352e1725567ddf470e1dbe74048c5f2d39a1c74ef16213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:43 GMT
x-oss-request-id: 62A8E70B7E084E3830F7D201
Last-Modified: Wed, 30 Mar 2022 07:57:36 GMT
Server: AliyunOSS
Content-MD5: lN/ibW0UXCH1nAKJ6O9saA==
ETag: "94DFE26D6D145C21F59C0289E8EF6C68"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 14486142499861843651
Content-Length: 299413
x-oss-server-time: 1

GET
H/1.1 200
OK ec8ceeaf1f6b444f9fca88cb2e8a2cc0.gif
29873398.com/ Frame E62C 423 KB
241 KB 2029ms
441ms Image
image/gif 20.239.177.209
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://29873398.com/ec8ceeaf1f6b444f9fca88cb2e8a2cc0.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.177.209 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 6f5f34ff6d19a3cbe65f139c78194cbccda07fbb05ac2c3a036e18aed00f4721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 19:52:42 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 12:07:30 GMT
Server: WAF/2.4-12.1
ETag: W/"62936202-69b6f"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 19ddcf9255e142b7acc6bba0cd812351.gif
28758891.com/ Frame E62C 405 KB
173 KB 2286ms
439ms Image
image/gif 20.239.178.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://28758891.com/19ddcf9255e142b7acc6bba0cd812351.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.178.148 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: df309eee357692ba25343a2df4c3b4990ebca664fd9311f873612ce01c7ac429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:42 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 12:08:04 GMT
server: WAF/2.4-12.1
etag: W/"62936224-655c5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/gif

GET
H/1.1 200
OK 3557853be0c64decb33ae5e4f2cb6217.gif
n0399.com/ Frame E62C 290 KB
291 KB 2191ms
201ms Image
image/gif 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0399.com/3557853be0c64decb33ae5e4f2cb6217.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 3a9dc223b563b33b84cb6492b3c35d03db2153924ae23f0ed9b4a76b69fa4bf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:42 GMT
x-oss-request-id: 62A8E70A678B8E3ED6052A2D
Last-Modified: Sun, 29 May 2022 13:39:10 GMT
Server: AliyunOSS
Content-MD5: 5jcov9d0fswKJb/bK4UTZQ==
ETag: "E63728BFD7747ECC0A25BFDB2B851365"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 10713480351589070444
Content-Length: 297356
x-oss-server-time: 2

GET
H2 200 1S3MpS84aL.gif
image.kkoc5eg1.space/ch1/ Frame E62C 170 KB
171 KB 576ms
575ms Image
image/gif 2606:4700:3037::ac43:95e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.kkoc5eg1.space/ch1/1S3MpS84aL.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:95e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea329d84c71430a166f5acd99969479902ba3faf3c56ce527789262cd9c2992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
access-control-allow-methods: GET,POST,DELETE
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 174331
last-modified: Sat, 15 Jan 2022 03:13:36 GMT
server: cloudflare
etag: "61e23be0-2a8fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NBO%2FjqTLoIl1gwOaOAbo2hcG2HwpqvhB79gOyScckgu%2BqrNk5ZIeiTkEZG3%2FBAoZox7tTuwdhdYxU9Hp6j4Oz%2BqWA0drhKdgUDIit6NTBZZZY7AfwS%2F4RmPQbdd4P%2F3h8qc9aA%2BZESPGgY0WP7zlTc4e6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-header: Content-Type,*
accept-ranges: bytes
cf-ray: 71b59b9858489049-FRA

GET
H2 200 loading.gif
tg006.i8p80lev.com/template/@mitaoxz_1/images/ Frame E62C 3 KB
3 KB 359ms
359ms Image
image/gif 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/images/loading.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 3b523d332424ad3c899d5dceb70ac224bb55f9973b49361ba5b8656b56fb2200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
last-modified: Tue, 29 Mar 2022 01:38:02 GMT
server: nginx
etag: "624262fa-b0b"
content-type: image/gif
expires: Tue, 14 Jun 2022 22:52:41 GMT
cache-control: max-age=10800
accept-ranges: bytes
content-length: 2827
x-proxy-cache: HIT

