www.029site.com Open in urlscan Pro
104.252.189.167 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://029site.com/
Effective URL:
http://www.029site.com/index.php
Submission Tags: falconsandbox
Submission: On October 12 via api (October 12th 2021, 10:11:56 pm UTC) from US — Scanned from DE

Summary HTTP 76 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 24 domains to perform 76 HTTP transactions. The main IP is 104.252.189.167, located in United States and belongs to EGIHOSTING, US. The main domain is www.029site.com.

This is the only time www.029site.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	104.252.189.167 104.252.189.167	18779 (EGIHOSTING) (EGIHOSTING)
22	45.38.222.41 45.38.222.41	18779 (EGIHOSTING) (EGIHOSTING)
2	120.52.95.242 120.52.95.242	133119 (UNICOM-CN...) (UNICOM-CN China Unicom IP network)
20	104.22.0.86 104.22.0.86	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
1	45.61.212.184 45.61.212.184	53587 (AZT) (AZT)
1	172.67.161.228 172.67.161.228	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	148.251.44.169 148.251.44.169	24940 (HETZNER-AS) (HETZNER-AS)
1	104.21.34.166 104.21.34.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.192.254 172.67.192.254	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	144.76.98.12 144.76.98.12	24940 (HETZNER-AS) (HETZNER-AS)
1	104.21.233.158 104.21.233.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	144.202.99.171 144.202.99.171	20473 (AS-CHOOPA) (AS-CHOOPA)
1	45.61.212.162 45.61.212.162	53587 (AZT) (AZT)
1	45.61.212.181 45.61.212.181	53587 (AZT) (AZT)
2	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	8.134.16.137 8.134.16.137	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
2	185.10.104.115 185.10.104.115	() ()
3	163.171.132.119 163.171.132.119	54994 (QUANTILNE...) (QUANTILNETWORKS)
4	5.135.83.165 5.135.83.165	16276 (OVH) (OVH)
1	23.224.92.250 23.224.92.250	40065 (CNSERVERS) (CNSERVERS)
1	172.67.172.77 172.67.172.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.224.30.174 23.224.30.174	40065 (CNSERVERS) (CNSERVERS)
2	23.225.154.19 23.225.154.19	40065 (CNSERVERS) (CNSERVERS)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
76	23

4 104.252.189.167 (United States) 1 redirects

ASN18779 (EGIHOSTING, US)

029site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.029site.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 45.38.222.41 (United States)

ASN18779 (EGIHOSTING, US)

dd-ys06.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 120.52.95.242 (China)

ASN133119 (UNICOM-CN China Unicom IP network, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 104.22.0.86 (None, )

ASN13335 (CLOUDFLARENET, US)

ljcdn.comtucdncom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.184 (United States)

ASN53587 (AZT, US)

3332772.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.161.228 (United States)

ASN13335 (CLOUDFLARENET, US)

go.imgtata.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.44.169 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.169.44.251.148.clients.your-server.de

go.imglele.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.34.166 (None, )

ASN13335 (CLOUDFLARENET, US)

go.imggogo.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.192.254 (United States)

ASN13335 (CLOUDFLARENET, US)

xs.imgpipi.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.98.12 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.12.98.76.144.clients.your-server.de

xs.imglolo.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.233.158 (None, )

ASN13335 (CLOUDFLARENET, US)

go.imghaha.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.202.99.171 (San Jose, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 144.202.99.171.vultr.com

3332600.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.162 (United States)

ASN53587 (AZT, US)

9zgyqk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.181 (United States)

ASN53587 (AZT, US)

3332112.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

image.bitautoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.134.16.137 (Guangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

tttppp.oss-cn-guangzhou.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.10.104.115 (None, )

ASN- ()

pic.rmb.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)

img11.360buyimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img10.360buyimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 5.135.83.165 (France)

ASN16276 (OVH, FR)
PTR: i.postimg.cc

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.224.92.250 (United States)

ASN40065 (CNSERVERS, US)

img.123456img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.172.77 (United States)

ASN13335 (CLOUDFLARENET, US)

go.imgdudu.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.224.30.174 (United States)

ASN40065 (CNSERVERS, US)

crfrf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.225.154.19 (United States)

ASN40065 (CNSERVERS, US)

m.toutiaogov.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	dd-ys06.com dd-ys06.com	82 KB
20	comtucdncom.com ljcdn.comtucdncom.com	3 MB
4	postimg.cc i.postimg.cc	3 MB
4	51.la js.users.51.la ia.51.la	12 KB
4	029site.com 1 redirects 029site.com www.029site.com	2 KB
3	360buyimg.com img11.360buyimg.com img10.360buyimg.com	1 MB
2	baidu.com hm.baidu.com	15 KB
2	toutiaogov.cn m.toutiaogov.cn	684 B
2	bdstatic.com pic.rmb.bdstatic.com	1 MB
2	bitautoimg.com image.bitautoimg.com	2 MB
1	crfrf.com crfrf.com	121 KB
1	imgdudu.xyz go.imgdudu.xyz	434 KB
1	123456img.com img.123456img.com	395 KB
1	aliyuncs.com tttppp.oss-cn-guangzhou.aliyuncs.com	170 KB
1	3332112.com 3332112.com	933 KB
1	9zgyqk.com 9zgyqk.com	536 KB
1	3332600.com 3332600.com	1 MB
1	imghaha.xyz go.imghaha.xyz	439 KB
1	imglolo.xyz 1 redirects xs.imglolo.xyz	124 B
1	imgpipi.xyz xs.imgpipi.xyz	160 KB
1	imggogo.xyz go.imggogo.xyz	3 MB
1	imglele.xyz 1 redirects go.imglele.xyz	123 B
1	imgtata.xyz go.imgtata.xyz	310 KB
1	3332772.com 3332772.com	141 KB
76	24

	Domain	Requested by
22	dd-ys06.com	www.029site.com dd-ys06.com
20	ljcdn.comtucdncom.com	dd-ys06.com
4	i.postimg.cc	dd-ys06.com
3	www.029site.com	www.029site.com
2	hm.baidu.com	dd-ys06.com
2	m.toutiaogov.cn	dd-ys06.com
2	img10.360buyimg.com	dd-ys06.com
2	pic.rmb.bdstatic.com	dd-ys06.com
2	image.bitautoimg.com	dd-ys06.com
2	ia.51.la	www.029site.com dd-ys06.com
2	js.users.51.la	www.029site.com dd-ys06.com
1	crfrf.com	dd-ys06.com
1	go.imgdudu.xyz	dd-ys06.com
1	img.123456img.com	dd-ys06.com
1	img11.360buyimg.com	dd-ys06.com
1	tttppp.oss-cn-guangzhou.aliyuncs.com	dd-ys06.com
1	3332112.com	dd-ys06.com
1	9zgyqk.com	dd-ys06.com
1	3332600.com	dd-ys06.com
1	go.imghaha.xyz	dd-ys06.com
1	xs.imglolo.xyz	1 redirects
1	xs.imgpipi.xyz	dd-ys06.com
1	go.imggogo.xyz	dd-ys06.com
1	go.imglele.xyz	1 redirects
1	go.imgtata.xyz	dd-ys06.com
1	3332772.com	dd-ys06.com
1	029site.com	1 redirects
76	27

This site contains no links.

Subject Issuer	Validity	Valid
dd-ys04.com R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-04-19`	2 years	crt.sh
*.comtucdncom.com R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
3332772.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-16` - `2022-04-16`	a year	crt.sh
*.imgtata.xyz R3	`2021-10-11` - `2022-01-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-05` - `2022-10-04`	a year	crt.sh
3332600.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-16` - `2022-04-16`	a year	crt.sh
9zgyqk.com Sectigo RSA Domain Validation Secure Server CA	`2021-08-21` - `2022-08-21`	a year	crt.sh
3332112.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-16` - `2022-04-16`	a year	crt.sh
*.yiche.com GlobalSign RSA OV SSL CA 2018	`2020-01-06` - `2022-03-26`	2 years	crt.sh
*.oss-cn-shenzhen.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-01-25` - `2022-02-26`	a year	crt.sh
pic.rmb.bdstatic.com TrustAsia TLS RSA CA	`2021-02-19` - `2022-02-19`	a year	crt.sh
*.jd.com GlobalSign RSA OV SSL CA 2018	`2020-08-11` - `2021-11-28`	a year	crt.sh
postimg.cc R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
img.123456img.com TrustAsia TLS RSA CA	`2021-09-03` - `2022-09-02`	a year	crt.sh
crfrf.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-25` - `2022-06-25`	a year	crt.sh
m.toutiaogov.cn TrustAsia TLS RSA CA	`2021-01-05` - `2022-01-04`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-05-16`	2 years	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-01` - `2022-08-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.029site.com/index.php
Frame ID: 13BDEE200F84575EB65057548D3E06EA
Requests: 5 HTTP requests in this frame

