urlscan.io logo urlscan.io
SecurityTrails logo

2uiwceoy2qld.live Open in urlscan Pro
18.166.101.140  Public Scan

Go To Rescan Add Verdict Report
URL: https://2uiwceoy2qld.live/
Submission: On June 16 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 4 domains to perform 60 HTTP transactions. The main IP is 18.166.101.140, located in Hong Kong and belongs to AMAZON-02, US. The main domain is 2uiwceoy2qld.live.
TLS certificate: Issued by E5 on June 14th 2024. Valid for: 3 months.
This is the only time 2uiwceoy2qld.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 18.166.101.140 16509 (AMAZON-02)
10 223.121.15.24 58453 (CMI-INT-H...)
16 23.90.149.106 21859 (ZEN-ECN)
12 90.84.161.22 2285 (OCB_HONEY...)
2 111.45.11.83 56040 (CMNET-GUA...)
2 43.152.26.151 139341 (ACE-AS-AP...)
10 43.152.26.142 139341 (ACE-AS-AP...)
3 43.152.26.104 139341 (ACE-AS-AP...)
3 2606:4700:311... 13335 (CLOUDFLAR...)
60 10
2    18.166.101.140 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-166-101-140.ap-east-1.compute.amazonaws.com
2uiwceoy2qld.live
10    223.121.15.24 (Hong Kong)

ASN58453 (CMI-INT-HK China Mobile International Limited, HK)
io1.c2.ddcsdt.com
16    23.90.149.106 (Frankfurt am Main, Germany)

ASN21859 (ZEN-ECN, US)
io2.c2.ddcsdt.com
io3.c2.ddcsdt.com
io1.c2.ddcsdt.com
12    90.84.161.22 (France)

ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR)
io4.c2.ddcsdt.com
io5.c2.ddcsdt.com
2    111.45.11.83 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)
hm.baidu.com
2    43.152.26.151 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
io5.c1.ddcsdt.com
10    43.152.26.142 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
io7.c1.ddcsdt.com
io6.c1.ddcsdt.com
io5.c1.ddcsdt.com
io9.c1.ddcsdt.com
3    43.152.26.104 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
io8.c1.ddcsdt.com
3    2606:4700:3110::6812:34c9 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.staticfile.org
Domain Requested by
13 io1.c2.ddcsdt.com 2uiwceoy2qld.live
io1.c2.ddcsdt.com
8 io5.c2.ddcsdt.com 2uiwceoy2qld.live
7 io3.c2.ddcsdt.com 2uiwceoy2qld.live
io1.c2.ddcsdt.com
6 io2.c2.ddcsdt.com 2uiwceoy2qld.live
io1.c2.ddcsdt.com
5 io7.c1.ddcsdt.com io1.c2.ddcsdt.com
4 io4.c2.ddcsdt.com 2uiwceoy2qld.live
3 cdn.staticfile.org io1.c2.ddcsdt.com
io4.c2.ddcsdt.com
io5.c2.ddcsdt.com
3 io8.c1.ddcsdt.com io1.c2.ddcsdt.com
3 io5.c1.ddcsdt.com io2.c2.ddcsdt.com
io1.c2.ddcsdt.com
2 io9.c1.ddcsdt.com io1.c2.ddcsdt.com
2 io6.c1.ddcsdt.com io1.c2.ddcsdt.com
2 hm.baidu.com 2uiwceoy2qld.live
2 2uiwceoy2qld.live io4.c2.ddcsdt.com
60 13

This site contains links to these domains. Also see Links.

Domain
ucntlo.2hsfxlsfc90v.life
8808ynl.hr5t8o375130.life
967qghop.k3ee0cy7t572.life
u7jn.b31jcow6s3rk.life
273jn.rmrohh6y2fok.life
8898jn.ibeg09ql82pe.life
1877jn.u8jxkye5os6k.life
8228jn.r6hm4zg9xy29.life
2023jn.sgq82pbt7it6.life
9797jn.kswrtfb0bser.life
967kxtiy.s90drq4mj33u.life
8808fhh.uici8accevla.life
2050jn.2vpsuzjq5pji.life
918jn.kss9z9r4rqf7.life
u7zbj.b31jcow6s3rk.life
2023cyt.sgq82pbt7it6.life
918jn.wnndhgrm7vpu.life
9797gjp.kswrtfb0bser.life
ffojho.xjfh5h0iamwr.life
8898zbcz.ibeg09ql82pe.life
8808fal.7v0d26l94166.life
273zbcz.rmrohh6y2fok.life
2023jbp.sgq82pbt7it6.life
2050zbx.2vpsuzjq5pji.life
1877zbx.u8jxkye5os6k.life
8898cxz.ibeg09ql82pe.life
mrbsi2qimy.shop
cfbvhr.i8fb4o1ut1sm.life
www06934.com
spi.00853kjr.com
gcirhh.q84mbkl0wbdg.life
gtuomz.geagkuskqd7t.life
rud.00853kjr.com
500tk.pvfr6ztf6rdkbrz.top
500tk.gbe7wg3cc6oldi1.top
mto.twkjc.com
8808uxr.9zwg6bz1jk6g.life
967uydva.ek3dj3tjxo9g.life
u7sbx.b31jcow6s3rk.life
2023ggz.sgq82pbt7it6.life
9797hj.kswrtfb0bser.life
xrqglg.geagkuskqd7t.life
ufenxa.pno62v3cbans.life
8898hj.ibeg09ql82pe.life
8898hj.n2woq0lkbs.com
nkzan.saylrbcy.com
967fogka.c3l8qzzq8kc0.life
jrfyh.saylrbcy.com
oedgu.saylrbcy.com
ysgvwe.q84mbkl0wbdg.life
vuwhtl.q84mbkl0wbdg.life
sdaroi.2hsfxlsfc90v.life
qmczhu.m03l65wdoe3o.life
iikors.2hsfxlsfc90v.life
wyygs.saylrbcy.com
jrzor.saylrbcy.com
8228hj.r6hm4zg9xy29.life
2050hj.2vpsuzjq5pji.life
1877hj.u8jxkye5os6k.life
dses0kwxrm9wm.cloudfront.net
918zbcz.wnndhgrm7vpu.life
jfdadv.pno62v3cbans.life
tbzhfr.mx8p8kgi3d91.life
chkeby.2hsfxlsfc90v.life
czgzfb.mx8p8kgi3d91.life
qrqaze.3a4zs3vo16n8.life
2023hj.sgq82pbt7it6.life
u7hj.b31jcow6s3rk.life
gld45a.cqxqlsz.com
kmjdhz.xyz
273zbczaz.xc7tqpio3f.life
lpktw.vlxlvibn.com
8898ydh.ibeg09ql82pe.life
8898cxz.utikmfi6s2.life
bw3r5.cwnybq.com
u7ydh.b31jcow6s3rk.life
2050ydh.2vpsuzjq5pji.life
tpe83b.xinchaoshan.com
8228ydh.r6hm4zg9xy29.life
8228xmaz.xr4m8lvkwk.life
clbpt.saylrbcy.com
918cxz.wnndhgrm7vpu.life
1877ydh.u8jxkye5os6k.life
kmwtzs.xyz
9797ydh.kswrtfb0bser.life
9797xmaz.rdmp3cvpga.life
967oondc.c3l8qzzq8kc0.life
967wbowp.i0bv4aj1g1b5.life
2023ydh.sgq82pbt7it6.life
gshzw.xyz
Subject Issuer Validity Valid
2x40tud0m7vf.live
E5		 2024-06-14 -
2024-09-12		 3 months crt.sh
c2.ddcsdt.com
R3		 2024-06-06 -
2024-09-04		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
c1.ddcsdt.com
R3		 2024-05-27 -
2024-08-25		 3 months crt.sh
cdn.staticfile.org
WE1		 2024-06-10 -
2024-09-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://2uiwceoy2qld.live/
Frame ID: 8BCBBE5FFF6EA1D4D470D95C85D219FD
Requests: 78 HTTP requests in this frame

Frame: https://2uiwceoy2qld.live/iframe/3/8.html
Frame ID: 6DF8A6158FA35828067318355BD441F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