GET
H2 200 1647261668.gif
ad.xmmnsl.com/uploads/images/ Frame E62C 423 KB
424 KB 79ms
77ms Image
image/gif 194.53.53.250
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.xmmnsl.com/uploads/images/1647261668.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.53.53.250 Moscow Oblast, Russian Federation, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f667bfc6db2bc234f3e23a7e399a5801bf7467432f0b246bb0432f03c0c3c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Mar 2022 12:41:08 GMT
server: cloudflare
age: 4295
etag: W/"622f37e4-69baf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SXx3jV9OjZeIVXlbVbAaBd%2F6CG0Egk9NEc2C%2BuWMEySC9Ic1GdY9%2FOrSCqZkR0rOEz%2BowZZ2PmyhgMiF8lDlUes4DBkQUgW3E4XXfhdgzFezpTzHIMcmWMhXsfH8aA7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71b59b985f159b33-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame E62C 30 KB
11 KB 442ms
441ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?40a333c07b4ca0a969704da7ee8b3382

Requested by

Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

e9329401e7e8d5c206e003927676e3e4bb45cd344e82016bdbc7e51749ce35c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 19:52:41 GMT
Content-Encoding: gzip
Server: apache
Etag: ea98ee406b10976c2e2d9b28fcc78872
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11291

GET
DATA 200
OK truncated
/ Frame E62C 2 KB
2 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7cf180dc412c3c2f82c151b18a21f325630162bfc398102759ded60acb20184

Request headers

Referer
Origin: https://tg006.i8p80lev.com:14168
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=gb2312

GET
H/1.1 200
OK 0bb2e1557e2749a2ae443b3144b10ae4.gif
u0064.com/ Frame 9926 261 KB
261 KB 1709ms
289ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0064.com/0bb2e1557e2749a2ae443b3144b10ae4.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 0b3c459e0e147103f8ddf00ac058d6bce8b42ca7aa06006f2b412bf840a4ac96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:42 GMT
x-oss-request-id: 62A8E70A051F683132BD124A
Last-Modified: Sun, 29 May 2022 12:06:44 GMT
Server: AliyunOSS
Content-MD5: V06q2He2YJcABWZEQiwatA==
ETag: "574EAAD877B6609700056644422C1AB4"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3295716594252235150
Content-Length: 267005
x-oss-server-time: 1

GET
H/1.1 200
OK 3edd2e024d3a4df898a1f8ea6d509668.gif
n0355.com/ Frame 9926 818 KB
818 KB 2153ms
188ms Image
image/gif 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0355.com/3edd2e024d3a4df898a1f8ea6d509668.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d9429598b058a2ab2cd6176f123b304f3275d9e91d558a382c05c6c53da1da71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:43 GMT
x-oss-request-id: 62A8E70B678B8E3ED6052A8F
Last-Modified: Sun, 15 May 2022 16:03:00 GMT
Server: AliyunOSS
Content-MD5: Ai30YsWSJf6yoN2Yzp/XoQ==
ETag: "022DF462C59225FEB2A0DD98CE9FD7A1"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 9124519372634757098
Content-Length: 837142
x-oss-server-time: 2

GET
H/1.1 200
OK 1774d8dcd8614d7494bc1ce7ab244f05.gif
u0057.com/ Frame 9926 292 KB
293 KB 2123ms
281ms Image
image/gif 47.75.19.141
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u0057.com/1774d8dcd8614d7494bc1ce7ab244f05.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.141 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 74a263c02b3163c6f9352e1725567ddf470e1dbe74048c5f2d39a1c74ef16213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:43 GMT
x-oss-request-id: 62A8E70BDA8A793335CBE485
Last-Modified: Wed, 30 Mar 2022 07:57:36 GMT
Server: AliyunOSS
Content-MD5: lN/ibW0UXCH1nAKJ6O9saA==
ETag: "94DFE26D6D145C21F59C0289E8EF6C68"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 14486142499861843651
Content-Length: 299413
x-oss-server-time: 1

