fhjddedh94373893eydfw.wqdjcoovnxxs.com Open in urlscan Pro
142.4.96.185  Public Scan

URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Submission: On April 26 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 117 HTTP transactions. The main IP is 142.4.96.185, located in United States and belongs to PEG-SV, US. The main domain is fhjddedh94373893eydfw.wqdjcoovnxxs.com.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on April 18th 2024. Valid for: a year.
This is the only time fhjddedh94373893eydfw.wqdjcoovnxxs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
65 142.4.96.185 54600 (PEG-SV)
41 2606:4700:20:... 13335 (CLOUDFLAR...)
1 38.145.202.191 18978 (ENZUINC-)
1 142.4.122.123 54600 (PEG-SV)
1 107.148.199.106 54600 (PEG-SV)
1 107.148.199.108 54600 (PEG-SV)
1 198.2.215.7 54600 (PEG-SV)
1 142.0.143.122 54600 (PEG-SV)
2 111.45.3.198 56040 (CMNET-GUA...)
1 2.19.176.88 20940 (AKAMAI-ASN1)
117 11
Domain Requested by
64 fhjddedh94373893eydfw.wqdjcoovnxxs.com fhjddedh94373893eydfw.wqdjcoovnxxs.com
41 tk.tutu.finance fhjddedh94373893eydfw.wqdjcoovnxxs.com
2 hm.baidu.com fhjddedh94373893eydfw.wqdjcoovnxxs.com
1 sc02.alicdn.com fhjddedh94373893eydfw.wqdjcoovnxxs.com
1 9831tc.com fhjddedh94373893eydfw.wqdjcoovnxxs.com
1 www.kj555999.com fhjddedh94373893eydfw.wqdjcoovnxxs.com
1 tu.jnctpsy8888.cc fhjddedh94373893eydfw.wqdjcoovnxxs.com
1 tu.yhtpsy8888.cc fhjddedh94373893eydfw.wqdjcoovnxxs.com
1 kj1987.com fhjddedh94373893eydfw.wqdjcoovnxxs.com
1 zwsdp2336.yudihccvss.com fhjddedh94373893eydfw.wqdjcoovnxxs.com
1 spqzi36645.lvbssl139hdjsv.com fhjddedh94373893eydfw.wqdjcoovnxxs.com
117 11
Subject Issuer Validity Valid
fhjfkdsxccnvm.com
Certum Domain Validation CA SHA2
2024-04-18 -
2025-05-18
a year crt.sh
lvbssl139hdjsv.com
Certum Domain Validation CA SHA2
2024-03-16 -
2025-04-15
a year crt.sh
tutu.finance
E1
2024-03-06 -
2024-06-04
3 months crt.sh
yudihccvss.com
Certum Domain Validation CA SHA2
2024-03-18 -
2025-04-17
a year crt.sh
kj111888.com
Certum Domain Validation CA SHA2
2023-12-12 -
2025-01-10
a year crt.sh
tu.yhtpsy8888.cc
R3
2024-04-02 -
2024-07-01
3 months crt.sh
tu.jnctpsy8888.cc
R3
2024-04-02 -
2024-07-01
3 months crt.sh
111287.com
Certum Domain Validation CA SHA2
2024-02-23 -
2025-03-24
a year crt.sh
9831tc.com
R3
2024-02-26 -
2024-05-26
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2023-07-06 -
2024-08-06
a year crt.sh
*.alicdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-09-10 -
2024-09-10
a year crt.sh

This page contains 6 frames:

Primary Page: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Frame ID: 87925F2F158630C35D0F93BE7982B630
Requests: 38 HTTP requests in this frame

Frame: https://kj1987.com/chajianam/a.html
Frame ID: FB45A3C7DE7879585FCAE7C4012553CC
Requests: 1 HTTP requests in this frame

Frame: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/999.htm
Frame ID: 90F309633CC4D9726C8E5AA933CE65B0
Requests: 5 HTTP requests in this frame

Frame: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Frame ID: 1A45FC204297A820A52C781A94DBBE8B
Requests: 6 HTTP requests in this frame

Frame: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Frame ID: CA008543EB4B2EAA9C4E05E7F7DA635E
Requests: 42 HTTP requests in this frame

Frame: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Frame ID: 2E80CACA9501773B66F35F6D9467B006
Requests: 25 HTTP requests in this frame

Screenshot

Page Title

澳门顶尖高手论坛,正版彩票免费料大全天,今期开码结果开奖2024,正版免费料大全,澳门正版资料大全,澳门最准马料大全,刘伯温正版四不像图片!澳门红鹰心水期期中论坛,黄大仙论坛,,管家婆王中王鉄算盘开奖结,澳门第70期开奖结果,正版资料大全,

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

117
Requests

44 %
HTTPS

10 %
IPv6

11
Domains

11
Subdomains

11
IPs

3
Countries

13446 kB
Transfer

13815 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

117 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fhjddedh94373893eydfw.wqdjcoovnxxs.com/
241 KB
20 KB
Document
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
9b02b75e6f864f26a87c25408a52f695cc6d62effbc4954f0e5f39cdc98f66e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 26 Apr 2024 00:48:44 GMT
etag
W/"662a947d-3c538"
last-modified
Thu, 25 Apr 2024 17:35:57 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
logo.gif
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
245 KB
245 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/logo.gif
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
64cdb2367a697de85d84bcc42b334e6479cd06ace01d3bbaad16efcd4cf810ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:44 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:48 GMT
server
nginx
etag
"654211e0-3d318"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
250648
expires
Sun, 26 May 2024 00:48:44 GMT
shang.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
30 KB
30 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/shang.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
8cfcb7e18675a506a5f8dd2d6cef461122b998e54e3c0bd5902aa8b4a687b5d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:44 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:52 GMT
server
nginx
etag
"654211e4-782c"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30764
expires
Sun, 26 May 2024 00:48:44 GMT
888.js
fhjddedh94373893eydfw.wqdjcoovnxxs.com/
18 KB
2 KB
Script
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/888.js
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
8c7da093e8974c7951c851f25383e448f6db7b3e0b911b574eea50f697d0d8e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:44 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Thu, 25 Apr 2024 09:34:01 GMT
server
nginx
etag
W/"662a2389-47d9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 26 Apr 2024 12:48:44 GMT
fenge.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
18 KB
19 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/fenge.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
f7e5cc0948577706e064fddc852a230f6fdc7b339e4bc9e31eb1312227e1a963
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:44 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:59 GMT
server
nginx
etag
"654211af-49ad"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18861
expires
Sun, 26 May 2024 00:48:44 GMT
ttgg.js
spqzi36645.lvbssl139hdjsv.com/
845 B
1 KB
Script
General
Full URL
https://spqzi36645.lvbssl139hdjsv.com/ttgg.js
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
5f2de1c78397c71ff24a697034b97ec8eedff0ed56a32350bc629e887fb5f82d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 19 Apr 2024 13:14:23 GMT
server
nginx
etag
"66226e2f-34d"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
845
expires
Fri, 26 Apr 2024 12:48:45 GMT
114109.jpg
tk.tutu.finance/aomen/2024/col/117/
161 KB
161 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/114109.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
69cef11ce314545f534d3499ee2c5422a0bbca0bdc3d614b97b0c23d72a2201f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:44:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"42eab3e1f97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mftpeh5s%2FMVkdTDf9C3YVDaprz9i5%2Fu1COnKzA%2BK%2BoOShBDkzFyKOknldqj%2F1mQVXCcVxbnFTfwvkyfa19WvKJO7GlrCe%2F0vOuc9591Yg6gsnSpDxLU%2B%2F8CEttAD%2FrHLl7dO%2BD6TxpiMPJSf4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291aa4d644d6a-FRA
content-length
164798
114110.jpg
tk.tutu.finance/aomen/2024/col/117/
138 KB
139 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/114110.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4144615e233a8334da7bbd559e7022742343651e4c30c4af17d6c0e0e7dd3250

