andrecostaphoto.com Open in urlscan Pro
23.231.208.161 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://andrecostaphoto.com/
Submission: On June 28 via manual (June 28th 2023, 7:49:33 am UTC) from IN — Scanned from DE

Summary HTTP 111 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 22 IPs in 4 countries across 20 domains to perform 111 HTTP transactions. The main IP is 23.231.208.161, located in New York, United States and belongs to CNSERVERS, US. The main domain is andrecostaphoto.com.

This is the only time andrecostaphoto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	23.231.208.161 23.231.208.161	40065 (CNSERVERS) (CNSERVERS)
3	2602:ffe4:c48... 2602:ffe4:c48:0:3::3fb	21859 (ZEN-ECN) (ZEN-ECN)
2	23.231.217.218 23.231.217.218	40065 (CNSERVERS) (CNSERVERS)
10	23.231.208.2 23.231.208.2	40065 (CNSERVERS) (CNSERVERS)
1	45.61.234.248 45.61.234.248	53587 (AZT) (AZT)
2	16.163.1.215 16.163.1.215	16509 (AMAZON-02) (AMAZON-02)
34	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
3	23.231.221.17 23.231.221.17	40065 (CNSERVERS) (CNSERVERS)
5	23.225.59.196 23.225.59.196	40065 (CNSERVERS) (CNSERVERS)
4	2606:4700:20:... 2606:4700:20::ac43:474a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	163.181.56.155 163.181.56.155	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	240e:978:306:... 240e:978:306:8:3::3eb	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
2	2606:4700:303... 2606:4700:3032::ac43:a6a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3032::6815:2f88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	240e:97b:500:... 240e:97b:500:2000::6	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1 1	2606:4700:303... 2606:4700:3035::6815:d22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	103.60.108.145 103.60.108.145	55720 (GIGABIT-M...) (GIGABIT-MY Gigabit Hosting Sdn Bhd)
1	2401:b180:700... 2401:b180:7003::2e	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	39.156.66.111 39.156.66.111	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
2	216.83.43.223 216.83.43.223	() ()
111	22

8 23.231.208.161 (New York, United States)

ASN40065 (CNSERVERS, US)

andrecostaphoto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:ffe4:c48:0:3::3fb (United States)

ASN21859 (ZEN-ECN, US)

at.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.231.217.218 (New York, United States)

ASN40065 (CNSERVERS, US)

qqww88ee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.231.208.2 (New York, United States)

ASN40065 (CNSERVERS, US)

h.yxl99968.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.234.248 (United States)

ASN53587 (AZT, US)

gp1.48gp.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 16.163.1.215 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-163-1-215.ap-east-1.compute.amazonaws.com

tk2.jixingkaisuo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tk22tk3.desindforrowth.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.231.221.17 (New York, United States)

ASN40065 (CNSERVERS, US)

www.yxcddq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.225.59.196 (United States)

ASN40065 (CNSERVERS, US)

cvt.smhuyjhb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:474a (United States)

ASN13335 (CLOUDFLARENET, US)

tu.tuku.fit	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 163.181.56.155 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 240e:978:306:8:3::3eb (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

s9.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:a6a2 (United States)

ASN13335 (CLOUDFLARENET, US)

rosansdasjhdms01.llcs.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3032::6815:2f88 (United States)

ASN13335 (CLOUDFLARENET, US)

baidu.kkjj.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

xg.99kj.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:97b:500:2000::6 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

z12.cnzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:d22 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cnzznnz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.60.108.145 (Hong Kong)

ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY)

www.guestson.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2401:b180:7003::2e (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

cnzz.mmstat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 39.156.66.111 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

libs.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.83.43.223 (None, )

ASN- ()

api.493210.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	desindforrowth.com tk22tk3.desindforrowth.com	1 MB
13	baidu.com hm.baidu.com — Cisco Umbrella Rank: 7415 libs.baidu.com — Cisco Umbrella Rank: 90044	104 KB
10	yxl99968.com h.yxl99968.com	35 KB
8	andrecostaphoto.com andrecostaphoto.com	103 KB
7	kkjj.vip baidu.kkjj.vip	49 KB
6	99kj.vip xg.99kj.vip	45 KB
5	smhuyjhb.com cvt.smhuyjhb.com	2 MB
4	tuku.fit tu.tuku.fit	669 KB
3	cnzz.com s9.cnzz.com — Cisco Umbrella Rank: 72439 c.cnzz.com — Cisco Umbrella Rank: 58721 z12.cnzz.com — Cisco Umbrella Rank: 148632	5 KB
3	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 44845	46 KB
3	yxcddq.com www.yxcddq.com	2 KB
3	alicdn.com at.alicdn.com — Cisco Umbrella Rank: 10976	5 KB
2	493210.com api.493210.com	841 B
2	llcs.cc rosansdasjhdms01.llcs.cc	32 KB
2	jixingkaisuo.com tk2.jixingkaisuo.com — Cisco Umbrella Rank: 566805	159 KB
2	qqww88ee.com qqww88ee.com	491 B
1	mmstat.com cnzz.mmstat.com — Cisco Umbrella Rank: 67646	464 B
1	guestson.com www.guestson.com	152 B
1	cnzznnz.com 1 redirects cnzznnz.com	456 B
1	48gp.biz gp1.48gp.biz	56 KB
111	20

	Domain	Requested by
34	tk22tk3.desindforrowth.com	qqww88ee.com tk22tk3.desindforrowth.com
12	hm.baidu.com	andrecostaphoto.com tk22tk3.desindforrowth.com
10	h.yxl99968.com	andrecostaphoto.com
8	andrecostaphoto.com	andrecostaphoto.com
7	baidu.kkjj.vip	www.yxcddq.com baidu.kkjj.vip
6	xg.99kj.vip	www.yxcddq.com xg.99kj.vip
5	cvt.smhuyjhb.com	andrecostaphoto.com
4	tu.tuku.fit	andrecostaphoto.com
3	cdn.staticfile.org	tk22tk3.desindforrowth.com
3	www.yxcddq.com	andrecostaphoto.com www.yxcddq.com
3	at.alicdn.com	andrecostaphoto.com at.alicdn.com
2	api.493210.com	libs.baidu.com
2	rosansdasjhdms01.llcs.cc	tk22tk3.desindforrowth.com rosansdasjhdms01.llcs.cc
2	tk2.jixingkaisuo.com	andrecostaphoto.com
2	qqww88ee.com	andrecostaphoto.com
1	libs.baidu.com	rosansdasjhdms01.llcs.cc
1	cnzz.mmstat.com	tk22tk3.desindforrowth.com
1	www.guestson.com	xg.99kj.vip
1	cnzznnz.com	1 redirects
1	z12.cnzz.com	tk22tk3.desindforrowth.com
1	c.cnzz.com	s9.cnzz.com
1	s9.cnzz.com	tk22tk3.desindforrowth.com
1	gp1.48gp.biz	andrecostaphoto.com
111	23

This site contains links to these domains. Also see Links.

Domain
www.606388.com
tmeets.net
www.hongtudi.org
www.tmeets.net
216876e.com
626.626gg.biz
https.tthc.site
www.baidu.com
catherineatkins.com
m.fuyunmj.com
www.countryfamilyculebra.com
www.mlegame.com
m.wowgiris.com
homebass-ent.com
m.dbdtec.com
sunshinestatestories.com
www.homemenderinc.com
leojames.com

Subject Issuer	Validity	Valid
gp1.48gp.biz R3	`2023-05-17` - `2023-08-15`	3 months	crt.sh
tk2.jixingkaisuo.com R3	`2023-06-20` - `2023-09-18`	3 months	crt.sh
desindforrowth.com GTS CA 1P5	`2023-05-04` - `2023-08-02`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
tuku.fit GTS CA 1P5	`2023-06-10` - `2023-09-08`	3 months	crt.sh
*.staticfile.org GeoTrust RSA CN CA G2	`2022-09-05` - `2023-10-03`	a year	crt.sh
*.cnzz.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-01-28` - `2024-02-29`	a year	crt.sh
llcs.cc E1	`2023-06-01` - `2023-08-30`	3 months	crt.sh
kkjj.vip GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh
99kj.vip E1	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-07-18` - `2023-08-19`	a year	crt.sh
api.493210.com R3	`2023-06-19` - `2023-09-17`	3 months	crt.sh

This page contains 8 frames:

Primary Page: http://andrecostaphoto.com/
Frame ID: 02547450C2EA1B7B83737857621E5D8A
Requests: 45 HTTP requests in this frame

Frame: https://tk22tk3.desindforrowth.com/
Frame ID: F608D2805CBD741AFB74294B3CAD5A74
Requests: 44 HTTP requests in this frame

Frame: http://www.yxcddq.com/kj.php
Frame ID: 6EB8CAE0DB97B3E7797CA3873FC59853
Requests: 1 HTTP requests in this frame

Frame: http://www.yxcddq.com/kj-am.php
Frame ID: E4E674F773DB7F64030BB57BA3EBCC0C
Requests: 1 HTTP requests in this frame

Frame: http://www.yxcddq.com/kj-xg.php
Frame ID: E3B04D692DFF4FD4BAF369A7692072C6
Requests: 1 HTTP requests in this frame

Frame: https://baidu.kkjj.vip/am/kjb.html
Frame ID: 30245F9407D8FA56E0201E8214DE51C4
Requests: 7 HTTP requests in this frame

Frame: https://xg.99kj.vip/hk/kjb.html
Frame ID: 7789DE38FB18063C1BAE10FFD931EE7B
Requests: 7 HTTP requests in this frame

Frame: https://rosansdasjhdms01.llcs.cc/asmdasda/amkjlins.html
Frame ID: 67680F6700C3A831629BEB878D59B680
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

香港正版资料免费更新2023,2023香港6合和彩开奖结果记录,澳门精准一肖一码准确,澳门三肖三码期期准免费,澳门特一肖一码期期准免费提供

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

CNZZ (Analytics) Expand

Overall confidence: 100%
Detected patterns

//[^./]+\.cnzz\.com/(?:z_stat.php|core)\?

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

70 %
HTTPS

45 %
IPv6

20
Domains

23
Subdomains

22
IPs

4
Countries

4122 kB
Transfer

5036 kB
Size

16
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: http://www.606388.com/
Title: 开奖直播

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-134.html
Title: 高手解迷

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-115.html
Title: 正版资料

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-105.html
Title: 三十码中

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-116.html
Title: 文字资料

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-93.html
Title: 高手心水

Search URL Search Domain Scan URL

URL: https://www.hongtudi.org/gsb/list-203.html
Title: 蓝月亮料

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-88.html
Title: 挂牌全篇

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-58.html
Title: 数码挂牌

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-100.html
Title: 东城西就

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-98.html
Title: 金旺信箱

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-179.html
Title: 曾道人信

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-117.html
Title: 跑狗玄机

Search URL Search Domain Scan URL

URL: http://www.tmeets.net/gsb/list-32.html
Title: 看图解码

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-33.html
Title: 新老藏宝

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-44.html
Title: 四不像图

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-108.html
Title: 今日闲情

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-102.html
Title: 管家婆图

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-136.html
Title: 高手资料

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-182.html
Title: 本站推荐

Search URL Search Domain Scan URL

URL: http://tmeets.net/gsb/list-34.html
Title: 看图解码

Search URL Search Domain Scan URL

URL: https://216876e.com/
Title: 还等啥大胆砸

Search URL Search Domain Scan URL

URL: https://626.626gg.biz/s/5l3dq4de/'
Title: 点击投注

Search URL Search Domain Scan URL

URL: https://https.tthc.site:289/
Title: 更多资料尽在944.cc

Search URL Search Domain Scan URL

URL: https://www.baidu.com/
Title: 百度一下

Search URL Search Domain Scan URL

URL: http://catherineatkins.com/
Title: 澳门2023最准的资料

Search URL Search Domain Scan URL

URL: http://m.fuyunmj.com/
Title: 澳门四不像正版四不像网站

Search URL Search Domain Scan URL

URL: http://www.countryfamilyculebra.com/
Title: 澳门一码一肖期期精准

Search URL Search Domain Scan URL

URL: http://www.mlegame.com/
Title: 王中王精准六肖6码资料

Search URL Search Domain Scan URL

URL: http://m.wowgiris.com/
Title: 澳门六开彩正版资料网址

Search URL Search Domain Scan URL

URL: http://homebass-ent.com/
Title: 澳门六资料大全

Search URL Search Domain Scan URL

URL: http://m.dbdtec.com/
Title: 澳门最新最准资料免费下载

Search URL Search Domain Scan URL

URL: http://sunshinestatestories.com/
Title: 2023澳门6合和彩开奖结果记录

Search URL Search Domain Scan URL

URL: http://www.homemenderinc.com/
Title: 澳门一肖一码最准

Search URL Search Domain Scan URL

URL: http://leojames.com/
Title: 澳门四肖四码期期准精选

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://cnzznnz.com/9/8ac.php HTTP 301
https://www.guestson.com/9/8ac.php

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
andrecostaphoto.com/ 197 KB
30 KB 1186ms
261ms Document
text/html 23.231.208.161
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.161 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: faf5099488070725ba7823e0b3aab187dbe6259efa12ce2b452ca8e7e54b888a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 28 Jun 2023 07:49:21 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK home.css
andrecostaphoto.com/static/css/ 16 KB
5 KB 285ms
145ms Stylesheet
text/css 23.231.208.161
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://andrecostaphoto.com/static/css/home.css?2
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.161 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 30158be843270aadbdc2c678906e53e5a1ce1276a30e38d5eb625bd07fd2f9a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Jun 2023 09:56:07 GMT
Server: nginx
ETag: W/"649960b7-3e8d"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Wed, 28 Jun 2023 19:49:22 GMT

GET
H/1.1 200
OK font_2748176_bvpzrxyy7vc.css
at.alicdn.com/t/ 655 B
1 KB 569ms
280ms Stylesheet
text/css 2602:ffe4:c48:0:3::3fb
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: http://at.alicdn.com/t/font_2748176_bvpzrxyy7vc.css
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 2602:ffe4:c48:0:3::3fb , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: Tengine /
Resource Hash: 62eda6f792b9f9ed76d8c4f2782adce840121bc3b1c5f6c2aa3616419b3f4ac4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 23:45:04 GMT
Via: cache36.l2sg2[0,0,200-0,H], cache6.l2sg2[1,0], cache6.vn13[0,0,200-0,H], cache2.vn13[1,0]
x-oss-request-id: 6441CE80B096773830AA2B16
Content-MD5: 7IJUuTiFQDD3XvR8hIHfmg==
Age: 5904257
X-Swift-CacheTime: 58713705
X-Cache: HIT TCP_MEM_HIT dirn:12:255881323
Connection: keep-alive
X-Swift-SaveTime: Sat, 10 Jun 2023 10:23:19 GMT
Content-Length: 655
x-oss-object-type: Normal
Last-Modified: Fri, 24 Dec 2021 23:53:05 GMT
Server: Tengine
ETag: "EC8254B938854030F75EF47C8481DF9A"
Vary: Origin
Ali-Swift-Global-Savetime: 1682034304
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
x-oss-storage-class: Standard
Accept-Ranges: bytes
Timing-Allow-Origin: *
x-oss-hash-crc64ecma: 17814154415006390114
EagleId: 6b9b361616879385616631582e
x-oss-server-time: 68