GET
H/1.1 200
OK ec8ceeaf1f6b444f9fca88cb2e8a2cc0.gif
29873398.com/ Frame 9926 423 KB
241 KB 1771ms
446ms Image
image/gif 20.239.177.209
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://29873398.com/ec8ceeaf1f6b444f9fca88cb2e8a2cc0.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.177.209 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 6f5f34ff6d19a3cbe65f139c78194cbccda07fbb05ac2c3a036e18aed00f4721

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 19:52:42 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 May 2022 12:07:30 GMT
Server: WAF/2.4-12.1
ETag: W/"62936202-69b6f"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 19ddcf9255e142b7acc6bba0cd812351.gif
28758891.com/ Frame 9926 405 KB
173 KB 2244ms
661ms Image
image/gif 20.239.178.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://28758891.com/19ddcf9255e142b7acc6bba0cd812351.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.178.148 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: df309eee357692ba25343a2df4c3b4990ebca664fd9311f873612ce01c7ac429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:42 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 12:08:04 GMT
server: WAF/2.4-12.1
etag: W/"62936224-655c5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/gif

GET
H/1.1 200
OK 3557853be0c64decb33ae5e4f2cb6217.gif
n0399.com/ Frame 9926 290 KB
291 KB 1922ms
196ms Image
image/gif 47.254.187.172
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0399.com/3557853be0c64decb33ae5e4f2cb6217.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.187.172 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 3a9dc223b563b33b84cb6492b3c35d03db2153924ae23f0ed9b4a76b69fa4bf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 14 Jun 2022 19:52:42 GMT
x-oss-request-id: 62A8E70A64BB2923CCCC72CD
Last-Modified: Sun, 29 May 2022 13:39:10 GMT
Server: AliyunOSS
Content-MD5: 5jcov9d0fswKJb/bK4UTZQ==
ETag: "E63728BFD7747ECC0A25BFDB2B851365"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 10713480351589070444
Content-Length: 297356
x-oss-server-time: 2

GET
H2 200 1S3MpS84aL.gif
image.kkoc5eg1.space/ch1/ Frame 9926 170 KB
171 KB 550ms
550ms Image
image/gif 2606:4700:3037::ac43:95e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.kkoc5eg1.space/ch1/1S3MpS84aL.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:95e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aea329d84c71430a166f5acd99969479902ba3faf3c56ce527789262cd9c2992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
access-control-allow-methods: GET,POST,DELETE
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 174331
last-modified: Sat, 15 Jan 2022 03:13:36 GMT
server: cloudflare
etag: "61e23be0-2a8fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CL13EomOYoXF0Ixc5fsNqnMbS5yjd9%2FPrTXgkwDKAoaK9r4%2FmFZmJqrDLpiy%2F3KBKpUTgFRJas4%2FG3%2FLOKqgabA0pwLxVGbGZxc1bdyRFWqN2caWlVVsEAG1FQRZKy%2B8e9FPmL2Cr710o8Ys3tDA53fxJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-header: Content-Type,*
accept-ranges: bytes
cf-ray: 71b59b98b9019049-FRA

GET
H2 200 loading.gif
tg006.i8p80lev.com/template/@mitaoxz_1/images/ Frame 9926 3 KB
3 KB 359ms
358ms Image
image/gif 202.79.167.88
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg006.i8p80lev.com:14168/template/@mitaoxz_1/images/loading.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.79.167.88 , Singapore, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash: 3b523d332424ad3c899d5dceb70ac224bb55f9973b49361ba5b8656b56fb2200

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
last-modified: Tue, 29 Mar 2022 01:38:02 GMT
server: nginx
etag: "624262fa-b0b"
content-type: image/gif
expires: Tue, 14 Jun 2022 22:52:41 GMT
cache-control: max-age=10800
accept-ranges: bytes
content-length: 2827
x-proxy-cache: HIT