Frame: https://dd-ys06.com/
Frame ID: D16C817C7413A721B3C1579AAEB3F3E6
Requests: 71 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

淮安南囟国际贸易有限公司亚洲精品AV一区二区三区四区-亚洲色少妇39P-国产美女亚洲精品久久久淮安南囟国际贸易有限公司

Page URL History Show full URLs

http://029site.com/ HTTP 301
http://www.029site.com/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Page Statistics

76
Requests

95 %
HTTPS

0 %
IPv6

24
Domains

27
Subdomains

23
IPs

6
Countries

18903 kB
Transfer

19058 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://029site.com/ HTTP 301
http://www.029site.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://go.imglele.xyz/2021/09/13/hWs.gif HTTP 301
https://go.imggogo.xyz/2021/09/13/hWs.gif

Request Chain 42

https://xs.imglolo.xyz/2021/09/26/dmwd.gif HTTP 301
https://go.imghaha.xyz/2021/09/26/dmwd.gif

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
www.029site.com/
Redirect Chain

http://029site.com/
http://www.029site.com/index.php

2 KB
746 B

330ms
160ms

Document
text/html

104.252.189.167
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.029site.com/index.php
Protocol: HTTP/1.1
Server: 104.252.189.167 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 6db3a6f21ee9c10c3140446312e8357f545b883f5d1983ee5f16565c46b50305

Request headers

Host: www.029site.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 12 Oct 2021 22:11:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Tue, 12 Oct 2021 22:11:37 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.029site.com/index.php

GET
H/1.1 200
OK common.js Show response
www.029site.com/ 1 KB
868 B 159ms
159ms Script
application/x-javascript 104.252.189.167
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.029site.com/common.js
Requested by: Host: www.029site.com
URL: http://www.029site.com/index.php
Protocol: HTTP/1.1
Server: 104.252.189.167 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: f5bc686b0b5a03dd367680eb0140b98efef14a4f4d570894a8a8a95791abad7e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.029site.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.029site.com/index.php
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.029site.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:38 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.029site.com/ 102 B
258 B 321ms
161ms Script
application/x-javascript 104.252.189.167
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.029site.com/tj.js
Requested by: Host: www.029site.com
URL: http://www.029site.com/index.php
Protocol: HTTP/1.1
Server: 104.252.189.167 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: nginx /
Resource Hash: 1b37cb9a7c3b389047ff1a4e9014f0fc16fb67638c1499ca8daf0fafcc44e04a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.029site.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.029site.com/index.php
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.029site.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:38 GMT
Server: nginx
Connection: keep-alive
Content-Length: 102
Content-Type: application/x-javascript

GET
H/1.1 200
OK / Show response
dd-ys06.com/ Frame D16C 22 KB
7 KB 850ms
351ms Document
text/html 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/
Requested by: Host: www.029site.com
URL: http://www.029site.com/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / PHP/7.1.33 ASP.NET
Resource Hash: fcc2cbc482b6bc7c77648ff6c2dc3008b0632ad903028fe041e81fa5b087fb26

Request headers

Host: dd-ys06.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://www.029site.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.029site.com/

Response headers

Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: PHP/7.1.33 ASP.NET
Date: Tue, 12 Oct 2021 22:11:44 GMT
Content-Length: 6996

GET
H/1.1 200
OK 20669221.js Show response
js.users.51.la/ 5 KB
6 KB 1954ms
149ms Script
application/javascript 120.52.95.242
UNICOM-CN China U...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20669221.js
Requested by: Host: www.029site.com
URL: http://www.029site.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 120.52.95.242 , China, ASN133119 (UNICOM-CN China Unicom IP network, CN),
Reverse DNS
Software: openresty /
Resource Hash: 6e6145817926da4f85a6f93f29054e6109d4df2014e529102d9a2cf4db493efb

Request headers

Referer: http://www.029site.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

nginx-hit: 1
Date: Tue, 12 Oct 2021 22:11:44 GMT
via: CHN-HElangfang-AREACUCC1-CACHE47[4],CHN-HElangfang-AREACUCC1-CACHE55[0,TCP_HIT,2],CHN-HElangfang-GLOBAL2-CACHE108[2],CHN-HElangfang-GLOBAL2-CACHE34[0,TCP_HIT,0]
X-CCDN-CacheTTL: 86400
Age: 4776833
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
request-id: 0000017A0422B0369018A2F38EB935EF
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length: 4898
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSP9sjvrqTPbxRbXXTSZCcNz7e64oL0O
Last-Modified: Mon Mar 02 14:13:58 CST 2020
Server: openresty
ETag: "153bb6b697abd39d0d0d4ae280ba95c9"
Content-Type: application/javascript;charset=UTF-8
version-id: G001117099E13633FFFF9053857FD9B4
Accept-Ranges: bytes
x-hcs-proxy-type: 1

GET
H/1.1 200
OK ate.css
dd-ys06.com/template/m1938pc/css/ Frame D16C 74 KB
5 KB 320ms
320ms Stylesheet
text/css 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/template/m1938pc/css/ate.css
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Jan 2021 07:28:36 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "06ae58622f2d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4498

GET
H/1.1 200
OK zui.css
dd-ys06.com/template/m1938pc/css/ Frame D16C 84 KB
15 KB 1254ms
936ms Stylesheet
text/css 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/template/m1938pc/css/zui.css
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 05:34:18 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0e972e6ef4d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 15351

GET
H/1.1 200
OK loogo8.png
dd-ys06.com/template/m1938pc/css/ Frame D16C 41 KB
41 KB 786ms
786ms Image
image/png 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd-ys06.com/template/m1938pc/css/loogo8.png
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 46005f75bb1499d97069b7ca45628cf1c1e177eb1632e04a4faba3f62c39aaae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Last-Modified: Sun, 09 May 2021 23:15:40 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "aa853a2945d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 41867

GET
H/1.1 200
OK xx1.js Show response
dd-ys06.com/template/m1938pc/ads/ Frame D16C 130 B
536 B 474ms
157ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/template/m1938pc/ads/xx1.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2b5212806ab5989b0a741f1c5d081435641b64e608299b952a2149cf5862d09a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 14:17:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d25e168e2ab9d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 229

GET
H/1.1 200
OK dh1.js Show response
dd-ys06.com/template/m1938pc/ads/ Frame D16C 130 B
535 B 479ms
160ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/template/m1938pc/ads/dh1.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8b2b51658db7f575537ebf7070ea8c1df1ef8a634d8ecbec98adc77de31c9ee8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 14:17:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d25e168e2ab9d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 228

GET
H/1.1 200
OK 1.gif
dd-ys06.com/template/m1938pc/images/ Frame D16C 254 B
500 B 161ms
161ms Image
image/gif 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd-ys06.com/template/m1938pc/images/1.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Last-Modified: Fri, 11 Jun 2021 00:37:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "28ba8f2595ed71:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 254

GET
H/1.1 200
OK dh.js Show response
dd-ys06.com/template/m1938pc/ads/ Frame D16C 129 B
534 B 479ms
160ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/template/m1938pc/ads/dh.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b9f6481b1c9e0b1d91979ae5e267c707c95663079bbcab52a3bd359c864ee635

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 14:17:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "a8fc138e2ab9d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 227

GET
H/1.1 200
OK xx2.js Show response
dd-ys06.com/template/m1938pc/ads/ Frame D16C 130 B
536 B 480ms
160ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/template/m1938pc/ads/xx2.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bb6296f6b4fde561414869edcb717cdfc2ee8f56cb4722a792d989f8630abb71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 14:17:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "27c1188e2ab9d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 229

GET
H/1.1 200
OK 1.js Show response
dd-ys06.com/template/m1938pc/ads/ Frame D16C 128 B
534 B 161ms
160ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/template/m1938pc/ads/1.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 29b3531322ac4003a4e825fe8cba30f31d6b1f7e411f57673936ed6a62c070ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 14:17:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "429a118e2ab9d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 227

GET
H2 200 cb5b8acab1480b500ab6f6b9a9a20dc4.jpg
ljcdn.comtucdncom.com/upload/vod/20211009-1/ Frame D16C 171 KB
171 KB 60ms
26ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211009-1/cb5b8acab1480b500ab6f6b9a9a20dc4.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32d6def90bcdc816887d39c6c940a1cf46406ae4537a6a7c6ec08c3b9bb990bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Oct 2021 01:54:41 GMT
server: cloudflare
age: 330694
etag: "6160f661-2aa58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 08 Nov 2021 02:16:41 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa644fc3215d-DUS
content-length: 174680
cf-bgj: h2pri

GET
H2 200 894fd20c91a4271c179483a1de09680f.jpg
ljcdn.comtucdncom.com/upload/vod/20211009-1/ Frame D16C 162 KB
163 KB 60ms
26ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211009-1/894fd20c91a4271c179483a1de09680f.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26a370c78a66807c280174c44bbcc131ac509f364f7c68a570e809ded21a104b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Oct 2021 01:54:42 GMT
server: cloudflare
age: 330696
etag: "6160f662-289e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 08 Nov 2021 02:16:39 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa644fc4215d-DUS
content-length: 166373
cf-bgj: h2pri

