www.saficoo.net Open in urlscan Pro
154.23.117.87 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://saficoo.net/
Effective URL:
http://www.saficoo.net/index.php
Submission: On June 11 via api (June 11th 2022, 1:04:19 am UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 4 countries across 23 domains to perform 57 HTTP transactions. The main IP is 154.23.117.87, located in Tai Wan, Hong Kong and belongs to HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK. The main domain is www.saficoo.net.

This is the only time www.saficoo.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	154.23.117.87 154.23.117.87	139646 (HKMTC-AS-...) (HKMTC-AS-AP HONG KONG Megalayer Technology Co.)
7	104.252.181.78 104.252.181.78	18779 (EGIHOSTING) (EGIHOSTING)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 1	107.148.17.189 107.148.17.189	398823 (PEGTECHIN...) (PEGTECHINC-AP-02)
1	2606:4700:303... 2606:4700:3030::6815:2164	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	45.154.215.92 45.154.215.92	201106 (SPARTANHOST) (SPARTANHOST)
1	2606:4700:303... 2606:4700:3035::6815:1c98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	67.198.205.125 67.198.205.125	35908 (VPLSNET) (VPLSNET)
1	2606:4700:303... 2606:4700:3038::6815:eac6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	20.239.184.9 20.239.184.9	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	185.10.104.115 185.10.104.115	() ()
2	5.180.146.112 5.180.146.112	18978 (ENZUINC-) (ENZUINC-)
1	2606:4700:20:... 2606:4700:20::ac43:4528	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	79.133.177.230 79.133.177.230	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	47.75.19.24 47.75.19.24	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	2408:8721:820... 2408:8721:820:230::64	() ()
1	2606:1980:8::5 2606:1980:8::5	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	8.252.22.243 8.252.22.243	3356 (LEVEL3) (LEVEL3)
14	2606:4700:303... 2606:4700:3038::6815:ebad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	20.24.92.84 20.24.92.84	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	112.90.153.42 112.90.153.42	136959 (UNICOM-FU...) (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network)
57	19

4 154.23.117.87 (Tai Wan, Hong Kong) 1 redirects

ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)

saficoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.saficoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.252.181.78 (United States)

ASN18779 (EGIHOSTING, US)

www.ddys031.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.148.17.189 (United States) 1 redirects

ASN398823 (PEGTECHINC-AP-02, US)

kvezz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:2164 (United States)

ASN13335 (CLOUDFLARENET, US)

acoozzh.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.154.215.92 (Seattle, United States) 1 redirects

ASN201106 (SPARTANHOST, GB)

kzerr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:1c98 (United States)

ASN13335 (CLOUDFLARENET, US)

kvkccc.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.198.205.125 (United States) 1 redirects

ASN35908 (VPLSNET, US)
PTR: 67.198.205.125.CUSTOMER.VPLS.NET

kzeaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eac6 (United States)

ASN13335 (CLOUDFLARENET, US)

kvheee.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.239.184.9 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

29873398.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.10.104.115 (None, )

ASN- ()

pic.rmb.bdstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.180.146.112 (Los Angeles, United States)

ASN18978 (ENZUINC-, US)
PTR: 112.146-180-5.rdns.scalabledns.com

img.ylkjit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4528 (United States)

ASN13335 (CLOUDFLARENET, US)

i.loli.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.133.177.230 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

p3.toutiaoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.75.19.24 (Central, Hong Kong)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

aliyun-static-oss.oss-cn-hongkong.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2408:8721:820:230::64 (None, )

ASN- ()

p26.toutiaoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:1980:8::5 (United States)

ASN54994 (QUANTILNETWORKS, US)

si1.go2yd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.252.22.243 (United States)

ASN3356 (LEVEL3, US)

img-l3.xnxx-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3038::6815:ebad (United States)

ASN13335 (CLOUDFLARENET, US)

fmlb.netlbtu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.24.92.84 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

19719197.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 112.90.153.42 (China)

ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	netlbtu.com fmlb.netlbtu.com — Cisco Umbrella Rank: 194243	129 KB
7	ddys031.top www.ddys031.top	70 KB
4	saficoo.net 1 redirects saficoo.net www.saficoo.net	2 KB
2	aliyuncs.com aliyun-static-oss.oss-cn-hongkong.aliyuncs.com	260 KB
2	toutiaoimg.com p3.toutiaoimg.com — Cisco Umbrella Rank: 59176 p26.toutiaoimg.com	279 KB
2	ylkjit.com img.ylkjit.com — Cisco Umbrella Rank: 364900
2	bdstatic.com pic.rmb.bdstatic.com
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8077	12 KB
1	51.la js.users.51.la — Cisco Umbrella Rank: 62118 ia.51.la Failed	3 KB
1	19719197.com 19719197.com — Cisco Umbrella Rank: 965735	246 KB
1	xnxx-cdn.com img-l3.xnxx-cdn.com — Cisco Umbrella Rank: 18283	16 KB
1	go2yd.com si1.go2yd.com — Cisco Umbrella Rank: 319021	140 KB
1	loli.net i.loli.net — Cisco Umbrella Rank: 162138	357 KB
1	29873398.com 29873398.com	86 KB
1	kvheee.top kvheee.top	1002 KB
1	kzeaa.com 1 redirects kzeaa.com — Cisco Umbrella Rank: 536596	133 B
1	kvkccc.top kvkccc.top — Cisco Umbrella Rank: 879729	834 KB
1	kzerr.com 1 redirects kzerr.com — Cisco Umbrella Rank: 526893	133 B
1	acoozzh.top acoozzh.top — Cisco Umbrella Rank: 718175	392 KB
1	kvezz.com 1 redirects kvezz.com — Cisco Umbrella Rank: 360453	133 B
0	9aijavbus.org Failed www.9aijavbus.org Failed
0	rrtwda9.com Failed rrtwda9.com Failed
0	kupfkc9.com Failed kupfkc9.com Failed
57	23

	Domain	Requested by
14	fmlb.netlbtu.com	www.ddys031.top
7	www.ddys031.top	www.saficoo.net www.ddys031.top
3	www.saficoo.net	www.saficoo.net
2	aliyun-static-oss.oss-cn-hongkong.aliyuncs.com	www.ddys031.top
2	img.ylkjit.com	www.ddys031.top
2	pic.rmb.bdstatic.com	www.ddys031.top
2	hm.baidu.com	www.saficoo.net www.ddys031.top
1	js.users.51.la	www.ddys031.top
1	19719197.com	www.ddys031.top
1	img-l3.xnxx-cdn.com	www.ddys031.top
1	si1.go2yd.com	www.ddys031.top
1	p26.toutiaoimg.com	www.ddys031.top
1	p3.toutiaoimg.com	www.ddys031.top
1	i.loli.net	www.ddys031.top
1	29873398.com	www.ddys031.top
1	kvheee.top	www.ddys031.top
1	kzeaa.com	1 redirects
1	kvkccc.top	www.ddys031.top
1	kzerr.com	1 redirects
1	acoozzh.top	www.ddys031.top
1	kvezz.com	1 redirects
1	saficoo.net	1 redirects
0	ia.51.la Failed	www.ddys031.top
0	www.9aijavbus.org Failed	www.saficoo.net
0	rrtwda9.com Failed	www.ddys031.top
0	kupfkc9.com Failed	www.ddys031.top
57	26