澳門正版傳真

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

100 %
HTTPS

11 %
IPv6

4
Domains

13
Subdomains

10
IPs

5
Countries

2614 kB
Transfer

8792 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
2uiwceoy2qld.live/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.166.101.140 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-166-101-140.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f7456ffeba7695a0091cec91ed4b030875ec3d93074905b9da72b9188471fb3f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8 text/html; charset=utf-8
date
Sun, 16 Jun 2024 00:01:35 GMT
server
nginx
vary
Accept-Encoding
lazysizes-umd.min.js
io1.c2.ddcsdt.com/static/label/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/lazysizes-umd.min.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE10[2],EU-GER-frankfurt-EDGE2-CACHE7[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE14[305],EU-FRA-paris-GLOBAL1-CACHE7[301,TCP_MISS,304]
age
1861485
alt-svc
h3=":443"; ma=2592000
content-length
3655
last-modified
Fri, 03 May 2024 07:11:24 GMT
server
openresty
etag
W/"66348e1c-1ee0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
26c62872132d9cf490f5219667021d15
x-ccdn-expires
730521
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Sat, 01 Jun 2024 10:56:50 GMT
label-com4.js
io1.c2.ddcsdt.com/static/label/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/label-com4.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
7e1bb46307f9533bd884999a404c30df1de8ac6254b79b3337ae8342e95f082a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE10[3],EU-GER-frankfurt-EDGE2-CACHE15[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE7[2],EU-FRA-paris-GLOBAL1-CACHE30[0,TCP_HIT,1]
age
1354596
alt-svc
h3=":443"; ma=2592000
content-length
2223
last-modified
Fri, 03 May 2024 07:11:24 GMT
server
openresty
etag
W/"66348e1c-174b"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
7f308195fb57240101bf68ee69c3d095
x-ccdn-expires
1237410
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Fri, 07 Jun 2024 07:39:29 GMT
ls.unveilhooks.min.js
io1.c2.ddcsdt.com/static/label/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/ls.unveilhooks.min.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE10[2],EU-GER-frankfurt-EDGE2-CACHE6[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE15[3],EU-FRA-paris-GLOBAL1-CACHE6[0,TCP_HIT,2]
age
1861485
alt-svc
h3=":443"; ma=2592000
content-length
850
last-modified
Fri, 03 May 2024 07:11:24 GMT
server
openresty
etag
W/"66348e1c-750"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
d40c4a8727db02c82f9241c02d32e11e
x-ccdn-expires
730520
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Sat, 01 Jun 2024 10:52:23 GMT
jquery-1.10.2.min.js
io1.c2.ddcsdt.com/static/label/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/static/label/jquery-1.10.2.min.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE10[1],EU-GER-frankfurt-EDGE2-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE9[2],EU-FRA-paris-GLOBAL1-CACHE19[0,TCP_HIT,2]
age
1861485
alt-svc
h3=":443"; ma=2592000
content-length
36015
last-modified
Fri, 03 May 2024 07:11:24 GMT
server
openresty
etag
W/"66348e1c-16bac"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
8fe113f34492c9875bf3382a0b94e260
x-ccdn-expires
730520
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Sat, 01 Jun 2024 10:52:25 GMT
cd6327f630a800e7.js
io2.c2.ddcsdt.com/upload/script/06/ 		104 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io2.c2.ddcsdt.com/upload/script/06/cd6327f630a800e7.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
9e96ed0d6bc9447b1c375c05c81d97ebb6d820f460a5a64ecf4a27d6fffcd19d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE1[625],EU-GER-frankfurt-EDGE4-CACHE2[622,TCP_MISS,624],EU-FRA-paris-GLOBAL1-CACHE25[310],EU-FRA-paris-GLOBAL1-CACHE23[305,TCP_MISS,308]
age
1
x-ccdn-origin-time
305
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:52 GMT
server
openresty
etag
W/"666e19dc-19fa4"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
9e4252a6e8608859bba22ce20c30ecbb
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:35 GMT
4ccbea39c7cdc447.js
io4.c2.ddcsdt.com/upload/script/06/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io4.c2.ddcsdt.com/upload/script/06/4ccbea39c7cdc447.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
6dc30a3a0c35b08daa1803215cc3ec38095ce121bc36bad48245b69e47260d09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE3[17],EU-GER-frankfurt-EDGE5-CACHE5[13,TCP_MISS,16],EU-FRA-paris-GLOBAL1-CACHE10[3],EU-FRA-paris-GLOBAL1-CACHE26[0,TCP_HIT,1]
age
1
alt-svc
h3=":443"; ma=2592000
content-length
3655
last-modified
Sat, 15 Jun 2024 07:49:26 GMT
server
openresty
etag
W/"666d4786-2eac"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
1b23ef61c63d626ba1c7362eb0772a90
x-ccdn-expires
2542122
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Sat, 22 Jun 2024 10:10:17 GMT
4f057db97ffb7fa2.js
io4.c2.ddcsdt.com/upload/script/06/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io4.c2.ddcsdt.com/upload/script/06/4f057db97ffb7fa2.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
09513733179370946004c6aabb5c1397a8602dc411ffadb9257ba001b432d27f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE3[3],EU-GER-frankfurt-EDGE5-CACHE3[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE16[3],EU-FRA-paris-GLOBAL1-CACHE17[0,TCP_HIT,2]
age
1249406
alt-svc
h3=":443"; ma=2592000
content-length
2132
last-modified
Fri, 31 May 2024 16:18:48 GMT
server
openresty
etag
W/"6659f868-fb0"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
65a15813348cfe5651635f9d7ab258af
x-ccdn-expires
1342594
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Fri, 07 Jun 2024 19:17:34 GMT
abd114e231ad6e25.js
io5.c2.ddcsdt.com/upload/script/06/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/06/abd114e231ad6e25.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
fe99c588fbb84556eba7eaa9d4a357665894663de9198595a70260963b65ccdd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE4[625],EU-GER-frankfurt-EDGE5-CACHE4[621,TCP_MISS,625],EU-FRA-paris-GLOBAL1-CACHE4[612],EU-FRA-paris-GLOBAL1-CACHE26[607,TCP_MISS,610]
age
1
x-ccdn-origin-time
607
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:52 GMT
server
openresty
etag
W/"666e19dc-8b8"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
5af1f987afd39e7a64733b8b8bdd9438
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:36 GMT
50e8fb578d50c219.js
io1.c2.ddcsdt.com/upload/script/06/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/upload/script/06/50e8fb578d50c219.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
4a370ab9da00ceae06d44e463e56b3c22ebe178a3a622a514f200c7aa88d939e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE10[973],EU-GER-frankfurt-EDGE2-CACHE4[970,TCP_MISS,971],EU-FRA-paris-GLOBAL1-CACHE14[906],EU-FRA-paris-GLOBAL1-CACHE20[901,TCP_MISS,905]
age
1
x-ccdn-origin-time
901
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:52 GMT
server
openresty
etag
W/"666e19dc-2e08"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
814641e22cbd2395a93f5066831dced3
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:36 GMT
43fbb96ff53204b3.js
io5.c2.ddcsdt.com/upload/script/06/ 		2 MB
377 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/06/43fbb96ff53204b3.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
4a64fce1b45262bf0de48fdb56e888134dc59026636b97539deda3d3ca7ed1ad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE4[45],EU-GER-frankfurt-EDGE5-CACHE5[41,TCP_MISS,44],EU-FRA-paris-GLOBAL1-CACHE2[29],EU-FRA-paris-GLOBAL1-CACHE17[0,TCP_HIT,25]
age
1
alt-svc
h3=":443"; ma=2592000
content-length
385354
last-modified
Sat, 15 Jun 2024 11:20:59 GMT
server
openresty
etag
W/"666d791b-2768fc"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
297497f6d6f4cbbb54b39edddf00103d
x-ccdn-expires
2587616
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Sat, 22 Jun 2024 22:48:30 GMT
7a68dab638a54e1a.js
io2.c2.ddcsdt.com/upload/script/06/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io2.c2.ddcsdt.com/upload/script/06/7a68dab638a54e1a.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
92b6fd33b822141a60b029b0fef76cbacb979ab6645851aa3ef4f37b870f8204
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE1[320],EU-GER-frankfurt-EDGE4-CACHE1[315,TCP_MISS,318],EU-FRA-paris-GLOBAL1-CACHE25[307],EU-FRA-paris-GLOBAL1-CACHE15[303,TCP_MISS,305]
age
1
x-ccdn-origin-time
303
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:52 GMT
server
openresty
etag
W/"666e19dc-10f4"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
ad8632b0545e19daf8d8c38d6900ddc9
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:35 GMT
907d76ef5fbb1f2e.js
io3.c2.ddcsdt.com/upload/script/06/ 		1 MB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/script/06/907d76ef5fbb1f2e.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
bc985d748ff38282dad9acbe921cfe59668bf285900210aea0e728885d3fc052
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE2[630],EU-GER-frankfurt-EDGE4-CACHE2[625,TCP_MISS,629],EU-FRA-paris-GLOBAL1-CACHE4[312],EU-FRA-paris-GLOBAL1-CACHE11[308,TCP_MISS,311]
age
1
x-ccdn-origin-time
308
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:53 GMT
server
openresty
etag
W/"666e19dd-16372c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
79c51905c651a7a7480a19549a8fce69
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:35 GMT
0cb47e24f49f9f31.js
io5.c2.ddcsdt.com/upload/script/06/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/06/0cb47e24f49f9f31.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
b8d6b288b8446f1929cf4c8c56f182ab8c7def628445195368ba91994a7cb455
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE4[323],EU-GER-frankfurt-EDGE5-CACHE2[319,TCP_MISS,321],EU-FRA-paris-GLOBAL1-CACHE16[309],EU-FRA-paris-GLOBAL1-CACHE27[305,TCP_MISS,308]
age
1
x-ccdn-origin-time
305
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:53 GMT
server
openresty
etag
W/"666e19dd-183c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
6479f565a165a2364aebcfde64b65122
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:35 GMT
a1b8705044433537.js
io2.c2.ddcsdt.com/upload/script/06/ 		144 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io2.c2.ddcsdt.com/upload/script/06/a1b8705044433537.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
a3d70b1186b8a5d5013f23d176eb6378fc94c40b8d7cf9f2beafc27d4237a0d8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE1[321],EU-GER-frankfurt-EDGE4-CACHE2[318,TCP_MISS,320],EU-FRA-paris-GLOBAL1-CACHE20[307],EU-FRA-paris-GLOBAL1-CACHE29[305,TCP_MISS,307]
age
1
x-ccdn-origin-time
305
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:53 GMT
server
openresty
etag
W/"666e19dd-24190"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
080b517b9f45ac2a8c0c6f9fc829052b
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:35 GMT
89409a2998aa0dc5.js
io1.c2.ddcsdt.com/upload/script/06/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/upload/script/06/89409a2998aa0dc5.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
80df3e87fa819dff5d463a2df533294e4a7f141a5f9bd3225fee4b0d05f1019d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE10[29],EU-GER-frankfurt-EDGE2-CACHE5[26,TCP_MISS,27],EU-FRA-paris-GLOBAL1-CACHE15[15],EU-FRA-paris-GLOBAL1-CACHE18[0,TCP_HIT,12]
age
1
alt-svc
h3=":443"; ma=2592000
content-length
9579
last-modified
Sat, 15 Jun 2024 22:46:53 GMT
server
openresty
etag
W/"666e19dd-9860"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
845cc0844b1345044cd0892e247bd062
x-ccdn-expires
2587615
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Sat, 22 Jun 2024 22:48:29 GMT
547b2717c673d106.js
io5.c2.ddcsdt.com/upload/script/06/ 		44 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/06/547b2717c673d106.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
c813254b2e29891eac79d3510e90a86627fe3cf70ee94db27d53848841f8cd85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE4[322],EU-GER-frankfurt-EDGE5-CACHE5[319,TCP_MISS,321],EU-FRA-paris-GLOBAL1-CACHE4[309],EU-FRA-paris-GLOBAL1-CACHE26[304,TCP_MISS,307]
age
1
x-ccdn-origin-time
304
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:53 GMT
server
openresty
etag
W/"666e19dd-b09c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
89e55f7521a2decb789f1123d860c1ec
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:35 GMT
6004a74bdc7775c0.js
io5.c2.ddcsdt.com/upload/script/06/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/06/6004a74bdc7775c0.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
50de24aec8227739bb16ca9cd970e18a87f4fadd325a8fd89c1ad5a090aa312e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE4[631],EU-GER-frankfurt-EDGE5-CACHE1[625,TCP_MISS,628],EU-FRA-paris-GLOBAL1-CACHE29[615],EU-FRA-paris-GLOBAL1-CACHE8[608,TCP_MISS,611]