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:52:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"184d70962897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hcf4qeMwjbidYEefBzVCtKpJ7F8z8vWQAXei4QWBeC7oosAmQSJuXoZQjpzmhAPDkkYweMt4uKXH6RnnwsUaxFd1GHRMqqnv8KoeeAEPfne8I2WxU4KrGvtEdQdiau7CfzLAPBnndmzSlEvdiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291aa4d634d6a-FRA
content-length
141705
t68.gif
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
199 KB
199 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/t68.gif
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
e6addb074ee08ca744853a423912e35274937854f83bd03e162d421ccc45f250
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:44 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:57 GMT
server
nginx
etag
"654211e9-31b0e"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
203534
expires
Sun, 26 May 2024 00:48:44 GMT
%E5%B9%BF%E5%91%8A%E5%9B%BE%E7%89%87%E8%A1%A5%E8%BF%9E.js
zwsdp2336.yudihccvss.com/
853 B
599 B
Script
General
Full URL
https://zwsdp2336.yudihccvss.com/%E5%B9%BF%E5%91%8A%E5%9B%BE%E7%89%87%E8%A1%A5%E8%BF%9E.js
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.145.202.191 Chicago, United States, ASN18978 (ENZUINC-, US),
Reverse DNS
191.202-145-38.rdns.scalabledns.com
Software
Microsoft-IIS/10.0 /
Resource Hash
0bd46e7e0bf0265da1dc4375152eb7d6f5f72f2de3d6e076ec544cf8f369fa8c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
content-encoding
gzip
last-modified
Fri, 19 Apr 2024 13:11:24 GMT
server
Microsoft-IIS/10.0
etag
"c4c2c0145b92da1:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
441
114111.jpg
tk.tutu.finance/aomen/2024/col/117/
135 KB
136 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/114111.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
10eca9b88fcf81e381113ad04f2497cd1d223b8716a181aaacc6d5166f6dcdfd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:43:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ecb3221f97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=18lDJT5MaDZ%2FYSSLt%2Fpq%2Bc2eyejrereRyKVQiRuHDOlXspNhImPFJW7bILj%2BtdLGkb%2BE55%2F0jPG4fNX9w8mOTrfbbxBF92TKoIqaPIQMAGhqO3JfXsN%2FHs%2FRYhWBRRBJLdZ7Oom9Wr9TGzUElw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291aa4d624d6a-FRA
content-length
138279
114112.jpg
tk.tutu.finance/aomen/2024/col/117/
150 KB
150 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/114112.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a2b5389aaf45451be87f36792e76d96a9b1c455702794782300f42c6e62e5cf7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:44:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5e6d9d21f97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L6Wpl2Hv6GEtX0pxk30osGustPIDvmN4QvwLzwD%2Fswvd9OYY%2BEoKdZ0PYPttIgtLjotOvmZ2kloppQRTBzugdJwVyf26JfOJdtoQrxVzLaj7L087S3h5PJMz4m1NhDXuJUGYfUccoWsTfe%2FuXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291aa4d674d6a-FRA
content-length
153369
GGtu1.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
5 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu1.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
3cc441ff01bb34353430c7a69261ed8e09ca520bce37654434bcd3336efdbdfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:44 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:00 GMT
server
nginx
etag
"654211b0-14b2"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5298
expires
Sun, 26 May 2024 00:48:44 GMT
GGtu2.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
4 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu2.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
99ccf83a94312324f75f7ca30fcd5ea0d44517c7fd885efce560e262bcf66b2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:44 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:06 GMT
server
nginx
etag
"654211b6-1198"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4504
expires
Sun, 26 May 2024 00:48:44 GMT
GGtu3.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
5 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu3.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
eca0c1d4ca59e8a40a39779854eec1862caac58b4e6a99561b88ac12a8dee2e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:08 GMT
server
nginx
etag
"654211b8-1474"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5236
expires
Sun, 26 May 2024 00:48:45 GMT
GGtu4.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
5 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu4.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
ba13f6c2cb1b04c10119c52ceeb034d3719297f3160c4e2094b5d52ad8cfd409
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:09 GMT
server
nginx
etag
"654211b9-1255"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4693
expires
Sun, 26 May 2024 00:48:45 GMT
GGtu5.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
5 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu5.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
e9bea4f5a365446b969a10bfb8e4bc683b4c132b088c287a9d5968e1d4556669
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:11 GMT
server
nginx
etag
"654211bb-144d"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5197
expires
Sun, 26 May 2024 00:48:45 GMT
GGtu6.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
5 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu6.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
a68a80e66419695bd90131fdd48ee9a0b3dbe04e6ffff82ea80a97737e087e3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:13 GMT
server
nginx
etag
"654211bd-1287"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4743
expires
Sun, 26 May 2024 00:48:45 GMT
GGtu7.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
5 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu7.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
09ca298ab3f1ed1adf3bb813bce35f8872184ad2032c23bf8b805c050279a989
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:14 GMT
server
nginx
etag
"654211be-1390"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5008
expires
Sun, 26 May 2024 00:48:45 GMT
GGtu8.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
5 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu8.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
2ef59ebfc9c214e9bebef4a52595648e042a82b9e12ee6aa2d5685816f126cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:16 GMT
server
nginx
etag
"654211c0-1241"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4673
expires
Sun, 26 May 2024 00:48:45 GMT
GGtu9.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
5 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu9.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
144f74aa20cbf3a1678246b345abaab30d17780ae239c469e72e178cdc70985b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:18 GMT
server
nginx
etag
"654211c2-148e"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5262
expires
Sun, 26 May 2024 00:48:45 GMT
GGtu10.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
5 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu10.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
1572b42ecfa17a475d9e724f0a5ebb5393086c348bdf955fa5a985bc6edf53f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:02 GMT
server
nginx
etag
"654211b2-126f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4719
expires
Sun, 26 May 2024 00:48:45 GMT
GGtu11.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
5 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu11.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
994101ef7350bb493f4706dd9a7a28bf791936e4ca340478dbd3fde27c07de4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:03 GMT
server
nginx
etag
"654211b3-14bc"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
5308
expires
Sun, 26 May 2024 00:48:45 GMT
GGtu12.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
5 KB
5 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/GGtu12.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
e13ff66eac73d2ca8e3cb5eb8afb22d5fb3e988b8b11f4916357f4067a03ce79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:05 GMT
server
nginx
etag
"654211b5-129b"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4763
expires
Sun, 26 May 2024 00:48:45 GMT
166.gif
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
25 KB
25 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/166.gif
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
053deb164869712d088263562163317893af06089e547c9f752d5146dfa41e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:36 GMT
server
nginx
etag
"65421198-62eb"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25323
expires
Sun, 26 May 2024 00:48:45 GMT
xia.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
30 KB
30 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/xia.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
af348fa82563741d767ad82b975a388dc5b3a98590e6d042e697dc590e1ac531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:53:09 GMT
server
nginx
etag
"654211f5-7873"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30835
expires
Sun, 26 May 2024 00:48:45 GMT
a.html
kj1987.com/chajianam/ Frame FB45
0
0
Document
General
Full URL
https://kj1987.com/chajianam/a.html
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.122.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 26 Apr 2024 00:48:46 GMT
etag
W/"66227214-13ae"
last-modified
Fri, 19 Apr 2024 13:31:00 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
bj.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
690 KB
691 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/bj.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
58d3ffb8b770ba2b90732770d8dc5adf892e3f70b51adaa0dad0bc572a997935
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:57 GMT
server
nginx
etag
"654211ad-ac6aa"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
706218
expires
Sun, 26 May 2024 00:48:45 GMT
zhong.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
11 KB
11 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/zhong.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
7929949a84ad40c4df59ba5a1af9a5ecf62ee7d83b1bffd15d0942bac83dd987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:53:11 GMT
server
nginx
etag
"654211f7-2b7f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11135
expires
Sun, 26 May 2024 00:48:45 GMT
tjian.gif
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
513 B
719 B
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/tjian.gif
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
c201887507cc7cb9331c724ea54dc80aaecefc9e3621280ca87bbc054891f31e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:59 GMT
server
nginx
etag
"654211eb-201"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
513
expires
Sun, 26 May 2024 00:48:45 GMT
999.htm
fhjddedh94373893eydfw.wqdjcoovnxxs.com/ Frame 90F3
18 KB
2 KB
Document
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/999.htm
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
c11cd723148a40304b6df7cb8c69c359a4237f6168ad9a796399a9eec5f44a91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 26 Apr 2024 00:48:45 GMT
etag
W/"662a9479-4608"
last-modified
Thu, 25 Apr 2024 17:35:53 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
fenge.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
18 KB
19 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/fenge.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
f7e5cc0948577706e064fddc852a230f6fdc7b339e4bc9e31eb1312227e1a963
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:59 GMT
server
nginx
etag
"654211af-49ad"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18861
expires
Sun, 26 May 2024 00:48:45 GMT
80.gif
tu.yhtpsy8888.cc/yh2023/
382 KB
382 KB
Image
General
Full URL
https://tu.yhtpsy8888.cc/yh2023/80.gif
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.148.199.106 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
107.148.199.106.news1.shoesusoutlet.com
Software
cdn /
Resource Hash
134a4ee4865b3aac479ef1f38645cf311ae5613739e553e2dca3bfa12f1c4627

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
last-modified
Wed, 24 Jan 2024 09:53:18 GMT
server
cdn
etag
"65b0de0e-5f697"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
390807
expires
Sat, 25 May 2024 06:24:27 GMT
80.gif
tu.jnctpsy8888.cc/jnc2023/
717 KB
718 KB
Image
General
Full URL
https://tu.jnctpsy8888.cc/jnc2023/80.gif
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.148.199.108 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
107.148.199.108.news3.shoesusoutlet.com
Software
cdn /
Resource Hash
b2fc68b321375f3d006bf2cb0b7838d1d7f9d6a767ac50f8f6adba3b32133150