GET
H/1.1 200
OK font_2805178_apwa1emhlkv.css
at.alicdn.com/t/ 655 B
1 KB 572ms
282ms Stylesheet
text/css 2602:ffe4:c48:0:3::3fb
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: http://at.alicdn.com/t/font_2805178_apwa1emhlkv.css
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 2602:ffe4:c48:0:3::3fb , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: Tengine /
Resource Hash: a3360c153a6df7158939fc16a17434d1ce87b899452123460a2a8d101390f4b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 22:45:03 GMT
Via: cache7.l2sg2[0,0,200-0,H], cache35.l2sg2[1,0], cache11.vn13[0,0,200-0,H], cache9.vn13[1,0]
x-oss-request-id: 6441C06F59DE0D3131E8C189
Content-MD5: JZh55uY6dxpD/nA8+sE9Og==
Age: 5907858
X-Swift-CacheTime: 58710104
X-Cache: HIT TCP_MEM_HIT dirn:12:238715226
Connection: keep-alive
X-Swift-SaveTime: Sat, 10 Jun 2023 10:23:19 GMT
Content-Length: 655
x-oss-object-type: Normal
Last-Modified: Sat, 25 Dec 2021 00:08:31 GMT
Server: Tengine
ETag: "259879E6E63A771A43FE703CFAC13D3A"
Vary: Origin
Ali-Swift-Global-Savetime: 1682030703
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
x-oss-storage-class: Standard
Accept-Ranges: bytes
Timing-Allow-Origin: *
x-oss-hash-crc64ecma: 11239235565440109175
EagleId: 6b9b361d16879385616643095e
x-oss-server-time: 13

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
andrecostaphoto.com/static/javascripts/ 91 KB
36 KB 296ms
148ms Script
application/javascript 23.231.208.161
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://andrecostaphoto.com/static/javascripts/jquery-1.10.2.min.js
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.161 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c1a56367032d031feb64ec8dda18f6fc4722d20ccf9391fdad5942e3d46fc31

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 11:05:53 GMT
Server: nginx
ETag: W/"61a8a891-16b87"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Wed, 28 Jun 2023 19:49:22 GMT

GET
H/1.1 200
OK bash.js Show response
andrecostaphoto.com/static/javascripts/ 1 KB
741 B 298ms
150ms Script
application/javascript 23.231.208.161
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://andrecostaphoto.com/static/javascripts/bash.js
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.161 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: bd87b277ab23a31f82c177ae878c76ec0f927129a20468de02850ea267d8e4e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 11:05:53 GMT
Server: nginx
ETag: W/"61a8a891-56e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Wed, 28 Jun 2023 19:49:22 GMT

GET
H/1.1 200
OK mm1.js Show response
qqww88ee.com/ 178 B
491 B 513ms
145ms Script
application/javascript 23.231.217.218
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://qqww88ee.com/mm1.js
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.217.218 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: d0353cea581ffee69c8f4e39fcb50d2b72c0a842d631f1ceebdfab3d5bff24a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:21 GMT
Last-Modified: Fri, 23 Jun 2023 16:00:35 GMT
Server: nginx
ETag: "6495c1a3-b2"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 178
Expires: Wed, 28 Jun 2023 19:49:21 GMT

GET
H/1.1 404
Not Found mm2.js
qqww88ee.com/ 0
0 514ms
146ms Script
text/html 23.231.217.218
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://qqww88ee.com/mm2.js
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.217.218 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H/1.1 200
OK logo.png
andrecostaphoto.com/static/images/ 27 KB
27 KB 165ms
145ms Image
image/png 23.231.208.161
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://andrecostaphoto.com/static/images/logo.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.161 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b2ecb95891142c9a8ee4a3aef30d22aa800c89dab4276ffd0c8a8e043065b13

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:22 GMT
Last-Modified: Sun, 09 Apr 2023 03:43:26 GMT
Server: nginx
ETag: "6432345e-6cbf"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27839
Expires: Fri, 28 Jul 2023 07:49:22 GMT

GET
H/1.1 200
OK 06845124576521969.png
h.yxl99968.com/navi/ 2 KB
2 KB 494ms
151ms Image
image/png 23.231.208.2
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h.yxl99968.com/navi/06845124576521969.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.2 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: a433ba91d30c446dc4a7e4f24191459a36032964c5348cd8837dbd3b2d198e89

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:22 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:47 GMT
Server: nginx
ETag: "61a8a88b-712"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1810
Expires: Fri, 28 Jul 2023 07:49:22 GMT

GET
H/1.1 200
OK 06845125845798953.png
h.yxl99968.com/navi/ 3 KB
4 KB 484ms
153ms Image
image/png 23.231.208.2
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h.yxl99968.com/navi/06845125845798953.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.2 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 3991866cbb3296483717573269466df5c2f244877a98e6e02fda238052605309

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:22 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:47 GMT
Server: nginx
ETag: "61a8a88b-de9"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3561
Expires: Fri, 28 Jul 2023 07:49:22 GMT

GET
H/1.1 200
OK 06845134360643832.png
h.yxl99968.com/navi/ 3 KB
3 KB 668ms
195ms Image
image/png 23.231.208.2
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h.yxl99968.com/navi/06845134360643832.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.2 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 042f5e1bd11672fcb44421a233653f6d49e171c276b254f2f63b42ee4eaa1d89

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:46 GMT
Server: nginx
ETag: "61a8a88a-a05"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2565
Expires: Fri, 28 Jul 2023 07:49:23 GMT

GET
H/1.1 200
OK 06845134691202433.png
h.yxl99968.com/navi/ 2 KB
3 KB 669ms
194ms Image
image/png 23.231.208.2
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h.yxl99968.com/navi/06845134691202433.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.2 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: d72b93389f9869a296f75ed5937242af0a29d95d3bae7867c2a0fcd423464fda

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:46 GMT
Server: nginx
ETag: "61a8a88a-8f1"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2289
Expires: Fri, 28 Jul 2023 07:49:23 GMT

GET
H/1.1 200
OK 06845134967367633.png
h.yxl99968.com/navi/ 4 KB
4 KB 670ms
193ms Image
image/png 23.231.208.2
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h.yxl99968.com/navi/06845134967367633.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.2 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a99d8179b7cfef4a2366b23196abf40ff91d512c75f83233c6824d7a22cd2f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:46 GMT
Server: nginx
ETag: "61a8a88a-f81"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3969
Expires: Fri, 28 Jul 2023 07:49:23 GMT

GET
H/1.1 200
OK 06845135806059856.png
h.yxl99968.com/navi/ 3 KB
3 KB 670ms
193ms Image
image/png 23.231.208.2
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h.yxl99968.com/navi/06845135806059856.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.2 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 9dbccf333c83ef08160e445d48118e269a20f63f83e1201de4d19757b2034818

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:46 GMT
Server: nginx
ETag: "61a8a88a-c55"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3157
Expires: Fri, 28 Jul 2023 07:49:23 GMT

GET
H/1.1 200
OK 06845136129416013.png
h.yxl99968.com/navi/ 2 KB
3 KB 434ms
146ms Image
image/png 23.231.208.2
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h.yxl99968.com/navi/06845136129416013.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.2 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 7962b57eac96b3f0e27e9c5a0eb8fc7fd19ba7c97caedd0b4068f11b5198eabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:22 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:46 GMT
Server: nginx
ETag: "61a8a88a-9de"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2526
Expires: Fri, 28 Jul 2023 07:49:22 GMT

GET
H/1.1 200
OK 06845136605233278.png
h.yxl99968.com/navi/ 6 KB
6 KB 430ms
143ms Image
image/png 23.231.208.2
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h.yxl99968.com/navi/06845136605233278.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.2 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: aa632e2b0a0108de2780793c2bd6407eebb9de48994a4b9e4ba357b9295f573b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:22 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:46 GMT
Server: nginx
ETag: "61a8a88a-1871"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6257
Expires: Fri, 28 Jul 2023 07:49:22 GMT

GET
H/1.1 200
OK 06831428620561815.png
h.yxl99968.com/navi/ 3 KB
3 KB 432ms
145ms Image
image/png 23.231.208.2
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h.yxl99968.com/navi/06831428620561815.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.2 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: a09d9dbdec0a61ec2984b5f9d275c4026c61f93b02062a24de67c53bc1b71454

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:22 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:47 GMT
Server: nginx
ETag: "61a8a88b-bc1"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3009
Expires: Fri, 28 Jul 2023 07:49:22 GMT

GET
H/1.1 200
OK 06845138413812691.png
h.yxl99968.com/navi/ 3 KB
3 KB 432ms
144ms Image
image/png 23.231.208.2
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://h.yxl99968.com/navi/06845138413812691.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.2 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 6585ebd4a2f78e42dfe87dcbce87eab2d7eb7c241acf6ac48086d2359b63af4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:22 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:46 GMT
Server: nginx
ETag: "61a8a88a-cb3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3251
Expires: Fri, 28 Jul 2023 07:49:22 GMT

GET
H/1.1 200
OK c46c4ab10185f1ada7a27e9dca17cf34.jpg
gp1.48gp.biz/Public/gp/ 55 KB
56 KB 1472ms
233ms Image
image/jpeg 45.61.234.248
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gp1.48gp.biz/Public/gp/c46c4ab10185f1ada7a27e9dca17cf34.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.234.248 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: cdn /
Resource Hash: c79c30476d1af8f9369b910710ea1554922514c9a62b07ee21b0803a10f4eee4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Last-Modified: Tue, 27 Jun 2023 23:00:01 GMT
Server: cdn
ETag: "649b69f1-ddff"
X-Cache-Status: HIT
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56831
Expires: Fri, 28 Jul 2023 07:37:51 GMT

GET
H2 200 amgjp.jpg
tk2.jixingkaisuo.com/col/179/ 103 KB
103 KB 1236ms
199ms Image
image/jpeg 16.163.1.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk2.jixingkaisuo.com:4949/col/179/amgjp.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.163.1.215 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-1-215.ap-east-1.compute.amazonaws.com
Software: openresty / ASP.NET
Resource Hash: c83c1e5f9b175f6da9290c419bba58268dde3ce12d77c3a5cd61b24e912ae105

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:22 GMT
via: ip-172-31-30-134.ap-east-1.compute.internal
last-modified: Tue, 27 Jun 2023 14:01:36 GMT
server: openresty
etag: W/"6b4e27e3ffa8d91:0"
x-powered-by: ASP.NET
content-type: image/jpeg
content-length: 105389

GET
H2 200 alalx18m.jpg
tk2.jixingkaisuo.com/col/179/ 56 KB
56 KB 1596ms
560ms Image
image/jpeg 16.163.1.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk2.jixingkaisuo.com:4949/col/179/alalx18m.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.163.1.215 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-1-215.ap-east-1.compute.amazonaws.com
Software: openresty / ASP.NET
Resource Hash: 72dc4ffb538220f5e81ff70367e15f85dbbc34bde9b679a0631a736c04292845

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:22 GMT
via: ip-172-31-30-134.ap-east-1.compute.internal
last-modified: Tue, 27 Jun 2023 14:01:31 GMT
server: openresty
etag: "dc18e0dfffa8d91:0"
x-powered-by: ASP.NET
content-type: image/jpeg
content-length: 56935

GET
H2 200 / Show response
tk22tk3.desindforrowth.com/ Frame F608 231 KB
16 KB 449ms
394ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk22tk3.desindforrowth.com/

Requested by

Host: qqww88ee.com
URL: http://qqww88ee.com/mm1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a418be080cbf6c86bfabd2027b21b766611f476abde2fe257fef3f5b5053258a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://andrecostaphoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de4552bfa921e68-FRA
content-encoding: br
content-type: text/html
date: Wed, 28 Jun 2023 07:49:22 GMT
last-modified: Tue, 27 Jun 2023 13:47:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vn2aAQelMT5wVijeyMoRoA3W4cXtmvC0QZF4D8ewUmq5ZKJeFFArAzHiBYE15xWq5dtcEkLQ0C4%2BZBTfLxvPOzv%2BZmBDVsIZPp2ZIEpwhn9CqV%2BGPGuk53XVyaDsmxrH%2F5qcgdlqxRDYNUaT1cwSfsnV7Nm6vlm%2FXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1788ms
345ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?cf734b1e97de6349f884209da2b2674d

Requested by

Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

4141c1bf81f89a3d021adf58bd78f2d8ffd810a8d33d66ae3f274ad9768bb2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 2d4c6c9d843330fbadf43d2cf0b33de7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11293

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1786ms
343ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f01e8e8b776764931fabd5716b39845a

Requested by

Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

fbae2e93185f6d83316228a939041399fa994c9b3d651a5339323bac769f31e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 96ee4fd0576b4ab50611994c183ddb6b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11258

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1811ms
355ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?d27ca77246cb80eb1c2d8508d662c775

Requested by

Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

69a46c286eef58dfc35f26040dfbc847986ebb12db12d14603faf78faecbbd0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 9ded77a20900b8456c7aeee59716935c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11258

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1827ms
367ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?369f705cbf251ace338d6af5bb506b3f

Requested by

Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

d558a739b53006314ae510f19ccac82011e3c9e6c0d60182ddfc71a02088c400

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 057f37ff74e35e7e4d6a65c7315480bf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11258

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1854ms
391ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?4344a42934a733de778e35d0ed1cd49e

Requested by

Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

6edc4216ecb5e1cae75abe76315f121945f0c3745be6fb616e078541f6788aa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 293670a92d9d173d33dd987d91475616
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11264

GET
H/1.1 200
OK kj.php Show response
www.yxcddq.com/ Frame 6EB8 3 KB
1 KB 1048ms
143ms Document
text/html 23.231.221.17
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.yxcddq.com/kj.php
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.221.17 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: dac72346a67b7e43b963cc62a979bd7163ec8c940222cc81fd3a96dee55cbbb4

Request headers

Referer: http://andrecostaphoto.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 07:50:17 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK amsbx.jpg
cvt.smhuyjhb.com/xinao/2023/col/179/ 253 KB
253 KB 628ms
184ms Image
image/jpeg 23.225.59.196
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cvt.smhuyjhb.com/xinao/2023/col/179/amsbx.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.225.59.196 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 85ed9209c0d6a2bba264162d1e490e1f46a52016e646fa98a5e3875a4de7131b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 03:55:16 GMT
Last-Modified: Tue, 27 Jun 2023 14:52:56 GMT
Server: nginx
ETag: "649af7c8-3f4c1"
X-Cache: HIT from mfy
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 259265
Expires: Fri, 28 Jul 2023 03:55:16 GMT