age
1
x-ccdn-origin-time
608
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:53 GMT
server
openresty
etag
W/"666e19dd-9e30"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
4a9be38678d21ea2fc4c351c9182e1b2
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:36 GMT
92c46908b74a16fe.js
io1.c2.ddcsdt.com/upload/script/06/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/upload/script/06/92c46908b74a16fe.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
83a69978436602ea81f88c834e28f3fc7fb922f00cf6fe98da23c1a405c34add
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE10[48],EU-GER-frankfurt-EDGE2-CACHE11[43,TCP_MISS,45],EU-FRA-paris-GLOBAL1-CACHE16[27],EU-FRA-paris-GLOBAL1-CACHE30[0,TCP_HIT,23]
age
1
alt-svc
h3=":443"; ma=2592000
content-length
8969
last-modified
Sat, 15 Jun 2024 22:46:53 GMT
server
openresty
etag
W/"666e19dd-7c50"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
6c2c86ea5e8915267486fc4d22c234bd
x-ccdn-expires
2587614
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Sat, 22 Jun 2024 22:48:29 GMT
b4f6103189af3781.js
io3.c2.ddcsdt.com/upload/script/06/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/script/06/b4f6103189af3781.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
d68f140ae757d12796be8b152660f7ddaa7f81103c894bbb54fc411a149d9615
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE2[324],EU-GER-frankfurt-EDGE4-CACHE1[320,TCP_MISS,322],EU-FRA-paris-GLOBAL1-CACHE30[311],EU-FRA-paris-GLOBAL1-CACHE11[305,TCP_MISS,309]
age
1
x-ccdn-origin-time
305
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:53 GMT
server
openresty
etag
W/"666e19dd-ae9c"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
6449ca2b450b8efbe09b3d1f2fa1326e
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:35 GMT
d5055b8f2cc035a8.js
io4.c2.ddcsdt.com/upload/script/06/ 		95 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io4.c2.ddcsdt.com/upload/script/06/d5055b8f2cc035a8.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
b6416616c9023f3ec1a923ec437aa044fd2d17f00faba5dfb35b53631cd725db
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE3[931],EU-GER-frankfurt-EDGE5-CACHE1[927,TCP_MISS,930],EU-FRA-paris-GLOBAL1-CACHE9[612],EU-FRA-paris-GLOBAL1-CACHE2[608,TCP_MISS,610]
age
1
x-ccdn-origin-time
608
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:54 GMT
server
openresty
etag
W/"666e19de-17ba8"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
1d6523f98e8e49efef6d3c7b0fbc5ba7
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:36 GMT
112c7fc0dd986220.js
io1.c2.ddcsdt.com/upload/script/06/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/upload/script/06/112c7fc0dd986220.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
b6198a4bc2313b40397c9bd8ef938b62a470ab5179f6d07d936a4093852c0aa6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE2-CACHE10[40],EU-GER-frankfurt-EDGE2-CACHE15[35,TCP_MISS,37],EU-FRA-paris-GLOBAL1-CACHE22[25],EU-FRA-paris-GLOBAL1-CACHE26[0,TCP_HIT,22]
age
1
alt-svc
h3=":443"; ma=2592000
content-length
8599
last-modified
Sat, 15 Jun 2024 22:46:54 GMT
server
openresty
etag
W/"666e19de-a018"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
6a9bd30459d66f4be5bef85917cc2009
x-ccdn-expires
2587615
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Sat, 22 Jun 2024 22:48:29 GMT
9ce82b0b7b94c189.js
io3.c2.ddcsdt.com/upload/script/06/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/script/06/9ce82b0b7b94c189.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
25574ace15984104b68a72b0b6510e6c3e85840d72808832f9471e7dd5bae3d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE2[34],EU-GER-frankfurt-EDGE4-CACHE1[26,TCP_MISS,31],EU-FRA-paris-GLOBAL1-CACHE15[16],EU-FRA-paris-GLOBAL1-CACHE5[0,TCP_HIT,15]
age
1
alt-svc
h3=":443"; ma=2592000
content-length
5967
last-modified
Sat, 15 Jun 2024 22:46:54 GMT
server
openresty
etag
W/"666e19de-6814"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
4119cf92f7e28b7db5c2ec616a2e42a6
x-ccdn-expires
2587615
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Sat, 22 Jun 2024 22:48:30 GMT
e10b6a659b21347e.js
io3.c2.ddcsdt.com/upload/script/06/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/script/06/e10b6a659b21347e.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
eaef3554d18846ed0d98876c67ebb000d0b5dff8f8372cd8346733eda8af3aae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE2[625],EU-GER-frankfurt-EDGE4-CACHE2[621,TCP_MISS,624],EU-FRA-paris-GLOBAL1-CACHE20[611],EU-FRA-paris-GLOBAL1-CACHE6[608,TCP_MISS,609]
age
1
x-ccdn-origin-time
608
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:54 GMT
server
openresty
etag
W/"666e19de-6fb8"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
f113ffe108b7889e4b3c7a092ddb78e1
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:36 GMT
c4d994577685dc9b.js
io5.c2.ddcsdt.com/upload/script/06/ 		100 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/06/c4d994577685dc9b.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
0bdf440f7f20e87897f543f680d14483dffa1bfe29e64757a3f8a01b01610ab2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE4[627],EU-GER-frankfurt-EDGE5-CACHE4[625,TCP_MISS,627],EU-FRA-paris-GLOBAL1-CACHE23[311],EU-FRA-paris-GLOBAL1-CACHE10[305,TCP_MISS,309]
age
1
x-ccdn-origin-time
305
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:54 GMT
server
openresty
etag
W/"666e19de-19058"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
357586a5882ebb813129dac935bd94a3
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:35 GMT
1cc71324cd3c9780.js
io2.c2.ddcsdt.com/upload/script/06/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io2.c2.ddcsdt.com/upload/script/06/1cc71324cd3c9780.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
5d398686ff1f53c50f55e5a855138a0dceb538a5ff17a294b4c3bb48a7ca3efd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE4-CACHE1[626],EU-GER-frankfurt-EDGE4-CACHE2[621,TCP_MISS,624],EU-FRA-paris-GLOBAL1-CACHE6[613],EU-FRA-paris-GLOBAL1-CACHE10[606,TCP_MISS,608]
age
1
x-ccdn-origin-time
606
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:54 GMT
server
openresty
etag
W/"666e19de-4d00"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
df9e131bdb658ab2fa4129140cf768c5
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:36 GMT
657ce3fc19141089.js
io4.c2.ddcsdt.com/upload/script/06/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io4.c2.ddcsdt.com/upload/script/06/657ce3fc19141089.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
21e2e510cebe11057bfb1e4ebfa93a55f5e27b4c6691579373362c189ff16be5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE3[326],EU-GER-frankfurt-EDGE5-CACHE3[322,TCP_MISS,323],EU-FRA-paris-GLOBAL1-CACHE14[310],EU-FRA-paris-GLOBAL1-CACHE29[306,TCP_MISS,309]
age
1
x-ccdn-origin-time
306
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:54 GMT
server
openresty
etag
W/"666e19de-4974"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
34b55dbc06abcd05e8a8b82079c17af1
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:35 GMT
769ac994deff565e.js
io5.c2.ddcsdt.com/upload/script/06/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/06/769ac994deff565e.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
0b4b7482326304552c857a1b80d2622ef58e2f92486c5868a3bf33eeb2c4333c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE4[322],EU-GER-frankfurt-EDGE5-CACHE6[318,TCP_MISS,321],EU-FRA-paris-GLOBAL1-CACHE5[309],EU-FRA-paris-GLOBAL1-CACHE6[305,TCP_MISS,308]
age
1
x-ccdn-origin-time
305
alt-svc
h3=":443"; ma=2592000
last-modified
Sat, 15 Jun 2024 22:46:54 GMT
server
openresty
etag
W/"666e19de-624"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
5ca82c0f92569a12358ee745116afbf0
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
0
expires
Sun, 23 Jun 2024 00:01:35 GMT
180463fd3069bb91.js
io5.c2.ddcsdt.com/upload/script/06/ 		149 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c2.ddcsdt.com/upload/script/06/180463fd3069bb91.js
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
90.84.161.22 , France, ASN2285 (OCB_HONEY_CDN_ASN OCB Orange Cloud Business CDN ASN, FR),
Reverse DNS
Software
openresty /
Resource Hash
fa3cc3564bb9c6d06a0ae7cc1f8744c31206d5aec610502949379af8ffc6bb0a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains
content-encoding
gzip
x-ccdn-cachettl
2592000
via
EU-GER-frankfurt-EDGE5-CACHE4[16],EU-GER-frankfurt-EDGE5-CACHE4[14,TCP_MISS,16],EU-FRA-paris-GLOBAL1-CACHE1[3],EU-FRA-paris-GLOBAL1-CACHE7[0,TCP_HIT,2]
age
1
alt-svc
h3=":443"; ma=2592000
content-length
24020
last-modified
Sat, 15 Jun 2024 07:49:32 GMT
server
openresty
etag
W/"666d478c-25598"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
e551eb3ebecfd5a5cec10ab46a71148a
x-ccdn-expires
2543021
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Sat, 22 Jun 2024 10:25:15 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?b8913d5595e1c25c33f985a777525598
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
94fd7a909433f1971639dd1566d82849137b897e8e2dedb27c55aa1b0b2fdc0d
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 16 Jun 2024 00:01:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
3ae823e5ba9f2b5f6469ec4f0a8bd676
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11264
swiper.min.css
io5.c1.ddcsdt.com/upload/skin/lib/label/gv8/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://io5.c1.ddcsdt.com/upload/skin/lib/label/gv8/swiper.min.css
Requested by
Host: io2.c2.ddcsdt.com
URL: https://io2.c2.ddcsdt.com/upload/script/06/cd6327f630a800e7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.151 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
c89e9d4e466b26ecbfe9cc55ffc1cdf68d13ff68b0d3c932f92a3b7b3e8df987
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 18:52:30 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
strict-transport-security
max-age=63072000;includeSubDomains
content-length
4408
last-modified
Wed, 28 Dec 2022 07:45:44 GMT
server
nginx
etag
W/"63abf428-3566"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
2964452922059139163
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
expires
Wed, 19 Jun 2024 18:52:30 GMT
swiper.min.js
io5.c1.ddcsdt.com/upload/skin/lib/label/gv8/ 		136 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io5.c1.ddcsdt.com/upload/skin/lib/label/gv8/swiper.min.js
Requested by
Host: io2.c2.ddcsdt.com
URL: https://io2.c2.ddcsdt.com/upload/script/06/cd6327f630a800e7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.151 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 11 May 2024 17:33:43 GMT
content-encoding
gzip
x-cache-lookup
Cache Hit
strict-transport-security
max-age=63072000;includeSubDomains
content-length
40216
last-modified
Wed, 28 Dec 2022 07:45:44 GMT
server
nginx
etag
W/"63abf428-21fb7"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
15792784788858182836
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
expires
Sat, 18 May 2024 17:33:43 GMT
truncated
/ 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c37e12eec8bbdcfc4ca8debc2103765b7c51eb550f569c90faa305cc88cd97fb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
24f264f2e0327ce076e6004e39455c
io2.c2.ddcsdt.com/upload/epy/img/202308/ac/ 		10 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io2.c2.ddcsdt.com/upload/epy/img/202308/ac/24f264f2e0327ce076e6004e39455c
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
bf5d5712b0f6409950b57217cf963202a963959101c32181748a57253fed680b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
EU-GER-frankfurt-EDGE4-CACHE2[15],EU-GER-frankfurt-EDGE4-CACHE2[0,TCP_HIT,14],EU-FRA-paris-GLOBAL1-CACHE27[4],EU-FRA-paris-GLOBAL1-CACHE18[0,TCP_HIT,2]
x-ccdn-cachettl
2592000
age
15257
alt-svc
h3=":443"; ma=2592000
content-length
9758
last-modified
Wed, 02 Aug 2023 05:56:16 GMT
server
openresty
etag
"64c9f000-261e"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
4be6da085e931a77b080a38b6afd1eeb
x-ccdn-expires
2576743
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
8.html
2uiwceoy2qld.live/iframe/3/ Frame 6DF8 		24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2uiwceoy2qld.live/iframe/3/8.html
Requested by
Host: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/4f057db97ffb7fa2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.166.101.140 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-166-101-140.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d6959b597b64aa140e9ee42d18aebc672883381d28f3486582da7db2c478ebdb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://2uiwceoy2qld.live/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8 text/html; charset=utf-8
date
Sun, 16 Jun 2024 00:01:36 GMT
server
nginx
vary
Accept-Encoding
truncated
/ 		10 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05e01aefc87f17d392fbcee1a810f4e9ae721aff004931bc3689fce479b44432