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign RSA OV SSL CA 2018	`2021-11-15` - `2022-08-02`	9 months	crt.sh
29873398.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
pic.rmb.bdstatic.com TrustAsia TLS RSA CA	`2022-01-21` - `2023-02-21`	a year	crt.sh
701.com GoGetSSL RSA DV CA	`2022-05-25` - `2023-05-25`	a year	crt.sh
loli.net Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-05`	a year	crt.sh
*.toutiaoimg.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-23` - `2022-08-23`	a year	crt.sh
*.oss-cn-hongkong.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-01-20` - `2023-02-21`	a year	crt.sh
*.go2yd.com GeoTrust RSA CN CA G2	`2021-06-21` - `2022-07-22`	a year	crt.sh
xvideos.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-12` - `2022-11-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-09` - `2023-04-09`	a year	crt.sh
19719197.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-18` - `2023-03-18`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.saficoo.net/index.php
Frame ID: CD540D9A13F355CD061655BCE59B5444
Requests: 5 HTTP requests in this frame

Frame: http://www.ddys031.top/
Frame ID: B003DC5BB02F6A0329707E65C912BDA5
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

莱芜纱蹿家居有限公司国产精品无码一区二区三区不卡,99精品国产自在自线,亚洲日韩视频一区二区,色欲日日拍夜夜嗷嗷叫莱芜纱蹿家居有限公司

Page URL History Show full URLs

http://saficoo.net/ HTTP 301
http://www.saficoo.net/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

53 %
HTTPS

33 %
IPv6

23
Domains

26
Subdomains

19
IPs

4
Countries

3827 kB
Transfer

5947 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://saficoo.net/ HTTP 301
http://www.saficoo.net/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif HTTP 301
https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif

Request Chain 8

https://kzerr.com/4bb2d0901785da07331570c60878e380.gif HTTP 301
https://kvkccc.top/4bb2d0901785da07331570c60878e380.gif

Request Chain 9

https://kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif HTTP 301
https://kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
www.saficoo.net/
Redirect Chain

http://saficoo.net/
http://www.saficoo.net/index.php

2 KB
769 B

751ms
194ms

Document
text/html

154.23.117.87
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.saficoo.net/index.php
Protocol: HTTP/1.1
Server: 154.23.117.87 Tai Wan, Hong Kong, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: caf430453a6973b82b1f51a1cfca5ce65ac2ce5b0e354be296e332c91d98e4bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 11 Jun 2022 01:04:11 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Sat, 11 Jun 2022 01:04:10 GMT
Location: http://www.saficoo.net/index.php
Server: nginx

GET
H/1.1 200
OK common.js Show response
www.saficoo.net/ 1 KB
903 B 195ms
194ms Script
application/x-javascript 154.23.117.87
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.saficoo.net/common.js
Requested by: Host: www.saficoo.net
URL: http://www.saficoo.net/index.php
Protocol: HTTP/1.1
Server: 154.23.117.87 Tai Wan, Hong Kong, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 57c26a7abadc1c3bab8a592009917d28bb3b1742360e31c04aeb840e223be92d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.saficoo.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:11 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.saficoo.net/ 258 B
414 B 194ms
194ms Script
application/x-javascript 154.23.117.87
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.saficoo.net/tj.js
Requested by: Host: www.saficoo.net
URL: http://www.saficoo.net/index.php
Protocol: HTTP/1.1
Server: 154.23.117.87 Tai Wan, Hong Kong, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 3ec3f55f76ee1f29f890643d1682caf56fca75bafac14e8ac35248f1ff74a32a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.saficoo.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:11 GMT
Server: nginx
Connection: keep-alive
Content-Length: 258
Content-Type: application/x-javascript

GET
H/1.1 200
OK / Show response
www.ddys031.top/ Frame B003 57 KB
15 KB 1430ms
344ms Document
text/html 104.252.181.78
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ddys031.top/
Requested by: Host: www.saficoo.net
URL: http://www.saficoo.net/index.php
Protocol: HTTP/1.1
Server: 104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / PHP/7.0.33 ASP.NET
Resource Hash: b5c7257b4783b028b1532cbbb69bdacd4935ce36e740cd4621464a846094dce8

Request headers

Referer: http://www.saficoo.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Content-Encoding: gzip
Content-Length: 15423
Content-Type: text/html; charset=utf-8
Date: Sat, 11 Jun 2022 01:04:15 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-Powered-By: PHP/7.0.33 ASP.NET

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1782ms
337ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?4be25e0e0c8202825fbfdc4be5300eb4

Requested by

Host: www.saficoo.net
URL: http://www.saficoo.net/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

e257388f8d1b060d1329903643bc89874d90731d6bbdb5513e05ade4800d7fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.saficoo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:16 GMT
Content-Encoding: gzip
Server: apache
Etag: 752b77ebac87a930ef5f3a70774882be
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11294

GET
H/1.1 200
OK ate.css
www.ddys031.top/template/m1938pc/css/ Frame B003 74 KB
5 KB 156ms
155ms Stylesheet
text/css 104.252.181.78
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ddys031.top/template/m1938pc/css/ate.css
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: HTTP/1.1
Server: 104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 May 2021 10:47:33 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "805073622e43d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4498

GET
H/1.1 200
OK zui.css
www.ddys031.top/template/m1938pc/css/ Frame B003 87 KB
15 KB 311ms
155ms Stylesheet
text/css 104.252.181.78
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ddys031.top/template/m1938pc/css/zui.css
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: HTTP/1.1
Server: 104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 5e3473c5a974705b59872614b21e3a20c570c18425388a45a03335c4cc2094c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:16 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 May 2021 10:47:34 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0e7b632e43d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 15198

GET
H/1.1 200
OK jquery.js Show response
www.ddys031.top/static/js/ Frame B003 90 KB
32 KB 353ms
197ms Script
application/javascript 104.252.181.78
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ddys031.top/static/js/jquery.js
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: HTTP/1.1
Server: 104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:16 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Mar 2019 13:12:51 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80cbdbf642d7d41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 32864

GET
H2

200

95ca29ec3907b3bf2d8a24b35e3eda22.gif
acoozzh.top/ Frame B003
Redirect Chain

https://kvezz.com/95ca29ec3907b3bf2d8a24b35e3eda22.gif
https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif

391 KB
392 KB

47ms
19ms

Image
image/gif

2606:4700:3030::6815:2164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Server: 2606:4700:3030::6815:2164 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1138735
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 400264
last-modified: Mon, 02 May 2022 19:22:39 GMT
server: cloudflare
etag: "62702f7f-61b88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iC5QZyCims%2BCcyOrhzKg8yILQ9gQjXPQ94cYBze12HSxszqkOhQR3tLV5%2BOcElUQtWxK%2BSrz6okIH%2FQUfyl%2BaGQkVQkNV2yTMZKfk%2FSmrduY5i46gC%2FF07VkdlrLveyqhyYadH2HqbhAlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8eef79691f-FRA
expires: Mon, 27 Jun 2022 20:45:22 GMT

