URL: https://q2ctfs.dvkrfn.xyz/
Submission: On April 20 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 5 countries across 5 domains to perform 38 HTTP transactions. The main IP is 35.220.255.214, located in Hong Kong, Hong Kong and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is q2ctfs.dvkrfn.xyz.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 25th 2023. Valid for: a year.
This is the only time q2ctfs.dvkrfn.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 35.220.255.214 396982 (GOOGLE-CL...)
1 163.181.92.231 24429 (TAOBAO Zh...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
25 172.67.143.125 13335 (CLOUDFLAR...)
1 104.16.89.20 13335 (CLOUDFLAR...)
1 203.107.86.226 37963 (ALIBABA-C...)
38 7
Apex Domain
Subdomains
Transfer
25 yfeyf.com
yfeyf.com
4 MB
9 dvkrfn.xyz
q2ctfs.dvkrfn.xyz
356 KB
2 51.la
js.users.51.la — Cisco Umbrella Rank: 115217
ia.51.la — Cisco Umbrella Rank: 98717
6 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
17 KB
1 ngdxxc5b.com
sc.ngdxxc5b.com
136 B
38 5
Domain Requested by
25 yfeyf.com q2ctfs.dvkrfn.xyz
9 q2ctfs.dvkrfn.xyz q2ctfs.dvkrfn.xyz
1 ia.51.la q2ctfs.dvkrfn.xyz
1 cdn.jsdelivr.net q2ctfs.dvkrfn.xyz
1 sc.ngdxxc5b.com q2ctfs.dvkrfn.xyz
1 js.users.51.la q2ctfs.dvkrfn.xyz
38 6

This site contains no links.

Subject Issuer Validity Valid
www.txwcjo.com
Sectigo RSA Domain Validation Secure Server CA
2023-10-25 -
2024-09-25
a year crt.sh
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020
2023-04-14 -
2024-05-15
a year crt.sh
jk.nohswcdl.com
R3
2024-03-20 -
2024-06-18
3 months crt.sh
yfeyf.com
GTS CA 1P5
2024-03-20 -
2024-06-18
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020
2023-04-20 -
2024-05-21
a year crt.sh

This page contains 1 frames:

Primary Page: https://q2ctfs.dvkrfn.xyz/
Frame ID: 9E291777B477F2EB493CD3D031D42E8C
Requests: 52 HTTP requests in this frame

Screenshot

Page Title

反差百科官网|APP下载——反差百科视频 陪你解读AV剧情

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

38
Requests

76 %
HTTPS

17 %
IPv6

5
Domains

6
Subdomains

7
IPs

5
Countries

3979 kB
Transfer

9690 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
q2ctfs.dvkrfn.xyz/
3 KB
1 KB
Document
General
Full URL
https://q2ctfs.dvkrfn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.220.255.214 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.255.220.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4a12c75ca9337af8f5c77bfb267ec4e5a0c52abfa01154ec138dc2aa7aa4ca4c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sat, 20 Apr 2024 02:54:51 GMT
etag
W/"6614d9e7-b03"
last-modified
Tue, 09 Apr 2024 06:02:15 GMT
server
nginx
vary
Accept-Encoding
jquery-3.5.1.js
q2ctfs.dvkrfn.xyz/
281 KB
84 KB
Script
General
Full URL
https://q2ctfs.dvkrfn.xyz/jquery-3.5.1.js
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.220.255.214 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.255.220.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:52 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2023 09:27:23 GMT
server
nginx
etag
W/"645228fb-4638e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
*
tinstall_inner_d.min.js
q2ctfs.dvkrfn.xyz/
23 KB
13 KB
Script
General
Full URL
https://q2ctfs.dvkrfn.xyz/tinstall_inner_d.min.js?v=1
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.220.255.214 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.255.220.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e93fa6838966b26a760e6881cac11fdc783066f056a6c6aeba299ceaa50e218a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:52 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2023 09:27:23 GMT
server
nginx
etag
W/"645228fb-5bd3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
*
mobile-detect.min.js
q2ctfs.dvkrfn.xyz/
38 KB
16 KB
Script
General
Full URL
https://q2ctfs.dvkrfn.xyz/mobile-detect.min.js
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.220.255.214 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.255.220.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:52 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2023 09:27:23 GMT
server
nginx
etag
W/"645228fb-981e"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
*
chunk-vendors.32ed9b46.css
q2ctfs.dvkrfn.xyz/css/
142 KB
42 KB
Stylesheet
General
Full URL
https://q2ctfs.dvkrfn.xyz/css/chunk-vendors.32ed9b46.css
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.220.255.214 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.255.220.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ccd2d4f3f0614d339546e96d4e8dae36dd6528bfb3b2c4f8f94db1564ae03fd3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:52 GMT
content-encoding
gzip
last-modified
Wed, 03 May 2023 09:27:23 GMT
server
nginx
etag
W/"645228fb-23953"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-allow-headers
*
index.0b07919f.css
q2ctfs.dvkrfn.xyz/css/
44 KB
6 KB
Stylesheet
General
Full URL
https://q2ctfs.dvkrfn.xyz/css/index.0b07919f.css
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.220.255.214 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.255.220.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
04b7798f49f9152fee3d87d1cf6eedf9a961e662e643a3171a17e48dd54b53b2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:52 GMT
content-encoding
gzip
last-modified
Tue, 09 Apr 2024 06:02:15 GMT
server
nginx
etag
W/"6614d9e7-b146"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-allow-headers
*
chunk-vendors.c2c79571.js
q2ctfs.dvkrfn.xyz/js/
552 KB
174 KB
Script
General
Full URL
https://q2ctfs.dvkrfn.xyz/js/chunk-vendors.c2c79571.js
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.220.255.214 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.255.220.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
97b38f3ee8e38e0b4385d76ee32389b5f3b494305307f8656c26c6cb12538434