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
bb0e80dcc09b57a9cea38dc3eaa28e
io7.c1.ddcsdt.com/upload/epy/img/202310/a5/ 		48 KB
48 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io7.c1.ddcsdt.com/upload/epy/img/202310/a5/bb0e80dcc09b57a9cea38dc3eaa28e
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
0ad3bc847c4de36cdca57f2640877ef36ffb41bd57aa4c30859cff948b93352f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 08:34:59 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Tue, 24 Oct 2023 15:09:55 GMT
server
nginx
etag
"6537de43-be59"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
9523839772101763417
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
48729
c32f840c7d0de40877b293b30232d4
io1.c2.ddcsdt.com/upload/epy/img/202401/15/ 		22 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/upload/epy/img/202401/15/c32f840c7d0de40877b293b30232d4
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
1ad7a95a4fc2dd00733f6943ac306a1328dc4085459caca88122c49bf8ed63c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
EU-GER-frankfurt-EDGE4-CACHE2[3],EU-GER-frankfurt-EDGE4-CACHE1[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE29[3],EU-FRA-paris-GLOBAL1-CACHE2[0,TCP_HIT,2]
x-ccdn-cachettl
2592000
age
97501
alt-svc
h3=":443"; ma=2592000
content-length
22986
last-modified
Thu, 04 Jan 2024 09:03:34 GMT
server
openresty
etag
"65967466-59ca"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
b38caff07af0a029fb72d5485cc6d1a8
x-ccdn-expires
2494505
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
133d4de51be4383a7f264d5a6d055d
io1.c2.ddcsdt.com/upload/epy/img/202311/b9/ 		11 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/upload/epy/img/202311/b9/133d4de51be4383a7f264d5a6d055d
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
7bcff88ccb15c66db92016b9baa02cd480233db0769f74a77a4a257bcd97fc2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
EU-GER-frankfurt-EDGE4-CACHE2[4],EU-GER-frankfurt-EDGE4-CACHE1[0,TCP_HIT,2],EU-FRA-paris-GLOBAL1-CACHE5[5],EU-FRA-paris-GLOBAL1-CACHE14[0,TCP_HIT,2]
x-ccdn-cachettl
2592000
age
169474
alt-svc
h3=":443"; ma=2592000
content-length
11683
last-modified
Fri, 10 Nov 2023 06:01:53 GMT
server
openresty
etag
"654dc751-2da3"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
02f728771904c339ae399bbbc3d0bd33
x-ccdn-expires
2422526
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
b9133d4de51be4383a7f264d5a6d055d
io3.c2.ddcsdt.com/upload/epy/2023/11/04/ 		11 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/epy/2023/11/04/b9133d4de51be4383a7f264d5a6d055d
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
6ecf2230fbec56057f171ee5c79600c04d071471d5b0afe1cf3f4aec232d5778
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
EU-GER-frankfurt-EDGE4-CACHE2[3],EU-GER-frankfurt-EDGE4-CACHE2[0,TCP_HIT,1],EU-FRA-paris-GLOBAL1-CACHE21[3],EU-FRA-paris-GLOBAL1-CACHE1[0,TCP_HIT,2]
x-ccdn-cachettl
2592000
age
135003
alt-svc
h3=":443"; ma=2592000
content-length
11683
last-modified
Sat, 04 Nov 2023 05:48:20 GMT
server
openresty
etag
"6545db24-2da3"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
d4a0f8609b5d802fac5c9fee31ea2ff6
x-ccdn-expires
2456997
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
f3200e9dedc7a3d30d852c2fa45bdc
io7.c1.ddcsdt.com/upload/epy/img/202312/3e/ 		79 KB
80 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io7.c1.ddcsdt.com/upload/epy/img/202312/3e/f3200e9dedc7a3d30d852c2fa45bdc
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
f3da6cec147237d9d59f0c41e34eb63f4f9dc668ca494f664ab3a145371f03c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 08:34:59 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Thu, 28 Dec 2023 06:17:37 GMT
server
nginx
etag
"658d1301-13d5c"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
16814452432284239472
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
81244
52991abe74c4abfe0052ee5a7980f1
io8.c1.ddcsdt.com/upload/epy/img/202312/84/ 		35 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io8.c1.ddcsdt.com/upload/epy/img/202312/84/52991abe74c4abfe0052ee5a7980f1
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
3aed4ff451746f433a8b382ccd3478ac26f028c9acc5acfb6b5bd3b15edd8f9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 06:13:27 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Sun, 10 Dec 2023 14:30:04 GMT
server
nginx
etag
"6575cb6c-8c3d"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
16571773574330281556
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
35901
51b625556791c23f777971f9e1f299
io7.c1.ddcsdt.com/upload/epy/img/202309/31/ 		54 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io7.c1.ddcsdt.com/upload/epy/img/202309/31/51b625556791c23f777971f9e1f299
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
e01b5b904f450e7710c2551d9fa9a89fc6b9203d407c4c1b8d4da91f026edb92
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 10:59:08 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Tue, 05 Sep 2023 15:06:03 GMT
server
nginx
etag
"64f743db-d6a5"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
18148990551677041939
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
54949
hands.gif
io1.c2.ddcsdt.com/upload/skin/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io1.c2.ddcsdt.com/upload/skin/image/hands.gif
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
1cd58a68382a9c100ea6fe61cbd7e8e4fab4bbf41c8845a7485b8e071ab7d1f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
EU-GER-frankfurt-EDGE2-CACHE10[2],EU-GER-frankfurt-EDGE2-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE25[3],EU-FRA-paris-GLOBAL1-CACHE24[0,TCP_HIT,1]
x-ccdn-cachettl
2592000
age
6712780
alt-svc
h3=":443"; ma=2592000
content-length
1630
last-modified
Thu, 29 Jun 2023 05:54:33 GMT
server
openresty
etag
"649d1c99-65e"
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
781fc6230d31e5cb7f27c34c47831d72
x-ccdn-expires
1064694
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Mon, 29 Apr 2024 06:11:27 GMT
truncated
/ 		22 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d8d97ef216b84889d694c081cb098db8ae1bd015a9fcf966bbaac167c01c1bc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		11 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27230e3d243bc417f364376807b09235db248c548d180a76cb8de6d32c8c9148