GET
H2 200 sbx.jpg
tu.tuku.fit/xianggang/2023/col/73/ 98 KB
98 KB 438ms
397ms Image
image/webp 2606:4700:20::ac43:474a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tu.tuku.fit/xianggang/2023/col/73/sbx.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7e2c50a572280f83602e4eae7bcb60ee451fe750f9cf30528d60b99188f0f2d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:22 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=133113
x-powered-by: ASP.NET
content-disposition: inline; filename="sbx.webp"
content-length: 100142
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Jun 2023 00:31:41 GMT
server: cloudflare
etag: "7b6a8de857a9d91:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4smMiwn9ModZCPlqJFUEAyb9wC8N0hFIZ6gb%2FAhxPtxtOhpyeuutIuhcfugZ1pznWGCbV7UXXmxBcYEKye21ndu08lntEOh%2Bhayf00%2F04vIAKYkGbI07TPsMYaFtRxGEfHC9PRpfdQAm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7de4552c1ba41c17-FRA

GET
H/1.1 200
OK iding.png
andrecostaphoto.com/static/images/ 3 KB
3 KB 149ms
148ms Image
image/png 23.231.208.161
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://andrecostaphoto.com/static/images/iding.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/static/css/home.css?2
Protocol: HTTP/1.1
Server: 23.231.208.161 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 0f74b10abecb5ba04030eac696954e4e9ac1f4849c221ccfff70816ad3152518

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/static/css/home.css?2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:22 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:53 GMT
Server: nginx
ETag: "61a8a891-a05"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2565
Expires: Fri, 28 Jul 2023 07:49:22 GMT

GET
H/1.1 200
OK font_2805178_apwa1emhlkv.woff2
at.alicdn.com/t/ 1 KB
2 KB 660ms
342ms Font
font/woff2 2602:ffe4:c48:0:3::3fb
ZEN-ECN

General

Check archive.org

Show headers Download Go to

Full URL: http://at.alicdn.com/t/font_2805178_apwa1emhlkv.woff2?t=1631288610255
Requested by: Host: at.alicdn.com
URL: http://at.alicdn.com/t/font_2805178_apwa1emhlkv.css
Protocol: HTTP/1.1
Server: 2602:ffe4:c48:0:3::3fb , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: Tengine /
Resource Hash: c5be37ef9a57cff2a5fd92363a81fc1c445b62b143e32b8aaa891b0bb5d3bd34

Request headers

Referer: http://at.alicdn.com/t/font_2805178_apwa1emhlkv.css
Origin: http://andrecostaphoto.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Sat, 24 Jun 2023 07:11:33 GMT
Via: cache20.l2sg2[0,9,200-0,H], cache38.l2sg2[11,0], cache11.vn13[39,39,200-0,M], cache14.vn13[42,0]
x-oss-request-id: 649697251F32A8303082EB45
Content-MD5: qEahladBcbkhWbKX5r43hg==
Age: 347869
X-Swift-CacheTime: 30756131
X-Cache: MISS TCP_MISS dirn:12:273807375
Connection: keep-alive
X-Swift-SaveTime: Wed, 28 Jun 2023 07:49:22 GMT
Content-Length: 1264
x-oss-object-type: Normal
Last-Modified: Sat, 25 Dec 2021 00:08:31 GMT
Server: Tengine
ETag: "A846A195A74171B92159B297E6BE3786"
Vary: Origin
Ali-Swift-Global-Savetime: 1687590693
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
x-oss-storage-class: Standard
Accept-Ranges: bytes
Timing-Allow-Origin: *
x-oss-hash-crc64ecma: 5667995947281400352
EagleId: 6b9b362216879385623006239e
x-oss-server-time: 1

GET
H/1.1 200
OK ammh.jpg
cvt.smhuyjhb.com/xinao/2023/col/179/ 69 KB
70 KB 322ms
143ms Image
image/jpeg 23.225.59.196
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cvt.smhuyjhb.com/xinao/2023/col/179/ammh.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.225.59.196 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: bd029d390a332a3c98b81c9173791ce274c6db7422f4b422f22748dda56a5465

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 02:02:24 GMT
Last-Modified: Tue, 27 Jun 2023 14:52:56 GMT
Server: nginx
ETag: "649af7c8-115a5"
X-Cache: HIT from mfy
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 71077
Expires: Fri, 28 Jul 2023 02:02:24 GMT

GET
H2 200 mhcz.jpg
tu.tuku.fit/xianggang/2023/col/73/ 32 KB
32 KB 400ms
399ms Image
image/webp 2606:4700:20::ac43:474a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tu.tuku.fit/xianggang/2023/col/73/mhcz.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4db94f07566537e7925123ddbb0bccdb5f6e143b04d192e89f4df9c458a85033

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:22 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=49222
x-powered-by: ASP.NET
content-disposition: inline; filename="mhcz.webp"
content-length: 32474
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Jun 2023 00:57:31 GMT
server: cloudflare
etag: "cf6a49845ba9d91:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r973aPkOoc3ui07W9JCFZOMdCI3rQ6%2BumIqyDkJSQT4fPi%2BNCMDtSaonGR0kRSwmwcGChV7s8kmxR2Udqgr863gEYeMntdtxCi%2B4FfgMB4SitwThlNql86UbPY9nh8qYsiV8h%2FVJRmZY"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7de4552eae921c17-FRA

GET
H/1.1 404
Not Found 886633903.gif
andrecostaphoto.com/Public/Home/images/ 548 B
548 B 149ms
149ms Image
text/html 23.231.208.161
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://andrecostaphoto.com/Public/Home/images/886633903.gif
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.231.208.161 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET
H/1.1 200
OK ampgt.jpg
cvt.smhuyjhb.com/xinao/2023/col/179/ 334 KB
334 KB 147ms
146ms Image
image/jpeg 23.225.59.196
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cvt.smhuyjhb.com/xinao/2023/col/179/ampgt.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.225.59.196 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 678c4027fc15274cda8d2338c27a14401a4c89aa44fa632e319336b2ac2e57dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 02:02:25 GMT
Last-Modified: Tue, 27 Jun 2023 14:52:56 GMT
Server: nginx
ETag: "649af7c8-53816"
X-Cache: HIT from mfy
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 342038
Expires: Fri, 28 Jul 2023 02:02:25 GMT

GET
H2 200 p9.jpg
tu.tuku.fit/xianggang/2023/col/73/ 382 KB
383 KB 418ms
417ms Image
image/webp 2606:4700:20::ac43:474a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tu.tuku.fit/xianggang/2023/col/73/p9.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4c35bbb68eaf4de68793981f550e3b55267952a78d91f6fda3528917be5db7cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=768383
x-powered-by: ASP.NET
content-disposition: inline; filename="p9.webp"
content-length: 391012
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Jun 2023 02:57:40 GMT
server: cloudflare
etag: "8c94434d6ca9d91:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiodQ%2B%2FhaspThL8%2BGaAugvcaljfgJRhZn2aJySN0LxCyYo3XJjzLgoEXwXZImnoBQXMts1LIDHzHw6oZzh4vFCXVFp9RfqwhY1F%2Bg%2Feoqh42g7DpAv2OEkncWlZ8KbGYG%2F56WerEhV3d"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7de455340d5e1c17-FRA

GET
H/1.1 200
OK pt06.jpg
cvt.smhuyjhb.com/xinao/2023/col/179/ 858 KB
858 KB 143ms
143ms Image
image/jpeg 23.225.59.196
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cvt.smhuyjhb.com/xinao/2023/col/179/pt06.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.225.59.196 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: eac57d17930ffbeb3d0edabe3427ebaf6101a7854456ad4acc591608b6f5289d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 03:55:39 GMT
Last-Modified: Tue, 27 Jun 2023 17:48:37 GMT
Server: nginx
ETag: "649b20f5-d667d"
X-Cache: HIT from mfy
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 878205
Expires: Fri, 28 Jul 2023 03:55:39 GMT

GET
H2 200 pt06.jpg
tu.tuku.fit/xianggang/2023/col/73/ 156 KB
156 KB 403ms
402ms Image
image/webp 2606:4700:20::ac43:474a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tu.tuku.fit/xianggang/2023/col/73/pt06.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:474a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0813b1b5c870fb70da6eb59e408c9dc0b75fd43e0b88b196700357304731ff16

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=250678
x-powered-by: ASP.NET
content-disposition: inline; filename="pt06.webp"
content-length: 159250
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Jun 2023 13:53:37 GMT
server: cloudflare
etag: "3971b0c5fea8d91:0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gALQQlbflEkK7byGXxojPOIdomDeJB%2B1Aqp3Sg72Glw%2BPwVRrOYx5mLyIvNMTWVHNgkmaVoYT6qo6DrbgCLpGYeKpfq%2BRj3iW52oY6kMUqfP0wXd9yhuuxLQ2LeKmQ3aetcXGqzcZFPp"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7de455340d631c17-FRA

GET
H/1.1 200
OK ymktcc.jpg
cvt.smhuyjhb.com/xinao/2023/col/179/ 74 KB
74 KB 147ms
146ms Image
image/jpeg 23.225.59.196
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cvt.smhuyjhb.com/xinao/2023/col/179/ymktcc.jpg
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/
Protocol: HTTP/1.1
Server: 23.225.59.196 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 61baefd769ee1df90f37dbb88ad3399bc728a2854f71eea03ef496dcbea4485f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 02:39:08 GMT
Last-Modified: Tue, 27 Jun 2023 17:48:11 GMT
Server: nginx
ETag: "649b20db-12727"
X-Cache: HIT from mfy
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 75559
Expires: Fri, 28 Jul 2023 02:39:08 GMT

GET
H/1.1 200
OK icate.png
andrecostaphoto.com/static/images/ 680 B
983 B 154ms
151ms Image
image/png 23.231.208.161
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://andrecostaphoto.com/static/images/icate.png
Requested by: Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/static/css/home.css?2
Protocol: HTTP/1.1
Server: 23.231.208.161 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 606916abb88fd814da43597b9528484125819c18b567a60ccceb60f8ce66f5a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/static/css/home.css?2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:24 GMT
Last-Modified: Thu, 02 Dec 2021 11:05:53 GMT
Server: nginx
ETag: "61a8a891-2a8"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 680
Expires: Fri, 28 Jul 2023 07:49:24 GMT

GET
H2 200 style.css
tk22tk3.desindforrowth.com/public/css/ Frame F608 25 KB
6 KB 16ms
15ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tk22tk3.desindforrowth.com/public/css/style.css?1687902437

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3ce9472047408dd7d7c26dacf129943b2fb0176073ec61c31387d20668f3d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19809
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 08 May 2023 06:11:33 GMT
server: cloudflare
etag: W/"64589295-6238"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDXOzLSHxgkGHnjXZw3fSWBwlDhfJfdlMGutQLtT9ilCNaSfwbiCWT2O9w74w3jyT2B7Gq0fHAhsdTs7iyft%2BO1Naxp4%2Fbs1PRnv%2BbpYNbn72ro0ngexwCXXj74%2F%2BynzCyyr3TEkUHSfeR2lceigCBqixNrHUKrtRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7de4552e6dfe1e68-FRA
expires: Wed, 28 Jun 2023 14:18:06 GMT

GET
H/1.1 200
OK jquery.min.js Show response
cdn.staticfile.org/jquery/1.11.0/ Frame F608 94 KB
34 KB 882ms
15ms Script
application/javascript 163.181.56.155
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery/1.11.0/jquery.min.js
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.155 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Log: X-Log
Date: Tue, 27 Jun 2023 14:50:55 GMT
Via: cache2.l2de2[0,0,304-0,H], cache5.l2de2[1,0], ens-cache8.de4[0,0,200-0,H], ens-cache9.de4[2,0]
Content-Encoding: gzip
X-Svr: IO
X-Reqid: c5kAAADcXE-ai2wX
Age: 61108
X-Swift-CacheTime: 86269
X-Cache: HIT TCP_MEM_HIT dirn:8:18273192
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
Connection: keep-alive
X-Swift-SaveTime: Tue, 27 Jun 2023 14:53:06 GMT
Content-Length: 33619
Last-Modified: Tue, 16 Feb 2016 04:22:54 GMT
Server: Tengine
Etag: "FrZu1whxe_C0oAWk0BE6-IQ-87j_.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1687877455
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: 2ff62b2116879385631488688e

GET
H/1.1 200
OK iframeResizer.min.js Show response
cdn.staticfile.org/iframe-resizer/4.3.6/ Frame F608 14 KB
7 KB 878ms
12ms Script
application/javascript 163.181.56.155
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/iframe-resizer/4.3.6/iframeResizer.min.js
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.155 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: f3a17dbeb1279ddd9aa45595a39b0dc40ada6fa4fc2f4e3c7cf3e460e3410c76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Log: X-Log
Date: Tue, 27 Jun 2023 16:52:34 GMT
Via: cache6.l2de2[0,0,304-0,H], cache3.l2de2[0,0], ens-cache3.de4[0,0,200-0,H], ens-cache2.de4[2,0]
Content-Encoding: gzip
X-Svr: IO
Content-Md5: 6pEo3UZUcMCgxjhUkEa1Ww==
X-Reqid: UOsAAAAQHrU9kmwX
Age: 53809
X-Swift-CacheTime: 84351
X-Cache: HIT TCP_MEM_HIT dirn:9:254126445
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="iframeResizer.min.js"; filename*=utf-8''iframeResizer.min.js
Connection: keep-alive
X-Swift-SaveTime: Tue, 27 Jun 2023 17:26:43 GMT
Content-Length: 5635
Last-Modified: Mon, 03 Apr 2023 12:44:53 GMT
Server: Tengine
Etag: "Fp_8XwCp4kVJKKS1Bk__dCBJcRzG.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1687884754
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: 2ff62b1a16879385631602255e

GET
H2 200 z_stat.php Show response
s9.cnzz.com/ Frame F608 11 KB
4 KB 1723ms
322ms Script
application/javascript 240e:978:306:8:3::3eb
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://s9.cnzz.com/z_stat.php?id=1281268442&web_id=1281268442
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:978:306:8:3::3eb , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine / PHP/5.5.25
Resource Hash: ab05a976aa1ea769d5fea99b84fcb749333f870748f58f5ffac3d82b97e634de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:25:53 GMT
content-encoding: gzip
via: cache12.l2ea120-8[0,0,200-0,H], cache40.l2ea120-8[0,0], cache16.cn5485[0,0,200-0,H], cache10.cn5485[1,0]
age: 1410
x-swift-cachetime: 3591
x-powered-by: PHP/5.5.25
x-cache: HIT TCP_MEM_HIT dirn:9:405833733
x-swift-savetime: Wed, 28 Jun 2023 07:26:02 GMT
content-length: 4051
last-modified: Wed, 28 Jun 2023 07:25:53 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1687937153
content-type: application/javascript
cache-control: max-age=1800,s-maxage=3600
timing-allow-origin: *
eagleid: 3ad80f1e16879385638562555e