Redirect headers

location: https://acoozzh.top/95ca29ec3907b3bf2d8a24b35e3eda22.gif
date: Sat, 11 Jun 2022 01:04:17 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

4bb2d0901785da07331570c60878e380.gif
kvkccc.top/ Frame B003
Redirect Chain

https://kzerr.com/4bb2d0901785da07331570c60878e380.gif
https://kvkccc.top/4bb2d0901785da07331570c60878e380.gif

833 KB
834 KB

403ms
110ms

Image
image/gif

2606:4700:3035::6815:1c98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvkccc.top/4bb2d0901785da07331570c60878e380.gif
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Server: 2606:4700:3035::6815:1c98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 875df0b0cd9c9e81618eaf099d32f10491bef951ef47e290cc680e9bdb390795

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 290857
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 852531
last-modified: Wed, 25 May 2022 13:36:21 GMT
server: cloudflare
etag: "628e30d5-d0233"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0irFiYA1xKWuNfxMI7XzgkP0DQgDToCNZvXrLGDLvMng%2B9USFzVam5nCXv%2BwLx%2B28AdqCHsqzzIYb69oSADBc1RM0%2FaPZZxzbXq7Wa0eM6BA4qrix4CRjgg6SCryHkLgmicMAI24W7K"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 71966e913cd58ff8-FRA
expires: Thu, 07 Jul 2022 16:16:41 GMT

Redirect headers

location: https://kvkccc.top/4bb2d0901785da07331570c60878e380.gif
date: Sat, 11 Jun 2022 01:04:17 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H2

200

92f0c144d76dd785f7c04f84ae149b33.gif
kvheee.top/ Frame B003
Redirect Chain

https://kzeaa.com/92f0c144d76dd785f7c04f84ae149b33.gif
https://kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif

1000 KB
1002 KB

124ms
14ms

Image
image/gif

2606:4700:3038::6815:eac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Server: 2606:4700:3038::6815:eac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1168088
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1024160
last-modified: Wed, 25 May 2022 13:49:10 GMT
server: cloudflare
etag: "628e33d6-fa0a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7RXqJfqeG7%2Fpqn9WZYltDuXfOt11FH3TdwUP6SM%2FG%2FvhO%2FZ9A2t0TW4d6AqVnaOMvBdfAbvt8tE5cI9WblmWEZPAviZ2Ezq8akd20j6e1A%2ByukKKlxkpsBidMmHV1PrVxmRpnK%2BTVLo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 71966e8f6f689088-FRA
expires: Mon, 27 Jun 2022 12:36:09 GMT

Redirect headers

location: https://kvheee.top/92f0c144d76dd785f7c04f84ae149b33.gif
date: Sat, 11 Jun 2022 01:04:17 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H/1.1 200
OK ec7d8669bfbb4df980a3e9b1746aa8fe.gif
29873398.com/ Frame B003 276 KB
86 KB 797ms
379ms Image
image/gif 20.239.184.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://29873398.com/ec7d8669bfbb4df980a3e9b1746aa8fe.gif
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.239.184.9 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 861c17e5363f328ff8c27d6a64e115b29a875b22e909a84429915ac8d063009b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:17 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 May 2022 12:36:00 GMT
Server: WAF/2.4-12.1
ETag: W/"6288dcb0-44f26"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 ca046b3108aaf03d4275def9a9e3ac04.gif
pic.rmb.bdstatic.com/bjh/ Frame B003 1 MB
0 2032ms
10ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/ca046b3108aaf03d4275def9a9e3ac04.gif
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 1497204
date: Sat, 11 Jun 2022 01:04:19 GMT
content-md5: ygRrMQiq8D1Cdd75qeOsBA==
age: 1503409
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1497204
ohc-cache-hit: fra01-sys-jomo1.fra01.baidu.com [2], zhuzuncache100 [2], suzix200 [1]
last-modified: Sun, 24 Apr 2022 15:25:41 GMT
server: JSP3/2.0.14
etag: "ca046b3108aaf03d4275def9a9e3ac04"
x-bce-request-id: 47882b82-2dee-4d6c-9168-7f447548d2c1
content-type: image/gif
x-bce-debug-id: GSjwLBAA6FAozwZqSHlZi9/o2x8C6S17FyzzZeuLOWeQdGRIRfV5hcjDpIVvChZoiILz7pI6X03ZYY5cXfhQUw==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 519163383
expires: Fri, 27 May 2022 15:25:58 GMT

GET
H2 200 a82047b0c42a3d4707d251820bc2ea04.gif
pic.rmb.bdstatic.com/bjh/ Frame B003 0
0 2087ms
66ms Image
image/gif 185.10.104.115

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pic.rmb.bdstatic.com/bjh/a82047b0c42a3d4707d251820bc2ea04.gif
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.10.104.115 -, , ASN (),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ohc-file-size: 1367629
date: Sat, 11 Jun 2022 01:04:19 GMT
content-md5: qCBHsMQqPUcH0lGCC8LqBA==
age: 478262
x-cache-status: HIT
x-bce-storage-class: STANDARD
content-length: 1367629
ohc-cache-hit: fra01-sys-jomo8.fra01.baidu.com [2], zhuzuncache113 [1], qdix113 [3]
last-modified: Fri, 06 May 2022 10:53:05 GMT
server: JSP3/2.0.14
etag: "a82047b0c42a3d4707d251820bc2ea04"
x-bce-request-id: 06645db2-0ea5-457a-bed7-dd1be58b4065
content-type: image/gif
x-bce-debug-id: /QKp/RW6WIfLE17088Stv/UC6+N4EoUrvzqHbU51Ke9VAZezrsAYTyQuydXTss3eInjtbx4xcMQL1N8WN/UQrw==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 53931440
expires: Wed, 08 Jun 2022 10:56:02 GMT

GET c0efb3b3baa0c0676d5d1836220cd3b1.gif
pic.rmb.bdstatic.com/bjh/ Frame B003 0
0

GET c345c325b2dd601744e2fdf749337f8e.gif
pic.rmb.bdstatic.com/bjh/ Frame B003 0
0

GET 5e6457147fec4682b63bac15e6f0705c.gif
kupfkc9.com/ Frame B003 0
0

GET
H/1.1 200
OK 1.gif
www.ddys031.top/template/m1938pc/images/ Frame B003 254 B
501 B 157ms
156ms Image
image/gif 104.252.181.78
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ddys031.top/template/m1938pc/images/1.gif
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: HTTP/1.1
Server: 104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:16 GMT
Last-Modified: Fri, 07 May 2021 10:47:37 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "563214652e43d71:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 254

GET
H2 200 1000x60.gif
img.ylkjit.com/ Frame B003 192 KB
0 1307ms
318ms Image
image/gif 5.180.146.112
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ylkjit.com/1000x60.gif

Requested by

Host: www.ddys031.top
URL: http://www.ddys031.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.180.146.112 Los Angeles, United States, ASN18978 (ENZUINC-, US),

Reverse DNS

112.146-180-5.rdns.scalabledns.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:18 GMT
last-modified: Sat, 07 May 2022 12:52:28 GMT
server: nginx
etag: "62766b8c-3e72f"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 255791
expires: Mon, 11 Jul 2022 01:04:18 GMT