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:52 GMT
content-encoding
gzip
last-modified
Tue, 09 Apr 2024 06:02:15 GMT
server
nginx
etag
W/"6614d9e7-89e6a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
*
index.1b829cac.js
q2ctfs.dvkrfn.xyz/js/
53 KB
13 KB
Script
General
Full URL
https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.220.255.214 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.255.220.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
63886f7c3f400fb346b7e49c701abb2cbf6be797aa6963eef9972f07d2a57f49

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:52 GMT
content-encoding
gzip
last-modified
Tue, 09 Apr 2024 06:02:15 GMT
server
nginx
etag
W/"6614d9e7-d2bd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
*
21722429.js
js.users.51.la/
5 KB
5 KB
Script
General
Full URL
https://js.users.51.la/21722429.js
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.231 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c046930e02fcb210a3a1b3ade00106c90f40376a9ebcda27608f223ccedfc46a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 20 Apr 2024 02:54:53 GMT
Via
cache23.l2de2[152,153,200-0,M], cache4.l2de2[165,0], ens-cache3.de5[167,166,200-0,M], ens-cache12.de5[167,0]
X-Swift-CacheTime
0
Transfer-Encoding
chunked
X-Cache
MISS TCP_MISS dirn:-2:-2
Connection
keep-alive
X-Swift-SaveTime
Sat, 20 Apr 2024 02:54:53 GMT
Server
Tengine
Ali-Swift-Global-Savetime
1713581693
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Access-Control-Allow-Headers
Content-Type
EagleId
a3b55ca017135816932953442e
sa.gif
sc.ngdxxc5b.com/
0
136 B
XHR
General
Full URL
https://sc.ngdxxc5b.com/sa.gif?project=JYH01
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/chunk-vendors.c2c79571.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:4::b818:4daa Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
X /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 20 Apr 2024 02:54:53 GMT
server
X
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
Sat, 20 Apr 2024 02:54:53 GMT
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
6 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a50739e51689b3eff5d8167caac28b29c3cced2e61771b97b9ff362a89d14cf