GET
H2 200 amlinos.js Show response
rosansdasjhdms01.llcs.cc/asmdasda/ Frame F608 422 B
726 B 202ms
162ms Script
application/javascript 2606:4700:3032::ac43:a6a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rosansdasjhdms01.llcs.cc/asmdasda/amlinos.js?1687902437
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a6a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b019f6b56847ec64578bba4181c13c0a56a9f586f7fee0738a3dbafc5666f2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 05 Jun 2023 06:51:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13444
etag: W/"647d85d5-1a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkeSsh%2FRmfc9SM5U7tVnGViFH5yEXsdbU8mxFjDrIIpyLiJKT3s5pRmGRlpbLYVJieDjTpDblqvPXl8dK%2FzAMIbQYrIBU%2BoenM7Jsht75SA8xwfxjFvnCpRP5G98VDWPKRj9spqRcSmu9hN%2Fj1hWcmJ64iqFFkg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7de4552eba645c2c-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 28 Jun 2023 16:04:06 GMT

GET
H3 200 ffz.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 18 KB
19 KB 76ms
75ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/ffz.png

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ad1860be8f58cdd79a2c38a0fa3837163a018295a76c191783d97d3b364296f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230070
alt-svc: h3=":443"; ma=86400
content-length: 18593
last-modified: Sun, 25 Jun 2023 11:15:17 GMT
server: cloudflare
etag: "649821c5-48a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SQ3uh5YqzIfs5dNzVc9npWZYYbsvszcBOhprZqxNWcI63ZSMIFIPq7Obv7POlqWk8T6ouIoQ8YeBKk00HTzVMP%2BmlmxHnKO4S7jWc8iip0eoOpmKrHp0XjouPHd21ExOjk%2BN7ysCMPo3FDEJwpKSLc1GuKxSjqNOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342b75bb4a-FRA
expires: Tue, 25 Jul 2023 15:53:51 GMT

GET
H3 200 5166f792b9b8267528b5eb1563cab01e.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 327 KB
328 KB 33ms
29ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/5166f792b9b8267528b5eb1563cab01e.gif
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3d0592fe5cf7384396d5cfe24d713a22191b80f596bca970cb3b0746c49efcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1635945
alt-svc: h3=":443"; ma=86400
content-length: 335154
last-modified: Thu, 04 May 2023 05:05:32 GMT
server: cloudflare
etag: "64533d1c-51d32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISX7dhlpGIH7uEoPKU5tu9yUdhszfk6VjpDafqj%2BHRehYdjQ9jJt%2FZieeVV3uq4WPrej5ehepbx3z8Ca3osE2pX%2FQ32QYFRWqQmTpcZL%2FJg5DfA8DoJTfO7Ni0HusprlXXm0lTnFy%2FwMFzeunsQGgdWUA1FSR%2FsMCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342b86bb4a-FRA
expires: Sun, 09 Jul 2023 09:23:06 GMT

GET
H3 200 logoapp.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 31 KB
31 KB 83ms
78ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/logoapp.png
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78239bfa567de83cafc0ca4b553dfe5a2753a8095406ce914a3ccdef0036841f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1635943
alt-svc: h3=":443"; ma=86400
content-length: 31239
last-modified: Thu, 04 May 2023 05:19:46 GMT
server: cloudflare
etag: "64534072-7a07"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eH4khbuynfm20ImHXmN80CiY5hfEIwSGXNf2E48DtLaP30dvSQBD03QM4lsnh9UyI%2BIDfGQ0h6Uzy0%2BMQbT9N2biynll%2FW%2FC8Tx2ZDMzH87YQ8I8Kbr6GqBB8CJXlhytIsd4CGilfbcLLuCJWOLpKBFGoUox0Z2uWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342b87bb4a-FRA
expires: Sun, 09 Jul 2023 09:23:08 GMT

GET
H3 200 star-2583f290-5614d8f7.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 5 KB
5 KB 93ms
89ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/star-2583f290-5614d8f7.png
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02de150032a6bc397b93a5fc85cca8b7679a9a91be37df0758769f2ab507a668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1707513
alt-svc: h3=":443"; ma=86400
content-length: 5091
last-modified: Thu, 04 May 2023 05:07:29 GMT
server: cloudflare
etag: "64533d91-13e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cb7cfyQzK8rbdNRdQ4MAez3i91uree7xApZaT42ieNcMkV3gwDk15Iu0ctD2twQNXodRZhsnsevLX8Hd9FWD3gb5AsqxQtGUUALh6XMf7T1ynsGM%2F1Kf5Tp%2FNmNtHangZhV5DbIxVyQQ7bTmp9cSqB2SMWRPuHRWUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342b88bb4a-FRA
expires: Sat, 08 Jul 2023 13:30:20 GMT

GET
H3 200 rz-ec687ad1-3900dd29.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 5 KB
5 KB 93ms
89ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/rz-ec687ad1-3900dd29.png
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dccc8e91b78ba7b840a47fbcedc06638b698a601da38c30014878c38a8cad35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1707577
alt-svc: h3=":443"; ma=86400
content-length: 4733
last-modified: Thu, 04 May 2023 05:07:29 GMT
server: cloudflare
etag: "64533d91-127d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8AuDwQM0hMcmmkC1trYfcrdu7McT136vcjsNMMrsmrHVpBkzDanfXkokfr1VsoScKtJaPTox35BM2EkPlcLuvcafhuHOa0qDJ7%2BJN7Zevrqv%2FXgGwgP7s3muF%2BgzmxSCBZIVmQKK8glKD%2BYsLh6ceAMd1YrlDa8ATQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342b89bb4a-FRA
expires: Sat, 08 Jul 2023 13:29:16 GMT

GET
H3 200 az-e794a98a-ff96d0ac.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 4 KB
4 KB 94ms
89ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/az-e794a98a-ff96d0ac.png
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f86361830013708a83bb8ae824db42b8b05dcd33c95d3d0394ee2ff1e4985d55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1446510
alt-svc: h3=":443"; ma=86400
content-length: 4027
last-modified: Thu, 04 May 2023 05:07:29 GMT
server: cloudflare
etag: "64533d91-fbb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3A0Uc%2Bl1d3gQWOmrr5hx2QK9oDplT5WtlrrJKIvg7JjHlTHUBAyzV0k9H9l2L6E3wlWn5wV83BGqVRcCqtXwbiMuUlPdZz28A5gxa2zYa5Qql1uWcJ6TolmBAW%2Bm442%2FCWTwZwObHvbCPVysReIlA6UnmFagcLH4ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342b8abb4a-FRA
expires: Tue, 11 Jul 2023 14:00:17 GMT

GET
H3 200 ios-4a4e413f-46b533a9.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 5 KB
6 KB 70ms
66ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/ios-4a4e413f-46b533a9.png
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe7c24791c3dcb0e27fb33b8970960b39e4fb40127f1d21ce642219b1c9dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 875064
alt-svc: h3=":443"; ma=86400
content-length: 5342
last-modified: Thu, 04 May 2023 05:07:29 GMT
server: cloudflare
etag: "64533d91-14de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asEdg%2F1y5OZV2SDT9RS2vp06VCYxNLG5wLzbPwyX7ULWirGG0%2FUn5M7MEqwVBYJt%2BaHzDX7bzbUrX3V%2B6WutqJ82iYtSMOCkeUOIxlQ83GbNcTYZ2JAWLyf9bpQ%2BKWERLcJwYmSx4aPlEOzQIjlfKhcJYcc%2FJodfEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342b8bbb4a-FRA
expires: Tue, 18 Jul 2023 04:44:11 GMT

GET
H3 200 web-27eb0f3c-34d90704.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 3 KB
3 KB 69ms
65ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/web-27eb0f3c-34d90704.png

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59563fd050c2c64916c411e9ffd48319f02ae4ca5e4024a649cc7e51d1062bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1293833
alt-svc: h3=":443"; ma=86400
content-length: 2931
last-modified: Thu, 04 May 2023 05:07:29 GMT
server: cloudflare
etag: "64533d91-b73"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMRRTlfppmcuZjxi69P8UHoJ8whlAFvq5%2ByRt5oWiF277AcvksjoRH5o90BJNiWPu6Fo6aJZrcOmzYCVqHBxTO5jAUe4SiUvhNLkHxxorte6m9AGjC3HS0AAy%2F6WPERykFCHuh9iSBS0VPUUjAUQKm%2FD87BsN6GMow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342b8cbb4a-FRA
expires: Thu, 13 Jul 2023 08:24:50 GMT

GET
H3 200 003-db7ddade.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 4 KB
5 KB 69ms
65ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/003-db7ddade.gif
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1a1bdb8b8320fb8fd6045a75bb58217bfd992cb919ecd9df20289adc6a66779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 875064
alt-svc: h3=":443"; ma=86400
content-length: 4411
last-modified: Thu, 11 May 2023 15:00:24 GMT
server: cloudflare
etag: "645d0308-113b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yw%2Bx9HEx1cay%2FpBJ4E%2BNa6gWvR7zLHbbVwST8%2BeCv0kFklC2FrTWGo0Ovc7NWitXdAIY0%2FexNVGWYVKBlitTBT3Yyxo0LmiHLFWeEvJ9bh41RBFVVAcZT8jyywuVq%2BvTtASu6wslfFji1lM08NnOt%2FazbEgtp33QWA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342ba2bb4a-FRA
expires: Tue, 18 Jul 2023 04:44:11 GMT

GET
H3 200 001.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 4 KB
4 KB 67ms
63ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/001.gif

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9ad2e5cec8f4f8ea9432e3fd0a3865748fb3e8d122baf19799f2255b35ea400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420481
alt-svc: h3=":443"; ma=86400
content-length: 3956
last-modified: Thu, 11 May 2023 15:00:23 GMT
server: cloudflare
etag: "645d0307-f74"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3e87N8KMvbfdD6HgFXT0jqmuXaZevBTh0Rop6O%2BHdWg%2FcEHi8AaOQbFeMT5owJh%2FUkPaXFcunBBvcOks%2FKBdIsN2bd1NF9gCMaRmMYrHRVfq%2BT23FNpZtOUD3AT1s23sGKpWDKaIFJ5UgGYAU5xCUbCk267W166vA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342ba9bb4a-FRA
expires: Sun, 23 Jul 2023 11:00:24 GMT

GET
H3 200 768ff8e9402964cc435779dcc29f6584.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 274 KB
275 KB 57ms
53ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/768ff8e9402964cc435779dcc29f6584.gif

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79bca3d365e7b59a45454ef2202d4443a979fa6391456e09304e18830cc4331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 365420
alt-svc: h3=":443"; ma=86400
content-length: 280664
last-modified: Wed, 03 May 2023 12:57:09 GMT
server: cloudflare
etag: "64525a25-44858"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2pBK7Kqhlp9AzFPnjdt5nlsQsH%2FIkWzEl2UIpm5ce9gaJHy8dQn2UskLHty3a16Fxj2LNLiTC6r3LiF7D1qrWc18fMiEAohGSY8UCu2wGzU1WYYnltoBH2Gu9kN4pTAHD0yw82DDe5ZxAZpcck5M9C4R5%2FCMXap8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bacbb4a-FRA
expires: Mon, 24 Jul 2023 02:18:04 GMT

GET
H3 200 bd2d8cdc6b2612da494dbf543c731f76.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 329 KB
329 KB 50ms
46ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/bd2d8cdc6b2612da494dbf543c731f76.gif
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75b66b46662e742e9d10d40bdd823f0fa23737a782780c1fb27d51d8ccf95d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 875064
alt-svc: h3=":443"; ma=86400
content-length: 336546
last-modified: Wed, 03 May 2023 12:57:08 GMT
server: cloudflare
etag: "64525a24-522a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLu6MeoVP2v9OQUVLqtBIkZeY6ZmmuJDiQDaE9cD6fei2QkEG75N%2BtlS%2FcuF%2Bdml9dRIGITZwpt2ek0TSFF%2Bb2FlkaafNsH1zsG4ANz2F8N3FdppaPGi19K0pw79QpOEYEdNnrHfvQhcABDBd9nMvilpORgyuuvcng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bb2bb4a-FRA
expires: Tue, 18 Jul 2023 04:44:11 GMT

GET
H3 200 aomen_9918.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 53 KB
54 KB 39ms
35ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/aomen_9918.gif?1687902437

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b7d2dc4a526581f7950ad9631406820ea8bebe39714c8a4d2937ba0178950c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58167
alt-svc: h3=":443"; ma=86400
content-length: 54605
last-modified: Mon, 08 May 2023 07:14:53 GMT
server: cloudflare
etag: "6458a16d-d54d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LoIaJazKOWBAu7rJluWtLHDaJyIERG%2BVbMd80GLqcA5jM4ZqU2KCse9FtetgzNLH2Gi3OIeJ5P4QAg8a8EoU41evoFE%2BJF6xAYHVcxbDXb0eelxAAW6L%2FfoshGc2a%2FYdkSTAa1XV0MTQv7EaRAER%2FoMhqlszePkh9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bb7bb4a-FRA
expires: Thu, 27 Jul 2023 15:38:51 GMT

GET
H3 200 dingjian.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 21 KB
22 KB 408ms
404ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/dingjian.png

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5246ae380f294474e5bd69a918e244f94142204bab85ded436b100702c9028ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21539
last-modified: Sat, 06 May 2023 04:43:27 GMT
server: cloudflare
etag: "6455daef-5423"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmpHLX60DEDP%2FRyHkOpmFmHbbLNlLkKlFOERZQcS6Qt56mkDHinRkZucybpCzvXDyRED5MSnOnTNsrmG3qx2W0x3vgkMDgvuzxiVmuYbs2sIjz%2FK315L4f0j%2FpQd5dbJqQXTZMmQFr3khDauJqYxWwFl4gi3Dc5GTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bbbbb4a-FRA
expires: Fri, 28 Jul 2023 07:48:16 GMT

GET
H3 200 niubi.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 2 KB
3 KB 204ms
200ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/niubi.png
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd90be6c5281207943ba1ec0314a29e132669286509ea592f0ac903a7e7bd8d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1635938
alt-svc: h3=":443"; ma=86400
content-length: 2220
last-modified: Sat, 06 May 2023 04:43:26 GMT
server: cloudflare
etag: "6455daee-8ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLqm7uSEED3DZqV%2FWUt7XUN%2FFtGf%2FUNE2VjAW0RkNP07MNXQCKxhbswaviLIVxWya4IMGAqJF4ebTgE2n%2BqeRpbJHoaFfIakYwgKj%2FamR1TKKuzcFtOrYKpAELSyCGRRDvFvoVHtPJAYEjdSeXNyNNIcMeCYGy9CAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bbebb4a-FRA
expires: Sun, 09 Jul 2023 09:23:13 GMT

