2w3-t3z.sovaparents.com Open in urlscan Pro
23.162.200.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://2w3-t3z.sovaparents.com/
Submission: On December 26 via api (December 26th 2023, 5:12:37 am UTC) from US — Scanned from US

Summary HTTP 158 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 29 domains to perform 158 HTTP transactions. The main IP is 23.162.200.129, located in Toronto, Canada and belongs to AS-GLOBALTELEHOST, CA. The main domain is 2w3-t3z.sovaparents.com.
TLS certificate: Issued by R3 on November 27th 2023. Valid for: 3 months.

This is the only time 2w3-t3z.sovaparents.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 27	23.162.200.129 23.162.200.129	62563 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
3	134.195.197.62 134.195.197.62	62563 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
3	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
22	198.57.27.99 198.57.27.99	62563 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
2 2	2606:4700:303... 2606:4700:3038::6815:eb25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3038::6815:eb26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	134.122.135.51 134.122.135.51	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
3	2606:4700:303... 2606:4700:3035::ac43:9b56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	156.251.153.113 156.251.153.113	40065 (CNSERVERS) (CNSERVERS)
3	107.148.196.91 107.148.196.91	54600 (PEG-SV) (PEG-SV)
6	198.2.211.83 198.2.211.83	54600 (PEG-SV) (PEG-SV)
3	107.148.194.20 107.148.194.20	54600 (PEG-SV) (PEG-SV)
3	198.2.200.125 198.2.200.125	54600 (PEG-SV) (PEG-SV)
3	192.74.252.252 192.74.252.252	54600 (PEG-SV) (PEG-SV)
9	2600:9000:219... 2600:9000:2199:fe00:12:8d30:9800:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2606:4700:303... 2606:4700:3033::ac43:9c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	107.148.207.6 107.148.207.6	54600 (PEG-SV) (PEG-SV)
3	107.148.194.12 107.148.194.12	54600 (PEG-SV) (PEG-SV)
3	156.251.153.33 156.251.153.33	40065 (CNSERVERS) (CNSERVERS)
3	137.175.69.133 137.175.69.133	54600 (PEG-SV) (PEG-SV)
3	108.181.108.114 108.181.108.114	40676 (AS40676) (AS40676)
9	2606:4700:303... 2606:4700:3038::6815:eaeb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	198.204.238.227 198.204.238.227	33387 (NOCIX) (NOCIX)
3	137.175.92.58 137.175.92.58	54600 (PEG-SV) (PEG-SV)
3	192.74.232.140 192.74.232.140	54600 (PEG-SV) (PEG-SV)
3	192.74.245.123 192.74.245.123	54600 (PEG-SV) (PEG-SV)
3	162.209.131.50 162.209.131.50	40065 (CNSERVERS) (CNSERVERS)
3	182.237.3.208 182.237.3.208	55933 (CLOUDIE-A...) (CLOUDIE-AS-AP Cloudie Limited)
3	134.195.196.128 134.195.196.128	62563 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
12	134.195.196.147 134.195.196.147	62563 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
158	29

27 23.162.200.129 (Toronto, Canada) 2 redirects

ASN62563 (AS-GLOBALTELEHOST, CA)

2w3-t3z.sovaparents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 134.195.197.62 (Vancouver, Canada)

ASN62563 (AS-GLOBALTELEHOST, CA)
PTR: 62-197-195-134.clients.gthost.com

xza4p9plj.xzldbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tongji.xzldbl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 198.57.27.99 (Toronto, Canada)

ASN62563 (AS-GLOBALTELEHOST, CA)
PTR: 99-27-57-198.clients.gthost.com

ztwyqsgdh.dglietou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3038::6815:eb25 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

img.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3038::6815:eb26 (United States)

ASN13335 (CLOUDFLARENET, US)

img9.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img10.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 134.122.135.51 (Hong Kong, Hong Kong)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

c7575tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::ac43:9b56 (United States)

ASN13335 (CLOUDFLARENET, US)

www.3400tupian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 156.251.153.113 (United States)

ASN40065 (CNSERVERS, US)

diggtp008.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.148.196.91 (Shenzhen, China)