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
loliya-logo%20200_200.png
yfeyf.com/fc/pc/
11 KB
11 KB
Image
General
Full URL
https://yfeyf.com/fc/pc/loliya-logo%20200_200.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Thu, 11 May 2023 01:53:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"645c4ab3-17b70"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZNpaB%2Brj29lQ0jNJ6KeZFLxmob8rj9qI5K9IIc7xli93CWvQaWRKiO2f7jZrvXNcnqCCj%2FxiQ6IWx0n7c7WMn%2BlH1CB%2BM0XVLFpWQzxIaWgOSVhb8H%2FoQoTCfA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da305b01a020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
mobile-detect.min.js
cdn.jsdelivr.net/npm/mobile-detect@1.4.4/
38 KB
17 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/mobile-detect@1.4.4/mobile-detect.min.js
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3224010
x-jsd-version
1.4.4
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230136-FRA, cache-lga21955-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"981e-L0AfU5vQxHE+psOBLfyFMmDEmCI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wkzXMgIXxxhldxNnejRjDfqi089hoX%2F9td3J%2BId0Z7s5sX00LK88V8iWpNk%2BxC%2Ffce3l2KFE9kPcmV35eNNRiQGQXMZantTcCUrY%2FHcTxJiQBjQGW9wrz4mow5gXij%2Bwdw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8771da3059c9975f-FRA
title1.png
yfeyf.com/fc/pc/
9 KB
9 KB
Image
General
Full URL
https://yfeyf.com/fc/pc/title1.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 07:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64abad60-8a40"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=br9X04ym5c%2FD0y6ZU7uKWHDXRl3B6GKoczB7xpg5n9nthtQxx2%2B2Vjg99FfiObQ9x0geLXJt3k%2FazTi%2BwGsNBPHV%2BV36ED9IA2bDPVYf7MtlXH2Zgju9Aabb8Z4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da333c9aa020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
title2.png
yfeyf.com/fc/pc/
1 KB
1 KB
Image
General
Full URL
https://yfeyf.com/fc/pc/title2.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 07:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64abad60-ba70"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6DGZDrGM48M2bIv5ziowxQNNSQVCZi8d1dj2RhWVyy2s1H6KIELR7Z51lZ8xGFET05iEF0nde6Oiel2d7qGuwhF2hXO1cjTAkdjNM5h3TCsh683I%2BFPm%2Bxazp0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da333c9ba020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
title3.png
yfeyf.com/fc/pc/
5 KB
5 KB
Image
General
Full URL
https://yfeyf.com/fc/pc/title3.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 07:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64abad60-ab70"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gdB3WBxUr5Yv40Xim0nBm0zNkM1P4kZXkrq%2F65DUGqEJxkxD9ZVSpFc2E0wXkjcCfTPuqrX%2FgVZu88CPSwJcjei11AN%2BTWUUkeM1OY6ReUxuLFqlWr0TFCq2FjU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da333c9ca020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
web_ts_xz.png
yfeyf.com/lly/pc/images2/
4 KB
4 KB
Image
General
Full URL
https://yfeyf.com/lly/pc/images2/web_ts_xz.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 03:06:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640012ab-1160"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4m%2FFVQct7AgLP501BF5grTPS6bDWQvh6JQkTyBYq%2FwU8htFY%2B5cfaLhtatcEWNNOtFSjsDiVIy76x%2FhxxIfQeTsLiF1xGgPg8rJKsbUuaOeQ4v8o%2F7fT83OGJ9I%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da333c9da020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
web_anzxz_btn.png
yfeyf.com/lly/pc/images2/
11 KB
11 KB
Image
General
Full URL
https://yfeyf.com/lly/pc/images2/web_anzxz_btn.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 03:06:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640012ab-3a90"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TpSYWuj6HXCyi5zwz2ZQ7OyOlmlwJ6thSb3qTdu0nCToLYLl%2FH1MNccDZQUogsGcERSk3EWY2R%2Ff6RupUsyTkzi52dzXCEY2jgmTTk3P6F4HrpfbJ2J5cdTJVNI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da333ca0a020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
web_iosxz_btn.png
yfeyf.com/lly/pc/images2/
15 KB
15 KB
Image
General
Full URL
https://yfeyf.com/lly/pc/images2/web_iosxz_btn.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 03:06:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640012ab-3c70"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7x1Zzno4lZky0GD6C8zxsr9DbXWL%2F1MbLalf7XjTWzDHJiN4FvNVDCexAJ66q%2B1oTbwjFx855DebIupeNGYapmfbNvNHb5dQUUghbQ0ec2vAbbDsZEil4%2FnNWFw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da342d05a020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
pc_1.png
yfeyf.com/fc/pc/
14 KB
14 KB
Image
General
Full URL
https://yfeyf.com/fc/pc/pc_1.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 06:14:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64aba1ba-123d70"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tziA54NdNd0wpcljbFrbT2UBdw3eKzVhH4lqrpxNaTm9a0Y6%2B7sD9Y20DYGiKV1NkkL%2B4VKcGf42eSZQMnRHOxtxukKIRzI%2FV3QbviNNLtA0lGg%2FdLr8X1wzp4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da342d07a020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