GET
H3 200 mashen.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 1 KB
2 KB 204ms
200ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/mashen.png
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 404093050e63f487857f1a98cb675da36ff3fb662fc863fde600efe1f8772d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1707513
alt-svc: h3=":443"; ma=86400
content-length: 1119
last-modified: Sat, 06 May 2023 04:46:39 GMT
server: cloudflare
etag: "6455dbaf-45f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dktpEcWC0PcKddrQeHb0Xu8ZvJKtXZew%2FbQWNd6cqJ0ZZ%2BkLCWTbm01AGCrWr5qFAUD2XrH%2BV17fyj6aT1o1lhTWBWw6s%2F0Msczv8M6PpbgDwv2kkBEVaX4EJ2e8hg2aPWdefYYaPW0Bqi%2Ff%2BYenbtVfKoYLoyevg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bc2bb4a-FRA
expires: Sat, 08 Jul 2023 13:30:20 GMT

GET
H3 200 1578374419755576.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 11 KB
12 KB 205ms
201ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/1578374419755576.gif

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62eb82c1fb10cae4d55b046653291a997c928303b04015ab80422f9e750b1d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1037276
alt-svc: h3=":443"; ma=86400
content-length: 11510
last-modified: Mon, 08 May 2023 06:51:10 GMT
server: cloudflare
etag: "64589bde-2cf6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efgeBsrST03r%2FmRhIwC1cu5CAPnwZtl5LxKnHfn9hoPwE1WIAk5uztmsbxNdNlvNfxENqYqScTrPzZt4Mmuam%2BE%2Fe%2B9asqor3h1x4e0%2B%2FjFDNqB4vBqP0XMcRTnKOIJC49R%2FCu1J4ofHqaDAio9lXeb8txqgYmaCgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bc4bb4a-FRA
expires: Sun, 16 Jul 2023 07:40:42 GMT

GET
H3 200 tj.jpg
tk22tk3.desindforrowth.com/public/images/ Frame F608 1 KB
2 KB 205ms
201ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/tj.jpg

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54659154abc64484637920821c6e38f4e53aa693aab371e6300fb31325dc2c7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420480
alt-svc: h3=":443"; ma=86400
content-length: 1512
last-modified: Sun, 30 Apr 2023 12:07:07 GMT
server: cloudflare
etag: "644e59eb-5e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WyramPYxZeNWPfWkPTDvj%2B%2FmqUymvrzzh4bLRoI4XPsjMAv14Eu9eZvN8LgvuvS2IR9j79yrFC%2B7RWLHQvsyESfxRveBKQOJckyhySAzAIHOj2x9xuBj4Nfms6N3xtV44EHH6jEsJ89VRzzLJRVsGqKa3WuFcnxPmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bc5bb4a-FRA
expires: Sun, 23 Jul 2023 11:00:25 GMT

GET
H/1.1 200
OK iframeResizer.contentWindow.min.js Show response
cdn.staticfile.org/iframe-resizer/4.3.6/ Frame F608 13 KB
6 KB 8ms
8ms Script
application/javascript 163.181.56.155
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/iframe-resizer/4.3.6/iframeResizer.contentWindow.min.js
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.56.155 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 115f4854ff657ac1c116497f31f64731ccf9c7e9b7ef89226bd4dd06ae00a982

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Log: X-Log
Date: Tue, 27 Jun 2023 13:58:30 GMT
Via: cache21.l2de2[0,0,304-0,H], cache3.l2de2[0,0], ens-cache1.de4[0,0,200-0,H], ens-cache9.de4[1,0]
Content-Encoding: gzip
X-Svr: IO
Content-Md5: xTJmr7FslFpaELKFIx6zPg==
X-Reqid: xwgAAAB2Th6-iGwX
Age: 64253
X-Swift-CacheTime: 86358
X-Cache: HIT TCP_MEM_HIT dirn:9:241959305
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="iframeResizer.contentWindow.min.js"; filename*=utf-8''iframeResizer.contentWindow.min.js
Connection: keep-alive
X-Swift-SaveTime: Tue, 27 Jun 2023 13:59:12 GMT
Content-Length: 5042
Last-Modified: Sat, 25 Mar 2023 13:44:52 GMT
Server: Tengine
Etag: "Fl_4IzufFmRjOAaDJAjtBzbo-O1P.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1687874310
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: 2ff62b2116879385631688736e

GET
H3 200 tu.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 4 KB
5 KB 206ms
202ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/tu.gif

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c399deab607e944bd24f5db726427ac522c65a7a353ddd35d5f90d5b7ff3808a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 247778
alt-svc: h3=":443"; ma=86400
content-length: 4416
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-1140"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDVxB7hRsRc3ymggXqhilesIPs%2F7PZYjm1GSNv2HRzfPTt7no28TAoCBQfDM%2BFYf1Ty58ignQFBBDfp%2BnSZtoU46zyPe%2FeHSt9piUvZN8xJ5l7ZMxTqltx2rZvHV9VyMt4tPpSbodQ1Dx5xTNKaCv90h13gTH6C9NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bc8bb4a-FRA
expires: Tue, 25 Jul 2023 10:58:43 GMT

GET
H3 200 hu.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 6 KB
6 KB 208ms
204ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/hu.gif
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0acaefd48f1148faef7dc87d9f567109e51ed5dbb43facaf6aa8fd4c1b44ce72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 680974
alt-svc: h3=":443"; ma=86400
content-length: 5761
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-1681"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=07MScgS76o%2BD6jyNT07Aa5NfIaiTyWo2f87yyuMEV9CE%2BDZo%2FxPl92PElRelXeBEkXmwSZOA6DkPMCAWUW9MwJYfCdVx%2F4P%2FucWAwRmxLsibGYFX29mADKv7Zb%2BIYdtAVv1CN%2BNHZVMTBtoe3C9FInbm3sJsSLirXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bc9bb4a-FRA
expires: Thu, 20 Jul 2023 10:38:56 GMT

GET
H3 200 niu.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 4 KB
4 KB 208ms
204ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/niu.gif

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

461b506f8cb11a396ffdc2cf997c5dcd1b311fc6aa5ff32cf699126af7c42013

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420480
alt-svc: h3=":443"; ma=86400
content-length: 4035
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-fc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgmNiODzFnT4xv61T5vCL1QQqGmbcBMoWCPP5%2BEHrxpEwBIwXmYDuvSHhqqQPIvvpTLqwD3gk7xmdDO%2FbTWw%2F0nO9eTAkMWhkCU9wvRTrSBMKR3D16dCfWcZtYHhKty1Xpt9Jm53w5OmMmIxxEslI6doi3rNr2o8fQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bccbb4a-FRA
expires: Sun, 23 Jul 2023 11:00:25 GMT

GET
H3 200 shu.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 4 KB
4 KB 208ms
204ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/shu.gif

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8688c4c8d1439f25ebdd555eb0e26f6a3e4a18dfd62eccab4f8eb45ebf791145

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 395087
alt-svc: h3=":443"; ma=86400
content-length: 3685
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-e65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPqvvac%2Bhb3xxfrO%2FrDf22CMtOiIjlCVO0PmQdyaNhxWNFsQpAcm%2BwL9WKlwGSDaQH3V%2FBpFynKOrMYpgn9O2XEgk%2BYXCol8TKNHOjJ%2FDmCWWwbCd4etS9NbL39kFzrjemqzI%2FUfFAWeTaRMShfYe82dy4arIKSGig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bcdbb4a-FRA
expires: Sun, 23 Jul 2023 18:03:37 GMT

GET
H3 200 zhu.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 4 KB
5 KB 208ms
205ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/zhu.gif

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

947628106c7107640cd97d4fca880d85932e224279fd31c06c7e0e6b520e17d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1293833
alt-svc: h3=":443"; ma=86400
content-length: 4300
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-10cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s37mJ3%2FGwQBUDqqOxRYcx3jkd2%2FBarftQiQudkDJcGXY0TUsWGO6DTYKDd7epEIJw20uGmJE4TmxMZ9H5JRiW7z7n%2Bu7e6XPAeCUKfd3AiZG3EKIv37KbxhcZQsKG%2FXrCmQvyw2itFM8L6v1ftRhmsK9x%2BJ0Uw5J8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bcebb4a-FRA
expires: Thu, 13 Jul 2023 08:24:50 GMT

GET
H3 200 gou.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 5 KB
5 KB 209ms
205ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/gou.gif
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9fccc477241a256dade111b792d4f942eda1ad08ce63856139de239ca4c3b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 680974
alt-svc: h3=":443"; ma=86400
content-length: 4795
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-12bb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FvS3PFNs0TqzL9o3Wq5oVlrBdwebwtIijs0CV29XT9PYqvIqSImqts0YX8dz%2Boj9Zqx9nDU7wOiWckz6gzHYFkB2v6jUq5av0H%2BulHgs6Lr0dsnhd4bnpsRjhIE1MZla%2BWOjpM3Ge8fB8cbXM4b8hPSScjg54eLWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bcfbb4a-FRA
expires: Thu, 20 Jul 2023 10:38:56 GMT

GET
H3 200 ji.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 6 KB
6 KB 209ms
205ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/ji.gif
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 218af4abd247083f68d5b37db32226b923182938c2ca2e05d79864f12698de8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 680974
alt-svc: h3=":443"; ma=86400
content-length: 5643
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-160b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kR%2FJ3EERiKApDtBZh660aodnCBBP632vmW3%2BEFfKfQARakTBEZNlOvsf5ZKFzIQkHF55holtKGIfkLDyx8VeT6S%2Fa4bRQwayewMlxox0dhGK44mFuIK51s%2BFa8NKAazr76vvpkFuk5qdyNQ1s%2Fp5Qretb%2BVSmONqwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bd1bb4a-FRA
expires: Thu, 20 Jul 2023 10:38:56 GMT

GET
H3 200 hou.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 6 KB
6 KB 209ms
205ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/hou.gif
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46d0c5b3eaff72b52b303199f62c0b6aad1adfdc8f1a5f25fba858491969204c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 680974
alt-svc: h3=":443"; ma=86400
content-length: 6044
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-179c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8b3qS2wWBvFoV4aw4Xws5r4fYyvn0W4klHz6uaCHR%2BHY2mX%2FqBl33qpybBQrXGUmp4RITKrRoIHLSNd4TubU6Mo2RQZTuMtGdp4Zikhq3G6xM4KO4%2B7t%2B2vtF4STOC3O%2Bcx5zGY1SE18C7RTy97xjsREFNptgJ00ww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bd2bb4a-FRA
expires: Thu, 20 Jul 2023 10:38:56 GMT

GET
H3 200 yang.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 4 KB
5 KB 214ms
210ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/yang.gif

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7adde7e917da8e50c17c128d1b46361c954f74129099fb8e61297de972b4804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1146065
alt-svc: h3=":443"; ma=86400
content-length: 4465
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-1171"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1TWldRh3tA0scoSFft6bw%2B8XF2jdSpG%2Fuvb%2BjVtwiJRfpH6QOReai3mggQ2%2Bc2aNtzmCdDR%2BFlj3MLSjOtWx9bW40krod7fsE2slHoqrUWRIeVU2CaG%2Bmq6emdLsLaPCfNndauECY%2Fayj00m2hZXS8o4wngiUjAow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bd3bb4a-FRA
expires: Sat, 15 Jul 2023 01:27:35 GMT

GET
H3 200 ma.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 4 KB
5 KB 215ms
211ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/ma.gif
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbcec4e26ce2f77439d9a2fd2f741e4d30974f7dd17afd4cd5c0c32678226196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 680974
alt-svc: h3=":443"; ma=86400
content-length: 4450
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-1162"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iH2dsK9oryScR8KijybYZzPmcaLql7dorSRwqxuXo9vjbU6t0%2B5Ozh1n0%2BP73cggNa%2F8Dg8d1Z7GzaYV3cqRg3%2BbkxAbyu%2BQvLhhoASjubbV9GMtPHVOUklv7byeYS1bqzfqZuxdcnGeBh7jPfJD2Do%2FEejLI2zdxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bd4bb4a-FRA
expires: Thu, 20 Jul 2023 10:38:56 GMT

GET
H3 200 she.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 4 KB
4 KB 215ms
211ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/she.gif

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a03b64240f56cd6af74f349c4f8e435c3cc248431e0511e2339ec6f18d784302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 247778
alt-svc: h3=":443"; ma=86400
content-length: 3822
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-eee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdP6fiPNLar6MBfjS0cA3GNCDPHFglhqNgNoPNwsPncfcgFFyIOL0seUVIA1ZVApxezi8tVp%2BYgbMA8ogSkASd1fxFof%2FaiJv1NhqbuxKltybKQghppErzTCEN7nIwscOWdOG9yn2L2H2DhN21UcmDZIjMyUnLFzyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bd7bb4a-FRA
expires: Tue, 25 Jul 2023 10:58:43 GMT

GET
H3 200 long.gif
tk22tk3.desindforrowth.com/public/images/ Frame F608 6 KB
7 KB 215ms
211ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/long.gif

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2afc0bcbcde8d1f189451c36772e122cfe82426da4b52d6195694b5616bd4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 485799
alt-svc: h3=":443"; ma=86400
content-length: 6467
last-modified: Sun, 21 May 2023 04:32:44 GMT
server: cloudflare
etag: "64699eec-1943"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FxJZ4Wz09UP%2BjmxzS4fY9Bii0MOTlaXCZ8khj9sX6hLf1P5MgIh64HHI7%2BykoGwoVX6UDTkrRae1jr7I1owyL2NoqDZd00JIBJoG8kVqOEVUFe%2BmvUilYCQ6Kz2s6O9iVWBpmLh0fN4eAI1ZuMTb3dpc7%2BuBtl3jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de455342bd8bb4a-FRA
expires: Sat, 22 Jul 2023 16:51:47 GMT

GET
H/1.1 200
OK kj-am.php Show response
www.yxcddq.com/ Frame E4E6 141 B
360 B 145ms
145ms Document
text/html 23.231.221.17
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.yxcddq.com/kj-am.php
Requested by: Host: www.yxcddq.com
URL: http://www.yxcddq.com/kj.php
Protocol: HTTP/1.1
Server: 23.231.221.17 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 172757698d1633f79186f5079c122860d85b8c08dbb7b6c45b23a2a54fd0bcd1

Request headers

Referer: http://www.yxcddq.com/kj.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 07:50:17 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK kj-xg.php Show response
www.yxcddq.com/ Frame E3B0 138 B
359 B 288ms
143ms Document
text/html 23.231.221.17
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.yxcddq.com/kj-xg.php
Requested by: Host: www.yxcddq.com
URL: http://www.yxcddq.com/kj.php
Protocol: HTTP/1.1
Server: 23.231.221.17 New York, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 3b91ebd5d870dca8ed4d2cb947fdd0c132b03db69052bdfac5a1b8d2042e49fc

Request headers

Referer: http://www.yxcddq.com/kj.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Jun 2023 07:50:17 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 kjb.html Show response
baidu.kkjj.vip/am/ Frame 3024 13 KB
3 KB 444ms
399ms Document
text/html 2606:4700:3032::6815:2f88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baidu.kkjj.vip/am/kjb.html
Requested by: Host: www.yxcddq.com
URL: http://www.yxcddq.com/kj-am.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2f88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 70abeb64fe0d178e7659f74aca3af495abebdc3e6b5ea5b78f770642d940a824