GET
H2 200 003754787ff75cf8ed31d2a846740fbd.jpg
ljcdn.comtucdncom.com/upload/vod/20211009-1/ Frame D16C 157 KB
157 KB 61ms
26ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211009-1/003754787ff75cf8ed31d2a846740fbd.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22ef7db33031bcedce9dbb63e1a7f8a038ec1c26d0177595161705edbbf3c235

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Oct 2021 01:54:44 GMT
server: cloudflare
age: 330698
etag: "6160f664-272b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 08 Nov 2021 02:16:37 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa644fc5215d-DUS
content-length: 160441
cf-bgj: h2pri

GET
H2 200 b602b938270912e6ed356f9885a1f1a2.jpg
ljcdn.comtucdncom.com/upload/vod/20211009-1/ Frame D16C 165 KB
165 KB 60ms
26ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211009-1/b602b938270912e6ed356f9885a1f1a2.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a144a0963d61ad752bbac28e3c1179a43641f88717257f5f173d61c1a403403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Oct 2021 01:54:45 GMT
server: cloudflare
age: 330700
etag: "6160f665-29355"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 08 Nov 2021 02:16:35 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa644fc7215d-DUS
content-length: 168789
cf-bgj: h2pri

GET
H2 200 3a6099c30918d558c2a57009e7314946.jpg
ljcdn.comtucdncom.com/upload/vod/20211009-1/ Frame D16C 162 KB
162 KB 59ms
25ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211009-1/3a6099c30918d558c2a57009e7314946.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b47f6eea9f90242216d91cbf6affd042b30f746ad7d0582bb4525da271d44ad2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Sat, 09 Oct 2021 01:54:46 GMT
server: cloudflare
age: 330702
etag: "6160f666-287d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 08 Nov 2021 02:16:33 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa644fc8215d-DUS
content-length: 165840
cf-bgj: h2pri

GET
H2 200 3a804a8df082db6a3245dded339f8708.jpg
ljcdn.comtucdncom.com/upload/vod/20211010-1/ Frame D16C 135 KB
135 KB 48ms
14ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211010-1/3a804a8df082db6a3245dded339f8708.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3543c5d0886333fa09401a39fe19a508f2688059c3e7b116b8afcd5cb6f19387

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Sun, 10 Oct 2021 01:09:01 GMT
server: cloudflare
age: 244273
etag: "61623d2d-21b28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 09 Nov 2021 02:16:59 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa644fc9215d-DUS
content-length: 138024
cf-bgj: h2pri

GET
H2 200 0b8ab33f4424bc3f19e3ad892d8965fd.jpg
ljcdn.comtucdncom.com/upload/vod/20211010-1/ Frame D16C 146 KB
147 KB 17ms
14ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211010-1/0b8ab33f4424bc3f19e3ad892d8965fd.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e414b3eb1cbe06db5e159a57b0441665853eea1b5c40d586c7d5b89853cc59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Sun, 10 Oct 2021 01:09:02 GMT
server: cloudflare
age: 244278
etag: "61623d2e-249ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 09 Nov 2021 02:16:55 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a857215d-DUS
content-length: 149999
cf-bgj: h2pri

GET
H2 200 185addf06fbcf636139789809b9f5b6e.jpg
ljcdn.comtucdncom.com/upload/vod/20211010-1/ Frame D16C 193 KB
193 KB 26ms
23ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211010-1/185addf06fbcf636139789809b9f5b6e.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c094be3c2a25bacb50917786497c9c767ff24c344db57f89663e0955384d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Sun, 10 Oct 2021 01:09:03 GMT
server: cloudflare
age: 244282
etag: "61623d2f-302f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 09 Nov 2021 02:16:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a858215d-DUS
content-length: 197360
cf-bgj: h2pri

GET
H2 200 5bb629837a0067b6ce3051a870251542.jpg
ljcdn.comtucdncom.com/upload/vod/20211010-1/ Frame D16C 200 KB
201 KB 18ms
15ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211010-1/5bb629837a0067b6ce3051a870251542.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6493f04533dbd9e01d9596f127718e19090cc64b88aacdf7bf39bfb775059b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Sun, 10 Oct 2021 01:09:05 GMT
server: cloudflare
age: 244286
etag: "61623d31-32196"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 09 Nov 2021 02:16:47 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a859215d-DUS
content-length: 205206
cf-bgj: h2pri

GET
H2 200 c71790d8666316bf9a0f8c32b5c949ff.jpg
ljcdn.comtucdncom.com/upload/vod/20211010-1/ Frame D16C 184 KB
185 KB 25ms
22ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211010-1/c71790d8666316bf9a0f8c32b5c949ff.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81ba1e3affec2edb1be01f0a8849e928a624333a63fa773cbd171eaa9427e01c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Sun, 10 Oct 2021 01:09:06 GMT
server: cloudflare
age: 244290
etag: "61623d32-2e17f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 09 Nov 2021 02:16:43 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a85a215d-DUS
content-length: 188799
cf-bgj: h2pri

GET
H2 200 d0c6a2f576fea5c382b75aca675d4455.jpg
ljcdn.comtucdncom.com/upload/vod/20211011-1/ Frame D16C 127 KB
128 KB 26ms
23ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211011-1/d0c6a2f576fea5c382b75aca675d4455.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9ad589ca5ec974d93251e84a2a260250d896c47e053b39972c8716a1844ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Oct 2021 01:04:45 GMT
server: cloudflare
age: 161502
etag: "61638dad-1fdce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 10 Nov 2021 01:16:29 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a85b215d-DUS
content-length: 130510
cf-bgj: h2pri

GET
H2 200 25079690c7337836f2ef54b26fc72adf.jpg
ljcdn.comtucdncom.com/upload/vod/20211011-1/ Frame D16C 129 KB
130 KB 26ms
23ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211011-1/25079690c7337836f2ef54b26fc72adf.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1ba322f08f4daf956fc9675060b0ecf7e7a2a9774aed1acc95036315123ea0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Oct 2021 01:04:44 GMT
server: cloudflare
age: 161500
etag: "61638dac-205c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 10 Nov 2021 01:16:31 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a85c215d-DUS
content-length: 132552
cf-bgj: h2pri

GET
H2 200 5bedce1f9e310f4cb4844e98210ce468.jpg
ljcdn.comtucdncom.com/upload/vod/20211011-1/ Frame D16C 141 KB
141 KB 26ms
23ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211011-1/5bedce1f9e310f4cb4844e98210ce468.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79671580abfb5b43d124da07ab8cb9651a244c61454655f70d1352f83cc1b338

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Mon, 11 Oct 2021 01:04:43 GMT
server: cloudflare
age: 161498
etag: "61638dab-23324"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 10 Nov 2021 01:16:33 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a85d215d-DUS
content-length: 144164
cf-bgj: h2pri

GET
H2 200 6475a45a93f05ce4b79caa10f09e0c9c.jpg
ljcdn.comtucdncom.com/upload/vod/20210930-1/ Frame D16C 128 KB
128 KB 27ms
24ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20210930-1/6475a45a93f05ce4b79caa10f09e0c9c.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aef0659735cfd827c909e8bb685767b7d9bca2270f3b2f546cf1769d9e11cce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 23:53:28 GMT
server: cloudflare
age: 297356
etag: "6154fc78-1ff48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 08 Nov 2021 11:32:19 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a85e215d-DUS
content-length: 130888
cf-bgj: h2pri

GET
H2 200 c1926a19e077959124cd728da52a2079.jpg
ljcdn.comtucdncom.com/upload/vod/20210930-1/ Frame D16C 122 KB
123 KB 26ms
23ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20210930-1/c1926a19e077959124cd728da52a2079.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f28e37fc7046b7ead9b8f85f204958baeb2f7de721f964faa92b159703a112

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 23:53:26 GMT
server: cloudflare
age: 297356
etag: "6154fc76-1e96c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 08 Nov 2021 11:32:19 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a860215d-DUS
content-length: 125292
cf-bgj: h2pri

GET
H2 200 533edefb890b4df72300aa0ace8ac9e4.jpg
ljcdn.comtucdncom.com/upload/vod/20210930-1/ Frame D16C 106 KB
106 KB 27ms
24ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20210930-1/533edefb890b4df72300aa0ace8ac9e4.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1125111dfa630dbdc1ad7fddd18496c3e50ef5245350f69ba10b3e16d4e26bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 23:53:25 GMT
server: cloudflare
age: 297356
etag: "6154fc75-1a87c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 08 Nov 2021 11:32:19 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a861215d-DUS
content-length: 108668
cf-bgj: h2pri