pc_2.png
yfeyf.com/fc/pc/
14 KB
14 KB
Image
General
Full URL
https://yfeyf.com/fc/pc/pc_2.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 06:14:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64aba1ba-ee050"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCic8kHplzB%2BpctFGpO%2FBocIHd%2FPptoeXvtU%2FPceqYCfwbxEzA2JtKdd87NkgMaiV4vdt83LCFybCfMncTQsRNZQOmHTMi%2FrhaJwPuJW3k%2BEoyxNutlA7NHNCBA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da342d08a020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
zmy_cweb_cus%20icon@3x.png
yfeyf.com/lly/pc/images2/
13 KB
13 KB
Image
General
Full URL
https://yfeyf.com/lly/pc/images2/zmy_cweb_cus%20icon@3x.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 02 Mar 2023 03:06:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640012ab-5030"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K504NpDq0djEJ1PgjN4bbF%2Bnx5iU7mB3iM9lLd%2Fuop7CB6roLdGvn3GVHYv7bk%2BamP81gB%2BlID7gNqiEZPA10wU0udteoZuNSDDqnZqpyjZAyf8bm7PDnUain%2Fw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da342d09a020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
go1
ia.51.la/
0
317 B
Image
General
Full URL
https://ia.51.la/go1?id=21722429&rt=1713581693945&rl=1600*1200&lang=de-DE&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E5%258F%258D%25E5%25B7%25AE%25E7%2599%25BE%25E7%25A7%2591%25E8%25A7%2586%25E9%25A2%2591%25E6%2598%25AF%25E4%25B8%2580%25E6%25AC%25BE%25E5%25AE%258C%25E5%2585%25A8%25E5%2585%258D%25E8%25B4%25B9%25E7%259A%2584%25E6%2592%25B8%25E7%2589%2587%25E7%25A5%259E%25E5%2599%25A8%25EF%25BC%258C%25E5%2590%2584%25E7%25A7%258D%25E7%25B3%25BB%25E5%2588%2597%25E7%25B2%25BE%25E5%2593%2581%25E8%25A7%2586%25E9%25A2%2591%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2582&ing=1&ekc=&sid=1713581693945&tt=%25E5%258F%258D%25E5%25B7%25AE%25E7%2599%25BE%25E7%25A7%2591%25E5%25AE%2598%25E7%25BD%2591%257CAPP%25E4%25B8%258B%25E8%25BD%25BD%25E2%2580%2594%25E2%2580%2594%25E5%258F%258D%25E5%25B7%25AE%25E7%2599%25BE%25E7%25A7%2591%25E8%25A7%2586%25E9%25A2%2591%2520%25E9%2599%25AA%25E4%25BD%25A0%25E8%25A7%25A3%25E8%25AF%25BBAV%25E5%2589%25A7%25E6%2583%2585&kw=%25E5%258F%258D%25E5%25B7%25AE%25E7%2599%25BE%25E7%25A7%2591%25E8%25A7%2586%25E9%25A2%2591%252C%25E5%25AD%2597%25E5%25B9%2595%25E8%25A7%2586%25E9%25A2%2591%25E5%25AE%2598%25E7%25BD%2591%252C%25E5%25AD%2597%25E5%25B9%2595%25E8%25A7%2586%25E9%25A2%2591app%25E4%25B8%258B%25E8%25BD%25BD%252C%25E5%258F%258D%25E5%25B7%25AE%25E7%2599%25BE%25E7%25A7%2591%25E8%25A7%2586%25E9%25A2%2591%25E9%2599%25AA%25E4%25BD%25A0%25E8%25A7%25A3%25E8%25AF%25BBAV%25E5%2589%25A7%25E6%2583%2585&cu=https%253A%252F%252Fq2ctfs.dvkrfn.xyz%252F&pu=
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Date
Sat, 20 Apr 2024 02:54:55 GMT
Content-Length
0
loliya-logo%20200_200.png
yfeyf.com/fc/pc/
95 KB
95 KB
XHR
General
Full URL
https://yfeyf.com/fc/pc/loliya-logo%20200_200.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91e2334d3e7e7dbfc875cea0d643b72c5d1e625e6ef034a52426bc3e9c269ec8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Thu, 11 May 2023 01:53:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"645c4ab3-17b70"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G85gPBWOQxt53yLq9UGckkgsrieNYUJli67eIycorgliUPLE%2F%2FdrthZwxj%2Bi5ZuJxn8kMdR6TbmFskIzYDXH%2FMtbD5gNe%2BcX6lGBilxjF4NT24PUNLlbV%2FGHQ9E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da345d0030c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
loliya-logo%20200_200.png
yfeyf.com/fc/pc/
95 KB
0
XHR
General
Full URL
https://yfeyf.com/fc/pc/loliya-logo%20200_200.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91e2334d3e7e7dbfc875cea0d643b72c5d1e625e6ef034a52426bc3e9c269ec8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Thu, 11 May 2023 01:53:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"645c4ab3-17b70"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G85gPBWOQxt53yLq9UGckkgsrieNYUJli67eIycorgliUPLE%2F%2FdrthZwxj%2Bi5ZuJxn8kMdR6TbmFskIzYDXH%2FMtbD5gNe%2BcX6lGBilxjF4NT24PUNLlbV%2FGHQ9E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da345d0030c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
web_ts_xz.png
yfeyf.com/lly/pc/images2/
4 KB
0
XHR
General
Full URL
https://yfeyf.com/lly/pc/images2/web_ts_xz.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c296bf2184a6de430cfdfff940f92db41d2a97ee64f93dba180572e06a62e34d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:54 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 03:06:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640012ab-1160"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4m%2FFVQct7AgLP501BF5grTPS6bDWQvh6JQkTyBYq%2FwU8htFY%2B5cfaLhtatcEWNNOtFSjsDiVIy76x%2FhxxIfQeTsLiF1xGgPg8rJKsbUuaOeQ4v8o%2F7fT83OGJ9I%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da333c9da020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9b8bd8409fa651e123f71085a628873a5bb0c32e58d09302af0883713e553894