GET
H2 200 U7DLakzcdv4Agwi.gif
i.loli.net/2021/11/17/ Frame B003 356 KB
357 KB 1209ms
1122ms Image
image/gif 2606:4700:20::ac43:4528
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.loli.net/2021/11/17/U7DLakzcdv4Agwi.gif

Requested by

Host: www.ddys031.top
URL: http://www.ddys031.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4528 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99d42fadb89f610932b156d7f2a7346699ec0e4b6ef7600f13536d9a032e3894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:18 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-custom-job: If you see this, please contact admin@loli.net for a job
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 364720
x-xss-protection: 1; mode=block
timing-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Nov 2021 11:30:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "6194e7d4-590b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SqO5ttHivQxDIE%2F40wJyZ6HjUKkRPkCpOgwJOz%2BN2pLefkAZlwdx42GzhfduNi65e3QPuX4szc6Fn1s77fhiFdc9XNSPOCpfyo%2Fu0tvdS5uawkF3bn7oR%2BlqssMx4%2FbHv3ncsC0U7g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 71966e8c09298fd7-FRA

GET
H2 200 5f32d43062c64c5aa0ce2fdfc1e6c02f~noop.image
p3.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/ Frame B003 278 KB
279 KB 383ms
26ms Image
image/gif 79.133.177.230
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/5f32d43062c64c5aa0ce2fdfc1e6c02f~noop.image
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.230 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ImageX
Resource Hash: 4ece6df8bead56d5893cae4fd33cdb1f2e8c9e221213f3e006111437ff81a688

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 03:02:49 GMT
x-response-lb: image
x-tt-trace-tag: id=03;cdn-cache=hit;type=static
age: 17964087
nw-session-id: 2021111419164601019806507636DEE3C15g9dw03tt
x-powered-by: ImageX
x-cache: HIT TCP_HIT dirn:13:714631649
x-bdcdn-cache-status: TCP_HIT
x-swift-cachetime: 31430170
server-timing: cdn-cache;desc=HIT,edge;dur=2
x-length: 284566
x-tt-trace-host: 0161eba36e02e43c7cf33dc93a1cafe215a821360c87618d098ab64f9a572b47f516a3272604c64aaed4da1016800d17f736561ad18e5ee7cf36ac4ce4a41647125b3d263e7bd8a5af6ab9aa09c55be65c41d17487c5b2959197f6a95206c003ae
content-length: 284566
via: cache3.l2de2[0,0,200-0,H], cache1.l2de2[0,0], cache1.l2de2[2,0], cache1.de3[0,0,200-0,H], cache9.de3[2,0]
last-modified: Sun, 14 Nov 2021 11:16:46 GMT
server: Tengine
x-tt-logid: 2021111419164601019806507636DEE3C1
x-response-date: Sun, 14 Nov 2021 19:16:46 GMT
ali-swift-global-savetime: 1636945370
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-11-14T19:16:46.570073555+08:00 94
cache-control: max-age=31536000
x-response-cinfo: 178.162.209.142
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *, *
eagleid: 4f85b19d16549094575623763e
x-swift-savetime: Tue, 16 Nov 2021 08:26:40 GMT

GET
H/1.1 200
OK 76795cd0ef7f04b4b686d082ebb9f9.gif
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/2a/ Frame B003 116 KB
117 KB 779ms
258ms Image
image/gif 47.75.19.24
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/2a/76795cd0ef7f04b4b686d082ebb9f9.gif?attname=%E8%89%B2%E7%AB%99%E5%B9%BF%E5%91%8A960X80%E4%B8%8A.gif
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.24 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 07ebe75bf154fefc3806ff5536fc0b753a607f401ea3ff5bc511ae7429e3c818

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:17 GMT
x-oss-request-id: 62A3EA1123C054323637198D
Content-MD5: KnZ5XNDvfwS0tobQguu5+Q==
Content-Disposition: inline;filename=%E8%89%B2%E7%AB%99%E5%B9%BF%E5%91%8A960X80%E4%B8%8A.gif
Connection: keep-alive
Content-Length: 118740
x-oss-object-type: Normal
Last-Modified: Sat, 20 Nov 2021 06:39:49 GMT
Server: AliyunOSS
ETag: "2A76795CD0EF7F04B4B686D082EBB9F9"
Vary: Origin
Content-Type: image/gif
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 18282041610815436191
x-oss-server-time: 2

GET
H/1.1 200
OK 56ba1f7b99f34edec560b2bc8c250b.gif
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/83/ Frame B003 143 KB
143 KB 782ms
260ms Image
image/gif 47.75.19.24
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aliyun-static-oss.oss-cn-hongkong.aliyuncs.com/83/56ba1f7b99f34edec560b2bc8c250b.gif?attname=%E8%89%B2%E7%AB%99%E5%B9%BF%E5%91%8A960X80%E4%B8%8B.gif
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.75.19.24 Central, Hong Kong, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 1f77b89f8b23e6121398d9c25b59498d8e566b842238e367b8a1a3be278e9f2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:17 GMT
x-oss-request-id: 62A3EA11D14BBC3136BC51BF
Content-MD5: g1a6H3uZ807exWCyvIwlCw==
Content-Disposition: inline;filename=%E8%89%B2%E7%AB%99%E5%B9%BF%E5%91%8A960X80%E4%B8%8B.gif
Connection: keep-alive
Content-Length: 146033
x-oss-object-type: Normal
Last-Modified: Sat, 20 Nov 2021 06:41:13 GMT
Server: AliyunOSS
ETag: "8356BA1F7B99F34EDEC560B2BC8C250B"
Vary: Origin
Content-Type: image/gif
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 4885637058253428630
x-oss-server-time: 2

GET
H2 200 8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/ Frame B003 123 KB
0 1663ms
253ms Image
image/gif 2408:8721:820:230::64

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p26.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/8c2e2faca3334d7cbd282d7fd4381cd7~noop.image
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2408:8721:820:230::64 -, , ASN (),
Reverse DNS
Software: openresty / ImageX
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

nginx-hit: 1
date: Sat, 11 Jun 2022 01:04:18 GMT
x-response-lb: image
x-ccdn-cachettl: 31536000
x-tt-trace-tag: id=26;cdn-cache=hit;type=static
age: 5999149
nw-session-id: 2021123008073501015013614530ADE9B0dprsv01tt
x-powered-by: ImageX
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT, edge;dur=3
x-length: 677521
x-tt-trace-host: 016a2077e03b2041825c42669e9a23cec5ee04519515486308eb42b81315658df6aa5ed29ad219c7d25626d5b022cced5274c18183adcd43889f65e87a17fde2315b0226a7e5f07d4c19094125051b3e74699be800dd629619bc2141d5fb81fc89ccc76230d7d3e4f731a9d881f3cb16c4
content-length: 677521
via: CHN-HAzhengzhou-AREACUCC1-CACHE55[3],CHN-HAzhengzhou-AREACUCC1-CACHE35[0,TCP_HIT,1],CHN-TJ-GLOBAL1-CACHE52[20],CHN-TJ-GLOBAL1-CACHE35[0,TCP_HIT,10]
accept-ranges: bytes
last-modified: Thu, 30 Dec 2021 00:07:35 GMT
server: openresty
x-tt-logid: 2021123008073501015013614530ADE9B0
x-response-date: Thu, 30 Dec 2021 08:07:35 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2021-12-30T08:07:35.194015393+08:00 68
cache-control: max-age=31536000
x-response-cinfo: 2a00:c98:2050:a007:2::9
imagex-fmt: gif2gif
x-response-cache: edge_hit
x-hcs-proxy-type: 1