GET
H2 200 7100c1185bd72497bc30447d9c0ca104.jpg
ljcdn.comtucdncom.com/upload/vod/20210320-1/ Frame D16C 54 KB
54 KB 26ms
23ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20210320-1/7100c1185bd72497bc30447d9c0ca104.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49f07e6cbe76ee07dcfa02a24daf8c09009398c4ff03aea6ab1e7c18ed235af6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Fri, 19 Mar 2021 16:50:26 GMT
server: cloudflare
age: 185361
etag: "6054d652-d66c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 09 Nov 2021 18:38:50 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a862215d-DUS
content-length: 54892
cf-bgj: h2pri

GET
H2 200 bbb1d8512775f4b8bd530b7d540ebdd6.jpg
ljcdn.comtucdncom.com/upload/vod/20210930-1/ Frame D16C 46 KB
47 KB 26ms
24ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20210930-1/bbb1d8512775f4b8bd530b7d540ebdd6.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 272e43d23e9ee05ffa9947df3c1687e6085dcb0686bc2c1034e7ba6951383445

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 23:53:23 GMT
server: cloudflare
age: 297356
etag: "6154fc73-b9cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 08 Nov 2021 11:32:19 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a863215d-DUS
content-length: 47567
cf-bgj: h2pri

GET
H2 200 0fb3465c75fe1770d2a780debe9dcd4c.jpg
ljcdn.comtucdncom.com/upload/vod/20211001-1/ Frame D16C 99 KB
99 KB 27ms
24ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211001-1/0fb3465c75fe1770d2a780debe9dcd4c.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85adb5290fc2fdf1b8836501cbc835b98863fceaa1d22a1561c170e762203b7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 01:11:28 GMT
server: cloudflare
age: 297356
etag: "61566040-18ce4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 08 Nov 2021 11:32:19 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a864215d-DUS
content-length: 101604
cf-bgj: h2pri

GET
H2 200 af1444d6d7fe704564b8cb0384c971d0.jpg
ljcdn.comtucdncom.com/upload/vod/20211001-1/ Frame D16C 142 KB
142 KB 27ms
24ms Image
image/jpeg 104.22.0.86
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ljcdn.comtucdncom.com/upload/vod/20211001-1/af1444d6d7fe704564b8cb0384c971d0.jpg
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.0.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b27c61e6875bda7eff89905d4f093dde923da3178d9ca1f57f9c0a8ad7b9c7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:43 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Oct 2021 01:11:27 GMT
server: cloudflare
age: 297356
etag: "6156603f-236d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Mon, 08 Nov 2021 11:32:19 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa64a865215d-DUS
content-length: 145111
cf-bgj: h2pri

GET
H/1.1 200
OK xx3.js Show response
dd-ys06.com/template/m1938pc/ads/ Frame D16C 130 B
536 B 158ms
157ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/template/m1938pc/ads/xx3.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 69cd752e158bc2699903cfdb169394d198134b9a547707baa622313025161d5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 14:17:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "27c1188e2ab9d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 229

GET
H/1.1 200
OK dl.js Show response
dd-ys06.com/template/m1938pc/ads/ Frame D16C 129 B
534 B 160ms
159ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/template/m1938pc/ads/dl.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 154ef21253d6defaf3cb6f62224b524a8957918c4b01249992fd7d61d42043f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 14:17:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d25e168e2ab9d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 227

GET
H/1.1 200
OK tj.js Show response
dd-ys06.com/template/m1938pc/ads/ Frame D16C 102 B
514 B 161ms
161ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/template/m1938pc/ads/tj.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d7be4f7c40e87f2c66bb9b94e31915c2cc689f5fda670d3d8ceddee8a610b264

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:44 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Jul 2021 06:47:54 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "4d8c7453b382d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 207

GET
H/1.1 200 go1
ia.51.la/ 0
215 B 1006ms
267ms Image
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=20669221&rt=1634076704615&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581AV%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259B%259B%25E5%258C%25BA%252C%25E4%25BA%259A%25E6%25B4%25B2%25E8%2589%25B2%25E5%25B0%2591%25E5%25A6%258739P%252C%25E5%259B%25BD%25E4%25BA%25A7%25E7%25BE%258E%25E5%25A5%25B3%25E4%25BA%259A%25E6%25B4%25B2&ing=1&ekc=&sid=1634076704615&tt=%25E6%25B7%25AE%25E5%25AE%2589%25E5%258D%2597%25E5%259B%259F%25E5%259B%25BD%25E9%2599%2585%25E8%25B4%25B8%25E6%2598%2593%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581AV%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA%25E5%259B%259B%25E5%258C%25BA-%25E4%25BA%259A%25E6%25B4%25B2%25E8%2589%25B2%25E5%25B0%2591%25E5%25A6%258739P-%25E5%259B%25BD%25E4%25BA%25A7%25E7%25BE%258E%25E5%25A5%25B3%25E4%25BA%259A%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585&cu=http%253A%252F%252Fwww.029site.com%252Findex.php&pu=
Requested by: Host: www.029site.com
URL: http://www.029site.com/index.php
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.029site.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:45 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK xx1.js Show response
dd-ys06.com/js/ Frame D16C 6 KB
2 KB 158ms
158ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/js/xx1.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/template/m1938pc/ads/xx1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f8c04f6bb3db327a390ab407abb7e62f54b7a5d6f3da40517868566e6a3e2633

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Oct 2021 13:46:59 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80bc1a06fbfd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1474

GET
H/1.1 200
OK deb37b2e5e114b10a02017298b2ba191.gif
3332772.com/ Frame D16C 141 KB
141 KB 1625ms
150ms Image
image/gif 45.61.212.184
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3332772.com/deb37b2e5e114b10a02017298b2ba191.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.184 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 62c64d2f91d5dd554904fe294fe74f8793723d6b6069680b8fcf4204a0976612

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 14:04:23 GMT
Last-Modified: Sun, 10 Oct 2021 13:21:42 GMT
Server: nginx
ETag: "6162e8e6-23400"
X-Cache: HIT from cloud-us5-cdnb-24
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 144384

GET
H2 200 VEG6K.gif
go.imgtata.xyz/2021/10/06/ Frame D16C 309 KB
310 KB 76ms
24ms Image
image/gif 172.67.161.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgtata.xyz/2021/10/06/VEG6K.gif

Requested by

Host: dd-ys06.com
URL: https://dd-ys06.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.161.228 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7a333081007bf9c4a94cb91e3d586b9985c7c32f8d1797a7b4724b18fb9057f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:44 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 312801
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 316010
last-modified: Wed, 06 Oct 2021 11:25:21 GMT
server: cloudflare
etag: "615d87a1-4d26a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FLvCQraXFnoeH77IE0Y4zuES85LQaQISF2bkvrGL7h5Pp%2FPIBdJPm6OnLsdTnBscamvLgiW3r6O23p8CIJ%2BMNCbgUmxnwtg0ub7rRSR26Ap4MCMZqt7NhFlat%2FGj6rBiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa6d4811331f-CDG
expires: Mon, 08 Nov 2021 07:18:23 GMT

GET
H2

200

hWs.gif
go.imggogo.xyz/2021/09/13/ Frame D16C
Redirect Chain

https://go.imglele.xyz/2021/09/13/hWs.gif
https://go.imggogo.xyz/2021/09/13/hWs.gif

3 MB
3 MB

68ms
22ms

Image
image/gif

104.21.34.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imggogo.xyz/2021/09/13/hWs.gif

Requested by

Host: dd-ys06.com
URL: https://dd-ys06.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.34.166 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a33ba44d058ad5922ac86b3589a45bb7a8d004e45f7cdd27ffd64a58eccffddc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:44 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22790
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3095838
last-modified: Mon, 13 Sep 2021 17:52:40 GMT
server: cloudflare
etag: "613f8fe8-2f3d1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PspdxXVrn3PK1ltbnbXyZ1VHzml7Ogm2AqR5%2BYBG8I4ecLa0WwiEHLzppQeoZajKZNvP%2Be8OHvcbIKJdn3Z6SI4J8Rzh2V7pPkCfXOGmKoFfpn8wMDUF5NMgNNiPDGgjTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa6e1ad239f9-CDG
expires: Thu, 11 Nov 2021 15:51:54 GMT

Redirect headers

location: https://go.imggogo.xyz/2021/09/13/hWs.gif
date: Tue, 12 Oct 2021 22:11:44 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2 200 G9cV.gif
xs.imgpipi.xyz/2021/06/28/ Frame D16C 159 KB
160 KB 268ms
23ms Image
image/gif 172.67.192.254
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xs.imgpipi.xyz/2021/06/28/G9cV.gif

Requested by

Host: dd-ys06.com
URL: https://dd-ys06.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.192.254 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e684a9e2076703f7ab0d601f446d71add7f48ff3893a0a42aaa05f4a481a5129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:45 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 373108
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 162597
last-modified: Mon, 28 Jun 2021 09:48:56 GMT
server: cloudflare
etag: "60d99b08-27b25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uJauHCfJalnTn9jW%2BsadKQS4yT%2BWPVrdliPcH0rcPSassRUtWhjIdT%2BhgxUhkDrVTTc8MLHcSOe%2BJKbTEhRBcUJO2B0vwuwmiHLj2d5zI3fU9JKk2nT1%2BZAZ35pgNSskA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa6e7a30cdbf-CDG
expires: Sun, 07 Nov 2021 14:33:17 GMT