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
last-modified
Thu, 14 Sep 2023 12:23:21 GMT
server
cdn
etag
"6502fb39-b334b"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
734027
expires
Sat, 25 May 2024 06:24:43 GMT
800tk.gif
www.kj555999.com/tu/
53 KB
53 KB
Image
General
Full URL
https://www.kj555999.com/tu/800tk.gif
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.2.215.7 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6596f8e791fb6b4d3ea30aae728bdafc44d6837417699bf819a127d542a208af

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:45:26 GMT
last-modified
Fri, 19 Apr 2024 12:33:21 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"ad494c45592da1:0"
content-length
54187
content-type
image/gif
960x80.gif
9831tc.com/tp/
548 KB
549 KB
Image
General
Full URL
https://9831tc.com/tp/960x80.gif
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.0.143.122 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
openresty /
Resource Hash
06eefcf8aeb3214196590b5ba0b326572f834a050ff18a1004bafc9fe852a21c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 26 Apr 2024 00:48:47 GMT
Via
mycdn
Last-Modified
Wed, 03 Apr 2024 07:18:21 GMT
Server
openresty
ETag
"660d02bd-89152"
Content-Type
image/gif
CDN-Cache
HIT
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
561490
Expires
Wed, 22 May 2024 07:22:58 GMT
bbs.htm
fhjddedh94373893eydfw.wqdjcoovnxxs.com/ Frame 1A45
29 KB
2 KB
Document
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
d369ba5e4254c8076ec850b3382dd1dfe3c9ac0e5ba674c70fa72e67d1e0c237
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 26 Apr 2024 00:48:45 GMT
etag
W/"662a947a-7543"
last-modified
Thu, 25 Apr 2024 17:35:54 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
gundong.htm
fhjddedh94373893eydfw.wqdjcoovnxxs.com/ Frame CA00
26 KB
4 KB
Document
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
2a9a720ea36dc3e91fe393644b988145cd6774ce3249f5b54edd4703ee8bc267
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 26 Apr 2024 00:48:45 GMT
etag
W/"662a947a-69b0"
last-modified
Thu, 25 Apr 2024 17:35:54 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
bg.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/
118 KB
118 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/bg.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
4537225b6c497e5abd8987fdb8210ac8c73b83c5052b38f9f3afe007dcaaf9cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:45 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:45 GMT
server
nginx
etag
"654211a1-1d7b6"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
120758
expires
Sun, 26 May 2024 00:48:45 GMT
xiezhen.htm
fhjddedh94373893eydfw.wqdjcoovnxxs.com/ Frame 2E80
4 KB
2 KB
Document
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
5f0a1bba2178e777628c6ba47dabeb64598a0fcee43b121cc8f822b7fdc78011
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 26 Apr 2024 00:48:46 GMT
etag
W/"65421236-118e"
last-modified
Wed, 01 Nov 2023 08:54:14 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?453ddabca2adcaf85fa19a3ce3794cce
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
fba5133bb8a7eba68c394a77744749e3f8b072e2f723647280a5df593a012b3c
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Fri, 26 Apr 2024 00:48:46 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
1204b371bd1066a3bca62df0f51170ee
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11258
shang.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/ Frame 90F3
30 KB
30 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/shang.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/999.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
8cfcb7e18675a506a5f8dd2d6cef461122b998e54e3c0bd5902aa8b4a687b5d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/999.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:52 GMT
server
nginx
etag
"654211e4-782c"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30764
expires
Sun, 26 May 2024 00:48:46 GMT
nihao.gif
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/ Frame 90F3
3 KB
3 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/nihao.gif
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/999.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
a25f0096969514de68460edf1ec26a75bc16383261b40250106e4c3c3a4cde23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/999.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:49 GMT
server
nginx
etag
"654211e1-b61"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2913
expires
Sun, 26 May 2024 00:48:46 GMT
xia.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/ Frame 90F3
30 KB
30 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/xia.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/999.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
af348fa82563741d767ad82b975a388dc5b3a98590e6d042e697dc590e1ac531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/999.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:53:09 GMT
server
nginx
etag
"654211f5-7873"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30835
expires
Sun, 26 May 2024 00:48:46 GMT
shang.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/ Frame 1A45
30 KB
30 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/shang.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
8cfcb7e18675a506a5f8dd2d6cef461122b998e54e3c0bd5902aa8b4a687b5d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:52:52 GMT
server
nginx
etag
"654211e4-782c"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30764
expires
Sun, 26 May 2024 00:48:46 GMT
9.gif
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/ Frame 1A45
4 KB
4 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/9.gif
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
0afcce8fe2539bd16456c6f5aa57f4c6b2be116919752f1cbe3e637c955a4677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:38 GMT
server
nginx
etag
"6542119a-fa9"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4009
expires
Sun, 26 May 2024 00:48:46 GMT
11.gif
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/ Frame 1A45
9 KB
10 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/11.gif
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
f138d70c2f2b2ab1735b365d85e3266de014d9bb88dd020b8d38c437857e8835
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:34 GMT
server
nginx
etag
"65421196-25e8"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
9704
expires
Sun, 26 May 2024 00:48:46 GMT
xia.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/ Frame 1A45
30 KB
30 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/xia.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
af348fa82563741d767ad82b975a388dc5b3a98590e6d042e697dc590e1ac531
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:53:09 GMT
server
nginx
etag
"654211f5-7873"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
30835
expires
Sun, 26 May 2024 00:48:46 GMT
arrow_left.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/ Frame CA00
2 KB
2 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/arrow_left.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
f7708a3229ed66fe5f587cfdfb72b1d9ee094d6e10d41ae0b546f4d760741de7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:41 GMT
server
nginx
etag
"6542119d-700"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1792
expires
Sun, 26 May 2024 00:48:46 GMT
arrow_right.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/ Frame CA00
2 KB
2 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/arrow_right.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
8031fcb03935b3982756e32607ea8bc69ceb0899151c513133732ed9d5ad5b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:42 GMT
server
nginx
etag
"6542119e-74b"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1867
expires
Sun, 26 May 2024 00:48:46 GMT
m39.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
224 KB
224 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/m39.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
564d340ef0401dfbde9fdfae5cf016fd9abe088216d880795e7e766be116e0f2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:42:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ccec32362797da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKR5tejynwbT48R6at%2FBbtihR%2FQQLlWbwCaH72n9y5R%2Bpl5Iif2zmP4f6w5hAQYANrRBd0Ut3eJ2g97raq4WHhXR13m4urXphMPTwgnNWTWEJhpc27tA7FMyigiFsApfIo0asUBy80VbBK7HmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b069534d6a-FRA
content-length
229078
mj02.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
152 KB
152 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/mj02.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
28ecdefbd6256062d6977a4a6c29115fed1a0eb204d0953a9386a9e25e82dd23

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:44:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3b33f151f97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mj%2BRtmpf5P9VYE%2FszUSoR0uRnOzXprf9EWDDoWbOscO87aubDt8zOqKeBpQBYvX7TIXFMMEnMO9g3BikXOJWdceKhMfd%2F8%2BcDiiuvhyikauYJrp2JqOqwphIN1%2B0W3hCK3KvDYKQZmxiak7SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b079654d6a-FRA
content-length
155421
pt00.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
254 KB
255 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/pt00.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
192177b3d48c83b68a6fdb33cf995959241e172f878576da88dcec6f6d3ec10b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:47:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d489d07a1f97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYhuGJ35KSdSAovXHQYfA%2BYbNOgx%2BAtW5lcrEEad5l9h70j8YI9SqX%2F%2FouepMXMA2SsIYw%2Bniwl9EQJpc2fx6tCYNRPhpLlg4zSEfz4qE4ceXItieuAbzaRfyisG0OKB9fftHM%2FX%2FZp5t%2B7lZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b079664d6a-FRA
content-length
260035
ampgt.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
340 KB
341 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/ampgt.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
62f7b4c07bd53bbf8fc835eb861f6db31fe37fa19ef03299c7d5855d43617d82

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:11:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3fddf27b1a97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yAb6BwwP4tzq2inW6pZ51gqT%2BdwTIvXCR1irT0%2BV5rDn3eTFn06brT6d0mcKYuIj8lQqqRZCux6yJxiHD04tfw4ZdijQxlD2shigFK9OvSRVhI%2BGuwDCFEVG%2Ffqi%2F%2FqyR8Z7Hg%2BDJQLB1En%2B7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b079674d6a-FRA
content-length
347960
11459.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
155 KB
156 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/11459.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ebe2e7a9a83c5af4dc3dbf276cc8381b28c5fbfcdfb5cde301d8fc8e7d88bd62