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
zmy_cweb_cus%20icon@3x.png
yfeyf.com/lly/pc/images2/
20 KB
20 KB
XHR
General
Full URL
https://yfeyf.com/lly/pc/images2/zmy_cweb_cus%20icon@3x.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9121c806c4b084426b1f524b061256b60edeb0d217caf60b6468e7ee4ce63c19

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:55 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 03:06:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640012ab-5030"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Bako0rggjorRPooVjMUBknbR409QfYbOG3acaAhzvwV8JQUlOtw04ICeAnhMQoh8bRibvyXiLCwo6Heqp9J6%2FJDdjvrtLYQMcoKdzuaI%2F4MvryPgJ4auh%2Fbg08%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da36cef330c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
web_anzxz_btn.png
yfeyf.com/lly/pc/images2/
15 KB
15 KB
XHR
General
Full URL
https://yfeyf.com/lly/pc/images2/web_anzxz_btn.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a6655644bd674399bc697b3be8c508c7a7a3be18f5ab2d043c14bc84f2c4d19

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:55 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 03:06:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640012ab-3a90"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B0bQPYAm%2BgKNV9adFQJYMwLyt2W0g%2F96szINf5iATgvPzb6cgVB5sHVJe7G4CxZwKMtAK6RV2vFC2DgGC3%2FzJRmCcshoQAxaBOJOWToqwYnxVFRft8MRL3LpD0c%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da36ff0930c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
title1.png
yfeyf.com/fc/pc/
35 KB
35 KB
XHR
General
Full URL
https://yfeyf.com/fc/pc/title1.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac749545712693842336104fc2e3852b67d72316867c5a51d14ec656ce91ba0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:55 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 07:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64abad60-8a40"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q7COnp5voOnooi08WsOv7uD2zfkS3kF4JftIg1FNRlKkxdzrt4ediQVdycKrV03ocVZ4KsAI%2B1aa7PD0v3x%2FkV5hW7eg0PJS9UyXWoO46EWAVW75fLNikInh8b0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da370f1530c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
title2.png
yfeyf.com/fc/pc/
47 KB
47 KB
XHR
General
Full URL
https://yfeyf.com/fc/pc/title2.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c179183777be687386c151258a312a96f6314e5c870fa7d75aaf3f8e8e394914

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:55 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 07:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64abad60-ba70"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bt0jRCI0%2F%2FP7Esh0uewjc5N%2FFSLPDgUToQG%2FMLkgVAeK4ZPLgRpPLKaIYHS2a2pgUsMCOp5MaIZRYbDpdRWE%2Bm6ewOfD5kjvLONr%2Bm3U9l8mbZDTWQCTjZ7z0Qk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da371f1d30c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
title3.png
yfeyf.com/fc/pc/
43 KB
43 KB
XHR
General
Full URL
https://yfeyf.com/fc/pc/title3.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d514e9bfd7d0ab780ecccaf74d286200ba9026e61f3100692e3af86a6f26ed4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:55 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 07:04:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64abad60-ab70"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jJkVbnTPH4jmtUAO0UWvR5HJY8S4G0w3CB4RSARsiZEaZWTMNwlcDD1pXPm6KjDgQX63UP6%2BajOdl438hI2dlltZpoIMN6k9GGuqbOEGibpreHaAu7u6dmb1740%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da372f2930c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
pc_1.png
yfeyf.com/fc/pc/
1 MB
1 MB
XHR
General
Full URL
https://yfeyf.com/fc/pc/pc_1.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c5a328d7e869d810620905cc547490dacd631e07d10e866ec243c522c7be499