GET
H2

200

dmwd.gif
go.imghaha.xyz/2021/09/26/ Frame D16C
Redirect Chain

https://xs.imglolo.xyz/2021/09/26/dmwd.gif
https://go.imghaha.xyz/2021/09/26/dmwd.gif

438 KB
439 KB

71ms
22ms

Image
image/gif

104.21.233.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imghaha.xyz/2021/09/26/dmwd.gif

Requested by

Host: dd-ys06.com
URL: https://dd-ys06.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.233.158 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f29112a3ad43f02d1509a7a61700a8c95f65401ad8e861e2ede5ee5d123da5a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:44 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 837802
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 448431
last-modified: Sun, 26 Sep 2021 10:25:48 GMT
server: cloudflare
etag: "61504aac-6d7af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGSpNFcoqXQGbg%2BM8rG7O5MyYeRZDhclSjB0tFeXCVc%2FQejsMZ8eNhzINIFL4iVqS48afElbmCN6hSuCzxJ389Y2jSqtjWydtk9GogNMNZgh0FXSP2MZMQQfyBs5F7x12g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa6d9a3f3b7f-CDG
expires: Tue, 02 Nov 2021 05:28:22 GMT

Redirect headers

location: https://go.imghaha.xyz/2021/09/26/dmwd.gif
date: Tue, 12 Oct 2021 22:11:44 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H/1.1 200
OK 406610eac0564b3ba4cd653a039f8446.gif
3332600.com/ Frame D16C 1 MB
1 MB 2531ms
152ms Image
image/gif 144.202.99.171
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3332600.com/406610eac0564b3ba4cd653a039f8446.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.202.99.171 San Jose, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 144.202.99.171.vultr.com
Software: nginx /
Resource Hash: e13ea6d05a7efbb05f9817f9040bb06bd4a765a3d75e20c9e3bac268f07182ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 03:44:22 GMT
Last-Modified: Sun, 26 Sep 2021 10:49:27 GMT
Server: nginx
ETag: "61505037-13f4a8"
X-Cache: HIT from vultr-yd11_13-group02-0012
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1307816

GET
H2 200 8f3489479ec84a85bf517a879db59ab9.gif
9zgyqk.com/ Frame D16C 535 KB
536 KB 2556ms
300ms Image
image/gif 45.61.212.162
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9zgyqk.com/8f3489479ec84a85bf517a879db59ab9.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.162 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 93f26253fbeb516bfa881440925fceac2f887f024a0fa46f39c341688b8eec5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 06:25:00 GMT
last-modified: Tue, 28 Sep 2021 08:53:17 GMT
server: nginx
etag: "6152d7fd-85c89"
x-cache: HIT from cloud-us5-cdnb-02
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 547977

GET
H/1.1 200
OK 6b20d7681fdd44a2ad231d3afeb9932b.gif
3332112.com/ Frame D16C 933 KB
933 KB 1745ms
458ms Image
image/gif 45.61.212.181
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3332112.com/6b20d7681fdd44a2ad231d3afeb9932b.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.181 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e3395679c831aa9dbb5adc613031ede8320d805e91281c499e012620df07864

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 12:16:27 GMT
Last-Modified: Sat, 02 Oct 2021 12:10:25 GMT
Server: nginx
ETag: "61584c31-e920a"
X-Cache: HIT from cloud-us5-cdnb-21
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 954890

GET
H/1.1 200
OK f77bfb3af948426faa5307e01e045a2c.gif
image.bitautoimg.com/ask/2021/09/03/ Frame D16C 1 MB
1 MB 1144ms
8ms Image
image/gif 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bitautoimg.com/ask/2021/09/03/f77bfb3af948426faa5307e01e045a2c.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: Tengine /
Resource Hash: 2261b6766b2f1452f784c977781868e3b6e6770d2b7af4d439291562d27dc921

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:45 GMT
Age: 1
X-Cache: HIT from cache.51cdn.com
X-Via: 1.1 PSbjzwdx5ii32:2 (Cdn Cache Server V2.0), 1.1 PS-000-016fI56:14 (Cdn Cache Server V2.0), 1.1 ianxin96:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1vg90:2 (Cdn Cache Server V2.0)
x-cos-request-id: NjEzMjRlNGZfNDI4NWQ2NF8yZjVjMF9jNTAzMjk=
x-cos-version-id: MTg0NDUxMTMzODk1ODQ4NDYzMjM
Connection: keep-alive
Content-Length: 1298371
x-cos-hash-crc64ecma: 3447719174574454726
Last-Modified: Fri, 03 Sep 2021 15:48:44 GMT
Server: Tengine
ETag: "f54d0db59b61e204b58512a7103f3e3c"
X-Ws-Request-Id: 61660821_PSdgflkfFRA1bc9_22104-52167
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Expires: Thu, 02 Dec 2021 18:23:37 GMT

GET
H/1.1 200
OK f6b142db48a8401199b9784e8735d003.gif
image.bitautoimg.com/ask/2021/09/03/ Frame D16C 1 MB
1 MB 1144ms
9ms Image
image/gif 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bitautoimg.com/ask/2021/09/03/f6b142db48a8401199b9784e8735d003.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: Tengine /
Resource Hash: 8e4bfe132f8f8fc337c549048b29b454995c9f268258dfe5420cec4d1861cf76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:45 GMT
Age: 1
X-Cache: HIT from cache.51cdn.com
X-Via: 1.1 wdx12:2 (Cdn Cache Server V2.0), 1.1 PS-000-01FMj78:2 (Cdn Cache Server V2.0), 1.1 zhoudxin93:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:13 (Cdn Cache Server V2.0)
x-cos-request-id: NjEzMjQ1YzFfOWNiN2MyMDlfMTdlYzlfMTBkZTJjZg==
x-cos-version-id: MTg0NDUxMTMzODk5NDgyNTEwMTA
Connection: keep-alive
Content-Length: 1152362
x-cos-hash-crc64ecma: 12759959830281205062
Last-Modified: Fri, 03 Sep 2021 15:42:41 GMT
Server: Tengine
ETag: "3ec154965a3170ce773f865ec8e541d5"
X-Ws-Request-Id: 61660821_PSdgflkfFRA1eq9_9671-60955
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Expires: Thu, 02 Dec 2021 18:23:37 GMT

GET
H/1.1 200
OK ky_960_60.gif
tttppp.oss-cn-guangzhou.aliyuncs.com/img/ Frame D16C 170 KB
170 KB 1069ms
206ms Image
image/gif 8.134.16.137
CNNIC-ALIBABA-CN-...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tttppp.oss-cn-guangzhou.aliyuncs.com/img/ky_960_60.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 8.134.16.137 Guangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d33ce62c203e646ae72e379370df770446f8687788ab23116ca1bea162059672

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-oss-object-type: Normal
Date: Tue, 12 Oct 2021 22:11:45 GMT
x-oss-request-id: 616608212268E53036268C45
Last-Modified: Mon, 07 Jun 2021 06:01:06 GMT
Server: AliyunOSS
Content-MD5: rB/uSqzPSD01X1DvimBSMA==
ETag: "AC1FEE4AACCF483D355F50EF8A605230"
Content-Type: image/gif
x-oss-storage-class: Standard
Connection: keep-alive
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 2774213355202589588
Content-Length: 173866
x-oss-server-time: 0

GET
H2 200 6f2a17f99e3c15063adfd70a4c035e66.gif
pic.rmb.bdstatic.com/bjh/ Frame D16C 627 KB
628 KB 5237ms
9ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/6f2a17f99e3c15063adfd70a4c035e66.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: f41e6237a8795106c29d2251e1156b7599a5a414ce12a0d7a2fd8b02d63312ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ohc-file-size: 641914
date: Tue, 12 Oct 2021 22:11:50 GMT
content-md5: byoX+Z48FQY639cKTANeZg==
age: 2218261
x-bce-storage-class: STANDARD
content-length: 641914
ohc-cache-hit: fra01-sys-jomo1.fra01.baidu.com [4], zhuzuncache108 [4], qdix108 [1]
last-modified: Wed, 18 Aug 2021 05:59:50 GMT
server: JSP3/2.0.14
etag: "6f2a17f99e3c15063adfd70a4c035e66"
x-bce-request-id: 69c15ceb-17cb-49f5-a982-dfd5e34fd48e
content-type: image/gif
x-bce-debug-id: TMsswHCzzNMB5fwaYW+l1121QIVUeol7+Bp4n6cmcYHcFFaCLRwS04jC1rrb61/MwRY8nLcUUcM0cqYYta233Q==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1741062334
expires: Mon, 20 Sep 2021 06:00:43 GMT