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:46:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"695b9b561f97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Nsd6ueSdVlIdKN%2BgRVvnjLLeSEJjjlvRSiK0uPZOsGiK6K2ILgD0W2feIvlIOc0l4H946xdxKhiRdETFSfqkJOysinbgdDmG7EGs0KbuDLmk5C5Enc4CxPd1GJOfXj0s2LqQup0nHIP3Yp%2BsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b079684d6a-FRA
content-length
159094
11427.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
101 KB
102 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/11427.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c74c891f16b958fe18ad347d3beb69d209eb5d9f9b056fa10dd802bb546a8411

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:46:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"866dd65a1f97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z9dB5UIrO0MEnb7MRCwdjKwFuE72RWJ3%2B9xr3HIxN5oc4xxUFNWr4ekYEgMWaOdpiATjoRdskLMpuWiC%2B%2BuqtoZiLdZ2xC7jTDI6nWbYycjkkJTrDoLcAOwHkD9b%2FL9LVhq4eHXQeocl8dhZuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0796b4d6a-FRA
content-length
103755
114103.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
141 KB
141 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/114103.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a0d495dc0b97c05f8912355ba4b362c72d8f9c42884c5c8c37b2460d56baac26

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:46:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"14aa5a4f1f97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MjlXjjLcOKW%2BgzziR8Lbg3S6CWUCUjy2w2CizxJuWsGAVVLaKlOAQcnoTu6lY3AJCnRSNwN4hzNG2GTjVKqTLUl88gJrN5gLA5%2Bh%2FTJHqauqy7M0WjLRkGYlCVxy6ca9VZQ%2BYkJhnp1a67KDJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0796c4d6a-FRA
content-length
143978
114115.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
296 KB
296 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/114115.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bafd5b800d250a600988ed0bddb0259a9d5b5753934786cc65499a58b2805eaa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:44:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b29c95131f97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TehZ4tFTN4nsbDr%2BIwh4T3Ds43L7KmkjPRrunQ1Afu%2B4BVoKJHkcqJH65qQ%2FmxX9HaMNMFN6kYKvnkIDM%2BD89A%2FfpyVNbxgW6xRdrckt60%2BGA2HIj%2FWo9bY4JYQUXKlikH%2BeWpMVUVEoz%2Baehg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0796e4d6a-FRA
content-length
302795
c29.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
279 KB
280 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/c29.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a3191f68aee9a3ced0c16e7667edd9adf341f1e2eb720549d471c72d9192fb62

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:43:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"244187632797da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xUCV6kaOGeGYSHUWfOaQJhBAat2Upd7SHAbq%2F6kOhuE3%2FuwUiyROVA2NWusDE65hwkjwARz6O1MvhZ%2FIROnmTs5BhLUqvnr7Lf8OaGNWkQzqVX%2FzTYX1%2BzMs0YJHh118Ho5o%2FkJx6Jm%2F1z9vrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b079704d6a-FRA
content-length
285673
pt02.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
255 KB
255 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/pt02.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7ae51d5c9ec011e40fe53a3221b108ebe3fc654464f9a796723c94b08aad0546

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f0d51482897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cc00Mkwk4ARNQZFU15cfp1m5q2ILd%2BSHmS%2BXReHKoDPUqhOh1iiUU7gvH8y2coM6KEd%2B%2B2R68VNEAz%2FceHh2s09D0CPIrT9Y4Id1aFPj1SSZ97tscSe48U9QUvx0hRp0KCEN5wondOATVOWHaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b079714d6a-FRA
content-length
260666
b11.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
508 KB
509 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/b11.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dee1eff72e5f835d220a810274548369eb6e42c216d1700f8728968cac39b4b1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:11:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d65ad7f1a97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BPUtJ5Q0jB2jC4eWpiyiL%2FFK8SXSyPgBuyI6TMAymmmpJcZK%2FiMgcIVfnAoNaCg0Ua2FjA6KFy%2BPOEM7FVWe%2F6DeGHd5CmSni3FCxofL4YrSHSPlu0eIj2KNhZgnQkPkl1BzdPoGIi%2B2ybOCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b099814d6a-FRA
content-length
519891
11428.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
79 KB
80 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/11428.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8661d05f04c5b1685b8c2352a9d3ea650dcd04c632e78e1e56d4ecb4ce0b0039

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:46:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7bb333571f97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FvcBb1Ozp%2Bo5ek6WpVMW01G9Oi0eCg3zt9TJ3jOIajK0DyHeqd7BFdG9ui52gjEsEmrl2fjev8mOi%2Bga1Jdzdkrz3kHg4JSLYSDtH35QaFBj%2FV%2FTVnHaGRqENhBVI5Ew%2FdSKQzkAGFewCApwaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b099824d6a-FRA
content-length
81016
pt06.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
182 KB
183 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/pt06.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f5c1422e255062c4642197152f25fd263f2736732c3101489acd61a54dc49dd1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 14:44:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"80a1c141f97da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lp2xA0AmxR3%2F5y2htp49nJl1%2BaGvGs%2B8du3%2BLiWNOylgaeFIXzuzhKRaUIg2yzaXwkYboEveZ2Y12UuOHdVGxTMQBYDGp5%2BHEJmpSjfgWjbM2MPBDZ%2FMA41Gc1jzjn4rIiCGowyYEJNXhCaftA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b099834d6a-FRA
content-length
186817
n4.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
103 KB
104 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/n4.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e4bad61a148271e75e3483df54de71b57f460807fba72066eb52a56735c553df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:48 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:49:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3c41ad322897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ti5896t%2BklsuOBFYM9FsMkUvaVOF1hACRUW8F0uWsm%2BtK1mOjEvL9XZ0be%2B3hklaXTGXyio6GgmZ12%2BpxeuB8t13Z649xCEJzh2kg3k5swn0XE04hnLumEp4ygDfC%2Fw5dAvAhbq2gvafHqEviQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b099844d6a-FRA
content-length
105964
n1.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
189 KB
190 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/n1.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7ea64ca7614b4e762b46be2099a4ed5205e42153b88eb0e88935bc6ed99fff87

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:49:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4d9945332897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=psaKPNeVFCNliFiuZcH7aFBzpSe0%2FVmNtsv%2B4FGvb8B0qz%2Fg59qRvSZcaDRkB%2BPiOaODwNq74IIvY4oIw50KbD7iWzWCfJW6zkZrSfX9O9YQpuRRmi65vaF03sMQqdQUldEB3kWIGSnaWcG6rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b099854d6a-FRA
content-length
193778
impb.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
122 KB
123 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/impb.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a783cc39a702b23948f6c59b6f1b74ae933a76ec3df9083ed4ade89c86f0824c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"bc563502897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eD7fpNOkmEV0AlCELbEgcyl8q6bjSQ3WB6UEf%2FxpdCo8vzXX7ivUwkub%2BuMh6o%2FgmhtLEuIMXfmdAasvBQk9F%2BW%2FpVedEE%2BPZ1ZygIDuGLukfH3rsl93ZRGxxshALJMBe2XbQcL2UXFNtJbGzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b099864d6a-FRA
content-length
125243
ammhb.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
130 KB
131 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/ammhb.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ac5d9b50b84d8bb5f43a44c0d991f8a9a1835b835da7b00d441e0f7be223bcdb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6c3a9472897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r1u1ZNR0vX0am1OxHqLngveG6VcLIC8ujRxSLCwkhAPWgSH8K6r59DOsUSG07UeQ%2Fho9Hn5DoFx5UTkYlUCJVogkMr4YdER6v2DnKFukA%2F8%2Fghh2SRBO%2BieCL2e2BlwdWvRY8CPBO%2Bb1J0q%2BlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b099874d6a-FRA
content-length
133400
czcts2.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
116 KB
116 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/czcts2.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d7e86c7e9d193b5219bca18a2c637a2d70332460fd03ab42b81e626909da9ad7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1a2aaf4c2897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BsETyBHnNej2nlgrro1tE%2BYzWt5hq54o06GNofP2SKEToiTR4seQWT5bjuRXJcDmNMoiIr2GxVm1gMrgYh9QgqkUw5sc7kmmIi7qNSR9A6AF7p9USJaQqXEA6pMncyr4DxxtFHRgtNklT03Exw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b099884d6a-FRA
content-length
118470
lbwb.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
0
0

hcs.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
161 KB
162 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/hcs.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
724421135d5567ee6a887b65964a2ac21afda56e2743b5d8db56a49c4f5a2306

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"67ab494f2897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2FLLz3TL29JBqHbTk0pEerAA8NJsWfEkVOQp8Shm%2BAWCMDomDemLLh9tQTajN9AJunkDuCGzoUzAtQSdh2tINe68I378bAEJkcQO23RsVV%2Fo3SOrCMcoePgSD%2BnGrPDQ%2FmM8hf2VtW%2FFFvfbAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0998a4d6a-FRA
content-length
165077
lcsb.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
211 KB
211 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/lcsb.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e43358f4a0861e6059e69f9a14c1c190d32587f300fee61b53155e549314d171