ASN54600 (PEG-SV, US)

www.7859888tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.2.211.83 (United States)

ASN54600 (PEG-SV, US)

5698tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.148.194.20 (Shenzhen, China)

ASN54600 (PEG-SV, US)

9831tc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.2.200.125 (United States)

ASN54600 (PEG-SV, US)

6399tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.74.252.252 (United States)

ASN54600 (PEG-SV, US)

tu.jsapp5858688.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2199:fe00:12:8d30:9800:93a1 (United States)

ASN16509 (AMAZON-02, US)

pppmmm.tututufafafa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3033::ac43:9c05 (United States)

ASN13335 (CLOUDFLARENET, US)

tupain2.baitu4lliltvmwelqubyqm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.148.207.6 (Shenzhen, China)

ASN54600 (PEG-SV, US)

9216tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.148.194.12 (Shenzhen, China)

ASN54600 (PEG-SV, US)

www.8122888tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 156.251.153.33 (United States)

ASN40065 (CNSERVERS, US)

sxlmggx12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 137.175.69.133 (United States)

ASN54600 (PEG-SV, US)

c8932888tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.181.108.114 (Los Angeles, United States)

ASN40676 (AS40676, US)

xn--49779-szm9a5kb.xn--gecrj9c	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3038::6815:eaeb (United States)

ASN13335 (CLOUDFLARENET, US)

z4a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.204.238.227 (United States)

ASN33387 (NOCIX, US)

pjkbv034cbdft6qwd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 137.175.92.58 (United States)

ASN54600 (PEG-SV, US)

www.9129666tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.74.232.140 (United States)

ASN54600 (PEG-SV, US)

9323tp.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.74.245.123 (United States)

ASN54600 (PEG-SV, US)

1325tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.209.131.50 (United States)

ASN40065 (CNSERVERS, US)

ok.hdidhidihitt66.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.237.3.208 (Hong Kong)

ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK)
PTR: hkhdc.laws.ms

facaiimage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 134.195.196.128 (Toronto, Canada)

ASN62563 (AS-GLOBALTELEHOST, CA)
PTR: 128-196-195-134.clients.gthost.com

tkimg.happymakeupstars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 134.195.196.147 (Toronto, Canada)

ASN62563 (AS-GLOBALTELEHOST, CA)
PTR: 147-196-195-134.clients.gthost.com

s1x3d.mexicorecreation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	sovaparents.com 2 redirects 2w3-t3z.sovaparents.com	203 KB
22	dglietou.com ztwyqsgdh.dglietou.com	86 KB
12	mexicorecreation.com s1x3d.mexicorecreation.com	10 KB
9	z4a.net z4a.net — Cisco Umbrella Rank: 431397	1013 KB
9	baitu4lliltvmwelqubyqm.com tupain2.baitu4lliltvmwelqubyqm.com	5 MB
9	tututufafafa.com pppmmm.tututufafafa.com	5 MB
6	5698tp.com 5698tp.com	2 MB
5	chkaja.com 2 redirects img.chkaja.com — Cisco Umbrella Rank: 562491 img9.chkaja.com img10.chkaja.com — Cisco Umbrella Rank: 816016	77 KB
3	happymakeupstars.com tkimg.happymakeupstars.com	794 KB
3	facaiimage.com facaiimage.com	51 KB
3	hdidhidihitt66.com ok.hdidhidihitt66.com	3 MB
3	1325tp.com 1325tp.com	1 MB
3	9323tp.cc 9323tp.cc	950 KB
3	9129666tp.com www.9129666tp.com	690 KB
3	pjkbv034cbdft6qwd.com pjkbv034cbdft6qwd.com	672 KB
3	function sub() { [native code] }.	1 MB
3	c8932888tp.com c8932888tp.com	972 KB
3	sxlmggx12.com sxlmggx12.com	801 KB
3	8122888tp.com www.8122888tp.com	704 KB
3	9216tp.com 9216tp.com	669 KB
3	jsapp5858688.com tu.jsapp5858688.com	774 KB
3	6399tp.com 6399tp.com	851 KB
3	9831tc.com 9831tc.com	665 KB
3	7859888tp.com www.7859888tp.com	743 KB
3	diggtp008.com diggtp008.com	700 KB
3	3400tupian.com www.3400tupian.com	832 KB
3	c7575tp.com c7575tp.com	458 KB
3	baidu.com hm.baidu.com — Cisco Umbrella Rank: 10115	12 KB
3	xzldbl.com xza4p9plj.xzldbl.com tongji.xzldbl.com	1 KB
158	29