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
fef03e7c0c87285fd948f8581f0524
io8.c1.ddcsdt.com/upload/epy/img/202308/11/ 		181 KB
181 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io8.c1.ddcsdt.com/upload/epy/img/202308/11/fef03e7c0c87285fd948f8581f0524
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
be8175b7b8d932a3fe811007a12b1e28ce2c8cded3c4f63e35c90eef38c2edcb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 16:04:40 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Mon, 14 Aug 2023 07:18:47 GMT
server
nginx
etag
"64d9d557-2d2b1"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
2320215044857520934
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
185009
3cfdc1c15d445f4c75f56674c84311
io8.c1.ddcsdt.com/upload/epy/img/202312/b4/ 		232 KB
233 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io8.c1.ddcsdt.com/upload/epy/img/202312/b4/3cfdc1c15d445f4c75f56674c84311
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
7062307e651b1cb525a214ee8dc565ee3bb0756f96a69d5bda2b9747f184b22b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 08:34:59 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Wed, 27 Dec 2023 07:49:27 GMT
server
nginx
etag
"658bd707-3a1dd"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
3447762047622487017
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
238045
bg01_230711.jpg
io1.c2.ddcsdt.com/upload/skin/image/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io1.c2.ddcsdt.com/upload/skin/image/bg01_230711.jpg
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
223.121.15.24 , Hong Kong, ASN58453 (CMI-INT-HK China Mobile International Limited, HK),
Reverse DNS
Software
openresty /
Resource Hash
9030ccc2c62cf0f887bd446d7291611041ab8585e222c8e82a05dc9a81fdb6cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
EU-GER-frankfurt-EDGE2-CACHE8[2],EU-GER-frankfurt-EDGE2-CACHE15[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE22[2],EU-FRA-paris-GLOBAL1-CACHE14[0,TCP_HIT,2]
x-ccdn-cachettl
2592000
age
6701017
alt-svc
h3=":443"; ma=2592000
content-length
2410
last-modified
Tue, 25 Jul 2023 09:54:10 GMT
server
openresty
etag
"64bf9bc2-96a"
access-control-allow-methods
GET,POST,OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
556a9c249a82c0fef611bf2ae24f9895
x-ccdn-expires
1128734
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
expires
Mon, 29 Apr 2024 06:45:38 GMT
truncated
/ 		54 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1179f1385ae20fa1aabc89092856811015a7e30013761e3b7c25bb87b6e634c4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		35 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3cddeac6bf8dac35712d5db84367dc8de4ea89a6a0b82c94eb6b9fb353b338c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		79 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88e83a8d67630e22b201264b152d511ce56d4c4252112482ad34b30517ba0d33