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f369df512897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cQVLqlZyEP1vCKPeKaYpfHp%2FjxvybX9x3%2BFbbAumeY8R9mSsr7kf1WX5%2FJuDvQaPbnlN%2Fv3M88IQGDsKLPt9kA%2FpgFHl8lEeKDD2LuuYik6GRfAr64XJ1Q9Nz9eTrPUT3qmjcrFKKwRXSE%2BtDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0998c4d6a-FRA
content-length
215869
zcs.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
90 KB
90 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/zcs.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
183073f3328317fb979903d92240201627ef7650cb144d562522b1dec52f66ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:51:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"15a2a8672897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6k0uwpot%2F%2FtCkaXFfbyvLavlTFbFyJ9KejgYMaZ0t8%2BO0HYJdF1yXsmtEK9r0IxXGC9NCThPAKhmcKygsQqdYrJZGCNR7jDovnZOQ4zdCHOMSrOS7Zv114caXx2AEloZ0TDAqoAw8BUmheYyXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0998d4d6a-FRA
content-length
91884
qcs.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
102 KB
103 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/qcs.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8e5c06f14eea6022c1f3625449f0e5f41de80df8a71a9c9288e6fac18b5f85cb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8c6ae7542897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bsMSvTDaFuUp8VQgSg2xterjQKmguicIq%2BpPKxgAoJkZSJdd5EMJ66Vt7jgqyDMwDcWGHucPt0s92cO2Z9yWyjJ1qKYCS4Wr7%2BpIGzZpBdS33oZS4t%2B6XElyqj5dl8mrpuXA6yAYtALl%2Fht1Zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0998e4d6a-FRA
content-length
104770
lcs.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
223 KB
223 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/lcs.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9d4f88af27d608b61b15bd79de662dca1fdc8f5cd22d09b9a1176a14baa77fbb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"51c0ce512897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bAXZrIcMThGr%2B2DX0mfdOeIf2IBYCjSjG9wX5mdwwC6EElijWGpOT5aril%2FMdK98WwkEz8dvj7TjcVjIg3tyeW45ZF4r2%2BqbWOoX3wlszI7h1rJOAgKR%2FzstYi9hdGQimOcX1yTm7GtuKiFF0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0998f4d6a-FRA
content-length
227966
jigongshi.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
112 KB
113 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/jigongshi.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4160523e640b5dd3f1b37ca5204e11da96fc4c52a5a6af998faf3b37b42d2fc4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 25 Apr 2024 15:50:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ca9875502897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mT7yoh5hK8f%2BEAWPecUdvyGGTRCZz3nSU7ULvpRDexjt0L%2BXWHvSGj0U4v0%2B%2FXyCxPzNiUS3Xr4SDLn5baZqy1ufOjYxJJ9B8CBFoJNmHtvc%2BGlco%2FF8oW0h405lfXAbD%2BAMb6%2BPDKhCIEQ9PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b099904d6a-FRA
content-length
114879
nrw.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
346 KB
347 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/nrw.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d9693cb21314ea3d0342384be5c607f372441d06b762920977ad0206ba085478

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"56d821542897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DBQBlcny6ekR8sOhAtYgpOo8%2B7WTcgu%2BIKp75LPna0JYFhjk7Gm99rC7GhrUAxfi6%2BIFlDtGdqtWru9m%2BzYcPNvqQ0NvHtZGWI5z2QpEg8LrIxVB8l6Ftw%2FRoKOvu4C8EUUF%2Fs2ygL%2F0Im0htw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b099914d6a-FRA
content-length
354179
shym.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
149 KB
150 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/shym.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3a9cb71f860790fcbd741313d0e830cc5a31cb81d61f45e5657ea5c3392a7311

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 25 Apr 2024 15:50:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a5e3b8552897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2NNI1j9uNhPFWJyES00wT9iJBa9lFadCTRAVNAeV1ag9VBgXUXiAwAEwBWUcUDnDlFGP%2FaObJby8ZjUBi42CGFo33GowUgYzrSQ8XVcN2mThk94SugB%2FV%2Bqc9GGtGxABKonb020%2FE%2BD1xnVlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b099924d6a-FRA
content-length
152945
xcm2.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
260 KB
260 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/xcm2.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
fe5cfd5a9d1173b6f07d12438dca7904ca7f23435c01fd223618c2fe62d448ef

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f4f4d65d2897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nLPgOXlezMhZ45ox4OQG3aXYwDuOOZOMLBOmKUFjxVzl4ANWMum4wt5XcOBHMMQEPjfxhJmfYZ7ffpvwuL1ctfi11oSU%2BNXMqzhiv8itqSs9BIJaM6lgIWNldc8Z9JBtMW40x%2FeJhc214%2BdhuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0a9944d6a-FRA
content-length
265748
ktjtx.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
195 KB
196 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/ktjtx.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1496fd146496be3de5535612cf01ae9096a6b816ce19c0f1672f8e72a7c511e9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
EXPIRED
last-modified
Thu, 25 Apr 2024 15:50:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2364e512897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TIlmeT0soK7gGwwzJ0XDNQKDfeS3bajrfqNOGVYE5o44CVHL9X3ZYpSTBQSgiAyCtQ0zxPCwQx3rUfIqR7%2FSXA7JA6h6cfjxQtuaaxQCA2t89pgBVs6x10M%2BSCGGhIyB9uIYwaj7yHfLq8KlJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0a9954d6a-FRA
content-length
199946
yjzy.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
113 KB
114 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/yjzy.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
141da6cb5ba5030174fa3fbd98e923e0750f88665b68643be5e5203b02ccbc56

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:51:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e3259672897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VYSDyii2icUdscvRjzoQYWgZN1bEhfrDbWQb63e5eri%2BRWF0cYVtdVrSFh4mRWkxD1ypwEXGs4fsKcd%2F%2FCfaoFrliDg0i9nyWS3Vmb8QZnSnvgqffjEWwwUHBzvBBTmS9ZRP2nLvQsR7OyI6lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0a9964d6a-FRA
content-length
115913
fhtjt.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
243 KB
244 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/fhtjt.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e4f881b0cfd2982e1a651585d507cfd9e9a9c4dcfe4bcc55310500393ae115dc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ba49c34d2897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oaWIJWeQUIS4Ou%2BTMFqOWQ%2BHnBz4RtEFm9PQpN9ohSXSxlgTFkZKTfYFmv3lLKBr9Yno%2Fqise4S3oFKpDMCQRqNN55JOBvrm05xApP9ecMHUatL7bOiihyqAhWgfWj5kjfBF3pdYgKcWw8Ljgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0a9974d6a-FRA
content-length
248946
36mtw.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
128 KB
128 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/36mtw.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
afdf2b5cbd36d00e0db16c32daecf82bc4bfaa1af328798906b33d3de0587666

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"59e0c452897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x%2F0RvD85yPzaTZvE0C2EJsQYGPZ7WvGT%2Bx2Neera58aAu8JUcfmXpkkiLuCnkJ2t7FlMb%2FOhspU0VpxJhQ9a%2BvkbRPLQyujJUs4fwHTArEYPvvMBktnJ64yMZHUbAC68E7D6OzYId8iJJYEl2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0a9984d6a-FRA
content-length
130791
am30ma.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
95 KB
96 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/am30ma.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6e6bde51ef133e48e38e7d5c541c0ac2b20aebde4cf268e5e59b101f8d5118f0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e59c75452897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2F4Rtd5bc6S1L68l0QdzbnQKzbwMpifHMJrxM0cD9%2BnJyo1nirIesyovXwbuYF7AGdRMAMs4jKF5a2Bck9OX%2BWXYh6aq225bl%2BH5tlB5%2FQAB7J%2FX5I9KXcAB1fb04C6XrgzfS9bY9ZdztU2l9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0a99a4d6a-FRA
content-length
97760
lhtt.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
191 KB
191 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/lhtt.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4f6e8bcdcee7969119c09d7cc87bf27e1b30f6a3b084ea95dbcce065d0e4b092

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7cd8a522897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tlHURS9SaQv2LsBTzyzDV0YrjRTbIWnI8zClS7JdJGYKsm8E%2FxgpRDPW1D0RSkgJChl2uIi1Ah1ySEtrUamo6Dx9Lo%2F8QF9PSm346lvqWdG2r%2F7C5RhBOWBlZB1Mld%2B%2BJ7c6Gt5toFgUhKwSvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0a99b4d6a-FRA
content-length
195294
amqlb.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
60 KB
60 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/amqlb.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b52d00aa792a5de981ba735976d4e335d330caf4d4040672d3f39731ee07bfb3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ec40f2482897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wF9H%2BKzkRkh7Mq6kjQv4zOl1mrtEDdk4fKWNeuUfkO16eBwU12UhsslgWvQUstkv7ymVYdcrw6m6v%2FzaT%2BThc2Hl9Lowm6SBj%2FQrWGJ0ioiziHGHtlNB5U%2BmEcgMAQlZ57maMZGE6SRNwfc8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0a99c4d6a-FRA
content-length
61335
ammh.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
27 KB
28 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/ammh.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c07561beefe778476b8c84019a9d19d3ebe598b8ca5053faa33b8294404ecf09