GET
H2 200 d4fa3044618b3a65.gif
img11.360buyimg.com/ddimg/jfs/t1/88705/13/17244/402270/61434ee6E38cdff41/ Frame D16C 393 KB
394 KB 1191ms
8ms Image
image/gif 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img11.360buyimg.com/ddimg/jfs/t1/88705/13/17244/402270/61434ee6E38cdff41/d4fa3044618b3a65.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: 877695b74096a8a2cab0310a9f3915b0bc3a525ae5cc2803c74593d48dc28700

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:46 GMT
via: http/1.1 ORI-CLOUD-HUN-MIX-11 (jcs [cMsSfW]), http/1.1 HUN-CT-6-MIX-22 (jcs [cRs f ])
last-modified: Thu, 16 Sep 2021 14:04:22 GMT
server: nginx
age: 1
x-trace: 200-1631801063161-0-0-2-23-23;200;200-1631801063142-0-0-0-59-59;200-1631804578627-0-0-0-1-1
etag
x-ws-request-id: 61660822_PSdgflkfFRA2gb7_15763-365
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=5244206
timing-allow-origin: *
content-length: 402270
x-via: 1.1 PSrbdjTYO3wv64:7 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:11 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2so76:10 (Cdn Cache Server V2.0)
expires: Tue, 16 Nov 2021 09:17:13 GMT

GET
H2 200 614923de472de7da.gif
img10.360buyimg.com/ddimg/jfs/t1/88949/37/18439/652818/615049d8E76e0a8ae/ Frame D16C 638 KB
639 KB 747ms
8ms Image
image/gif 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img10.360buyimg.com/ddimg/jfs/t1/88949/37/18439/652818/615049d8E76e0a8ae/614923de472de7da.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: aad4680c2c0e47a89109828f7955862aef31ab5e97ef367aea726edc29088d08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:45 GMT
via: http/1.1 ORI-CLOUD-HUN-MIX-33 (jcs [cHs f ]), http/1.1 HUN-CT-6-MIX-23 (jcs [cMsSfW])
last-modified: Sun, 26 Sep 2021 10:22:16 GMT
server: nginx
age: 1
x-trace: 200-1632651739416-0-0-21-50-50;200;200-1632651750663-0-0-0-3-3;200-1632651750657-0-0-0-10-10
etag
x-ws-request-id: 61660821_PSdgflkfFRA2gb7_15763-357
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=5215990
timing-allow-origin: *
content-length: 652818
x-via: 1.1 PSxgHKG8oa90:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1ox201:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2sg74:13 (Cdn Cache Server V2.0)
expires: Thu, 25 Nov 2021 20:12:34 GMT

GET
H/1.1 200
OK dh1.js Show response
dd-ys06.com/js/ Frame D16C 4 KB
990 B 158ms
157ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/js/dh1.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/template/m1938pc/ads/dh1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a0038288d84a45283097647b4d4518204dfd61b09b734bf37ef68b2020e4a3bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 11:34:39 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "8071bbf993bed71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 683

GET
H/1.1 200
OK dh.js Show response
dd-ys06.com/js/ Frame D16C 4 KB
1009 B 158ms
158ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/js/dh.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/template/m1938pc/ads/dh.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f880b76853c839442f4a3848a8a276c1d3ceefc31f06d07f267f7e5f2031c359

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Sep 2021 15:10:33 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "807a22d1b1b3d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 702

GET
H/1.1 200
OK xx2.js Show response
dd-ys06.com/js/ Frame D16C 2 KB
1 KB 158ms
158ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/js/xx2.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/template/m1938pc/ads/xx2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4d21d37595aa4d72ab22e7f0f281b0dc52656bfb593a4ccbce28e40c44f5fc89

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 11:34:42 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "9a4f8dfb93bed71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 793

GET
H2 200 af16745878ba4858ac282df687b6b5af.gif
pic.rmb.bdstatic.com/bjh/ Frame D16C 640 KB
641 KB 4855ms
35ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/af16745878ba4858ac282df687b6b5af.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: fdbcb4243936cb7503721f4b50b3bfb26b435c412888fcd4ebc97b625dc32010

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

ohc-file-size: 655356
date: Tue, 12 Oct 2021 22:11:50 GMT
content-md5: rxZ0WHi6SFisKC32h7a1rw==
age: 2218261
x-bce-storage-class: STANDARD
content-length: 655356
ohc-cache-hit: fra01-sys-jomo3.fra01.baidu.com [4], zhuzuncache102 [4], xaix188 [1]
last-modified: Wed, 18 Aug 2021 05:54:44 GMT
server: JSP3/2.0.14
etag: "af16745878ba4858ac282df687b6b5af"
x-bce-request-id: 3144175c-83ee-45ed-8c6e-c79067920edb
content-type: image/gif
x-bce-debug-id: 4ckGAFp762cBMnOGmmFRUgu+NH+QAoaFWNFd2eiO8Z8B/Re+EWPD2kOc2IwahBDLzZUr1G6uiRzf5iCLqtAu5Q==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1612451074
expires: Mon, 20 Sep 2021 05:55:00 GMT

GET
H2 200 6ae81bb7886bbb8b.gif
img10.360buyimg.com/ddimg/jfs/t1/200085/2/9394/284697/614b1826Eaf08c50b/ Frame D16C 278 KB
279 KB 344ms
12ms Image
image/gif 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img10.360buyimg.com/ddimg/jfs/t1/200085/2/9394/284697/614b1826Eaf08c50b/6ae81bb7886bbb8b.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: 952747bfaa1ce8ab05e5817aa26d19d5261f6eb4e1c4338db81e355a5a81ae73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:45 GMT
via: http/1.1 ORI-CLOUD-HUN-MIX-22 (jcs [cHs f ]), http/1.1 ZHJ-CT-6-MIX-19 (jcs [cRs f ])
last-modified: Wed, 22 Sep 2021 11:48:54 GMT
server: nginx
age: 1
x-trace: 200-1632311335766-0-0-2-17-17;200;200-1632311757646-0-0-0-1-1;200-1632317876202-0-0-0-1-1
etag
x-ws-request-id: 61660821_PSdgflkfFRA2gb7_15763-358
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=5254859
timing-allow-origin: *
content-length: 284697
x-via: 1.1 PSxgHKG8rs131:10 (Cdn Cache Server V2.0), 1.1 kf230:10 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA2mu72:15 (Cdn Cache Server V2.0)
expires: Tue, 23 Nov 2021 06:49:30 GMT

GET
H2 200 980-8.gif
i.postimg.cc/cJqwfBzJ/ Frame D16C 63 KB
63 KB 65ms
15ms Image
image/gif 5.135.83.165
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/cJqwfBzJ/980-8.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.135.83.165 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: 0b1a5f25d9c720f2bb03c81ac0d5829d98607b3a0b0e4d33c047789e3accd725

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:45 GMT
last-modified: Thu, 16 Sep 2021 08:55:28 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 64188
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 960-85.gif
img.123456img.com/ Frame D16C 395 KB
395 KB 1040ms
145ms Image
image/gif 23.224.92.250
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.123456img.com:3366/960-85.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.224.92.250 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: Tengine /
Resource Hash: e8b2cdbb1a97710814af9d2e0b69c9c7527215eecb67ae2b5893fda518930f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:46 GMT
Last-Modified: Fri, 03 Sep 2021 15:21:36 GMT
Server: Tengine
ETag: "61323d80-62b5b"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-Cache: hit
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 404315

GET
H2 200 oEW.gif
go.imgdudu.xyz/2021/09/14/ Frame D16C 433 KB
434 KB 78ms
20ms Image
image/gif 172.67.172.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://go.imgdudu.xyz/2021/09/14/oEW.gif

Requested by

Host: dd-ys06.com
URL: https://dd-ys06.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.172.77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eced968075b04e632d135e49313b5b10cabb07c95a0a34af7fc12d0ebd25391

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:45 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17058
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 443053
last-modified: Tue, 14 Sep 2021 15:29:58 GMT
server: cloudflare
etag: "6140bff6-6c2ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXZ%2Fw7yOuKwTgbbtnY%2BSB3yLGT8oz4s%2Fyft6N5vApNJVxYYQKjT0V003RQFgHnzGBuW1Cwt2F7mGTippOzuJiN%2BBBo2r10aM1H51XU2ycg5qLJzfUzYluT1A76JOR25izA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 69d3aa72e95d404f-CDG
expires: Thu, 11 Nov 2021 17:27:27 GMT

GET
H/1.1 200
OK 1.js Show response
dd-ys06.com/js/ Frame D16C 3 KB
990 B 158ms
157ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/js/1.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/template/m1938pc/ads/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8f75910a7d606bcb0b46c0f6a5899ab1e5417e8ce27a88f3be1fa79b44c49372

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 10:41:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "801ceef67bbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 684