Request headers

Referer: http://www.yxcddq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de4553379d69064-FRA
content-encoding: br
content-type: text/html
date: Wed, 28 Jun 2023 07:49:23 GMT
last-modified: Mon, 05 Dec 2022 17:24:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECHqavvt%2Fj2FvDyztbySXnGFLyhZFYmjp2%2F5VKjhMoR1%2FEU1QNzPM1Hug3uRVI%2FJtA04R60xaIAIbkXptpzEYBLGxnTqfBFaTQa4njQJSQp2lDOxKc6CKu21fXkP61Ykbh5G9kyzI9bm6A4bgw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame F608 29 KB
12 KB 543ms
361ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1774090466e35a21aa1c8accc8e7927c

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

7edadc69c2b0bae203943ebdab81614bb2b3ffee231a8f71f41790f94f25c336

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: a34e28c01a0b1172c337e520576b57df
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11274

GET
H2 200 kjb.html Show response
xg.99kj.vip/hk/ Frame 7789 12 KB
4 KB 452ms
407ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xg.99kj.vip/hk/kjb.html
Requested by: Host: www.yxcddq.com
URL: http://www.yxcddq.com/kj-xg.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2b5fe8fedf5d669af50287bbe04d863e336e8904c419ed04fe5d5d0a0e398a31

Request headers

Referer: http://www.yxcddq.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de455347cbabb35-FRA
content-encoding: gzip
content-type: text/html
date: Wed, 28 Jun 2023 07:49:23 GMT
last-modified: Fri, 25 Nov 2022 12:42:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPC2aumcklkQyoHVragCwz8thcvIPeazZ2BXIDQ1Y%2Bbl%2FKyOj6Ukg3nQnxkX5CbvLyPmZBVNvmAV2lT1oKm%2Fg2XvEv4Am0bLgueapqzZVRqT7ePHZsNYIlF8ZFCsVS6D1iBT4LpN%2FYZ3iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: ASP.NET

GET
H2 200 rocket-loader.min.js Show response
baidu.kkjj.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 3024 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:3032::6815:2f88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://baidu.kkjj.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: baidu.kkjj.vip
URL: https://baidu.kkjj.vip/am/kjb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:2f88 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baidu.kkjj.vip/am/kjb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Jun 2023 09:29:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64941465-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hPsbRGQmH6haPyo6DVW083uGjq43quC1XDoz64Dhp%2FiZMFx6UGhiKGWv5tWPo7C8VmWwJ05Mqw%2FcVZ6JO1aW8P1cQ%2FLsKhIKTnESWZznsNknxOD1p7QOB%2Bp3VrES0%2FPJHrykPKr1Mn651O73yQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7de45535fc089064-FRA
expires: Fri, 30 Jun 2023 07:49:23 GMT

GET
H2 200 LunarSolarConverter.js Show response
baidu.kkjj.vip/js/ Frame 3024 8 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700:3032::6815:2f88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baidu.kkjj.vip/js/LunarSolarConverter.js
Requested by: Host: baidu.kkjj.vip
URL: https://baidu.kkjj.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2f88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d4e7d3e7e54e511c1782813483abd54200b0b260dcbeead81726f3f23e431279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baidu.kkjj.vip/am/kjb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 01 Jan 2022 14:44:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3
etag: W/"f27268201effd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gp9DrKQT0fbT4jSXsGv2VqJJjTdSWQvrFN9xbxn7%2Ba06Ui3Jr0ieu0DDC%2FzChDsxyCgzdKJMWrjB5n%2BBozDtbJ3%2FtsdVf99tUSe%2BmbcaYsNhiPh4hMu0XGRzl9NPrLtLSVwg%2FTO65fY%2Ftmi7mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7de455360c1c9064-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lhc.utils.js Show response
baidu.kkjj.vip/js/ Frame 3024 9 KB
3 KB 14ms
13ms Script
application/javascript 2606:4700:3032::6815:2f88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baidu.kkjj.vip/js/lhc.utils.js
Requested by: Host: baidu.kkjj.vip
URL: https://baidu.kkjj.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2f88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6187b1d5e230f7508413af95c1f380c625500d421e21cee64b452ac615b17e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baidu.kkjj.vip/am/kjb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 05 Nov 2020 02:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3
etag: W/"1cfdf41d1bb3d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tc17z%2FQS3tfi1Jzsg%2Fg40yPYoP2FywrQ7g13R3QZb4LLK0tRoRuAUGXNtcDrIp%2B%2BPGALjf2lNbsXYTOyKOaIU0AJTYZb%2F9mtIpdjLEWLt%2FZecEZBCp2IaHIWYWaHrgG5G%2FhnldvpmvyUlEyfHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7de455360c1d9064-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-1.11.2.min.js Show response
baidu.kkjj.vip/js/ Frame 3024 94 KB
34 KB 17ms
17ms Script
application/javascript 2606:4700:3032::6815:2f88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baidu.kkjj.vip/js/jquery-1.11.2.min.js
Requested by: Host: baidu.kkjj.vip
URL: https://baidu.kkjj.vip/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:2f88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://baidu.kkjj.vip/am/kjb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 18 Mar 2015 08:41:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: W/"80f4a94c5761d01:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmL54qw6kMkgQgBjNA7EjZ0ZhDXflD9hMnWq2CyI0jeR5pVbtt5eZ7O4LwocqpxIKKpCvXIyztnihzJcUGpVrOPEsc8YVkMoSm0B%2FH94bdMXyZ%2B5Y2YdBsYpy560k1SFFpJHjKGDlsHiVY%2F4eA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7de455360c1e9064-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 kj_data.js Show response
baidu.kkjj.vip/config/ Frame 3024 120 B
610 B 405ms
405ms XHR
application/javascript 2606:4700:3032::6815:2f88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baidu.kkjj.vip/config/kj_data.js?_=1687938563558
Requested by: Host: baidu.kkjj.vip
URL: https://baidu.kkjj.vip/js/jquery-1.11.2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2f88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9626239d0e72d7329160d0b734b4dea5294faae08bdd63b4093dbdefd8fd7a9e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://baidu.kkjj.vip/am/kjb.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 27 Jun 2023 13:32:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"81cbe4dcfba8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMievcUkziLH%2FbkZKO90W1bdfOTkK1VAtXnYoxl%2BAFvYnDB8RaaerFRBH2OZvBLwlRATtQr2lurU0ParqHoI1RskYIsVvK%2B9%2FMVrJo1n4VJ5dP6SRXH%2FvRgBntrL%2Ffgerp6dpWNxfFFYsVbx9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7de455364fd43804-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-1.11.2.min.js Show response
xg.99kj.vip/js/ Frame 7789 94 KB
33 KB 403ms
399ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xg.99kj.vip/js/jquery-1.11.2.min.js
Requested by: Host: xg.99kj.vip
URL: https://xg.99kj.vip/hk/kjb.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cfd79c2dd3a07640d6123d506fdeef837e991c8149365cb76976811c89b45690

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xg.99kj.vip/hk/kjb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:24 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 08 May 2021 09:49:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8050ed80ef43d71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jjEHMzAsBborSEjak9rzOxLaIzoXpMbp%2B9CNLDNzvvGP9KtLrmYdyS6zvFAmJXuNLfrPWNNlqEkVQbrVqyiXT9moh62F%2Fhiwo678SgCMuTd65YgMhw1uiUJp5gkk8Cf5UDAZml8TRsZErg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
accept-ranges: bytes
cf-ray: 7de455370fbabb35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 33477

GET
H2 200 lhc.utils.js Show response
xg.99kj.vip/js/ Frame 7789 9 KB
3 KB 431ms
428ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xg.99kj.vip/js/lhc.utils.js
Requested by: Host: xg.99kj.vip
URL: https://xg.99kj.vip/hk/kjb.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6187b1d5e230f7508413af95c1f380c625500d421e21cee64b452ac615b17e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xg.99kj.vip/hk/kjb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:24 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Thu, 05 Nov 2020 18:02:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3cf66e09db3d61:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1S%2BXQe5U4E1bg1YNpXBdIUCfd8oaXzKgBWF1g29Ajk9yYkaBT6Tiq99srvRp9CA11hxqqHR2ciKnB34j16tZq94%2BAskOEB1DsXM2pSHi%2F3OGLOR%2BnOkaV8dMdTsv97Y7WXk8NFWNU%2FCmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
accept-ranges: bytes
cf-ray: 7de455370fbbbb35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3189

GET
H2 200 LunarSolarConverter.js Show response
xg.99kj.vip/js/ Frame 7789 8 KB
4 KB 404ms
402ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xg.99kj.vip/js/LunarSolarConverter.js
Requested by: Host: xg.99kj.vip
URL: https://xg.99kj.vip/hk/kjb.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d4e7d3e7e54e511c1782813483abd54200b0b260dcbeead81726f3f23e431279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xg.99kj.vip/hk/kjb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:24 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 01 Jan 2022 14:54:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2543b861fffd71:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLGkGJ6lreYqumWYxMRWx4caOJS1SCSZcXJutYFbKdXvGAZEjD4nJEyPDdL%2FtKyddYwloIbcpxhHG4uA7zXUmc3Vq6RIw7Uijsga3pfj9x15IWRKAitAOM9S7L6D3lF7FohJZlvkVZOGXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
accept-ranges: bytes
cf-ray: 7de455370fbcbb35-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3307

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 379ms
379ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=921624987&si=369f705cbf251ace338d6af5bb506b3f&v=1.3.0&lv=1&sn=19104&r=0&ww=1600&u=http%3A%2F%2Fandrecostaphoto.com%2F&tt=%E9%A6%99%E6%B8%AF%E6%AD%A3%E7%89%88%E8%B5%84%E6%96%99%E5%85%8D%E8%B4%B9%E6%9B%B4%E6%96%B02023%2C2023%E9%A6%99%E6%B8%AF6%E5%90%88%E5%92%8C%E5%BD%A9%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C%E8%AE%B0%E5%BD%95%2C%E6%BE%B3%E9%97%A8%E7%B2%BE%E5%87%86%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%E5%87%86%E7%A1%AE%2C%E6%BE%B3%E9%97%A8%E4%B8%89%E8%82%96%E4%B8%89%E7%A0%81%E6%9C%9F%E6%9C%9F%E5%87%86%E5%85%8D%E8%B4%B9%2C%E6%BE%B3%E9%97%A8%E7%89%B9%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%E6%9C%9F%E6%9C%9F%E5%87%86%E5%85%8D%E8%B4%B9%E6%8F%90%E4%BE%9B

Requested by

Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 07:49:24 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 374ms
373ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1885412104&si=d27ca77246cb80eb1c2d8508d662c775&v=1.3.0&lv=1&sn=19104&r=0&ww=1600&u=http%3A%2F%2Fandrecostaphoto.com%2F&tt=%E9%A6%99%E6%B8%AF%E6%AD%A3%E7%89%88%E8%B5%84%E6%96%99%E5%85%8D%E8%B4%B9%E6%9B%B4%E6%96%B02023%2C2023%E9%A6%99%E6%B8%AF6%E5%90%88%E5%92%8C%E5%BD%A9%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C%E8%AE%B0%E5%BD%95%2C%E6%BE%B3%E9%97%A8%E7%B2%BE%E5%87%86%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%E5%87%86%E7%A1%AE%2C%E6%BE%B3%E9%97%A8%E4%B8%89%E8%82%96%E4%B8%89%E7%A0%81%E6%9C%9F%E6%9C%9F%E5%87%86%E5%85%8D%E8%B4%B9%2C%E6%BE%B3%E9%97%A8%E7%89%B9%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%E6%9C%9F%E6%9C%9F%E5%87%86%E5%85%8D%E8%B4%B9%E6%8F%90%E4%BE%9B

Requested by

Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 07:49:24 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 core.php Show response
c.cnzz.com/ Frame F608 970 B
915 B 302ms
301ms Script
application/javascript 240e:978:306:8:3::3eb
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://c.cnzz.com/core.php?web_id=1281268442&t=z
Requested by: Host: s9.cnzz.com
URL: https://s9.cnzz.com/z_stat.php?id=1281268442&web_id=1281268442
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:978:306:8:3::3eb , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine / PHP/5.5.25
Resource Hash: 399e866cbd3243554b0032aa37fecde3591672f4cbe5c6a8b912ad2a74ca4088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:39:15 GMT
content-encoding: gzip
via: cache11.l2ea120-8[0,0,200-0,H], cache22.l2ea120-8[0,0], cache5.cn5485[0,0,200-0,H], cache10.cn5485[3,0]
age: 609
x-swift-cachetime: 882
x-powered-by: PHP/5.5.25
x-cache: HIT TCP_MEM_HIT dirn:10:386272804
x-swift-savetime: Wed, 28 Jun 2023 07:39:33 GMT
content-length: 621
last-modified: Wed, 28 Jun 2023 07:39:15 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1687937955
content-type: application/javascript
timing-allow-origin: *
eagleid: 3ad80f1e16879385641925375e
expires: Wed, 28 Jun 2023 07:54:15 GMT

GET
H2 200 stat.htm
z12.cnzz.com/ Frame F608 2 B
123 B 1675ms
290ms Image
text/html 240e:97b:500:2000::6
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z12.cnzz.com/stat.htm?id=1281268442&r=http%3A%2F%2Fandrecostaphoto.com%2F&lg=en-us&ntime=none&cnzz_eid=none&showp=1600x1200&p=https%3A%2F%2Ftk22tk3.desindforrowth.com%2F&t=%E6%BE%B3%E9%97%A8%E9%AB%98%E6%89%8B%E7%BD%91%E4%B8%A8%E4%B8%93%E4%B8%9A%E8%A7%A3%E8%B7%91%E7%8B%97%E8%AF%97%E5%9B%BE%EF%BC%8C%E8%A7%A3%E6%BE%B3%E9%97%A8%E6%8C%82%E7%89%8C%EF%BC%8C%E8%A7%A3%E7%8E%84%E6%9C%BA%E5%9B%BE%EF%BC%8C%E6%BE%B3%E9%97%A8%E9%AB%98%E6%89%8B%E7%BD%91%EF%BC%8C%E4%B8%80%E8%82%96%E4%B8%AD%E7%89%B9%E5%85%8D%E8%B4%B9%E5%85%AC%E5%BC%80%EF%BC%8C...&umuuid=18900fa7fcc39b-0a58b4cbdfb1a8-6a335054-1d4c00-18900fa7fcdd9d&h=1&rnd=1042847861
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 240e:97b:500:2000::6 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:25 GMT
content-encoding: gzip
server: Tengine
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2