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=43323
x-powered-by
ASP.NET
content-disposition
inline; filename="ammh.webp"
content-length
27974
cf-bgj
imgq:85,h2pri
last-modified
Thu, 25 Apr 2024 15:50:21 GMT
server
cloudflare
etag
"e59ea2472897da1:0"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7K5jy9Sdx6DO1OIMlgNwIafy8MK0lgbOMfIoxEUTcl90zHFDuWOMAbvYJE%2FVsE%2BlsCXQZDO2lsmG9fUDgFqoXNCaFVvXLsZzrrL%2Bvsl42ae8oIoblWUhXEhFyKs1mts7k4K2cz5NdEtgtCYCQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0a99d4d6a-FRA
amgp.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
0
0

amgjp.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
104 KB
104 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/amgjp.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ff781be946623c37cc3e664e344923f678fe1bfd11f474999da596063dfb7767

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6bb9bb462897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jipmhkDUx2hNIQQRctEyE6ohGnCqvLWllGcUek0KlKgL7QaubKQVjC6vpkDEVuf%2Bi8XLK6D6Ea1Kj4AcTdMiymcO47eQu6yo9eryU3d9TYSopnu6msmC6qyOf1R922jHACEsembXt2RUJZ8YXw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0a99f4d6a-FRA
content-length
106251
amsbx.jpg
tk.tutu.finance/aomen/2024/col/117/ Frame CA00
149 KB
150 KB
Image
General
Full URL
https://tk.tutu.finance/aomen/2024/col/117/amsbx.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/gundong.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d0d51be8cc6e699f9d1526499dce3fcbd8afdc50fe69463b204717c4ccf2219f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:47 GMT
cf-cache-status
MISS
last-modified
Thu, 25 Apr 2024 15:50:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"afea492897da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hl1oitKMr1veGr7DoUKj5gWpdoEuwQbc481zKgoDNJaoG%2BG6MUmC7d7GEkjV1VOFkKQwa0UdNeETXnQd8z3i%2BU2HMGTjF9NfyXMAoXJXF%2FCycp52wlQ7nsOjTvBRwuY%2F7nvQIArU0ZBZ7%2BuPmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87a291b0a9a14d6a-FRA
content-length
152973
zhong.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/ Frame 90F3
11 KB
11 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/zhong.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/999.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
7929949a84ad40c4df59ba5a1af9a5ecf62ee7d83b1bffd15d0942bac83dd987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/999.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:53:11 GMT
server
nginx
etag
"654211f7-2b7f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11135
expires
Sun, 26 May 2024 00:48:46 GMT
zhong.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/ Frame 1A45
11 KB
11 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/tu1/zhong.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
7929949a84ad40c4df59ba5a1af9a5ecf62ee7d83b1bffd15d0942bac83dd987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/bbs.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:53:11 GMT
server
nginx
etag
"654211f7-2b7f"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
11135
expires
Sun, 26 May 2024 00:48:46 GMT
jquery.min.js
fhjddedh94373893eydfw.wqdjcoovnxxs.com/js/ Frame 2E80
90 KB
36 KB
Script
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/js/jquery.min.js
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
946110654d2d6b601516bf786e0bdcdb6d52ae54e91b6d45473783c36421b2cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 08:29:58 GMT
server
nginx
etag
W/"65420c86-1698c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 26 Apr 2024 12:48:46 GMT
imageflow.js
fhjddedh94373893eydfw.wqdjcoovnxxs.com/js/ Frame 2E80
46 KB
12 KB
Script
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/js/imageflow.js
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
af32dbe22fae9997c3f426ba8df650514efe4a726813a25f44c8cea486dffea6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 08:29:56 GMT
server
nginx
etag
W/"65420c84-b72d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 26 Apr 2024 12:48:46 GMT
1.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
163 KB
164 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/1.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
50e9077ef091fdcd71606a43614285b8558c7c6d0d748c5c99c6092a899fc42f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 18 Feb 2023 13:29:21 GMT
server
nginx
etag
"63f0d2b1-28d6e"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
167278
expires
Sun, 26 May 2024 00:48:46 GMT
2.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
131 KB
132 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/2.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
995e96c7e10bd29e2fa4e14862b88106ac546b03e62fa70d73bee23a393aabc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:03 GMT
server
nginx
etag
"65421177-20df7"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
134647
expires
Sun, 26 May 2024 00:48:46 GMT
3.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
139 KB
139 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/3.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
c7278e780a2ea6d2c625022a2b278a6fde04ea8b06dfde31ce504b8a1a4d07f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:09 GMT
server
nginx
etag
"6542117d-22bb0"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
142256
expires
Sun, 26 May 2024 00:48:46 GMT
4.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
150 KB
150 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/4.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
ceab5dec8bfaa3e3074117a687247e569c1fd35226c42cce68e456d6c619b1e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:13 GMT
server
nginx
etag
"65421181-25740"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
153408
expires
Sun, 26 May 2024 00:48:46 GMT
5.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
158 KB
159 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/5.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
445038ab84475c87f5c6ec418106a6ceaf636bce4b05dba7a096a892b8069817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:16 GMT
server
nginx
etag
"65421184-27930"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
162096
expires
Sun, 26 May 2024 00:48:46 GMT
6.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
165 KB
165 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/6.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
fd9e97e662e0c9db1f06a6e4217c3fc29fee98f267b05c6eea76d3e4d0f9342d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:20 GMT
server
nginx
etag
"65421188-292e1"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
168673
expires
Sun, 26 May 2024 00:48:46 GMT
7.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
130 KB
130 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/7.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
86a30ad826aef3286d4c138e28d97c40783df6846ff86fe8f5e36158c1bd7647
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:23 GMT
server
nginx
etag
"6542118b-2080b"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
133131
expires
Sun, 26 May 2024 00:48:46 GMT
8.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
138 KB
139 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/8.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
da01539b3789cff3a353269edc57a7a644eac71e03371e77ee93f2d0a1bd9254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:27 GMT
server
nginx
etag
"6542118f-229ef"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
141807
expires
Sun, 26 May 2024 00:48:46 GMT
9.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
180 KB
180 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/9.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
be919160a3fed0a3c52722a032ad422765cc83bf84272d637c17ba90c6389916
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:30 GMT
server
nginx
etag
"65421192-2cfea"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
184298
expires
Sun, 26 May 2024 00:48:46 GMT
10.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
134 KB
135 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/10.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
3b8c299d9214ab9f198afea24774f4c5f82a249fd0eca9ea06fa9b764afae9d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:50:31 GMT
server
nginx
etag
"65421157-2190c"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
137484
expires
Sun, 26 May 2024 00:48:46 GMT
11.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
137 KB
138 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/11.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
734de3df0312aab8f3a7f39fe735e158bb20eab6df941b3ed1b7ac50bd90b233
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:50:35 GMT
server
nginx
etag
"6542115b-22588"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
140680
expires
Sun, 26 May 2024 00:48:46 GMT
12.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
147 KB
147 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/12.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
92bcc6939b73d8f0eca6bba8cf20bd2131aec4d948dc3e818462728b3f964b7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:50:37 GMT
server
nginx
etag
"6542115d-24a9c"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
150172
expires
Sun, 26 May 2024 00:48:46 GMT
13.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
93 KB
93 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/13.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
85b479887a499839cfd518dd143071195fd436e5ab966568845d8bc7c32b184e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:50:40 GMT
server
nginx
etag
"65421160-17396"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
95126
expires
Sun, 26 May 2024 00:48:46 GMT
14.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
125 KB
126 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/14.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
4b6b9f3a54a8b37a545d15d33efb4c189376b39f25e4d3723bd220a9447e0cfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:50:43 GMT
server
nginx
etag
"65421163-1f5c7"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
128455
expires
Sun, 26 May 2024 00:48:46 GMT
15.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
165 KB
165 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/15.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
8fb2e81c31753b898e4096698b65c2d3e190801b6f5562365733816707941e17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:50:46 GMT
server
nginx
etag
"65421166-292dc"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
168668
expires
Sun, 26 May 2024 00:48:46 GMT
16.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
126 KB
126 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/16.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
915c72f295c1e2488f8863b5227daaa842bf563d08564b9c9e00d5db4d21535d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:50:50 GMT
server
nginx
etag
"6542116a-1f660"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
128608
expires
Sun, 26 May 2024 00:48:46 GMT
17.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
125 KB
126 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/17.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
3607306f7b974780b1cf2942775d19ec5fe1c64b1ec72051ee805cf6950a5d9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:50:53 GMT
server
nginx
etag
"6542116d-1f5e0"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
128480
expires
Sun, 26 May 2024 00:48:46 GMT
18.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
124 KB
124 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/18.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
6ef832d9a5c773f0ed6a660d08bdba76ef23edff4314bf44146396f06a5873fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:50:57 GMT
server
nginx
etag
"65421171-1ef4d"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
126797
expires
Sun, 26 May 2024 00:48:46 GMT
19.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
154 KB
155 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/19.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
888405e0553ccdeab60947ef88899af4296ed2a2054333187c0a847010a6bfae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:00 GMT
server
nginx
etag
"65421174-269e7"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
158183
expires
Sun, 26 May 2024 00:48:46 GMT
20.jpg
fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/ Frame 2E80
151 KB
151 KB
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/picture/20.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
a2aff849f7aea52182edd880615720a155e089a8008ecb4a7e629c8c95f9da16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 01 Nov 2023 08:51:06 GMT
server
nginx
etag
"6542117a-25bf6"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
154614
expires
Sun, 26 May 2024 00:48:46 GMT
UTB84_S3QVfFXKJk43Otq6xIPFXaG.jpg
sc02.alicdn.com/kf/ Frame 2E80
203 B
587 B
Image
General
Full URL
https://sc02.alicdn.com/kf/UTB84_S3QVfFXKJk43Otq6xIPFXaG.jpg
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.176.88 Dublin, Ireland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-176-88.deploy.static.akamaitechnologies.com
Software
Tengine /
Resource Hash
9355763f4a032b954591b24b46f1f85431a19f6afdbe53e0bf6b2214a68eb159