GET
H3 200 1647261668.gif
ad.xmmnsl.com/uploads/images/ Frame 9926 423 KB
424 KB 50ms
50ms Image
image/gif 194.53.53.250
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.xmmnsl.com/uploads/images/1647261668.gif
Requested by: Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 194.53.53.250 Moscow Oblast, Russian Federation, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f667bfc6db2bc234f3e23a7e399a5801bf7467432f0b246bb0432f03c0c3c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:41 GMT
cf-cache-status: HIT
last-modified: Mon, 14 Mar 2022 12:41:08 GMT
server: cloudflare
age: 3746
etag: W/"622f37e4-69baf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBM4yRbF9EINtazlyeKPYI1QwfSYtSMobX4FHP6%2BaAVNQcbs6SOuHpPY7elDvo8Q0y7ct6hz%2BRgkYp4NazXPCEzE8o1xJlvAuslw52kVu2%2Fvnv5hDsJyOWkBWk2E5AUH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71b59b98bdff929b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame 9926 30 KB
11 KB 440ms
439ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?40a333c07b4ca0a969704da7ee8b3382

Requested by

Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

e9329401e7e8d5c206e003927676e3e4bb45cd344e82016bdbc7e51749ce35c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 19:52:41 GMT
Content-Encoding: gzip
Server: apache
Etag: ea98ee406b10976c2e2d9b28fcc78872
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11291

GET
DATA 200
OK truncated
/ Frame 9926 2 KB
0 Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer
Origin: https://tg006.i8p80lev.com:14168
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: application/x-font-woff2;charset=gb2312

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame E62C 43 B
299 B 444ms
444ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1115557436&si=40a333c07b4ca0a969704da7ee8b3382&su=http%3A%2F%2Fwww.noickjr.com%2F&v=1.2.94&lv=1&sn=18866&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ftg006.i8p80lev.com%3A14168%2F&tt=%E7%B3%96%E6%9E%9C%E8%A7%86%E9%A2%91

Requested by

Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 19:52:41 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame 9926 43 B
299 B 419ms
419ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: hm.baidu.com
URL: https://hm.baidu.com/hm.js?40a333c07b4ca0a969704da7ee8b3382

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 19:52:41 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame 9926 43 B
299 B 757ms
429ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&lt=1655236361&rnd=763063233&si=40a333c07b4ca0a969704da7ee8b3382&su=http%3A%2F%2Fwww.noickjr.com%2F&v=1.2.94&lv=2&sn=18867&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ftg006.i8p80lev.com%3A14168%2F&tt=%E7%B3%96%E6%9E%9C%E8%A7%86%E9%A2%91

Requested by

Host: tg006.i8p80lev.com
URL: https://tg006.i8p80lev.com:14168/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tg006.i8p80lev.com:14168/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 19:52:42 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.users.51.la
URL: https://js.users.51.la/21156481.js

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.noickjr.com/	1970-01-20 03:47:16	Name: Cookies_KL Value: 1
.www.noickjr.com/	1970-01-20 12:32:52	Name: Hm_lvt_87efa7579eb12bcdbe7b05a8f9ea2f51 Value: 1655236358
.www.noickjr.com/	1969-12-31 23:59:59	Name: Hm_lpvt_87efa7579eb12bcdbe7b05a8f9ea2f51 Value: 1655236358
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 5060C48617376A86
.www.noickjr.com/	1970-01-20 12:32:52	Name: Hm_lvt_749a867ae77418caf4ad7751cc318a62 Value: 1655236358
.www.noickjr.com/	1969-12-31 23:59:59	Name: Hm_lpvt_749a867ae77418caf4ad7751cc318a62 Value: 1655236358