	Domain	Requested by
27	2w3-t3z.sovaparents.com	2 redirects 2w3-t3z.sovaparents.com
22	ztwyqsgdh.dglietou.com	2w3-t3z.sovaparents.com ztwyqsgdh.dglietou.com
12	s1x3d.mexicorecreation.com	2w3-t3z.sovaparents.com
9	z4a.net	2w3-t3z.sovaparents.com
9	tupain2.baitu4lliltvmwelqubyqm.com	2w3-t3z.sovaparents.com
9	pppmmm.tututufafafa.com	2w3-t3z.sovaparents.com
6	5698tp.com	2w3-t3z.sovaparents.com
3	tkimg.happymakeupstars.com	2w3-t3z.sovaparents.com
3	facaiimage.com	2w3-t3z.sovaparents.com
3	ok.hdidhidihitt66.com	2w3-t3z.sovaparents.com
3	1325tp.com	2w3-t3z.sovaparents.com
3	9323tp.cc	2w3-t3z.sovaparents.com
3	www.9129666tp.com	2w3-t3z.sovaparents.com
3	pjkbv034cbdft6qwd.com	2w3-t3z.sovaparents.com
3	xn--49779-szm9a5kb.xn--gecrj9c	2w3-t3z.sovaparents.com
3	c8932888tp.com	2w3-t3z.sovaparents.com
3	sxlmggx12.com	2w3-t3z.sovaparents.com
3	www.8122888tp.com	2w3-t3z.sovaparents.com
3	9216tp.com	2w3-t3z.sovaparents.com
3	tu.jsapp5858688.com	2w3-t3z.sovaparents.com
3	6399tp.com	2w3-t3z.sovaparents.com
3	9831tc.com	2w3-t3z.sovaparents.com
3	www.7859888tp.com	2w3-t3z.sovaparents.com
3	diggtp008.com	2w3-t3z.sovaparents.com
3	www.3400tupian.com	2w3-t3z.sovaparents.com
3	c7575tp.com	2w3-t3z.sovaparents.com
3	hm.baidu.com	2w3-t3z.sovaparents.com tongji.xzldbl.com
2	img10.chkaja.com	2w3-t3z.sovaparents.com
2	img.chkaja.com	2 redirects
2	xza4p9plj.xzldbl.com	2w3-t3z.sovaparents.com
1	img9.chkaja.com	2w3-t3z.sovaparents.com
1	tongji.xzldbl.com	2w3-t3z.sovaparents.com
158	32

This site contains links to these domains. Also see Links.