GET
H2 200 0xle6Gs65qR
si1.go2yd.com/get-image/ Frame B003 139 KB
140 KB 560ms
160ms Image
image/gif 2606:1980:8::5
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://si1.go2yd.com/get-image/0xle6Gs65qR
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2606:1980:8::5 , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: Tengine /
Resource Hash: b3e8b0b20b32071c827c56f3b9e57537175610f8f8e6c59439665e2e2d80d931

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

ws-s2h-acc-level: 1
date: Sat, 11 Jun 2022 01:04:17 GMT
last-modified: Thu, 10 Feb 2022 08:00:01 GMT
server: Tengine
content-md5: 8WR6aziHwM0+7czI1ht5Dg==
age: 1
etag: "f1647a6b3887c0cd3eedccc8d61b790e"
x-ws-request-id: 62a3ea11_PS-SEA-01mw0147_137447-39323
content-type: image/gif
access-control-allow-origin: *
x-kss-request-id: 1d1c290058c84bbdad5290984dd718ff
accept-ranges: bytes
content-length: 142511
x-via: 1.1 PSbjwjBGP2ks135:0 (Cdn Cache Server V2.0), 1.1 PSzjnbsxlb228:0 (Cdn Cache Server V2.0), 1.1 PSxgHKG8ce83:6 (Cdn Cache Server V2.0), 1.1 yatu5:13 (Cdn Cache Server V2.0)
x-application-context: application

GET
H/1.1 200
OK 8bd803e7c79ad7ce2a69d062fb940b06.22.jpg
img-l3.xnxx-cdn.com/videos/thumbs169xnxxll/8b/d8/03/8bd803e7c79ad7ce2a69d062fb940b06/ Frame B003 15 KB
16 KB 104ms
16ms Image
image/jpeg 8.252.22.243
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-l3.xnxx-cdn.com/videos/thumbs169xnxxll/8b/d8/03/8bd803e7c79ad7ce2a69d062fb940b06/8bd803e7c79ad7ce2a69d062fb940b06.22.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 8.252.22.243 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: ECAcc (chb/0706) /
Resource Hash: 3011f4fab001f3af1c122c6e03b73e2dd60da42ee7e1f692dc917cd254e65045

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 29 Mar 2022 00:09:56 GMT
Last-Modified: Sun, 10 Nov 2019 14:56:53 GMT
Server: ECAcc (chb/0706)
Age: 6396861
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=10368000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15532
Expires: Wed, 27 Jul 2022 00:10:30 GMT

GET
H2 200 tnryldoejfv1821tnryldoejfv073133.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 11 KB
11 KB 54ms
22ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/tnryldoejfv1821tnryldoejfv073133.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e14d6c21be00d3e8653cece8ac3c795949d8bc16871c791864985ceddfbc32f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 504
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11009
last-modified: Tue, 31 May 2022 10:21:08 GMT
server: cloudflare
etag: "31737224d874d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6YeWclQaufSzhT38MHTdTGpOiEhJank7FcupFR2vYNQFwdChuvBh4H4MKijxSPyQRZGRhy5JRenXLsO70B4lpljUajitTnFSka9SCHTOMVnruqyyzAy74nN4RlyMTtm9SBRJjFqgLTqXRCVZ6Oa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8caafe9bf8-FRA
cf-bgj: h2pri

GET
H2 200 1qxna12x3vz18211qxna12x3vz083135.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 7 KB
7 KB 55ms
23ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/1qxna12x3vz18211qxna12x3vz083135.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70bf226170936b0374026d0aeafa269fae3876452d9f88294d20858b6fe4db88

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6387
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6979
last-modified: Tue, 31 May 2022 10:21:08 GMT
server: cloudflare
etag: "77f7f724d874d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ii7NbL%2FA%2FApAmpYA4XBbpXAzmQhyA37DLpt0TkhTavzdqJaTlb%2B4%2BtGXR8ng9aicbqi%2FGh4ZDgXlNzFC%2BZklF3kH2Pinx%2BWDphtrIwYoFF1zG%2B9TfabPibGk84IlemPokywltZkILqDspXK5uNAM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8cab019bf8-FRA
cf-bgj: h2pri

GET
H2 200 xs5lwgxicgq1821xs5lwgxicgq093137.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 9 KB
9 KB 25ms
23ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/xs5lwgxicgq1821xs5lwgxicgq093137.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c436727f0ed0d6aed138c044643297b0da40e8c893bcc5e243223204dba3ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6387
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9203
last-modified: Tue, 31 May 2022 10:21:09 GMT
server: cloudflare
etag: "63de7f25d874d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVpRPF9245M4xNcnijIovxuZsx7g8bOGH4xX8r5UisvhOeXQA1FsiYthiifvqwiCL3ppUcP6kZsT%2FCJn8PbXfoV8%2FqBqQ5Vf3zSfBSSdxOzo7gsuM2dNcnUUAdFcZSBu%2BNE%2BeRVEjwHHY2HdUl%2BL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8cdb259bf8-FRA
cf-bgj: h2pri

GET
H2 200 kvbireyeec41821kvbireyeec4103139.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 7 KB
8 KB 23ms
22ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/kvbireyeec41821kvbireyeec4103139.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a47635545c65caa4fdef25aa6781ce4d7243c9e55fc1cf1059c55a6e490b43d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6387
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7642
last-modified: Tue, 31 May 2022 10:21:10 GMT
server: cloudflare
etag: "40df726d874d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBF4CkjeL6%2BIHMXFUxkVmBIupbcsaTUpQaD0TOMdXizHXrB%2BbhUcDeOGgVtQr5VRvD3ExC72jShaGBSwZpZCteENUkazb%2FvvFmoIeUnDtC%2B7xbiLb%2BaUlBZ2Xc89svC3kctRY1RcSR7XGXk7CAyD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8cdb289bf8-FRA
cf-bgj: h2pri

GET
H2 200 frcn02ikgrq1821frcn02ikgrq113141.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 10 KB
10 KB 24ms
22ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/frcn02ikgrq1821frcn02ikgrq113141.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dacd701e294b0309fd299f8a6fa1f1bfb2f1da43739f51be8f6d8fbaddefbe3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9729
last-modified: Tue, 31 May 2022 10:21:11 GMT
server: cloudflare
etag: "4a28b26d874d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPM0r1%2BdiORmuwl16Ay3lSsLlXXDovTMPZZ2XPNekCO%2Bt%2F%2FhJPV8k0MApo0Awg%2FM7rb91%2BhezlifWXb8B62zqrs9aAMrr1w9nHZqoEeavm%2B3UgkzmB0JAJnMMdL6R27QQ%2FP%2FqV%2BnJBdTJrNEijkb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8cdb299bf8-FRA
cf-bgj: h2pri