GET
H2 200 yuepao.gif
crfrf.com/sjdo/ Frame D16C 120 KB
121 KB 456ms
148ms Image
image/gif 23.224.30.174
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://crfrf.com/sjdo/yuepao.gif

Requested by

Host: dd-ys06.com
URL: https://dd-ys06.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.30.174 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

3e6e9b4c07d12600844651fb5e9857d75aaaa20c3cc3015f1cf2188575c4cb24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:46 GMT
last-modified: Sat, 31 Jul 2021 13:27:15 GMT
server: nginx
etag: "61054fb3-1e17f"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 123263
expires: Thu, 11 Nov 2021 22:11:46 GMT

GET
H2 200 n-v2a5a5cf6ee27b40c293808617c202c5df.png
i.postimg.cc/rwgW52Ct/ Frame D16C 302 KB
302 KB 16ms
15ms Image
image/png 5.135.83.165
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/rwgW52Ct/n-v2a5a5cf6ee27b40c293808617c202c5df.png
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.135.83.165 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: ca897d8b469d43b1b428c1ad81752fc3cb5d34534feec5464e8bd4f2192baf3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:45 GMT
last-modified: Thu, 09 Sep 2021 13:54:29 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 308810
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 n-v2d4540476ef63455dbd07db960f9d6350.gif
i.postimg.cc/gjJ0kF6V/ Frame D16C 304 KB
304 KB 16ms
15ms Image
image/gif 5.135.83.165
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/gjJ0kF6V/n-v2d4540476ef63455dbd07db960f9d6350.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.135.83.165 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: b562f66dcd0d707f3f9de0061a64ae1bce3b797b7315f14034ea22294d0de754

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:45 GMT
last-modified: Tue, 07 Sep 2021 12:01:53 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 311171
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 n-v29e2bb03dc1b64ced9fb8ce6a2078d8a0.gif
i.postimg.cc/QMT4wH45/ Frame D16C 2 MB
2 MB 15ms
15ms Image
image/gif 5.135.83.165
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/QMT4wH45/n-v29e2bb03dc1b64ced9fb8ce6a2078d8a0.gif
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.135.83.165 , France, ASN16276 (OVH, FR),
Reverse DNS: i.postimg.cc
Software: nginx /
Resource Hash: 402860e3d6497bfb058cdca4394c5ac4a63ac503524c04226e0f1a14032b914e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:45 GMT
last-modified: Tue, 07 Sep 2021 12:05:20 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 2483420
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK video-mask.png
dd-ys06.com/template/m1938pc/images/ Frame D16C 107 B
354 B 158ms
158ms Image
image/png 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd-ys06.com/template/m1938pc/images/video-mask.png
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/template/m1938pc/css/zui.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:46 GMT
Last-Modified: Sun, 24 Jan 2021 07:28:42 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b0b58b8a22f2d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 107

GET
H/1.1 200
OK video-play.png
dd-ys06.com/template/m1938pc/images/ Frame D16C 2 KB
2 KB 159ms
158ms Image
image/png 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dd-ys06.com/template/m1938pc/images/video-play.png
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/template/m1938pc/css/zui.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:46 GMT
Last-Modified: Sun, 24 Jan 2021 07:28:46 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "4081698d22f2d61:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1567

GET
H/1.1 200
OK xx3.js Show response
dd-ys06.com/js/ Frame D16C 0
258 B 158ms
157ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/js/xx3.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/template/m1938pc/ads/xx3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:46 GMT
Last-Modified: Wed, 12 May 2021 13:20:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "7aa1a9823147d71:0"
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 0

GET
H/1.1 200
OK dl.js Show response
dd-ys06.com/js/ Frame D16C 864 B
758 B 158ms
157ms Script
application/javascript 45.38.222.41
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: https://dd-ys06.com/js/dl.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/template/m1938pc/ads/dl.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 45.38.222.41 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c962e5d811def493ddda6492f5115c7d12a32031ba8d35fc0a386cbe2cee63d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 Jun 2021 10:13:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "088bfd6158d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 453

GET
H2 200 0FEFA3D5-52DC-15750-34-C783B9F529C1.alpha Show response
m.toutiaogov.cn/ty/ Frame D16C 26 B
342 B 1015ms
151ms Script
text/html 23.225.154.19
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.toutiaogov.cn:12443/ty/0FEFA3D5-52DC-15750-34-C783B9F529C1.alpha
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/js/dl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.225.154.19 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: tengine / PHP/5.6.40
Resource Hash: bc813b8086414a7a973b0eefa86d9d60e6dbe86ec4d06f1608cae4af9a1b053a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:46 GMT
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 22:11:46 GMT
server: tengine
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
expires: Tue, 12 Oct 2021 22:26:46 GMT

GET
H2 200 038C89D4-6878-15753-33-C1127FECCB20.alpha Show response
m.toutiaogov.cn/ty/ Frame D16C 26 B
342 B 1017ms
154ms Script
text/html 23.225.154.19
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.toutiaogov.cn:12443/ty/038C89D4-6878-15753-33-C1127FECCB20.alpha
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/js/dl.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.225.154.19 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: tengine / PHP/5.6.40
Resource Hash: bc813b8086414a7a973b0eefa86d9d60e6dbe86ec4d06f1608cae4af9a1b053a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 22:11:46 GMT
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 22:11:46 GMT
server: tengine
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
expires: Tue, 12 Oct 2021 22:26:46 GMT

GET
H/1.1 200
OK 20894175.js Show response
js.users.51.la/ Frame D16C 5 KB
6 KB 148ms
148ms Script
application/javascript 120.52.95.242
UNICOM-CN China U...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20894175.js
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/template/m1938pc/ads/tj.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 120.52.95.242 , China, ASN133119 (UNICOM-CN China Unicom IP network, CN),
Reverse DNS
Software: openresty /
Resource Hash: 64e4e1c96da1fb9899acd64f4742c39ee6792136e382c4dbb1ed7ed3cdc3136a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

nginx-hit: 1
Date: Tue, 12 Oct 2021 22:11:46 GMT
via: CHN-HElangfang-AREACUCC1-CACHE47[2],CHN-HElangfang-AREACUCC1-CACHE2[0,TCP_HIT,2],CHN-SH-GLOBAL1-CACHE11[5],CHN-SH-GLOBAL1-CACHE78[0,TCP_HIT,3]
X-CCDN-CacheTTL: 86400
Age: 11368176
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
request-id: 00000179D0F60C78900627E322A9836E
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length: 4898
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSRtTM+0lwUtF7t+Nt7S8HOfzoOZB2QY
Last-Modified: Fri May 14 18:23:44 CST 2021
Server: openresty
ETag: "9dba06271df192d9785b3dfb20fcb5fe"
Content-Type: application/javascript;charset=UTF-8
version-id: G00111796A674970FFFF9419A210C6DD
Accept-Ranges: bytes
x-hcs-proxy-type: 1

GET
H/1.1 200 go1
ia.51.la/ Frame D16C 0
215 B 814ms
291ms Image
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=20894175&rt=1634076706981&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%25A4%25A7%25E5%25A4%25A7%25E8%25B5%2584%25E6%25BA%2590%25E7%25BD%2591%25E7%25AB%2599&ing=1&ekc=&sid=1634076706981&tt=%25E5%25A4%25A7%25E5%25A4%25A7%25E8%25B5%2584%25E6%25BA%2590%25E7%25BD%2591%25E7%25AB%2599&kw=%25E5%25A4%25A7%25E5%25A4%25A7%25E8%25B5%2584%25E6%25BA%2590%25E7%25BD%2591%25E7%25AB%2599&cu=https%253A%252F%252Fdd-ys06.com%252F&pu=http%253A%252F%252Fwww.029site.com%252F
Requested by: Host: dd-ys06.com
URL: https://dd-ys06.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:47 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame D16C 39 KB
14 KB 1021ms
500ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3

Requested by

Host: dd-ys06.com
URL: https://dd-ys06.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

2737ac83871b649c7e730aa26e153bf09f36e61cbe7c9843e27ad7d42815147b

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 22:11:47 GMT
Content-Encoding: gzip
Server: apache
Etag: 1d3e186c0abdfa080452e210aec6150c
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 13947

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame D16C 43 B
299 B 328ms
328ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1349391161&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.029site.com%2F&v=1.2.85&lv=1&sn=27019&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fdd-ys06.com%2F&tt=%E5%A4%A7%E5%A4%A7%E8%B5%84%E6%BA%90%E7%BD%91%E7%AB%99

Requested by

Host: dd-ys06.com
URL: https://dd-ys06.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dd-ys06.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 Oct 2021 22:11:48 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.029site.com/	1969-12-31 23:59:59	Name: __tins__20669221 Value: %7B%22sid%22%3A%201634076704615%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201634078504615%7D
www.029site.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
www.029site.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 71124E2DE79FBE2B