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		48 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f55a170649ef9a759552334f2d900289c63c7911501d1c1d9d3fe10e283f2c13

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		181 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
22782d05371a738a182a52dc5cebdb3fe119a233415d4e8b69586f70aba2fbbf

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=290068554&si=b8913d5595e1c25c33f985a777525598&v=1.3.0&lv=1&sn=37327&r=0&ww=1600&u=https%3A%2F%2F2uiwceoy2qld.live%2F&tt=%E6%BE%B3%E9%96%80%E6%AD%A3%E7%89%88%E5%82%B3%E7%9C%9F
Requested by
Host: 2uiwceoy2qld.live
URL: https://2uiwceoy2qld.live/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 16 Jun 2024 00:01:37 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
truncated
/ 		232 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0219edce122339cfd779d826469677d881294c97941f017c466cb19ecfad5f0e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
75927264623654abce895a6f5685e8
io6.c1.ddcsdt.com/upload/epy/img/202403/f3/ 		82 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io6.c1.ddcsdt.com/upload/epy/img/202403/f3/75927264623654abce895a6f5685e8
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
aa51ab3f80996b0781e3f9567315a5d72a877ed51d5434486a2a40ddfabe880d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 14:02:39 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Thu, 21 Mar 2024 08:04:31 GMT
server
nginx
etag
"65fbea0f-147db"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
9110781231468929582
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
83931
6a0c319a7158f11d645292c5691dc7
io3.c2.ddcsdt.com/upload/epy/img/202405/4f/ 		28 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/epy/img/202405/4f/6a0c319a7158f11d645292c5691dc7
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
d2d80dae755d4c1850c9a235858a8acb5252e75474f4eee02561eeb3cd62eb6c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
EU-GER-frankfurt-EDGE4-CACHE2[1],EU-GER-frankfurt-EDGE4-CACHE1[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE5[3],EU-FRA-paris-GLOBAL1-CACHE20[0,TCP_HIT,2]
x-ccdn-cachettl
2592000
age
7064
alt-svc
h3=":443"; ma=2592000
content-length
28788
last-modified
Fri, 31 May 2024 05:22:09 GMT
server
openresty
etag
"66595e81-7074"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
3f3fb84916a1c2ee8ce84b5bcb33bbf5
x-ccdn-expires
2584943
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
6a0c319a7158f11d645292c5691dc7
io3.c2.ddcsdt.com/upload/epy/img/202405/4f/ 		28 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://io3.c2.ddcsdt.com/upload/epy/img/202405/4f/6a0c319a7158f11d645292c5691dc7
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
d2d80dae755d4c1850c9a235858a8acb5252e75474f4eee02561eeb3cd62eb6c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:37 GMT
via
EU-GER-frankfurt-EDGE4-CACHE2[1],EU-GER-frankfurt-EDGE4-CACHE1[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE5[3],EU-FRA-paris-GLOBAL1-CACHE20[0,TCP_HIT,2]
x-ccdn-cachettl
2592000
age
7064
alt-svc
h3=":443"; ma=2592000
content-length
28788
last-modified
Fri, 31 May 2024 05:22:09 GMT
server
openresty
etag
"66595e81-7074"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
3f3fb84916a1c2ee8ce84b5bcb33bbf5
x-ccdn-expires
2584943
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
a14edc982f7dd917c71ce4894def20
io7.c1.ddcsdt.com/upload/epy/img/202405/99/ 		532 KB
532 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io7.c1.ddcsdt.com/upload/epy/img/202405/99/a14edc982f7dd917c71ce4894def20
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
47729615243f7d76a2b3e1e049780d2f59615ac24f2fffa44bc76c3faa7bb089
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 17 May 2024 13:55:05 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Tue, 07 May 2024 10:50:56 GMT
server
nginx
etag
"663a0790-84e74"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
1415168644897825990
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
544372
92d08e83943cfb96f6302f47badaf6
io6.c1.ddcsdt.com/upload/epy/img/202403/85/ 		31 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io6.c1.ddcsdt.com/upload/epy/img/202403/85/92d08e83943cfb96f6302f47badaf6
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
af69511026f93eb26c5102bb7f0be386777bca3dbb9fa0415ae2220b92169c71
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 05:55:16 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Sat, 30 Mar 2024 14:37:24 GMT
server
nginx
etag
"660823a4-7db6"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
10847402198235133589
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
32182
f3a218899ba86322ec4a8def1aa0e1
io5.c1.ddcsdt.com/upload/epy/img/202405/4d/ 		34 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io5.c1.ddcsdt.com/upload/epy/img/202405/4d/f3a218899ba86322ec4a8def1aa0e1
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
757a561f7cc7a3d1798451ac27fbe2e9e2396cdfacfc399dc4515a191b962f3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:37:58 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Sat, 18 May 2024 07:28:40 GMT
server
nginx
etag
"664858a8-87a3"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
16288354253003145296
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
34723
93734ef71d3159fa625d798ae38aec
io1.c2.ddcsdt.com/upload/epy/img/202206/b1/ 		12 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io1.c2.ddcsdt.com/upload/epy/img/202206/b1/93734ef71d3159fa625d798ae38aec
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
38802efb0b04ec1b92c2ec4367d3daae4bac619111601b9f376c64a2fdf6d785
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
EU-GER-frankfurt-EDGE4-CACHE2[2],EU-GER-frankfurt-EDGE4-CACHE2[0,TCP_HIT,0],EU-FRA-paris-GLOBAL1-CACHE16[6],EU-FRA-paris-GLOBAL1-CACHE1[0,TCP_HIT,2]
x-ccdn-cachettl
2592000
age
124143
alt-svc
h3=":443"; ma=2592000
content-length
12294
last-modified
Sat, 25 Jun 2022 11:47:15 GMT
server
openresty
etag
"62b6f5c3-3006"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
2c46804eef87a18bc2775c2150e7bd85
x-ccdn-expires
2467864
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
bd1d0fcedc65b0e2a4cff8b818394c
io7.c1.ddcsdt.com/upload/epy/img/202402/9a/ 		59 KB
59 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io7.c1.ddcsdt.com/upload/epy/img/202402/9a/bd1d0fcedc65b0e2a4cff8b818394c
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
9e21ad2d783d1e3381f29e8144d87a63f97b65df9cfe8e3d17c86492a92233cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 10:49:32 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Thu, 08 Feb 2024 05:57:45 GMT
server
nginx
etag
"65c46d59-ec83"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
3126803518103889979
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
60547
swiper-bundle.min.css
cdn.staticfile.org/Swiper/7.2.0/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.staticfile.org/Swiper/7.2.0/swiper-bundle.min.css
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/upload/script/06/92c46908b74a16fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:34c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5297ba46897d0955bf211bd3d4239fc52a7add3a8830e7dec65523c022a75a9c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 16 Jun 2024 00:01:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
235346
last-modified
Wed, 12 Jun 2024 11:40:20 GMT
server
cloudflare
etag
W/"66698924-3cca"
access-control-max-age
1800
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
vary
Accept-Encoding
x-cloud-fetchl
true
cf-ray
894686c42ad72c5a-FRA
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token
expires
Mon, 16 Jun 2025 00:01:37 GMT
truncated
/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c89f1a7e4a8eb01c4d4abd4a5dde0f758eba688b713d879a77c649f8f918dfef