GET
H2 200 2z1ryf1adiu18212z1ryf1adiu123143.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 8 KB
9 KB 24ms
22ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/2z1ryf1adiu18212z1ryf1adiu123143.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d19873600fd2ee2a5f46a9bab57baede6b98ee4947d71fdc8a47ebc71c43702

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6387
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8457
last-modified: Tue, 31 May 2022 10:21:12 GMT
server: cloudflare
etag: "3ad51027d874d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wAgsp4nd1dIMHfLe2D1ARja1aJiRxQ1LxO%2Bz5VPyhd2GU37rkeSEZTpuXdZcEdKacgWxWBh1hO904OvbssXHRv%2F8DpenDIW6p141tFLUooTHrqpIRWSG4t3VqTnh4QyHPSFLrVD%2Bi%2FLsRigP%2F1NC"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8cdb2a9bf8-FRA
cf-bgj: h2pri

GET
H2 200 400x400.gif
img.ylkjit.com/ Frame B003 80 KB
0 1255ms
477ms Image
image/gif 5.180.146.112
ENZUINC-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ylkjit.com/400x400.gif

Requested by

Host: www.ddys031.top
URL: http://www.ddys031.top/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

5.180.146.112 Los Angeles, United States, ASN18978 (ENZUINC-, US),

Reverse DNS

112.146-180-5.rdns.scalabledns.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:18 GMT
last-modified: Tue, 17 May 2022 08:42:38 GMT
server: nginx
etag: "62835ffe-6afde"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 438238
expires: Mon, 11 Jul 2022 01:04:18 GMT

GET
H2 200 bhdk1siasat1815bhdk1siasat522761.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 8 KB
9 KB 33ms
31ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/bhdk1siasat1815bhdk1siasat522761.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 322b7417369dc6f3ee2ab835e294f53eaa7a310f474ad8a36c2d6023b5ae62c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1957
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8398
last-modified: Tue, 31 May 2022 10:15:52 GMT
server: cloudflare
etag: "c4f47a68d774d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=azGu%2BcJh3uIeQiItAyJgxsVDHB%2FjUsZETzB7qe348sQPz42FL8PBV6nEmVCOUkCU8o2H440kQh5Wmt5gJASA5e7Yl4yit1%2F8J0Rxi3%2Brqs2VVhOhUWkZ1JvFtMlX18lcXEdmVrsAQBdccBv9zrJT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8cdb2b9bf8-FRA
cf-bgj: h2pri

GET
H2 200 f0nqjpd3wwd1815f0nqjpd3wwd532763.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 8 KB
8 KB 33ms
32ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/f0nqjpd3wwd1815f0nqjpd3wwd532763.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 662177e6d9d868e7608d9cfa2d799278c29bd3998dcfbe96875c586a6ec048c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1823
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8151
last-modified: Tue, 31 May 2022 10:15:53 GMT
server: cloudflare
etag: "ce3e569d774d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNutf0o4CKrtnmeBdyxqFSM6XYyMSGSNv29OXX4G0E%2BOIIWOooX%2F9mYtkOXIb44o2CZZvSdnJucExjBk7lyt7ru84JgyeZz%2FQQE8Je4j14pgPz439VeJL1qyHibV8zHD3ZHWPKYlu0FWi73TWgIb"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8cdb2c9bf8-FRA
cf-bgj: h2pri

GET
H2 200 pvoxacfc1bo1815pvoxacfc1bo542765.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 7 KB
8 KB 23ms
22ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/pvoxacfc1bo1815pvoxacfc1bo542765.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b81a0cb976014b1880f6340b0d61b0313e1563d1316a4e3ff1e6cd05b5b4616f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1823
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7494
last-modified: Tue, 31 May 2022 10:16:15 GMT
server: cloudflare
etag: "49fc1176d774d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oG5ICSu%2BKutd6LB%2FHXz4m2VTlC%2BBfmx5kg%2B15JNuWmW64XXOZEtodSBV0oaZnTs4TQIqSiakBgy0ALW1wpd5HCOYddHeWgrmzJX0EbXhGoo8RET8TjDePP1fzWV1Q3K5kKuDWd76ErzoZCR%2B3p7i"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8cdb2e9bf8-FRA
cf-bgj: h2pri

GET
H2 200 4vb0wrctrmj18154vb0wrctrmj462747.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 9 KB
10 KB 24ms
23ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/4vb0wrctrmj18154vb0wrctrmj462747.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfc7d5465377d1fc4d2902703a1c4f0e97c9c4a9ccfdd5dc4024ad80cbc350ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9255
last-modified: Tue, 31 May 2022 10:15:46 GMT
server: cloudflare
etag: "ad9bcc64d774d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Cs0IF%2F80%2Be2gkLfubWOWfjbMkdX1h6eMErCy5Up0PaPOnk9HO2TAGa%2BaKrfDlyA4v4AIt4%2FSnIG6UmNZyB8J4lX3u4PC1IAi5TzSNhIRk8jCapF7F6X47YmN9cx4X%2B6dNzZ7DG%2FOxT6yEjWEeSV"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8cdb309bf8-FRA
cf-bgj: h2pri

GET
H2 200 2ob145hhsrl18152ob145hhsrl472749.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 9 KB
10 KB 25ms
23ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/2ob145hhsrl18152ob145hhsrl472749.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2481afa45e1a355befb7e864809b880c2f375c14978c065b57afb5ea2067baea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2365
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9384
last-modified: Tue, 31 May 2022 10:15:47 GMT
server: cloudflare
etag: "15e55665d774d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPPwTR%2FvDVsoHZmPZPd47kXtgNHt8GGCEyLp1%2FQTPrP4V74AU7mMYc4PyrNivdS9rT9NuF8OiRi6NNxxt7ANxq6m5is6rBDgR7S1JtfOSLnaNHjcx%2BiuuTnLe%2B5Ys4%2F%2F5GDsiz%2BL0XO%2Bn2iB6tD6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8cdb319bf8-FRA
cf-bgj: h2pri

GET
H2 200 ezbuu3tf2dy1815ezbuu3tf2dy482751.jpg
fmlb.netlbtu.com/upload/vod/2022/05-31/18/ Frame B003 9 KB
10 KB 24ms
23ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2022/05-31/18/ezbuu3tf2dy1815ezbuu3tf2dy482751.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 436b2eb2a47dc5c1ea5ebe1b4d778f141f80a404b0bed89030c90ebe48ba2df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6974
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9485
last-modified: Tue, 31 May 2022 10:15:48 GMT
server: cloudflare
etag: "752de165d774d81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwm4I0HvAYfE%2B%2BnwcUp8h%2BfylFn%2BF6ZxVQpta6oFfVZi7o5KvOwUL%2BoSZtV%2FqF9A5xvyW22aB5msbiltKENBQ11PVTEXVQYknStAY4KUmUdIlwFRkTgxlzZFczte4UDrqljLrzcqmS9dv6sk%2FCxz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e8cdb339bf8-FRA
cf-bgj: h2pri

GET c333d9318beb5b59bc7fd1dbe71ed7f3.gif
pic.rmb.bdstatic.com/bjh/ Frame B003 0
0