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.noickjr.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21156481.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.noickjr.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21156481.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28758891.com
29873398.com
ad.xmmnsl.com
cdn.jsdelivr.net
hm.baidu.com
image.kkoc5eg1.space
image.qkf7jq3b.space
js.users.51.la
n0355.com
n0399.com
noickjr.com
pic.rmb.bdstatic.com
siwazywcdn2.com
tg006.i8p80lev.com
u0057.com
u0062.com
u0064.com
www.noickjr.com
xphthe.com
js.users.51.la
103.235.46.191
115.91.26.61
137.220.244.177
185.10.104.115
185.38.15.39
194.53.53.250
20.239.177.209
20.239.178.148
202.79.167.88
2606:4700:3036::ac43:8289
2606:4700:3037::ac43:95e6
2606:4700::6810:5914
45.201.250.49
47.254.187.172
47.75.19.141
02f667bfc6db2bc234f3e23a7e399a5801bf7467432f0b246bb0432f03c0c3c0
0639b083ebdeab29791cb0475628bba09867ee1ac88190eaf8f78c910a1b88e8
0b3c459e0e147103f8ddf00ac058d6bce8b42ca7aa06006f2b412bf840a4ac96
11b1a7c3a7bdf41f22ca188b7c42e297c079796ae09a878c50712fb92d8f5346
14f249b7c9c0fb12f8454ebf82cae203ca7cc4078b19ab68c938e576f40a19d1
1584fd65e334ed3113142524b93be47516451f864a5b254a8646786b5344f693
1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311
287dfccbe4ad78235c3d39e1c8486ad0150f292b238c5bdfbfe6424ce793782b
3a9dc223b563b33b84cb6492b3c35d03db2153924ae23f0ed9b4a76b69fa4bf6
3b523d332424ad3c899d5dceb70ac224bb55f9973b49361ba5b8656b56fb2200
4fc76fb7c66a74566b63718ea885177fc3a00ac6ceca121e686fbd06fa99bf26
6664f6292081457176d90f2b4157d9ffeb88e85ee1c75af39de4a347b1c98919
67ad08c1cf5eff391116433ffdd657d5ab43b7fdfc9be9b5fc51cb063a0572e1
6f5f34ff6d19a3cbe65f139c78194cbccda07fbb05ac2c3a036e18aed00f4721
74a263c02b3163c6f9352e1725567ddf470e1dbe74048c5f2d39a1c74ef16213
74b74bec8c7b1c76fbd41aeed86e718179917e0ce47f132349655fdba34532e6
78b40995f101bfaa55c0f70e2ab3d988aa8d63bf7581fd6aa45a2123ce847772
807bb79306e6d8f7a9786eaff9ea37115dd6339cdc6659a441997fc6471dffb7
8842d7bd1c377e15084fe597f756264773ce04bc03e47ff474244cb2a1ae7815
a02123266e568ef543ae1d95d5618c0ca2b6944c0d2b5aeaa6c607532750da9a
aa535a087e361c3e3c8f14f8a2927e4f80e35079baf8daa8c15840b73d1f4948
ad068ffb21505dc9e56a6bf0b774b6d590ebe42ac21e2a3821e6fa7e1a786e70
aea329d84c71430a166f5acd99969479902ba3faf3c56ce527789262cd9c2992
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
c7cf180dc412c3c2f82c151b18a21f325630162bfc398102759ded60acb20184
cacec0a97d3ffd87ad22b1a75bdb8beab49cb26d59f18818dbc8750b073998a6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d196c2a94e19aa4d42d9693522a7d6312489fd7c27f3048033f2c9b01b45c47a
d9429598b058a2ab2cd6176f123b304f3275d9e91d558a382c05c6c53da1da71
df309eee357692ba25343a2df4c3b4990ebca664fd9311f873612ce01c7ac429
e69ffc8492116d7134da168e20a0c4a30205326ddb861297c201c1d0ffe84d67
e9329401e7e8d5c206e003927676e3e4bb45cd344e82016bdbc7e51749ce35c8
e98f3a4cc094ac745db07606c19479eb107a6086379a0fe89f548cd946e48992
ed5b17a169320e6f3b3de70b334d7ff9345326b15a6e817e8e7ff6dd17d4b998
ef2fe2f602a7de59759399ed6e193215d4b1b941e8a09f0b16120b2434e0351e
f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d
f9dea21b477e41ade4a28860d20976acf5483af251aa9d4deb66eba6bd426d7b

www.noickjr.com Open in urlscan Pro 45.201.250.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

96 %HTTPS

20 %IPv6

18 Domains

19 Subdomains

15 IPs

8 Countries

19016 kBTransfer

21130 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.noickjr.com Open in urlscan Pro
45.201.250.49 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

96 %
HTTPS

20 %
IPv6

18
Domains

19
Subdomains

15
IPs

8
Countries

19016 kB
Transfer

21130 kB
Size

6
Cookies

89 HTTP transactions
2 data transactions