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		12 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f854a0d74686f1565b8ffde2b07eb6e70b2785b5cb454b313e10144efdb93de

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		82 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d9b07a98db88795dfef744730e75f8d231ef2552bc781cab602cdfe2c0e8683

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab8f8d0597d6515c3ffa667a940cf303ba8362bfc4d3706be46b3a71bf125c5e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		34 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f334400f6dc469cd415138de9eb531156d462514bb8d0a7511d93b91bfe3563

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		532 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99d7916e416e5505dbf970e1ef8e36249902239f823b6ca958b0c7e3124b5c90

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/ 		59 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1568686334511fdd3ee3dc390b7332cdbd57a245e7ae848a91b3e54871ab7eb5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
swiper-bundle.min.js
cdn.staticfile.org/Swiper/7.2.0/ 		132 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.staticfile.org/Swiper/7.2.0/swiper-bundle.min.js
Requested by
Host: io4.c2.ddcsdt.com
URL: https://io4.c2.ddcsdt.com/upload/script/06/d5055b8f2cc035a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:34c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
330fe5965859f5757348be82340b21f1d473cc9b3fb8c3b1fcd4e082aaf4c0a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 00:01:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
894686c49b152c5a-FRA
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
0
swiper-bundle.min.js
cdn.staticfile.org/Swiper/7.2.0/ 		132 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.staticfile.org/Swiper/7.2.0/swiper-bundle.min.js
Requested by
Host: io5.c2.ddcsdt.com
URL: https://io5.c2.ddcsdt.com/upload/script/06/c4d994577685dc9b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3110::6812:34c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
330fe5965859f5757348be82340b21f1d473cc9b3fb8c3b1fcd4e082aaf4c0a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 16 Jun 2024 00:01:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
894686c85d4b2c5a-FRA
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodifed-Since, X-CSRF-TOKEN, X-Requested-With,token
expires
0
24f264f2e0327ce076e6004e39455c
io2.c2.ddcsdt.com/upload/epy/img/202308/ac/ 		10 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://io2.c2.ddcsdt.com/upload/epy/img/202308/ac/24f264f2e0327ce076e6004e39455c
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.90.149.106 Frankfurt am Main, Germany, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash
bf5d5712b0f6409950b57217cf963202a963959101c32181748a57253fed680b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

nginx-hit
1
date
Sun, 16 Jun 2024 00:01:36 GMT
via
EU-GER-frankfurt-EDGE4-CACHE2[15],EU-GER-frankfurt-EDGE4-CACHE2[0,TCP_HIT,14],EU-FRA-paris-GLOBAL1-CACHE27[4],EU-FRA-paris-GLOBAL1-CACHE18[0,TCP_HIT,2]
x-ccdn-cachettl
2592000
age
15257
alt-svc
h3=":443"; ma=2592000
content-length
9758
last-modified
Wed, 02 Aug 2023 05:56:16 GMT
server
openresty
etag
"64c9f000-261e"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=2592000
x-ccdn-req-id-46b1
4be6da085e931a77b080a38b6afd1eeb
x-ccdn-expires
2576743
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
x-hcs-proxy-type
1
gb1
io9.c1.ddcsdt.com/upload/epy/skin/image/btn_betting3/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io9.c1.ddcsdt.com/upload/epy/skin/image/btn_betting3/gb1
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
c217ad2108c2cb0a0943ae6f4cc995afac07b74391b7576a1da6200a2d85cfc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 08:35:21 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Fri, 04 Aug 2023 03:27:55 GMT
server
nginx
etag
"64cc703b-949"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
17198128034855088159
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
2377
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6d405e005ab2f74a31cf237915d18b524897d457bedcff23b6ba709fc4645457

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
79f37ad34d4ca010c0fe8128f4bf65
io9.c1.ddcsdt.com/upload/epy/img/202403/03/ 		164 KB
164 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://io9.c1.ddcsdt.com/upload/epy/img/202403/03/79f37ad34d4ca010c0fe8128f4bf65
Requested by
Host: io1.c2.ddcsdt.com
URL: https://io1.c2.ddcsdt.com/static/label/label-com4.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
8aa1a54a2c50ff683abb7c6fd52505f3bf5d1a2813a2a967d34fa7ba31f95f6f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000;includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://2uiwceoy2qld.live/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 06:18:04 GMT
strict-transport-security
max-age=63072000;includeSubDomains
x-cache-lookup
Cache Hit
last-modified
Sat, 30 Mar 2024 14:10:21 GMT
server
nginx
etag
"66081d4d-28f2d"
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=25920000
x-nws-log-uuid
9275108870694756830
accept-ranges
bytes
access-control-allow-headers
X-Requested-With,Content-Type
content-length
167725
truncated
/ 		164 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
463a50a02e31c533ba695733eb16b65db365f2e1f77516d810b7d740fd8e1183

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| lazySizes number| lazyload undefined| noddy undefined| remotes function| myAjax function| geteEnDateUrl function| setTab function| utf16to8 function| utf8to16 string| base64EncodeChars object| base64DecodeChars function| base64encode function| strdecode function| $ function| jQuery object| _hmt object| now number| year string| month string| day string| hour string| minute object| dayOfWeek number| dayIndex string| weekday string| formattedDateTime object| dateTimeElement boolean| isMobile object| menuContainer object| menuBoxes object| logoBox number| middleIndex number| currentContentIndex object| popupElement object| secondElement number| countdownDuration function| countdown function| checkPopupStatus function| tc_up function| tc_next function| showContent function| closePop function| startPopupTimer function| Swiper object| mySwiper object| scrollable function| toggleItemsV2 function| toggleScroll function| tuku_prenext_pre function| tuku_prenext_next boolean| _bdhm_loaded_b8913d5595e1c25c33f985a777525598 object| mini_tangram_log_ub5vus string| classid object| itemTitles function| showImage function| hideImage function| setTabtu function| settingTab object| bottom_tip object| desk1CloseElement object| desk2CloseElement function| isIOS function| isAndroid number| navSum number| navWidth number| activeIndex number| navActiveSlideLeft

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 39C3E82FB9FF66EE
.2uiwceoy2qld.live/ Name: Hm_lvt_b8913d5595e1c25c33f985a777525598
Value: 1718496097
.2uiwceoy2qld.live/ Name: Hm_lpvt_b8913d5595e1c25c33f985a777525598
Value: 1718496097