GET 2493e04580cf099c7502fc9b84e305f4.gif
pic.rmb.bdstatic.com/bjh/ Frame B003 0
0

GET 24f8d711ff99c1b9e8eda597e520496d.gif
pic.rmb.bdstatic.com/bjh/ Frame B003 0
0

GET
H/1.1 200
OK 6250cd93fcce425e90929b94e0614601.gif
19719197.com/ Frame B003 247 KB
246 KB 878ms
484ms Image
image/gif 20.24.92.84
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://19719197.com/6250cd93fcce425e90929b94e0614601.gif
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.24.92.84 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: WAF/2.4-12.1 /
Resource Hash: 19513c69e53dee25a97b0d0cc08bda5a0d44750c9d82e02fc9d2a2706039e5ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Apr 2022 11:07:02 GMT
Server: WAF/2.4-12.1
ETag: W/"625d4656-3ddf2"
X-Cache-Status: HIT
Vary: Accept-Encoding
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive

GET 62cd0aeaa5f643f1bb47ad6e911d87a9.gif
rrtwda9.com/ Frame B003 0
0

GET
H3 200 zjqxi2rxfnx1749zjqxi2rxfnx134781.jpg
fmlb.netlbtu.com/upload/vod/2021/06-22/17/ Frame B003 9 KB
10 KB 19ms
18ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2021/06-22/17/zjqxi2rxfnx1749zjqxi2rxfnx134781.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05472939cf38a854a46d40ea0f9d19a4e5cf3aff2cb7856c720a0320df34d611

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1958
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9270
last-modified: Tue, 22 Jun 2021 09:49:13 GMT
server: cloudflare
etag: "6f8867db4b67d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90rRmhV4zEX5cJsOoMlPwcCZl%2BMOgX6X7h5UQOuRcJMlS21vsTqFusgZnFimDJM%2Fc0QHFBoUuZiJt2tzfDANrEHQorCivc8vZP3OE3XWHx4%2FDeiUt7hgcjNgXpUaQgbFnZz%2BvCIc7Nj2c1%2Fxkqk6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e952f609b5b-FRA
cf-bgj: h2pri

GET
H3 200 3r0wmbv0xpr17493r0wmbv0xpr144785.jpg
fmlb.netlbtu.com/upload/vod/2021/06-22/17/ Frame B003 11 KB
12 KB 20ms
20ms Image
image/jpeg 2606:4700:3038::6815:ebad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fmlb.netlbtu.com/upload/vod/2021/06-22/17/3r0wmbv0xpr17493r0wmbv0xpr144785.jpg
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3038::6815:ebad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92f18139e193a5f209f480d2d169c9b7ba4317c538ca379611326d6a46f6c0a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 01:04:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6109
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11719
last-modified: Tue, 22 Jun 2021 09:49:14 GMT
server: cloudflare
etag: "583051dc4b67d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wl4K%2B%2Flxp1Nhfu4FVdrnH5tP1Fubvk%2BRW%2BDeSeKT%2B6ciTGBAkfGPqGzxmLsqAqrmZZ9R4LQVZs9Vz9sCnqiL6wHpRTdlIryq2PNV5EhhyHuGgnBWzOljQ2hZOndtlIaL4RKEgvl0Y39LlADTZtjG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 71966e952f619b5b-FRA
cf-bgj: h2pri

GET
H/1.1 404
Not Found aaa.js
www.ddys031.top/template/m1938pc/ads/ Frame B003 0
0 156ms
156ms Script
text/html 104.252.181.78
EGIHOSTING

General

Check archive.org

Show headers Download Go to

Full URL: http://www.ddys031.top/template/m1938pc/ads/aaa.js
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: HTTP/1.1
Server: 104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:16 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Content-Length: 1163
Content-Type: text/html

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 338ms
338ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=145742217&si=4be25e0e0c8202825fbfdc4be5300eb4&v=1.2.94&lv=1&sn=19637&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.saficoo.net%2Findex.php&tt=%E8%8E%B1%E8%8A%9C%E7%BA%B1%E8%B9%BF%E5%AE%B6%E5%B1%85%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.saficoo.net
URL: http://www.saficoo.net/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.saficoo.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 11 Jun 2022 01:04:17 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK 21276283.js Show response
js.users.51.la/ Frame B003 5 KB
3 KB 519ms
170ms Script
application/javascript 112.90.153.42
UNICOM-FUOSHAN-ID...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21276283.js
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 112.90.153.42 , China, ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: openresty /
Resource Hash: e037eddfb14fe53349ee931874c18b7983dda619c9bd11f4575d634a9f9bfd0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:17 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET Bz701y70142740166
www.9aijavbus.org/WZfn/z-14107-Y-x/tah/ Frame B003 0
0

GET Bz701y70142740199
www.9aijavbus.org/WZfn/z-14107-Y-x/tah/ Frame B003 0
0

GET
H/1.1 200
OK video-play.png
www.ddys031.top/template/m1938pc/images/ Frame B003 2 KB
2 KB 160ms
159ms Image
image/png 104.252.181.78
EGIHOSTING

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.ddys031.top/template/m1938pc/images/video-play.png
Requested by: Host: www.ddys031.top
URL: http://www.ddys031.top/template/m1938pc/css/zui.css
Protocol: HTTP/1.1
Server: 104.252.181.78 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.ddys031.top/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 11 Jun 2022 01:04:18 GMT
Last-Modified: Fri, 07 May 2021 10:47:37 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "661634652e43d71:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1567

GET video-mask.png
www.ddys031.top/template/m1938pc/images/ Frame B003 0
0

GET Bz701y70142740236
www.9aijavbus.org/WZfn/z-14107-Y-x/tah/ Frame B003 0
0

GET hm.js
hm.baidu.com/ Frame B003 0
0

GET go1
ia.51.la/ Frame B003 0
0

GET hm.js
hm.baidu.com/ Frame B003 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pic.rmb.bdstatic.com
URL: https://pic.rmb.bdstatic.com/bjh/c0efb3b3baa0c0676d5d1836220cd3b1.gif

Domain: pic.rmb.bdstatic.com
URL: https://pic.rmb.bdstatic.com/bjh/c345c325b2dd601744e2fdf749337f8e.gif

Domain: kupfkc9.com
URL: https://kupfkc9.com/5e6457147fec4682b63bac15e6f0705c.gif

Domain: pic.rmb.bdstatic.com
URL: https://pic.rmb.bdstatic.com/bjh/c333d9318beb5b59bc7fd1dbe71ed7f3.gif

Domain: pic.rmb.bdstatic.com
URL: https://pic.rmb.bdstatic.com/bjh/2493e04580cf099c7502fc9b84e305f4.gif

Domain: pic.rmb.bdstatic.com
URL: https://pic.rmb.bdstatic.com/bjh/24f8d711ff99c1b9e8eda597e520496d.gif

Domain: rrtwda9.com
URL: https://rrtwda9.com/62cd0aeaa5f643f1bb47ad6e911d87a9.gif

Domain: www.9aijavbus.org
URL: https://www.9aijavbus.org:4704/WZfn/z-14107-Y-x/tah/Bz701y70142740166