Domain
5zts.xzldbl.com

Subject Issuer	Validity	Valid
268ztw.msbohnarmor.com R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
xza4p9plj.xzldbl.com R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
tongji.xzldbl.com R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
ztwyqsgdh.dglietou.com R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
chkaja.com E1	`2023-11-07` - `2024-02-05`	3 months	crt.sh
c7575tp.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
3400tupian.com E1	`2023-11-25` - `2024-02-23`	3 months	crt.sh
diggtp008.com R3	`2023-10-25` - `2024-01-23`	3 months	crt.sh
www.7859888tp.com R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
5698tp.com R3	`2023-10-29` - `2024-01-27`	3 months	crt.sh
9831tc.com R3	`2023-10-24` - `2024-01-22`	3 months	crt.sh
6399tp.com R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
tu.jsapp5858688.com R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
pppmmm.tututufafafa.com R3	`2023-10-01` - `2023-12-30`	3 months	crt.sh
baitu4lliltvmwelqubyqm.com GTS CA 1P5	`2023-11-06` - `2024-02-04`	3 months	crt.sh
9216tp.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
www.8122888tp.com R3	`2023-10-17` - `2024-01-15`	3 months	crt.sh
sxlmggx12.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
c8932888tp.com R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
xn--49779-szm9a5kb.xn--gecrj9c R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
z4a.net GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
pjkbv034cbdft6qwd.com Certum Domain Validation CA SHA2	`2023-08-08` - `2024-09-06`	a year	crt.sh
www.9129666tp.com R3	`2023-11-05` - `2024-02-03`	3 months	crt.sh
9323tp.cc R3	`2023-12-24` - `2024-03-23`	3 months	crt.sh
1325tp.com R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
ok.hdidhidihitt66.com R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh
facaiimage.com R3	`2023-11-14` - `2024-02-12`	3 months	crt.sh
tkimg.happymakeupstars.com TrustAsia RSA DV TLS CA G2	`2023-08-14` - `2024-08-13`	a year	crt.sh
s1x3d.mexicorecreation.com R3	`2023-11-29` - `2024-02-27`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://2w3-t3z.sovaparents.com/
Frame ID: 5718DA10A4B0C3135AEE5B7BF273DF68
Requests: 8 HTTP requests in this frame

Frame: https://2w3-t3z.sovaparents.com/tb/
Frame ID: 410F52B6209167DDEE6D893C2733AFD6
Requests: 3 HTTP requests in this frame

Frame: https://tongji.xzldbl.com/ztw.html
Frame ID: 9B1C557C1F91758C6B680039ADFE9B60
Requests: 3 HTTP requests in this frame

Frame: https://2w3-t3z.sovaparents.com/yjjy/
Frame ID: 053F1F14B3921EF3538759A4C988036B
Requests: 49 HTTP requests in this frame

Frame: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
Frame ID: 4B86759C4CFA9016BCAA3F57022B1D88
Requests: 11 HTTP requests in this frame

Frame: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html
Frame ID: 15214F26710187AE0CD642B724B38376
Requests: 11 HTTP requests in this frame

Frame: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Frame ID: 7F75F94C97EF5DB8ABCC100C56E5A06C
Requests: 30 HTTP requests in this frame

Frame: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Frame ID: EF47A1FA73EB70A62C19E82B307156D9
Requests: 30 HTTP requests in this frame

Frame: https://2w3-t3z.sovaparents.com/yjjy/sx.htm
Frame ID: 54F33B9BC04BF55785EBE4C08760384A
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【仲.特.誷】致力打造，火热全网！One needsthings to be truly happy living in the world: some thing to do, some one to love, some thing to hope for.One needsthings to be truly happy living in the world: some thing to do, some one to love, some thing to hope for.

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

158
Requests

83 %
HTTPS

20 %
IPv6

29
Domains

32
Subdomains

29
IPs

4
Countries

30866 kB
Transfer

31110 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://5zts.xzldbl.com/app/
Title: 下载APP

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://2w3-t3z.sovaparents.com/tb HTTP 301
https://2w3-t3z.sovaparents.com/tb/

Request Chain 8

https://2w3-t3z.sovaparents.com/yjjy HTTP 301
https://2w3-t3z.sovaparents.com/yjjy/

Request Chain 19

https://img.chkaja.com/990c36764b088452.gif HTTP 301
https://img9.chkaja.com/files/20230915/990c36764b088452.gif

Request Chain 21

https://img.chkaja.com/fdf1a07ef357c66d.gif HTTP 301
https://img10.chkaja.com/files/20231223/fdf1a07ef357c66d.gif

158 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
2w3-t3z.sovaparents.com/ 14 KB
4 KB 317ms
32ms Document
text/html 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

c55ad4ba886a6eb120543cbd9e52c70dfd7c7ecaab1adb7c4d704381bfccd948

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 26 Dec 2023 05:12:21 GMT
etag: W/"656313b8-3847"
last-modified: Sun, 26 Nov 2023 09:45:28 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 style.css
2w3-t3z.sovaparents.com/skin/css/ 30 KB
8 KB 35ms
30ms Stylesheet
text/css 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/skin/css/style.css