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.029site.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/20669221.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.029site.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/20669221.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://dd-ys06.com/ Message: Mixed Content: The page at 'https://dd-ys06.com/' was loaded over HTTPS, but requested an insecure element 'http://xs.imgpipi.xyz/2021/06/28/G9cV.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

029site.com
3332112.com
3332600.com
3332772.com
9zgyqk.com
crfrf.com
dd-ys06.com
go.imgdudu.xyz
go.imggogo.xyz
go.imghaha.xyz
go.imglele.xyz
go.imgtata.xyz
hm.baidu.com
i.postimg.cc
ia.51.la
image.bitautoimg.com
img.123456img.com
img10.360buyimg.com
img11.360buyimg.com
js.users.51.la
ljcdn.comtucdncom.com
m.toutiaogov.cn
pic.rmb.bdstatic.com
tttppp.oss-cn-guangzhou.aliyuncs.com
www.029site.com
xs.imglolo.xyz
xs.imgpipi.xyz
103.235.46.191
104.21.233.158
104.21.34.166
104.22.0.86
104.252.189.167
120.52.95.242
144.202.99.171
144.76.98.12
148.251.44.169
163.171.128.148
163.171.132.119
172.67.161.228
172.67.172.77
172.67.192.254
183.131.207.66
185.10.104.115
23.224.30.174
23.224.92.250
23.225.154.19
45.38.222.41
45.61.212.162
45.61.212.181
45.61.212.184
5.135.83.165
8.134.16.137
0b1a5f25d9c720f2bb03c81ac0d5829d98607b3a0b0e4d33c047789e3accd725
1125111dfa630dbdc1ad7fddd18496c3e50ef5245350f69ba10b3e16d4e26bc4
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
154ef21253d6defaf3cb6f62224b524a8957918c4b01249992fd7d61d42043f8
18c094be3c2a25bacb50917786497c9c767ff24c344db57f89663e0955384d6b
1b37cb9a7c3b389047ff1a4e9014f0fc16fb67638c1499ca8daf0fafcc44e04a
2261b6766b2f1452f784c977781868e3b6e6770d2b7af4d439291562d27dc921
22ef7db33031bcedce9dbb63e1a7f8a038ec1c26d0177595161705edbbf3c235
26a370c78a66807c280174c44bbcc131ac509f364f7c68a570e809ded21a104b
272e43d23e9ee05ffa9947df3c1687e6085dcb0686bc2c1034e7ba6951383445
2737ac83871b649c7e730aa26e153bf09f36e61cbe7c9843e27ad7d42815147b
29b3531322ac4003a4e825fe8cba30f31d6b1f7e411f57673936ed6a62c070ec
2b5212806ab5989b0a741f1c5d081435641b64e608299b952a2149cf5862d09a
32d6def90bcdc816887d39c6c940a1cf46406ae4537a6a7c6ec08c3b9bb990bd
3543c5d0886333fa09401a39fe19a508f2688059c3e7b116b8afcd5cb6f19387
3a144a0963d61ad752bbac28e3c1179a43641f88717257f5f173d61c1a403403
3e6e9b4c07d12600844651fb5e9857d75aaaa20c3cc3015f1cf2188575c4cb24
402860e3d6497bfb058cdca4394c5ac4a63ac503524c04226e0f1a14032b914e
40e9ad589ca5ec974d93251e84a2a260250d896c47e053b39972c8716a1844ae
41e414b3eb1cbe06db5e159a57b0441665853eea1b5c40d586c7d5b89853cc59
46005f75bb1499d97069b7ca45628cf1c1e177eb1632e04a4faba3f62c39aaae
49f07e6cbe76ee07dcfa02a24daf8c09009398c4ff03aea6ab1e7c18ed235af6
4d21d37595aa4d72ab22e7f0f281b0dc52656bfb593a4ccbce28e40c44f5fc89
5aef0659735cfd827c909e8bb685767b7d9bca2270f3b2f546cf1769d9e11cce
62c64d2f91d5dd554904fe294fe74f8793723d6b6069680b8fcf4204a0976612
64e4e1c96da1fb9899acd64f4742c39ee6792136e382c4dbb1ed7ed3cdc3136a
69cd752e158bc2699903cfdb169394d198134b9a547707baa622313025161d5b
6db3a6f21ee9c10c3140446312e8357f545b883f5d1983ee5f16565c46b50305
6e6145817926da4f85a6f93f29054e6109d4df2014e529102d9a2cf4db493efb
79671580abfb5b43d124da07ab8cb9651a244c61454655f70d1352f83cc1b338
7e3395679c831aa9dbb5adc613031ede8320d805e91281c499e012620df07864
7eced968075b04e632d135e49313b5b10cabb07c95a0a34af7fc12d0ebd25391
81ba1e3affec2edb1be01f0a8849e928a624333a63fa773cbd171eaa9427e01c
85adb5290fc2fdf1b8836501cbc835b98863fceaa1d22a1561c170e762203b7a
877695b74096a8a2cab0310a9f3915b0bc3a525ae5cc2803c74593d48dc28700
8b27c61e6875bda7eff89905d4f093dde923da3178d9ca1f57f9c0a8ad7b9c7e
8b2b51658db7f575537ebf7070ea8c1df1ef8a634d8ecbec98adc77de31c9ee8
8e4bfe132f8f8fc337c549048b29b454995c9f268258dfe5420cec4d1861cf76
8f75910a7d606bcb0b46c0f6a5899ab1e5417e8ce27a88f3be1fa79b44c49372
93f26253fbeb516bfa881440925fceac2f887f024a0fa46f39c341688b8eec5e
952747bfaa1ce8ab05e5817aa26d19d5261f6eb4e1c4338db81e355a5a81ae73
a0038288d84a45283097647b4d4518204dfd61b09b734bf37ef68b2020e4a3bc
a33ba44d058ad5922ac86b3589a45bb7a8d004e45f7cdd27ffd64a58eccffddc
aad4680c2c0e47a89109828f7955862aef31ab5e97ef367aea726edc29088d08
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
b47f6eea9f90242216d91cbf6affd042b30f746ad7d0582bb4525da271d44ad2
b562f66dcd0d707f3f9de0061a64ae1bce3b797b7315f14034ea22294d0de754
b9f6481b1c9e0b1d91979ae5e267c707c95663079bbcab52a3bd359c864ee635
bb6296f6b4fde561414869edcb717cdfc2ee8f56cb4722a792d989f8630abb71
bc813b8086414a7a973b0eefa86d9d60e6dbe86ec4d06f1608cae4af9a1b053a
c962e5d811def493ddda6492f5115c7d12a32031ba8d35fc0a386cbe2cee63d9
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
ca897d8b469d43b1b428c1ad81752fc3cb5d34534feec5464e8bd4f2192baf3f
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d33ce62c203e646ae72e379370df770446f8687788ab23116ca1bea162059672
d6493f04533dbd9e01d9596f127718e19090cc64b88aacdf7bf39bfb775059b2
d7be4f7c40e87f2c66bb9b94e31915c2cc689f5fda670d3d8ceddee8a610b264
e13ea6d05a7efbb05f9817f9040bb06bd4a765a3d75e20c9e3bac268f07182ba
e1f28e37fc7046b7ead9b8f85f204958baeb2f7de721f964faa92b159703a112
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e684a9e2076703f7ab0d601f446d71add7f48ff3893a0a42aaa05f4a481a5129
e8b2cdbb1a97710814af9d2e0b69c9c7527215eecb67ae2b5893fda518930f98
ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47
f1ba322f08f4daf956fc9675060b0ecf7e7a2a9774aed1acc95036315123ea0e
f29112a3ad43f02d1509a7a61700a8c95f65401ad8e861e2ede5ee5d123da5a8
f41e6237a8795106c29d2251e1156b7599a5a414ce12a0d7a2fd8b02d63312ab
f5bc686b0b5a03dd367680eb0140b98efef14a4f4d570894a8a8a95791abad7e
f7a333081007bf9c4a94cb91e3d586b9985c7c32f8d1797a7b4724b18fb9057f
f880b76853c839442f4a3848a8a276c1d3ceefc31f06d07f267f7e5f2031c359
f8c04f6bb3db327a390ab407abb7e62f54b7a5d6f3da40517868566e6a3e2633
fcc2cbc482b6bc7c77648ff6c2dc3008b0632ad903028fe041e81fa5b087fb26
fdbcb4243936cb7503721f4b50b3bfb26b435c412888fcd4ebc97b625dc32010

www.029site.com Open in urlscan Pro 104.252.189.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

95 %HTTPS

0 %IPv6

24 Domains

27 Subdomains

23 IPs

6 Countries

18903 kBTransfer

19058 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.029site.com Open in urlscan Pro
104.252.189.167 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

95 %
HTTPS

0 %
IPv6

24
Domains

27
Subdomains

23
IPs

6
Countries

18903 kB
Transfer

19058 kB
Size

4
Cookies

76 HTTP transactions
0 data transactions