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
x-swift-error
orig response 4XX error
x-swift-cachetime
30
x-swift-savetime
Fri, 26 Apr 2024 00:48:46 GMT
alt-svc
h3=":443"; ma=2592000
content-length
203
server
Tengine
ali-swift-global-savetime
1714092526
content-type
image/jpeg
traceid
2ff6169717140925268418588e
access-control-allow-origin
*
cache-control
max-age=28
served-from
2.19.176.84
timing-allow-origin
*, *
network_info
DE_NURNBERG_201011
eagleid
2ff6169717140925268418588e
expires
Fri, 26 Apr 2024 00:49:14 GMT
slider.png
fhjddedh94373893eydfw.wqdjcoovnxxs.com/Images/Index/ Frame 2E80
548 B
548 B
Image
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/Images/Index/slider.png
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/xiezhen.htm
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:46 GMT
server
nginx
content-length
548
content-type
text/html
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=603834391&si=453ddabca2adcaf85fa19a3ce3794cce&v=1.3.0&lv=1&sn=24602&r=0&ww=1600&u=https%3A%2F%2Ffhjddedh94373893eydfw.wqdjcoovnxxs.com%2F&tt=%E6%BE%B3%E9%97%A8%E9%A1%B6%E5%B0%96%E9%AB%98%E6%89%8B%E8%AE%BA%E5%9D%9B%EF%BC%8C%E6%AD%A3%E7%89%88%E5%BD%A9%E7%A5%A8%E5%85%8D%E8%B4%B9%E6%96%99%E5%A4%A7%E5%85%A8%E5%A4%A9%EF%BC%8C%E4%BB%8A%E6%9C%9F%E5%BC%80%E7%A0%81%E7%BB%93%E6%9E%9C%E5%BC%80%E5%A5%962024%EF%BC%8C%E6%AD%A3%E7%89%88%E5%85%8D%E8%B4%B9%E6%96%99%E5%A4%A7%E5%85%A8%EF%BC%8C%E6%BE%B3%E9%97%A8%E6%AD%A3%E7%89%88%E8%B5%84%E6%96%99%E5%A4%A7%E5%85%A8%EF%BC%8C%E6%BE%B3%E9%97%A8%E6%9C%80%E5%87%86%E9%A9%AC%E6%96%99%E5%A4%A7%E5%85%A8%EF%BC%8C%E5%88%98%E4%BC%AF%E6%B8%A9%E6%AD%A3%E7%89%88%E5%9B%9B%E4%B8%8D%E5%83%8F%E5%9B%BE%E7%89%87%EF%BC%81%E6%BE%B3%E9%97%A8%E7%BA%A2%E9%B9%B0%E5%BF%83%E6%B0%B4%E6%9C%9F%E6%9C%9F%E4%B8%AD%E8%AE%BA%E5%9D%9B%2C%E9%BB%84%E5%A4%A7%E4%BB%99%E8%AE%BA%E5%9D%9B%2C%2C%E7%AE%A1%E5%AE%B6%E5%A9%86%E7%8E%8B%E4%B8%AD%E7%8E%8B%E9%89%84%E7%AE%97%E7%9B%98%E5%BC%80%E5%A5%96%E7%BB%93%2C%E6%BE%B3%E9%97%A8%E7%AC%AC70%E6%9C%9F%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C%2C%E6%AD%A3%E7%89%88%E8%B5%84%E6%96%99%E5%A4%A7%E5%85%A8%2C
Requested by
Host: fhjddedh94373893eydfw.wqdjcoovnxxs.com
URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Fri, 26 Apr 2024 00:48:47 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
fhjddedh94373893eydfw.wqdjcoovnxxs.com/
548 B
611 B
Other
General
Full URL
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
142.4.96.185 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 26 Apr 2024 00:48:48 GMT
server
nginx
content-length
548
content-type
text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tk.tutu.finance
URL
https://tk.tutu.finance/aomen/2024/col/117/lbwb.jpg
Domain
tk.tutu.finance
URL
https://tk.tutu.finance/aomen/2024/col/117/amgp.jpg

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 string| nper object| _hmt boolean| _bdhm_loaded_453ddabca2adcaf85fa19a3ce3794cce object| mini_tangram_log_6qfug7

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: EB0F8F9EA5F8A5D6
.fhjddedh94373893eydfw.wqdjcoovnxxs.com/ Name: Hm_lvt_453ddabca2adcaf85fa19a3ce3794cce
Value: 1714092527
.fhjddedh94373893eydfw.wqdjcoovnxxs.com/ Name: Hm_lpvt_453ddabca2adcaf85fa19a3ce3794cce
Value: 1714092527