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

e47f80a371083e7631cbef67e71d4ae94c83d06120eaa1c4009216781e3595cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 10 May 2022 10:53:08 GMT
server: nginx
etag: W/"627a4414-76b4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 26 Dec 2023 17:12:21 GMT

GET
H2 200 tb.js Show response
2w3-t3z.sovaparents.com/tb/ 1 KB
910 B 37ms
32ms Script
application/javascript 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/tb/tb.js

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

1936c27bacc5c82d91f4fd12748ba5ad3350a265e41abf44f62abe9449fd2e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 07:53:06 GMT
server: nginx
etag: W/"6267a4e2-47d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 26 Dec 2023 17:12:21 GMT

GET
H2 200 wenzhang.js Show response
2w3-t3z.sovaparents.com/yjjy/ 2 KB
1 KB 37ms
33ms Script
application/javascript 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/yjjy/wenzhang.js

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

5a6c65212536aee82be7df91227252bc9bd059d9e1b8e90151cc88b90a8a0588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 26 Sep 2023 05:22:07 GMT
server: nginx
etag: W/"65126a7f-6e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 26 Dec 2023 17:12:21 GMT

GET
H2 200 app.js Show response
xza4p9plj.xzldbl.com/ 3 KB
797 B 310ms
83ms Script
application/javascript 134.195.197.62
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://xza4p9plj.xzldbl.com:8443/app.js

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.197.62 Vancouver, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

62-197-195-134.clients.gthost.com

Software

nginx /

Resource Hash

df4f52a9df949b89740d5abd67be8b10c53512a5ca03eb557a99923315676b23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 15 Sep 2023 05:47:32 GMT
server: nginx
etag: W/"6503eff4-a2b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 26 Dec 2023 17:12:22 GMT

GET
H2 404 tanchuang.js
xza4p9plj.xzldbl.com/ 0
0 307ms
82ms Script
text/html 134.195.197.62
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://xza4p9plj.xzldbl.com:8443/tanchuang.js
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 134.195.197.62 Vancouver, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),
Reverse DNS: 62-197-195-134.clients.gthost.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 0
175 B 1106ms
588ms Script
text/plain 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?d48e3d631ba78f929f8c547dbe1cae67

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Strict-Transport-Security: max-age=172800
Server: apache
Content-Length: 0
Content-Type: text/plain; charset=utf-8

GET
H2

200

/ Show response
2w3-t3z.sovaparents.com/tb/ Frame 410F
Redirect Chain

https://2w3-t3z.sovaparents.com/tb
https://2w3-t3z.sovaparents.com/tb/

2 KB
951 B

27ms
27ms

Document
text/html

23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/tb/

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/tb/tb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

cba72e74268a5fc04a724239a6158f98976ba29e527e8b14ed8306eb5bc63415

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://2w3-t3z.sovaparents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 26 Dec 2023 05:12:21 GMT
etag: W/"63a2f592-722"
last-modified: Wed, 21 Dec 2022 12:01:22 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Tue, 26 Dec 2023 05:12:21 GMT
location: https://2w3-t3z.sovaparents.com/tb/
server: nginx
strict-transport-security: max-age=31536000

GET
H2 200 ztw.html Show response
tongji.xzldbl.com/ Frame 9B1C 580 B
733 B 305ms
81ms Document
text/html 134.195.197.62
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://tongji.xzldbl.com/ztw.html

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.197.62 Vancouver, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

62-197-195-134.clients.gthost.com

Software

nginx /

Resource Hash

bc766bbb2a5ee3127e54dc9f67aa3852b5d5d37246690552456300b25cf91928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://2w3-t3z.sovaparents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 580
content-type: text/html
date: Tue, 26 Dec 2023 05:12:22 GMT
etag: "650008c4-244"
last-modified: Tue, 12 Sep 2023 06:44:20 GMT
server: nginx
strict-transport-security: max-age=31536000