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:55 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 06:14:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64aba1ba-123d70"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pFfGLbFMLdwJW0L7ey6pQh9PVraFIv5baD9Ew9WJ53IW1Exs7AbbILWMu2gaaDfUMLsdErDmdY81vUJaXU7bifKPV6WAkdNOuQpQtHpe1kyBwfNi%2FcKl7rX%2BWFo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da37df7830c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
web_iosxz_btn.png
yfeyf.com/lly/pc/images2/
15 KB
16 KB
XHR
General
Full URL
https://yfeyf.com/lly/pc/images2/web_iosxz_btn.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867d5028b97952666c4b52159fa8d80c857319fef1e3da9b835e5a7f195c3e7a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:55 GMT
cf-cache-status
MISS
last-modified
Thu, 02 Mar 2023 03:06:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"640012ab-3c70"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZrEKNRVF5w8OdgWIHHksaVbuAUOqT6yRVuxPOzqEWK4NNwEFZp2SAUbJzqlX7NGPB6HCZ4ZqufFvMA6zru3Ss8pWBZpaiJKB2oPYz%2BikvCaE2FD7S0hEiRNPB58%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da37ef7e30c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
pc_2.png
yfeyf.com/fc/pc/
952 KB
953 KB
XHR
General
Full URL
https://yfeyf.com/fc/pc/pc_2.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
167d2164f05c2f69bb524c5e30dd7f2599b2059d7bb4756739926c7022531483

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:55 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 06:14:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64aba1ba-ee050"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJ%2ButwmlnBoqi0qGe30n%2BqqikvAUQSNmmzIxC6AvWzEUwbWw2IR5HKOd47eI%2F97Xurh3n5xQxtowE9UHj4kK8H3tQGj1tltmMPOQ6%2F%2BnkMDUkWIR5Na1P6gxexo%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da37ef7f30c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
truncated
/
71 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e7bd3ea6f75874ffcb6b01010d458daacde9400a0190bdec082f4fd66478d67

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
15 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27ab7263471644becaffbd41d8c2afc92222d8a8318274a176d4d56a9d21175f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
11 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25108e126181c03e668d8c1781459553fd0fd15e0b039b3413ab6c73b0047c70

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
26 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1996375602ba46fefd82f727b6d74fde512846d536934803488eb4c7ee8b58f0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
11 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e02bed73ba11becf8466faa5b6db6e6f460af2c51bbfc9f5ed3135d5252c802

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
35 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
618440a4c046f59a724eae1147dd5ab0036baa4fbd5f255487fab94e9cb28143

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
32 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2c2d626341874213ae9d9d14e2a38cc81bb010e4ed89bf5509d1cafdd37bd82

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon.ico
q2ctfs.dvkrfn.xyz/
4 KB
4 KB
Other
General
Full URL
https://q2ctfs.dvkrfn.xyz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.220.255.214 Hong Kong, Hong Kong, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
214.255.220.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e97193df2226eabae1e0f1a746765a13d64feb79d46683f39e70120aa2696f89

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:56 GMT
last-modified
Wed, 03 May 2023 09:27:23 GMT
server
nginx
etag
"645228fb-10be"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/x-icon
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
content-length
4286
truncated
/
714 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e75c21d802bfd6c226049a718d54c85c9d6f23b42333a53dad5cd58c55e49c5a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
876 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84c9996c4a942317eaacc0e6afa4349262eb873c28cb2f85f9969e9e12a2cd93

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
pc_3.png
yfeyf.com/fc/pc/
14 KB
14 KB
Image
General
Full URL
https://yfeyf.com/fc/pc/pc_3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:57 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 06:14:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64aba1ba-111d80"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQ8%2FIsV5IWBUV7gZ8fyLq858O6B8d6P78V%2FUe5yEWNCBXRFEFDt3QfGjBJmT2MfFcKLCLte0ue3tweEwpDhnHcATWJx1fb3bd2%2BQnxCIvnsKeufqj8fgOeHLdkk%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da44ed94a020-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
pc_3.png
yfeyf.com/fc/pc/
1 MB
1 MB
XHR
General
Full URL
https://yfeyf.com/fc/pc/pc_3.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af5d66efd77735a2fcfac3121037a44c707d2594c2500ffeb6e2078145363c10