5 Console Messages

Source Level URL
Text
javascript warning URL: https://io2.c2.ddcsdt.com/upload/script/06/cd6327f630a800e7.js(Line 72)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://io5.c1.ddcsdt.com/upload/skin/lib/label/gv8/swiper.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://io4.c2.ddcsdt.com/upload/script/06/d5055b8f2cc035a8.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.staticfile.org/Swiper/7.2.0/swiper-bundle.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://io4.c2.ddcsdt.com/upload/script/06/d5055b8f2cc035a8.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.staticfile.org/Swiper/7.2.0/swiper-bundle.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://io5.c2.ddcsdt.com/upload/script/06/c4d994577685dc9b.js(Line 29)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.staticfile.org/Swiper/7.2.0/swiper-bundle.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://io5.c2.ddcsdt.com/upload/script/06/c4d994577685dc9b.js(Line 29)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.staticfile.org/Swiper/7.2.0/swiper-bundle.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2uiwceoy2qld.live
cdn.staticfile.org
hm.baidu.com
io1.c2.ddcsdt.com
io2.c2.ddcsdt.com
io3.c2.ddcsdt.com
io4.c2.ddcsdt.com
io5.c1.ddcsdt.com
io5.c2.ddcsdt.com
io6.c1.ddcsdt.com
io7.c1.ddcsdt.com
io8.c1.ddcsdt.com
io9.c1.ddcsdt.com
111.45.11.83
18.166.101.140
223.121.15.24
23.90.149.106
2606:4700:3110::6812:34c9
43.152.26.104
43.152.26.142
43.152.26.151
90.84.161.22
0219edce122339cfd779d826469677d881294c97941f017c466cb19ecfad5f0e
05e01aefc87f17d392fbcee1a810f4e9ae721aff004931bc3689fce479b44432
09513733179370946004c6aabb5c1397a8602dc411ffadb9257ba001b432d27f
0ad3bc847c4de36cdca57f2640877ef36ffb41bd57aa4c30859cff948b93352f
0b4b7482326304552c857a1b80d2622ef58e2f92486c5868a3bf33eeb2c4333c
0bdf440f7f20e87897f543f680d14483dffa1bfe29e64757a3f8a01b01610ab2
1179f1385ae20fa1aabc89092856811015a7e30013761e3b7c25bb87b6e634c4
1568686334511fdd3ee3dc390b7332cdbd57a245e7ae848a91b3e54871ab7eb5
1ad7a95a4fc2dd00733f6943ac306a1328dc4085459caca88122c49bf8ed63c1
1cd58a68382a9c100ea6fe61cbd7e8e4fab4bbf41c8845a7485b8e071ab7d1f2
21e2e510cebe11057bfb1e4ebfa93a55f5e27b4c6691579373362c189ff16be5
22782d05371a738a182a52dc5cebdb3fe119a233415d4e8b69586f70aba2fbbf
25574ace15984104b68a72b0b6510e6c3e85840d72808832f9471e7dd5bae3d4
27230e3d243bc417f364376807b09235db248c548d180a76cb8de6d32c8c9148
2f334400f6dc469cd415138de9eb531156d462514bb8d0a7511d93b91bfe3563
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
330fe5965859f5757348be82340b21f1d473cc9b3fb8c3b1fcd4e082aaf4c0a9
38802efb0b04ec1b92c2ec4367d3daae4bac619111601b9f376c64a2fdf6d785
3aed4ff451746f433a8b382ccd3478ac26f028c9acc5acfb6b5bd3b15edd8f9c
3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747
463a50a02e31c533ba695733eb16b65db365f2e1f77516d810b7d740fd8e1183
47729615243f7d76a2b3e1e049780d2f59615ac24f2fffa44bc76c3faa7bb089
4a370ab9da00ceae06d44e463e56b3c22ebe178a3a622a514f200c7aa88d939e
4a64fce1b45262bf0de48fdb56e888134dc59026636b97539deda3d3ca7ed1ad
4d9b07a98db88795dfef744730e75f8d231ef2552bc781cab602cdfe2c0e8683
50de24aec8227739bb16ca9cd970e18a87f4fadd325a8fd89c1ad5a090aa312e
5297ba46897d0955bf211bd3d4239fc52a7add3a8830e7dec65523c022a75a9c
5d398686ff1f53c50f55e5a855138a0dceb538a5ff17a294b4c3bb48a7ca3efd
6d405e005ab2f74a31cf237915d18b524897d457bedcff23b6ba709fc4645457
6dc30a3a0c35b08daa1803215cc3ec38095ce121bc36bad48245b69e47260d09
6ecf2230fbec56057f171ee5c79600c04d071471d5b0afe1cf3f4aec232d5778
7062307e651b1cb525a214ee8dc565ee3bb0756f96a69d5bda2b9747f184b22b
757a561f7cc7a3d1798451ac27fbe2e9e2396cdfacfc399dc4515a191b962f3c
770008a560398e6ab513700705e2431fce9e999b8e10c299ad9c4dafd0c9010b
7bcff88ccb15c66db92016b9baa02cd480233db0769f74a77a4a257bcd97fc2b
7e1bb46307f9533bd884999a404c30df1de8ac6254b79b3337ae8342e95f082a
7f854a0d74686f1565b8ffde2b07eb6e70b2785b5cb454b313e10144efdb93de
80df3e87fa819dff5d463a2df533294e4a7f141a5f9bd3225fee4b0d05f1019d
83a69978436602ea81f88c834e28f3fc7fb922f00cf6fe98da23c1a405c34add
88e83a8d67630e22b201264b152d511ce56d4c4252112482ad34b30517ba0d33
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8aa1a54a2c50ff683abb7c6fd52505f3bf5d1a2813a2a967d34fa7ba31f95f6f
8d8d97ef216b84889d694c081cb098db8ae1bd015a9fcf966bbaac167c01c1bc
9030ccc2c62cf0f887bd446d7291611041ab8585e222c8e82a05dc9a81fdb6cd
92b6fd33b822141a60b029b0fef76cbacb979ab6645851aa3ef4f37b870f8204
94fd7a909433f1971639dd1566d82849137b897e8e2dedb27c55aa1b0b2fdc0d
99d7916e416e5505dbf970e1ef8e36249902239f823b6ca958b0c7e3124b5c90
9e21ad2d783d1e3381f29e8144d87a63f97b65df9cfe8e3d17c86492a92233cb
9e96ed0d6bc9447b1c375c05c81d97ebb6d820f460a5a64ecf4a27d6fffcd19d
a3d70b1186b8a5d5013f23d176eb6378fc94c40b8d7cf9f2beafc27d4237a0d8
aa51ab3f80996b0781e3f9567315a5d72a877ed51d5434486a2a40ddfabe880d
ab8f8d0597d6515c3ffa667a940cf303ba8362bfc4d3706be46b3a71bf125c5e
af69511026f93eb26c5102bb7f0be386777bca3dbb9fa0415ae2220b92169c71
b6198a4bc2313b40397c9bd8ef938b62a470ab5179f6d07d936a4093852c0aa6
b6416616c9023f3ec1a923ec437aa044fd2d17f00faba5dfb35b53631cd725db
b8d6b288b8446f1929cf4c8c56f182ab8c7def628445195368ba91994a7cb455
bc985d748ff38282dad9acbe921cfe59668bf285900210aea0e728885d3fc052
be8175b7b8d932a3fe811007a12b1e28ce2c8cded3c4f63e35c90eef38c2edcb
bf5d5712b0f6409950b57217cf963202a963959101c32181748a57253fed680b
c217ad2108c2cb0a0943ae6f4cc995afac07b74391b7576a1da6200a2d85cfc8
c37e12eec8bbdcfc4ca8debc2103765b7c51eb550f569c90faa305cc88cd97fb
c813254b2e29891eac79d3510e90a86627fe3cf70ee94db27d53848841f8cd85
c89e9d4e466b26ecbfe9cc55ffc1cdf68d13ff68b0d3c932f92a3b7b3e8df987
c89f1a7e4a8eb01c4d4abd4a5dde0f758eba688b713d879a77c649f8f918dfef
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2d80dae755d4c1850c9a235858a8acb5252e75474f4eee02561eeb3cd62eb6c
d68f140ae757d12796be8b152660f7ddaa7f81103c894bbb54fc411a149d9615
d6959b597b64aa140e9ee42d18aebc672883381d28f3486582da7db2c478ebdb
e01b5b904f450e7710c2551d9fa9a89fc6b9203d407c4c1b8d4da91f026edb92
eaef3554d18846ed0d98876c67ebb000d0b5dff8f8372cd8346733eda8af3aae
f3cddeac6bf8dac35712d5db84367dc8de4ea89a6a0b82c94eb6b9fb353b338c
f3da6cec147237d9d59f0c41e34eb63f4f9dc668ca494f664ab3a145371f03c0
f55a170649ef9a759552334f2d900289c63c7911501d1c1d9d3fe10e283f2c13
f7456ffeba7695a0091cec91ed4b030875ec3d93074905b9da72b9188471fb3f
fa3cc3564bb9c6d06a0ae7cc1f8744c31206d5aec610502949379af8ffc6bb0a
fe99c588fbb84556eba7eaa9d4a357665894663de9198595a70260963b65ccdd