200

8ac.php Show response
www.guestson.com/9/ Frame 7789
Redirect Chain

https://cnzznnz.com/9/8ac.php
https://www.guestson.com/9/8ac.php

0
152 B

712ms
190ms

Script
text/html

103.60.108.145
GIGABIT-MY Gigabi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.guestson.com/9/8ac.php

Requested by

Host: xg.99kj.vip
URL: https://xg.99kj.vip/hk/kjb.html

Protocol

Server

103.60.108.145 , Hong Kong, ASN55720 (GIGABIT-MY Gigabit Hosting Sdn Bhd, MY),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://xg.99kj.vip/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:25 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=gb2312

Redirect headers

date: Wed, 28 Jun 2023 07:49:24 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FJlWMWG16n7ubJ7r1Nps2GTYtXuo0XYZm3OOyiprAe%2FD0KogKcL6c5yc3yxMw91%2BMOm%2FdT3CmqPU%2B%2FGckCKIQ45ErLdQtYBjQG%2BbvLUv%2F9JmCLVv0benOEauM3Q%2F2Ptg2jPg2T9X2Bmew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://www.guestson.com/9/8ac.php
cf-ray: 7de4553a0f909a41-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 339ms
339ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2001156802&si=cf734b1e97de6349f884209da2b2674d&v=1.3.0&lv=1&sn=19104&r=0&ww=1600&u=http%3A%2F%2Fandrecostaphoto.com%2F&tt=%E9%A6%99%E6%B8%AF%E6%AD%A3%E7%89%88%E8%B5%84%E6%96%99%E5%85%8D%E8%B4%B9%E6%9B%B4%E6%96%B02023%2C2023%E9%A6%99%E6%B8%AF6%E5%90%88%E5%92%8C%E5%BD%A9%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C%E8%AE%B0%E5%BD%95%2C%E6%BE%B3%E9%97%A8%E7%B2%BE%E5%87%86%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%E5%87%86%E7%A1%AE%2C%E6%BE%B3%E9%97%A8%E4%B8%89%E8%82%96%E4%B8%89%E7%A0%81%E6%9C%9F%E6%9C%9F%E5%87%86%E5%85%8D%E8%B4%B9%2C%E6%BE%B3%E9%97%A8%E7%89%B9%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%E6%9C%9F%E6%9C%9F%E5%87%86%E5%85%8D%E8%B4%B9%E6%8F%90%E4%BE%9B

Requested by

Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 07:49:24 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 361ms
360ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=634239922&si=f01e8e8b776764931fabd5716b39845a&v=1.3.0&lv=1&sn=19104&r=0&ww=1600&u=http%3A%2F%2Fandrecostaphoto.com%2F&tt=%E9%A6%99%E6%B8%AF%E6%AD%A3%E7%89%88%E8%B5%84%E6%96%99%E5%85%8D%E8%B4%B9%E6%9B%B4%E6%96%B02023%2C2023%E9%A6%99%E6%B8%AF6%E5%90%88%E5%92%8C%E5%BD%A9%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C%E8%AE%B0%E5%BD%95%2C%E6%BE%B3%E9%97%A8%E7%B2%BE%E5%87%86%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%E5%87%86%E7%A1%AE%2C%E6%BE%B3%E9%97%A8%E4%B8%89%E8%82%96%E4%B8%89%E7%A0%81%E6%9C%9F%E6%9C%9F%E5%87%86%E5%85%8D%E8%B4%B9%2C%E6%BE%B3%E9%97%A8%E7%89%B9%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%E6%9C%9F%E6%9C%9F%E5%87%86%E5%85%8D%E8%B4%B9%E6%8F%90%E4%BE%9B

Requested by

Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 07:49:24 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame F608 43 B
299 B 347ms
347ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=557&et=0&ja=0&ln=en-us&lo=0&rnd=1790178415&si=1774090466e35a21aa1c8accc8e7927c&su=http%3A%2F%2Fandrecostaphoto.com%2F&v=1.3.0&lv=1&sn=19104&r=0&ww=1600&u=https%3A%2F%2Ftk22tk3.desindforrowth.com%2F&tt=%E6%BE%B3%E9%97%A8%E9%AB%98%E6%89%8B%E7%BD%91%E4%B8%A8%E4%B8%93%E4%B8%9A%E8%A7%A3%E8%B7%91%E7%8B%97%E8%AF%97%E5%9B%BE%EF%BC%8C%E8%A7%A3%E6%BE%B3%E9%97%A8%E6%8C%82%E7%89%8C%EF%BC%8C%E8%A7%A3%E7%8E%84%E6%9C%BA%E5%9B%BE%EF%BC%8C%E6%BE%B3%E9%97%A8%E9%AB%98%E6%89%8B%E7%BD%91%EF%BC%8C%E4%B8%80%E8%82%96%E4%B8%AD%E7%89%B9%E5%85%8D%E8%B4%B9%E5%85%AC%E5%BC%80%EF%BC%8C%E6%89%8B%E6%9C%BA%E7%9C%8B%E5%BC%80%E5%A5%96%EF%BC%8C%E5%85%8D%E8%B4%B9%E8%B5%84%E6%96%99%EF%BC%8C%E6%89%8B%E6%9C%BA%E5%85%AD%E5%90%88%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C%EF%BC%8C%E7%8E%B0%E5%9C%BA%E6%91%87%E5%A5%96%E7%9B%B4%E6%92%AD%EF%BC%8C%E5%85%8D%E8%B4%B9%E8%B5%84%E6%96%99%EF%BC%81

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 07:49:24 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 367ms
367ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=63514456&si=4344a42934a733de778e35d0ed1cd49e&v=1.3.0&lv=1&sn=19104&r=0&ww=1600&u=http%3A%2F%2Fandrecostaphoto.com%2F&tt=%E9%A6%99%E6%B8%AF%E6%AD%A3%E7%89%88%E8%B5%84%E6%96%99%E5%85%8D%E8%B4%B9%E6%9B%B4%E6%96%B02023%2C2023%E9%A6%99%E6%B8%AF6%E5%90%88%E5%92%8C%E5%BD%A9%E5%BC%80%E5%A5%96%E7%BB%93%E6%9E%9C%E8%AE%B0%E5%BD%95%2C%E6%BE%B3%E9%97%A8%E7%B2%BE%E5%87%86%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%E5%87%86%E7%A1%AE%2C%E6%BE%B3%E9%97%A8%E4%B8%89%E8%82%96%E4%B8%89%E7%A0%81%E6%9C%9F%E6%9C%9F%E5%87%86%E5%85%8D%E8%B4%B9%2C%E6%BE%B3%E9%97%A8%E7%89%B9%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%E6%9C%9F%E6%9C%9F%E5%87%86%E5%85%8D%E8%B4%B9%E6%8F%90%E4%BE%9B

Requested by

Host: andrecostaphoto.com
URL: http://andrecostaphoto.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://andrecostaphoto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Jun 2023 07:49:24 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 9.gif
cnzz.mmstat.com/ Frame F608 43 B
464 B 1512ms
311ms Image
image/gif 2401:b180:7003::2e
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cnzz.mmstat.com/9.gif?abc=1&rnd=208165929
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2401:b180:7003::2e , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Jun 2023 07:49:25 GMT
server: nginx
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 amkjlins.html Show response
rosansdasjhdms01.llcs.cc/asmdasda/ Frame 6768 97 KB
31 KB 396ms
395ms Document
text/html 2606:4700:3032::ac43:a6a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rosansdasjhdms01.llcs.cc/asmdasda/amkjlins.html
Requested by: Host: rosansdasjhdms01.llcs.cc
URL: https://rosansdasjhdms01.llcs.cc/asmdasda/amlinos.js?1687902437
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a6a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59d6a897faea3354bdb8f29cf1e22df14101e0e7fb1aaac42cf7ddeb1cd55a7b

Request headers

Referer: https://tk22tk3.desindforrowth.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7de4553b4d6b5c2c-FRA
content-encoding: br
content-type: text/html
date: Wed, 28 Jun 2023 07:49:24 GMT
last-modified: Tue, 27 Jun 2023 14:08:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACIaXimxxbMF91ril%2FNuhIprRK38p3MfFnWYTRapuvjquAHv2jadbIHzXSK7oMICySeUNkFVSNopa4%2BfL2rPrslZ8f4c%2BQhkt5R1zG0trKV7emomG%2FPrOUn0IzlBiEKHK6Oxqr%2FmSadg1u3U8a8orLxGLgHi4TY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 logo.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 25 KB
26 KB 14ms
13ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tk22tk3.desindforrowth.com/public/images/logo.png

Requested by

Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/public/css/style.css?1687902437

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af22df332d78346feb6aa55298a6dfba948ee94092fa07795924915cd1688310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/public/css/style.css?1687902437
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:24 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 420480
alt-svc: h3=":443"; ma=86400
content-length: 25609
last-modified: Fri, 26 May 2023 06:31:40 GMT
server: cloudflare
etag: "6470524c-6409"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHtdRQ4FZaZ91QCD9mmYgapPio%2Bt83WYHMTFsh%2Ble%2BV6aQ84Cu37Cg5U36x%2BBZXtzmPvP5ul4RXEfMe0RQSsuXvu52vSorXY4bA%2BdCgqystKTgMI3GBcHpugjQumFOCIopB5xaG5Fv2TJzO3bfz%2FCn6M%2BgIrMcPDkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de4553b5bd3bb4a-FRA
expires: Sun, 23 Jul 2023 11:00:25 GMT

GET
H3 200 user.png
tk22tk3.desindforrowth.com/public/images/ Frame F608 1 KB
2 KB 18ms
18ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tk22tk3.desindforrowth.com/public/images/user.png
Requested by: Host: tk22tk3.desindforrowth.com
URL: https://tk22tk3.desindforrowth.com/public/css/style.css?1687902437
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5afd41c0f357466a6eca2e4eebdeb0b15d4eda87c4a9d42dd8bece0545a21dd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tk22tk3.desindforrowth.com/public/css/style.css?1687902437
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:24 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1707512
alt-svc: h3=":443"; ma=86400
content-length: 1441
last-modified: Sat, 29 Apr 2023 07:55:44 GMT
server: cloudflare
etag: "644ccd80-5a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khR16SXp6QljXdnezDTQCnBeiYchrpj7yNUczoBkUfyCmX%2Fe0Qi3TPh3gLMvTvhhVZoKb6uUYm9Hg6LLy0zBDqXmLscgFenCq4bHh99XOSEUbu29M2H%2BLGzYwu1Snd%2F%2BUmbwZUsyMnk2abC1gUmGDD7lTEcH2uQt%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7de4553b5bd4bb4a-FRA
expires: Sat, 08 Jul 2023 13:30:22 GMT

GET
H/1.1 200
OK jquery.min.js Show response
libs.baidu.com/jquery/1.10.2/ Frame 6768 91 KB
33 KB 2289ms
276ms Script
application/x-javascript 39.156.66.111
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.baidu.com/jquery/1.10.2/jquery.min.js

Requested by

Host: rosansdasjhdms01.llcs.cc
URL: https://rosansdasjhdms01.llcs.cc/asmdasda/amkjlins.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),

Reverse DNS

Software

Apache /

Resource Hash

c1bcc5f2066e4476e6dbab0b5a9b9700b86f4d6ebeb2900d73ee97e53753d4f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=87600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosansdasjhdms01.llcs.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 28 Jun 2023 07:49:26 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=87600
Last-Modified: Wed, 07 Jan 2015 09:16:30 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 28 Jul 2023 07:49:26 GMT

GET
H3 200 kj_data.js Show response
xg.99kj.vip/config/ Frame 7789 120 B
729 B 400ms
399ms XHR
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xg.99kj.vip/config/kj_data.js?_=1687938564106
Requested by: Host: xg.99kj.vip
URL: https://xg.99kj.vip/js/jquery-1.11.2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7438102c25d1eb675e1623eceb0e3c9c06a4e3fd8c12c0a1402e126d7861854c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://xg.99kj.vip/hk/kjb.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:25 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 27 Jun 2023 13:34:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ae588028fca8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bpNK%2B%2BVLHKM9yrvaU9yYuo4H218gisXohjL6ZK6HaS3haLK%2BHiszwVH3f%2FixiffZZIIiFVkII%2BZ%2BiWQW6hDICfmxbgSZ5Wje8mnu3%2F%2BgsbOwz6%2BTqs0e%2BzNitgNfDCKBBoiAkoNa4me8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
accept-ranges: bytes
cf-ray: 7de45540f95f377c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 216

GET
H3 200 kj_data.js Show response
baidu.kkjj.vip/config/ Frame 3024 120 B
577 B 429ms
429ms XHR
application/javascript 2606:4700:3032::6815:2f88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://baidu.kkjj.vip/config/kj_data.js?_=1687938563559
Requested by: Host: baidu.kkjj.vip
URL: https://baidu.kkjj.vip/js/jquery-1.11.2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2f88 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9626239d0e72d7329160d0b734b4dea5294faae08bdd63b4093dbdefd8fd7a9e

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://baidu.kkjj.vip/am/kjb.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 27 Jun 2023 13:32:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"81cbe4dcfba8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2SpnynUwq2tBEiHbzii4Nh1yDyZvr9VGMUTs%2BTO%2BugpZ1%2Fi93AspWMbwrnpdJS%2FjPPQfE4b86Qquv0vNERKmfnsrKFsaeZD%2BnyChzFtYU7qWh5J0iPKhr22wuV4J5iAJFeKO4D%2B%2F0k0i%2B%2Bssg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7de455581c1f3804-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bmam.js Show response
api.493210.com/ Frame 6768 125 B
421 B 637ms
200ms XHR
application/javascript 216.83.43.223

General

Check archive.org

Show headers Download Go to

Full URL

https://api.493210.com/bmam.js?&?1687938569520

Requested by

Host: libs.baidu.com
URL: https://libs.baidu.com/jquery/1.10.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.43.223 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f990c02ca08c73e25431e82cfdd7978acec62a38b0aa9ffc538a4bcef8415c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://rosansdasjhdms01.llcs.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:30 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 28 Jun 2023 07:49:02 GMT
server: nginx
etag: "649be5ee-7d"
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 125
expires: Wed, 28 Jun 2023 19:49:30 GMT

GET
H3 200 kj_data.js Show response
xg.99kj.vip/config/ Frame 7789 120 B
682 B 399ms
399ms XHR
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xg.99kj.vip/config/kj_data.js?_=1687938564107
Requested by: Host: xg.99kj.vip
URL: https://xg.99kj.vip/js/jquery-1.11.2.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7438102c25d1eb675e1623eceb0e3c9c06a4e3fd8c12c0a1402e126d7861854c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://xg.99kj.vip/hk/kjb.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 27 Jun 2023 13:34:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "ae588028fca8d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZSxsdik5UlMsUm5Zr27qFePsaxdSg%2FhGg9DeYjVnzxdMdEr2aF18PSdh1su0s9tnjPHBZC1Rq2%2BABZ88Fld5JATmCPhu67%2BpjTXZLBpqY4YagH2tRSnMn5s2E1rkKW2ZeMRQhmWgZ0KF7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
accept-ranges: bytes
cf-ray: 7de45562cca6377c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 216