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:57 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 06:14:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64aba1ba-111d80"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ApWCIPZY3EAuYNjQqqn%2BwOe7N%2BJxwH6BdCQY0Bs4XKij6OXgeKKRrOgVpK3GyliX4yERpRMhQnnT9kJymZMgfzmXhEj1WlVRuybqgKGkPZTyal%2FMX%2FSuTwiuasI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da48a9dd30c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
pc_3.png
yfeyf.com/fc/pc/
1 MB
0
XHR
General
Full URL
https://yfeyf.com/fc/pc/pc_3.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af5d66efd77735a2fcfac3121037a44c707d2594c2500ffeb6e2078145363c10

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:57 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 06:14:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64aba1ba-111d80"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ApWCIPZY3EAuYNjQqqn%2BwOe7N%2BJxwH6BdCQY0Bs4XKij6OXgeKKRrOgVpK3GyliX4yERpRMhQnnT9kJymZMgfzmXhEj1WlVRuybqgKGkPZTyal%2FMX%2FSuTwiuasI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da48a9dd30c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
pc_3.png
yfeyf.com/fc/pc/
1 MB
0
XHR
General
Full URL
https://yfeyf.com/fc/pc/pc_3.png
Requested by
Host: q2ctfs.dvkrfn.xyz
URL: https://q2ctfs.dvkrfn.xyz/js/index.1b829cac.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.143.125 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af5d66efd77735a2fcfac3121037a44c707d2594c2500ffeb6e2078145363c10

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://q2ctfs.dvkrfn.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 20 Apr 2024 02:54:57 GMT
cf-cache-status
MISS
last-modified
Mon, 10 Jul 2023 06:14:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64aba1ba-111d80"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ApWCIPZY3EAuYNjQqqn%2BwOe7N%2BJxwH6BdCQY0Bs4XKij6OXgeKKRrOgVpK3GyliX4yERpRMhQnnT9kJymZMgfzmXhEj1WlVRuybqgKGkPZTyal%2FMX%2FSuTwiuasI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
8771da48a9dd30c4-FRA
access-control-allow-headers
*
alt-svc
h3=":443"; ma=86400
truncated
/
822 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91620e04d9a2eb4444a0edffc64159b30e9cb63651aa07a738572a0d91f4c578

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery string| localIp number| repeatTimes undefined| data1 undefined| myCallback string| fontsSha1 string| resolution string| langsDetected boolean| hasBack string| channel string| mUrl object| TInstall function| processBack function| sendStoreData function| getUserIP function| copyToClip function| bin2hex function| getUUID function| audioFingerPrinting function| getFounts object| baseFonts string| testString string| testSize object| h object| s object| defaultWidth object| defaultHeight function| getE function| detect function| encodeUTF8 function| sha1 function| getResolution function| get_writing_scripts function| safeParseJSON function| MobileDetect object| _hmt object| detectZoom object| webpackJsonp object| __core-js_shared__ object| core object| regeneratorRuntime object| JSON3 object| SensorsDataWebJSSDKPlugin object| sensorsDataAnalytic201505 function| sensorsdata_app_call_js function| sensorsdata_app_js_bridge_call_js number| len object| res