Domain: www.9aijavbus.org
URL: https://www.9aijavbus.org:4704/WZfn/z-14107-Y-x/tah/Bz701y70142740199

Domain: www.ddys031.top
URL: http://www.ddys031.top/template/m1938pc/images/video-mask.png

Domain: www.9aijavbus.org
URL: https://www.9aijavbus.org:4704/WZfn/z-14107-Y-x/tah/Bz701y70142740236

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.js?c5041fd097b4558235a48bad96ad14bd

Domain: ia.51.la
URL: http://ia.51.la/go1?id=21276283&rt=1654909457675&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1654909457675&tt=%25E5%25AE%2585%25E7%2594%25B7%25E5%25BD%25B1%25E8%25A7%2586-%25E5%25AE%2585%25E7%2594%25B7%25E7%25A4%25BE%25E5%258C%25BA-%25E5%25AE%2585%25E7%2594%25B7%25E8%25B5%2584%25E6%25BA%2590%25E7%25BD%2591-%25E6%2597%25A5%25E9%259F%25A9%25E7%25B2%25BE%25E5%2593%2581-%25E5%2585%258D%25E8%25B4%25B9%25E7%259F%25AD%25E8%25A7%2586%25E9%25A2%2591%25E5%2588%2586%25E4%25BA%25AB%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fwww.ddys031.top%252F&pu=http%253A%252F%252Fwww.saficoo.net%252F

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.js?bfe6b26f78903861e446f74e1a2f35ef

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 70D7AAD9E749AA99
.www.saficoo.net/	1970-01-20 12:27:25	Name: Hm_lvt_4be25e0e0c8202825fbfdc4be5300eb4 Value: 1654909457
.www.saficoo.net/	1969-12-31 23:59:59	Name: Hm_lpvt_4be25e0e0c8202825fbfdc4be5300eb4 Value: 1654909457

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.ddys031.top/template/m1938pc/ads/aaa.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

19719197.com
29873398.com
acoozzh.top
aliyun-static-oss.oss-cn-hongkong.aliyuncs.com
fmlb.netlbtu.com
hm.baidu.com
i.loli.net
ia.51.la
img-l3.xnxx-cdn.com
img.ylkjit.com
js.users.51.la
kupfkc9.com
kvezz.com
kvheee.top
kvkccc.top
kzeaa.com
kzerr.com
p26.toutiaoimg.com
p3.toutiaoimg.com
pic.rmb.bdstatic.com
rrtwda9.com
saficoo.net
si1.go2yd.com
www.9aijavbus.org
www.ddys031.top
www.saficoo.net
hm.baidu.com
ia.51.la
kupfkc9.com
pic.rmb.bdstatic.com
rrtwda9.com
www.9aijavbus.org
www.ddys031.top
103.235.46.191
104.252.181.78
107.148.17.189
112.90.153.42
154.23.117.87
185.10.104.115
20.239.184.9
20.24.92.84
2408:8721:820:230::64
2606:1980:8::5
2606:4700:20::ac43:4528
2606:4700:3030::6815:2164
2606:4700:3035::6815:1c98
2606:4700:3038::6815:eac6
2606:4700:3038::6815:ebad
45.154.215.92
47.75.19.24
5.180.146.112
67.198.205.125
79.133.177.230
8.252.22.243
05472939cf38a854a46d40ea0f9d19a4e5cf3aff2cb7856c720a0320df34d611
07ebe75bf154fefc3806ff5536fc0b753a607f401ea3ff5bc511ae7429e3c818
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
19513c69e53dee25a97b0d0cc08bda5a0d44750c9d82e02fc9d2a2706039e5ce
1f77b89f8b23e6121398d9c25b59498d8e566b842238e367b8a1a3be278e9f2a
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
2481afa45e1a355befb7e864809b880c2f375c14978c065b57afb5ea2067baea
2e292531362f37bf7a1cd01330efb234450b1f836e975c55f2b2179c0be32ae6
3011f4fab001f3af1c122c6e03b73e2dd60da42ee7e1f692dc917cd254e65045
322b7417369dc6f3ee2ab835e294f53eaa7a310f474ad8a36c2d6023b5ae62c9
3c436727f0ed0d6aed138c044643297b0da40e8c893bcc5e243223204dba3ea5
3ec3f55f76ee1f29f890643d1682caf56fca75bafac14e8ac35248f1ff74a32a
436b2eb2a47dc5c1ea5ebe1b4d778f141f80a404b0bed89030c90ebe48ba2df7
4a47635545c65caa4fdef25aa6781ce4d7243c9e55fc1cf1059c55a6e490b43d
4d19873600fd2ee2a5f46a9bab57baede6b98ee4947d71fdc8a47ebc71c43702
4ece6df8bead56d5893cae4fd33cdb1f2e8c9e221213f3e006111437ff81a688
57c26a7abadc1c3bab8a592009917d28bb3b1742360e31c04aeb840e223be92d
5e3473c5a974705b59872614b21e3a20c570c18425388a45a03335c4cc2094c0
630c6a955789d5bb6311db75ce52e57ff4c12074ef5a5a080cf5459f907e9dc1
662177e6d9d868e7608d9cfa2d799278c29bd3998dcfbe96875c586a6ec048c8
70bf226170936b0374026d0aeafa269fae3876452d9f88294d20858b6fe4db88
861c17e5363f328ff8c27d6a64e115b29a875b22e909a84429915ac8d063009b
875df0b0cd9c9e81618eaf099d32f10491bef951ef47e290cc680e9bdb390795
92f18139e193a5f209f480d2d169c9b7ba4317c538ca379611326d6a46f6c0a9
99d42fadb89f610932b156d7f2a7346699ec0e4b6ef7600f13536d9a032e3894
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
b3e8b0b20b32071c827c56f3b9e57537175610f8f8e6c59439665e2e2d80d931
b5c7257b4783b028b1532cbbb69bdacd4935ce36e740cd4621464a846094dce8
b81a0cb976014b1880f6340b0d61b0313e1563d1316a4e3ff1e6cd05b5b4616f
bfc7d5465377d1fc4d2902703a1c4f0e97c9c4a9ccfdd5dc4024ad80cbc350ad
caf430453a6973b82b1f51a1cfca5ce65ac2ce5b0e354be296e332c91d98e4bc
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dacd701e294b0309fd299f8a6fa1f1bfb2f1da43739f51be8f6d8fbaddefbe3a
e037eddfb14fe53349ee931874c18b7983dda619c9bd11f4575d634a9f9bfd0f
e14d6c21be00d3e8653cece8ac3c795949d8bc16871c791864985ceddfbc32f0
e257388f8d1b060d1329903643bc89874d90731d6bbdb5513e05ade4800d7fc4

www.saficoo.net Open in urlscan Pro 154.23.117.87 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

57 Requests

53 %HTTPS

33 %IPv6

23 Domains

26 Subdomains

19 IPs

4 Countries

3827 kBTransfer

5947 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.saficoo.net Open in urlscan Pro
154.23.117.87 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

53 %
HTTPS

33 %
IPv6

23
Domains

26
Subdomains

19
IPs

4
Countries

3827 kB
Transfer

5947 kB
Size

3
Cookies

57 HTTP transactions
0 data transactions