GET
H2 200 bmam.js Show response
api.493210.com/ Frame 6768 125 B
420 B 201ms
201ms XHR
application/javascript 216.83.43.223

General

Check archive.org

Show headers Download Go to

Full URL

https://api.493210.com/bmam.js?&?1687938571518

Requested by

Host: libs.baidu.com
URL: https://libs.baidu.com/jquery/1.10.2/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.43.223 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

f990c02ca08c73e25431e82cfdd7978acec62a38b0aa9ffc538a4bcef8415c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://rosansdasjhdms01.llcs.cc/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 28 Jun 2023 07:49:31 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 28 Jun 2023 07:49:02 GMT
server: nginx
etag: "649be5ee-7d"
access-control-allow-methods: GET,POST
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=43200
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 125
expires: Wed, 28 Jun 2023 19:49:31 GMT

GET bmam.js
api.493210.com/ Frame 6768 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.493210.com
URL: https://api.493210.com/bmam.js?&?1687938573518

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
andrecostaphoto.com/	1969-12-31 23:59:59	Name: CMS_Session_ID Value: iko8r240fp0ks0jktqhl2otisb
.hm.baidu.com/	1970-01-20 22:28:18	Name: HMACCOUNT_BFESS Value: CE9A25335F04FBB8
.andrecostaphoto.com/	1970-01-20 21:37:54	Name: Hm_lvt_369f705cbf251ace338d6af5bb506b3f Value: 1687938564
.andrecostaphoto.com/	1969-12-31 23:59:59	Name: Hm_lpvt_369f705cbf251ace338d6af5bb506b3f Value: 1687938564
.andrecostaphoto.com/	1970-01-20 21:37:54	Name: Hm_lvt_d27ca77246cb80eb1c2d8508d662c775 Value: 1687938564
.andrecostaphoto.com/	1969-12-31 23:59:59	Name: Hm_lpvt_d27ca77246cb80eb1c2d8508d662c775 Value: 1687938564
.andrecostaphoto.com/	1970-01-20 21:37:54	Name: Hm_lvt_cf734b1e97de6349f884209da2b2674d Value: 1687938564
.andrecostaphoto.com/	1969-12-31 23:59:59	Name: Hm_lpvt_cf734b1e97de6349f884209da2b2674d Value: 1687938564
.andrecostaphoto.com/	1970-01-20 21:37:54	Name: Hm_lvt_f01e8e8b776764931fabd5716b39845a Value: 1687938564
.andrecostaphoto.com/	1969-12-31 23:59:59	Name: Hm_lpvt_f01e8e8b776764931fabd5716b39845a Value: 1687938564
.andrecostaphoto.com/	1970-01-20 21:37:54	Name: Hm_lvt_4344a42934a733de778e35d0ed1cd49e Value: 1687938564
.andrecostaphoto.com/	1969-12-31 23:59:59	Name: Hm_lpvt_4344a42934a733de778e35d0ed1cd49e Value: 1687938564
.mmstat.com/	1970-01-20 22:28:18	Name: cna Value: BdQiHULD4koBASoBBKD2zHM0
.cnzz.mmstat.com/	1969-12-31 23:59:59	Name: sca Value: 50d56133
.cnzz.mmstat.com/	1969-12-31 23:59:59	Name: atpsida Value: 4e4a460025bde9fe3147825b_1687938565_1
.baidu.com/	1970-01-20 22:28:18	Name: BAIDUID_BFESS Value: A3EFD666DB61C8550A6BFD4490AE6FF6:FG=1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://qqww88ee.com/mm2.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://andrecostaphoto.com/Public/Home/images/886633903.gif Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

andrecostaphoto.com
api.493210.com
at.alicdn.com
baidu.kkjj.vip
c.cnzz.com
cdn.staticfile.org
cnzz.mmstat.com
cnzznnz.com
cvt.smhuyjhb.com
gp1.48gp.biz
h.yxl99968.com
hm.baidu.com
libs.baidu.com
qqww88ee.com
rosansdasjhdms01.llcs.cc
s9.cnzz.com
tk2.jixingkaisuo.com
tk22tk3.desindforrowth.com
tu.tuku.fit
www.guestson.com
www.yxcddq.com
xg.99kj.vip
z12.cnzz.com
api.493210.com
103.235.46.191
103.60.108.145
16.163.1.215
163.181.56.155
216.83.43.223
23.225.59.196
23.231.208.161
23.231.208.2
23.231.217.218
23.231.221.17
2401:b180:7003::2e
240e:978:306:8:3::3eb
240e:97b:500:2000::6
2602:ffe4:c48:0:3::3fb
2606:4700:20::ac43:474a
2606:4700:3032::6815:2f88
2606:4700:3032::ac43:a6a2
2606:4700:3035::6815:d22
2a06:98c1:3120::3
2a06:98c1:3121::3
39.156.66.111
45.61.234.248
02de150032a6bc397b93a5fc85cca8b7679a9a91be37df0758769f2ab507a668
042f5e1bd11672fcb44421a233653f6d49e171c276b254f2f63b42ee4eaa1d89
0813b1b5c870fb70da6eb59e408c9dc0b75fd43e0b88b196700357304731ff16
0acaefd48f1148faef7dc87d9f567109e51ed5dbb43facaf6aa8fd4c1b44ce72
0b2ecb95891142c9a8ee4a3aef30d22aa800c89dab4276ffd0c8a8e043065b13
0f74b10abecb5ba04030eac696954e4e9ac1f4849c221ccfff70816ad3152518
115f4854ff657ac1c116497f31f64731ccf9c7e9b7ef89226bd4dd06ae00a982
172757698d1633f79186f5079c122860d85b8c08dbb7b6c45b23a2a54fd0bcd1
218af4abd247083f68d5b37db32226b923182938c2ca2e05d79864f12698de8b
21b7d2dc4a526581f7950ad9631406820ea8bebe39714c8a4d2937ba0178950c
2b5fe8fedf5d669af50287bbe04d863e336e8904c419ed04fe5d5d0a0e398a31
30158be843270aadbdc2c678906e53e5a1ce1276a30e38d5eb625bd07fd2f9a5
3991866cbb3296483717573269466df5c2f244877a98e6e02fda238052605309
399e866cbd3243554b0032aa37fecde3591672f4cbe5c6a8b912ad2a74ca4088
3ad1860be8f58cdd79a2c38a0fa3837163a018295a76c191783d97d3b364296f
3b91ebd5d870dca8ed4d2cb947fdd0c132b03db69052bdfac5a1b8d2042e49fc
3fe7c24791c3dcb0e27fb33b8970960b39e4fb40127f1d21ce642219b1c9dcc1
404093050e63f487857f1a98cb675da36ff3fb662fc863fde600efe1f8772d8d
4141c1bf81f89a3d021adf58bd78f2d8ffd810a8d33d66ae3f274ad9768bb2db
461b506f8cb11a396ffdc2cf997c5dcd1b311fc6aa5ff32cf699126af7c42013
46d0c5b3eaff72b52b303199f62c0b6aad1adfdc8f1a5f25fba858491969204c
4a99d8179b7cfef4a2366b23196abf40ff91d512c75f83233c6824d7a22cd2f8
4b019f6b56847ec64578bba4181c13c0a56a9f586f7fee0738a3dbafc5666f2a
4c35bbb68eaf4de68793981f550e3b55267952a78d91f6fda3528917be5db7cf
4db94f07566537e7925123ddbb0bccdb5f6e143b04d192e89f4df9c458a85033
5246ae380f294474e5bd69a918e244f94142204bab85ded436b100702c9028ed
54659154abc64484637920821c6e38f4e53aa693aab371e6300fb31325dc2c7d
59563fd050c2c64916c411e9ffd48319f02ae4ca5e4024a649cc7e51d1062bc5
59d6a897faea3354bdb8f29cf1e22df14101e0e7fb1aaac42cf7ddeb1cd55a7b
5afd41c0f357466a6eca2e4eebdeb0b15d4eda87c4a9d42dd8bece0545a21dd0
606916abb88fd814da43597b9528484125819c18b567a60ccceb60f8ce66f5a6
6187b1d5e230f7508413af95c1f380c625500d421e21cee64b452ac615b17e41
61baefd769ee1df90f37dbb88ad3399bc728a2854f71eea03ef496dcbea4485f
62eb82c1fb10cae4d55b046653291a997c928303b04015ab80422f9e750b1d1e
62eda6f792b9f9ed76d8c4f2782adce840121bc3b1c5f6c2aa3616419b3f4ac4
6585ebd4a2f78e42dfe87dcbce87eab2d7eb7c241acf6ac48086d2359b63af4b
678c4027fc15274cda8d2338c27a14401a4c89aa44fa632e319336b2ac2e57dd
69a46c286eef58dfc35f26040dfbc847986ebb12db12d14603faf78faecbbd0e
6c1a56367032d031feb64ec8dda18f6fc4722d20ccf9391fdad5942e3d46fc31
6edc4216ecb5e1cae75abe76315f121945f0c3745be6fb616e078541f6788aa7
70abeb64fe0d178e7659f74aca3af495abebdc3e6b5ea5b78f770642d940a824
72dc4ffb538220f5e81ff70367e15f85dbbc34bde9b679a0631a736c04292845
7438102c25d1eb675e1623eceb0e3c9c06a4e3fd8c12c0a1402e126d7861854c
75b66b46662e742e9d10d40bdd823f0fa23737a782780c1fb27d51d8ccf95d32
78239bfa567de83cafc0ca4b553dfe5a2753a8095406ce914a3ccdef0036841f
7962b57eac96b3f0e27e9c5a0eb8fc7fd19ba7c97caedd0b4068f11b5198eabb
7e2c50a572280f83602e4eae7bcb60ee451fe750f9cf30528d60b99188f0f2d5
7edadc69c2b0bae203943ebdab81614bb2b3ffee231a8f71f41790f94f25c336
85ed9209c0d6a2bba264162d1e490e1f46a52016e646fa98a5e3875a4de7131b
8688c4c8d1439f25ebdd555eb0e26f6a3e4a18dfd62eccab4f8eb45ebf791145
947628106c7107640cd97d4fca880d85932e224279fd31c06c7e0e6b520e17d8
9626239d0e72d7329160d0b734b4dea5294faae08bdd63b4093dbdefd8fd7a9e
9dbccf333c83ef08160e445d48118e269a20f63f83e1201de4d19757b2034818
a03b64240f56cd6af74f349c4f8e435c3cc248431e0511e2339ec6f18d784302
a09d9dbdec0a61ec2984b5f9d275c4026c61f93b02062a24de67c53bc1b71454
a3360c153a6df7158939fc16a17434d1ce87b899452123460a2a8d101390f4b0
a418be080cbf6c86bfabd2027b21b766611f476abde2fe257fef3f5b5053258a
a433ba91d30c446dc4a7e4f24191459a36032964c5348cd8837dbd3b2d198e89
aa632e2b0a0108de2780793c2bd6407eebb9de48994a4b9e4ba357b9295f573b
ab05a976aa1ea769d5fea99b84fcb749333f870748f58f5ffac3d82b97e634de
af22df332d78346feb6aa55298a6dfba948ee94092fa07795924915cd1688310
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b9ad2e5cec8f4f8ea9432e3fd0a3865748fb3e8d122baf19799f2255b35ea400
bd029d390a332a3c98b81c9173791ce274c6db7422f4b422f22748dda56a5465
bd87b277ab23a31f82c177ae878c76ec0f927129a20468de02850ea267d8e4e6
c1bcc5f2066e4476e6dbab0b5a9b9700b86f4d6ebeb2900d73ee97e53753d4f9
c399deab607e944bd24f5db726427ac522c65a7a353ddd35d5f90d5b7ff3808a
c3ce9472047408dd7d7c26dacf129943b2fb0176073ec61c31387d20668f3d79
c3d0592fe5cf7384396d5cfe24d713a22191b80f596bca970cb3b0746c49efcd
c5be37ef9a57cff2a5fd92363a81fc1c445b62b143e32b8aaa891b0bb5d3bd34
c79c30476d1af8f9369b910710ea1554922514c9a62b07ee21b0803a10f4eee4
c83c1e5f9b175f6da9290c419bba58268dde3ce12d77c3a5cd61b24e912ae105
c9fccc477241a256dade111b792d4f942eda1ad08ce63856139de239ca4c3b73
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd90be6c5281207943ba1ec0314a29e132669286509ea592f0ac903a7e7bd8d6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd79c2dd3a07640d6123d506fdeef837e991c8149365cb76976811c89b45690
d0353cea581ffee69c8f4e39fcb50d2b72c0a842d631f1ceebdfab3d5bff24a8
d1a1bdb8b8320fb8fd6045a75bb58217bfd992cb919ecd9df20289adc6a66779
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d4e7d3e7e54e511c1782813483abd54200b0b260dcbeead81726f3f23e431279
d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32
d558a739b53006314ae510f19ccac82011e3c9e6c0d60182ddfc71a02088c400
d72b93389f9869a296f75ed5937242af0a29d95d3bae7867c2a0fcd423464fda
dac72346a67b7e43b963cc62a979bd7163ec8c940222cc81fd3a96dee55cbbb4
dbcec4e26ce2f77439d9a2fd2f741e4d30974f7dd17afd4cd5c0c32678226196
dccc8e91b78ba7b840a47fbcedc06638b698a601da38c30014878c38a8cad35d
e2afc0bcbcde8d1f189451c36772e122cfe82426da4b52d6195694b5616bd4bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79bca3d365e7b59a45454ef2202d4443a979fa6391456e09304e18830cc4331
e7adde7e917da8e50c17c128d1b46361c954f74129099fb8e61297de972b4804
eac57d17930ffbeb3d0edabe3427ebaf6101a7854456ad4acc591608b6f5289d
f3a17dbeb1279ddd9aa45595a39b0dc40ada6fa4fc2f4e3c7cf3e460e3410c76
f86361830013708a83bb8ae824db42b8b05dcd33c95d3d0394ee2ff1e4985d55
f990c02ca08c73e25431e82cfdd7978acec62a38b0aa9ffc538a4bcef8415c56
faf5099488070725ba7823e0b3aab187dbe6259efa12ce2b452ca8e7e54b888a
fbae2e93185f6d83316228a939041399fa994c9b3d651a5339323bac769f31e5

andrecostaphoto.com Open in urlscan Pro 23.231.208.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

111 Requests

70 %HTTPS

45 %IPv6

20 Domains

23 Subdomains

22 IPs

4 Countries

4122 kBTransfer

5036 kBSize

16 Cookies

35 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

andrecostaphoto.com Open in urlscan Pro
23.231.208.161 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

70 %
HTTPS

45 %
IPv6

20
Domains

23
Subdomains

22
IPs

4
Countries

4122 kB
Transfer

5036 kB
Size

16
Cookies

111 HTTP transactions
0 data transactions