5 Cookies

Domain/Path Name / Value
.dvkrfn.xyz/ Name: sajssdk_2015_cross_new_user
Value: 1
.dvkrfn.xyz/ Name: sensorsdata2015jssdkcross
Value: %7B%22distinct_id%22%3A%2218ef96d99e1140b-0fa2deeb8fe867-26001d51-1920000-18ef96d99e21b6a%22%2C%22first_id%22%3A%22%22%2C%22props%22%3A%7B%22%24latest_traffic_source_type%22%3A%22%E7%9B%B4%E6%8E%A5%E6%B5%81%E9%87%8F%22%2C%22%24latest_search_keyword%22%3A%22%E6%9C%AA%E5%8F%96%E5%88%B0%E5%80%BC_%E7%9B%B4%E6%8E%A5%E6%89%93%E5%BC%80%22%2C%22%24latest_referrer%22%3A%22%22%7D%2C%22identities%22%3A%22eyIkaWRlbnRpdHlfY29va2llX2lkIjoiMThlZjk2ZDk5ZTExNDBiLTBmYTJkZWViOGZlODY3LTI2MDAxZDUxLTE5MjAwMDAtMThlZjk2ZDk5ZTIxYjZhIn0%3D%22%2C%22history_login_id%22%3A%7B%22name%22%3A%22%22%2C%22value%22%3A%22%22%7D%2C%22%24device_id%22%3A%2218ef96d99e1140b-0fa2deeb8fe867-26001d51-1920000-18ef96d99e21b6a%22%7D
q2ctfs.dvkrfn.xyz/ Name: __tins__21722429
Value: %7B%22sid%22%3A%201713581693945%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201713583493945%7D
q2ctfs.dvkrfn.xyz/ Name: __51cke__
Value:
q2ctfs.dvkrfn.xyz/ Name: __51laig__
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
ia.51.la
js.users.51.la
q2ctfs.dvkrfn.xyz
sc.ngdxxc5b.com
yfeyf.com
104.16.89.20
163.181.92.231
172.67.143.125
203.107.86.226
2a02:26f0:3500:4::b818:4daa
35.220.255.214
04b7798f49f9152fee3d87d1cf6eedf9a961e662e643a3171a17e48dd54b53b2
0d514e9bfd7d0ab780ecccaf74d286200ba9026e61f3100692e3af86a6f26ed4
167d2164f05c2f69bb524c5e30dd7f2599b2059d7bb4756739926c7022531483
1996375602ba46fefd82f727b6d74fde512846d536934803488eb4c7ee8b58f0
1a50739e51689b3eff5d8167caac28b29c3cced2e61771b97b9ff362a89d14cf
1a6655644bd674399bc697b3be8c508c7a7a3be18f5ab2d043c14bc84f2c4d19
25108e126181c03e668d8c1781459553fd0fd15e0b039b3413ab6c73b0047c70
27ab7263471644becaffbd41d8c2afc92222d8a8318274a176d4d56a9d21175f
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4a12c75ca9337af8f5c77bfb267ec4e5a0c52abfa01154ec138dc2aa7aa4ca4c
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
5c5a328d7e869d810620905cc547490dacd631e07d10e866ec243c522c7be499
618440a4c046f59a724eae1147dd5ab0036baa4fbd5f255487fab94e9cb28143
63886f7c3f400fb346b7e49c701abb2cbf6be797aa6963eef9972f07d2a57f49
7e7bd3ea6f75874ffcb6b01010d458daacde9400a0190bdec082f4fd66478d67
84c9996c4a942317eaacc0e6afa4349262eb873c28cb2f85f9969e9e12a2cd93
867d5028b97952666c4b52159fa8d80c857319fef1e3da9b835e5a7f195c3e7a
9121c806c4b084426b1f524b061256b60edeb0d217caf60b6468e7ee4ce63c19
91620e04d9a2eb4444a0edffc64159b30e9cb63651aa07a738572a0d91f4c578
91e2334d3e7e7dbfc875cea0d643b72c5d1e625e6ef034a52426bc3e9c269ec8
97b38f3ee8e38e0b4385d76ee32389b5f3b494305307f8656c26c6cb12538434
9b8bd8409fa651e123f71085a628873a5bb0c32e58d09302af0883713e553894
9e02bed73ba11becf8466faa5b6db6e6f460af2c51bbfc9f5ed3135d5252c802
af5d66efd77735a2fcfac3121037a44c707d2594c2500ffeb6e2078145363c10
c046930e02fcb210a3a1b3ade00106c90f40376a9ebcda27608f223ccedfc46a
c179183777be687386c151258a312a96f6314e5c870fa7d75aaf3f8e8e394914
c296bf2184a6de430cfdfff940f92db41d2a97ee64f93dba180572e06a62e34d
ccd2d4f3f0614d339546e96d4e8dae36dd6528bfb3b2c4f8f94db1564ae03fd3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75c21d802bfd6c226049a718d54c85c9d6f23b42333a53dad5cd58c55e49c5a
e93fa6838966b26a760e6881cac11fdc783066f056a6c6aeba299ceaa50e218a
e97193df2226eabae1e0f1a746765a13d64feb79d46683f39e70120aa2696f89
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c2d626341874213ae9d9d14e2a38cc81bb010e4ed89bf5509d1cafdd37bd82
fac749545712693842336104fc2e3852b67d72316867c5a51d14ec656ce91ba0