5 Console Messages

Source Level URL
Text
other warning URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/Images/Index/slider.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sc02.alicdn.com/kf/UTB84_S3QVfFXKJk43Otq6xIPFXaG.jpg
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://fhjddedh94373893eydfw.wqdjcoovnxxs.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9831tc.com
fhjddedh94373893eydfw.wqdjcoovnxxs.com
hm.baidu.com
kj1987.com
sc02.alicdn.com
spqzi36645.lvbssl139hdjsv.com
tk.tutu.finance
tu.jnctpsy8888.cc
tu.yhtpsy8888.cc
www.kj555999.com
zwsdp2336.yudihccvss.com
tk.tutu.finance
107.148.199.106
107.148.199.108
111.45.3.198
142.0.143.122
142.4.122.123
142.4.96.185
198.2.215.7
2.19.176.88
2606:4700:20::681a:ebf
38.145.202.191
053deb164869712d088263562163317893af06089e547c9f752d5146dfa41e11
06eefcf8aeb3214196590b5ba0b326572f834a050ff18a1004bafc9fe852a21c
09ca298ab3f1ed1adf3bb813bce35f8872184ad2032c23bf8b805c050279a989
0afcce8fe2539bd16456c6f5aa57f4c6b2be116919752f1cbe3e637c955a4677
0bd46e7e0bf0265da1dc4375152eb7d6f5f72f2de3d6e076ec544cf8f369fa8c
10eca9b88fcf81e381113ad04f2497cd1d223b8716a181aaacc6d5166f6dcdfd
134a4ee4865b3aac479ef1f38645cf311ae5613739e553e2dca3bfa12f1c4627
141da6cb5ba5030174fa3fbd98e923e0750f88665b68643be5e5203b02ccbc56
144f74aa20cbf3a1678246b345abaab30d17780ae239c469e72e178cdc70985b
1496fd146496be3de5535612cf01ae9096a6b816ce19c0f1672f8e72a7c511e9
1572b42ecfa17a475d9e724f0a5ebb5393086c348bdf955fa5a985bc6edf53f4
183073f3328317fb979903d92240201627ef7650cb144d562522b1dec52f66ec
192177b3d48c83b68a6fdb33cf995959241e172f878576da88dcec6f6d3ec10b
28ecdefbd6256062d6977a4a6c29115fed1a0eb204d0953a9386a9e25e82dd23
2a9a720ea36dc3e91fe393644b988145cd6774ce3249f5b54edd4703ee8bc267
2ef59ebfc9c214e9bebef4a52595648e042a82b9e12ee6aa2d5685816f126cad
3607306f7b974780b1cf2942775d19ec5fe1c64b1ec72051ee805cf6950a5d9c
3a9cb71f860790fcbd741313d0e830cc5a31cb81d61f45e5657ea5c3392a7311
3b8c299d9214ab9f198afea24774f4c5f82a249fd0eca9ea06fa9b764afae9d2
3cc441ff01bb34353430c7a69261ed8e09ca520bce37654434bcd3336efdbdfb
4144615e233a8334da7bbd559e7022742343651e4c30c4af17d6c0e0e7dd3250
4160523e640b5dd3f1b37ca5204e11da96fc4c52a5a6af998faf3b37b42d2fc4
445038ab84475c87f5c6ec418106a6ceaf636bce4b05dba7a096a892b8069817
4537225b6c497e5abd8987fdb8210ac8c73b83c5052b38f9f3afe007dcaaf9cb
4b6b9f3a54a8b37a545d15d33efb4c189376b39f25e4d3723bd220a9447e0cfc
4f6e8bcdcee7969119c09d7cc87bf27e1b30f6a3b084ea95dbcce065d0e4b092
50e9077ef091fdcd71606a43614285b8558c7c6d0d748c5c99c6092a899fc42f
564d340ef0401dfbde9fdfae5cf016fd9abe088216d880795e7e766be116e0f2
58d3ffb8b770ba2b90732770d8dc5adf892e3f70b51adaa0dad0bc572a997935
5f0a1bba2178e777628c6ba47dabeb64598a0fcee43b121cc8f822b7fdc78011
5f2de1c78397c71ff24a697034b97ec8eedff0ed56a32350bc629e887fb5f82d
62f7b4c07bd53bbf8fc835eb861f6db31fe37fa19ef03299c7d5855d43617d82
64cdb2367a697de85d84bcc42b334e6479cd06ace01d3bbaad16efcd4cf810ce
6596f8e791fb6b4d3ea30aae728bdafc44d6837417699bf819a127d542a208af
69cef11ce314545f534d3499ee2c5422a0bbca0bdc3d614b97b0c23d72a2201f
6e6bde51ef133e48e38e7d5c541c0ac2b20aebde4cf268e5e59b101f8d5118f0
6ef832d9a5c773f0ed6a660d08bdba76ef23edff4314bf44146396f06a5873fa
724421135d5567ee6a887b65964a2ac21afda56e2743b5d8db56a49c4f5a2306
734de3df0312aab8f3a7f39fe735e158bb20eab6df941b3ed1b7ac50bd90b233
7929949a84ad40c4df59ba5a1af9a5ecf62ee7d83b1bffd15d0942bac83dd987
7ae51d5c9ec011e40fe53a3221b108ebe3fc654464f9a796723c94b08aad0546
7ea64ca7614b4e762b46be2099a4ed5205e42153b88eb0e88935bc6ed99fff87
8031fcb03935b3982756e32607ea8bc69ceb0899151c513133732ed9d5ad5b6d
85b479887a499839cfd518dd143071195fd436e5ab966568845d8bc7c32b184e
8661d05f04c5b1685b8c2352a9d3ea650dcd04c632e78e1e56d4ecb4ce0b0039
86a30ad826aef3286d4c138e28d97c40783df6846ff86fe8f5e36158c1bd7647
888405e0553ccdeab60947ef88899af4296ed2a2054333187c0a847010a6bfae
8c7da093e8974c7951c851f25383e448f6db7b3e0b911b574eea50f697d0d8e7
8cfcb7e18675a506a5f8dd2d6cef461122b998e54e3c0bd5902aa8b4a687b5d1
8e5c06f14eea6022c1f3625449f0e5f41de80df8a71a9c9288e6fac18b5f85cb
8fb2e81c31753b898e4096698b65c2d3e190801b6f5562365733816707941e17
915c72f295c1e2488f8863b5227daaa842bf563d08564b9c9e00d5db4d21535d
92bcc6939b73d8f0eca6bba8cf20bd2131aec4d948dc3e818462728b3f964b7c
9355763f4a032b954591b24b46f1f85431a19f6afdbe53e0bf6b2214a68eb159
946110654d2d6b601516bf786e0bdcdb6d52ae54e91b6d45473783c36421b2cf
994101ef7350bb493f4706dd9a7a28bf791936e4ca340478dbd3fde27c07de4c
995e96c7e10bd29e2fa4e14862b88106ac546b03e62fa70d73bee23a393aabc8
99ccf83a94312324f75f7ca30fcd5ea0d44517c7fd885efce560e262bcf66b2c
9b02b75e6f864f26a87c25408a52f695cc6d62effbc4954f0e5f39cdc98f66e6
9d4f88af27d608b61b15bd79de662dca1fdc8f5cd22d09b9a1176a14baa77fbb
a0d495dc0b97c05f8912355ba4b362c72d8f9c42884c5c8c37b2460d56baac26
a25f0096969514de68460edf1ec26a75bc16383261b40250106e4c3c3a4cde23
a2aff849f7aea52182edd880615720a155e089a8008ecb4a7e629c8c95f9da16
a2b5389aaf45451be87f36792e76d96a9b1c455702794782300f42c6e62e5cf7
a3191f68aee9a3ced0c16e7667edd9adf341f1e2eb720549d471c72d9192fb62
a68a80e66419695bd90131fdd48ee9a0b3dbe04e6ffff82ea80a97737e087e3a
a783cc39a702b23948f6c59b6f1b74ae933a76ec3df9083ed4ade89c86f0824c
ac5d9b50b84d8bb5f43a44c0d991f8a9a1835b835da7b00d441e0f7be223bcdb
af32dbe22fae9997c3f426ba8df650514efe4a726813a25f44c8cea486dffea6
af348fa82563741d767ad82b975a388dc5b3a98590e6d042e697dc590e1ac531
afdf2b5cbd36d00e0db16c32daecf82bc4bfaa1af328798906b33d3de0587666
b2fc68b321375f3d006bf2cb0b7838d1d7f9d6a767ac50f8f6adba3b32133150
b52d00aa792a5de981ba735976d4e335d330caf4d4040672d3f39731ee07bfb3
ba13f6c2cb1b04c10119c52ceeb034d3719297f3160c4e2094b5d52ad8cfd409
bafd5b800d250a600988ed0bddb0259a9d5b5753934786cc65499a58b2805eaa
be919160a3fed0a3c52722a032ad422765cc83bf84272d637c17ba90c6389916
c07561beefe778476b8c84019a9d19d3ebe598b8ca5053faa33b8294404ecf09
c11cd723148a40304b6df7cb8c69c359a4237f6168ad9a796399a9eec5f44a91
c201887507cc7cb9331c724ea54dc80aaecefc9e3621280ca87bbc054891f31e
c7278e780a2ea6d2c625022a2b278a6fde04ea8b06dfde31ce504b8a1a4d07f9
c74c891f16b958fe18ad347d3beb69d209eb5d9f9b056fa10dd802bb546a8411
ceab5dec8bfaa3e3074117a687247e569c1fd35226c42cce68e456d6c619b1e7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d51be8cc6e699f9d1526499dce3fcbd8afdc50fe69463b204717c4ccf2219f
d369ba5e4254c8076ec850b3382dd1dfe3c9ac0e5ba674c70fa72e67d1e0c237
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d7e86c7e9d193b5219bca18a2c637a2d70332460fd03ab42b81e626909da9ad7
d9693cb21314ea3d0342384be5c607f372441d06b762920977ad0206ba085478
da01539b3789cff3a353269edc57a7a644eac71e03371e77ee93f2d0a1bd9254
dee1eff72e5f835d220a810274548369eb6e42c216d1700f8728968cac39b4b1
e13ff66eac73d2ca8e3cb5eb8afb22d5fb3e988b8b11f4916357f4067a03ce79
e43358f4a0861e6059e69f9a14c1c190d32587f300fee61b53155e549314d171
e4bad61a148271e75e3483df54de71b57f460807fba72066eb52a56735c553df
e4f881b0cfd2982e1a651585d507cfd9e9a9c4dcfe4bcc55310500393ae115dc
e6addb074ee08ca744853a423912e35274937854f83bd03e162d421ccc45f250
e9bea4f5a365446b969a10bfb8e4bc683b4c132b088c287a9d5968e1d4556669
ebe2e7a9a83c5af4dc3dbf276cc8381b28c5fbfcdfb5cde301d8fc8e7d88bd62
eca0c1d4ca59e8a40a39779854eec1862caac58b4e6a99561b88ac12a8dee2e3
f138d70c2f2b2ab1735b365d85e3266de014d9bb88dd020b8d38c437857e8835
f5c1422e255062c4642197152f25fd263f2736732c3101489acd61a54dc49dd1
f7708a3229ed66fe5f587cfdfb72b1d9ee094d6e10d41ae0b546f4d760741de7
f7e5cc0948577706e064fddc852a230f6fdc7b339e4bc9e31eb1312227e1a963
fba5133bb8a7eba68c394a77744749e3f8b072e2f723647280a5df593a012b3c
fd9e97e662e0c9db1f06a6e4217c3fc29fee98f267b05c6eea76d3e4d0f9342d
fe5cfd5a9d1173b6f07d12438dca7904ca7f23435c01fd223618c2fe62d448ef
ff781be946623c37cc3e664e344923f678fe1bfd11f474999da596063dfb7767