GET
H2

200

/ Show response
2w3-t3z.sovaparents.com/yjjy/ Frame 053F
Redirect Chain

https://2w3-t3z.sovaparents.com/yjjy
https://2w3-t3z.sovaparents.com/yjjy/

97 KB
18 KB

44ms
43ms

Document
text/html

23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/yjjy/

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/wenzhang.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

58051c36292407b7485e6fa6579d759ebc00ae57fa0691e5347861210d86c429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://2w3-t3z.sovaparents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 26 Dec 2023 05:12:21 GMT
etag: W/"658a46ac-18390"
last-modified: Tue, 26 Dec 2023 03:21:16 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Tue, 26 Dec 2023 05:12:21 GMT
location: https://2w3-t3z.sovaparents.com/yjjy/
server: nginx
strict-transport-security: max-age=31536000

GET
H2 404 search.jpg
2w3-t3z.sovaparents.com/skin/images/ 66 B
66 B 44ms
27ms Image
text/html 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2w3-t3z.sovaparents.com/skin/images/search.jpg
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/skin/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),
Reverse DNS
Software: nginx /
Resource Hash: bed9a06fbcbbf5e774a76e51deb9e4b89d2bfe9717a78d6260bff5e79f385e1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/skin/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
server: nginx
etag: "65002249-42"
content-length: 66
content-type: text/html

GET
H2 200 logo.png
2w3-t3z.sovaparents.com/yjjy/images/ Frame 410F 35 KB
36 KB 59ms
57ms Image
image/png 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/logo.png

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

60839b3083a45efefe0141f077799057a5f1f949ac7919b9f956348700bad589

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/tb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 06:50:43 GMT
server: nginx
etag: "64abaa43-8dad"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 36269
expires: Thu, 25 Jan 2024 05:12:21 GMT

GET
H2 200 sb.png
2w3-t3z.sovaparents.com/yjjy/images/ Frame 410F 17 KB
17 KB 74ms
72ms Image
image/png 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/sb.png

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

b725895face63e4fa56d42badd9f6c9a23a15d6f75d87f8f7e406fa3d79ab952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/tb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 06:50:53 GMT
server: nginx
etag: "64abaa4d-43d5"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17365
expires: Thu, 25 Jan 2024 05:12:21 GMT

GET
H2 200 dbkj.html Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 4B86 3 KB
1 KB 131ms
33ms Document
text/html 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/dbkj.html

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

80459a81d8425e49203077d93f0b18a243ee414934c1bebb0935d99f1463844b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://2w3-t3z.sovaparents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Tue, 26 Dec 2023 05:12:21 GMT
etag: W/"63a70a62-af4"
expires: Thu, 25 Jan 2024 05:12:21 GMT
last-modified: Sat, 24 Dec 2022 14:19:14 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 sty1e.css
2w3-t3z.sovaparents.com/yjjy/images/ Frame 053F 1 KB
957 B 45ms
36ms Stylesheet
text/css 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/sty1e.css

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

6aef251dc8cff2873aa959b4cde1f77e9bc9bcbdc0838d2b8a2c748fa807d32a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 06:50:55 GMT
server: nginx
etag: W/"64abaa4f-5c5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 26 Dec 2023 17:12:21 GMT

GET
H2 200 icon1.png
2w3-t3z.sovaparents.com/yjjy/images/ Frame 053F 6 KB
7 KB 47ms
39ms Image
image/png 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/icon1.png

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

e9e120e44e2599302942a1c25a1e4778f7f9af14aea6dbaac6d327bee5f7ef17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 06:50:28 GMT
server: nginx
etag: "64abaa34-19fb"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6651
expires: Thu, 25 Jan 2024 05:12:21 GMT

GET
H2 200 icon2.png
2w3-t3z.sovaparents.com/yjjy/images/ Frame 053F 6 KB
6 KB 48ms
41ms Image
image/png 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/icon2.png

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

1b310c28414990fb6e8ec2edea762b0216a09a1e2722a601471daf355399f052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 06:50:30 GMT
server: nginx
etag: "64abaa36-18a2"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6306
expires: Thu, 25 Jan 2024 05:12:21 GMT

GET
H2 200 icon3.png
2w3-t3z.sovaparents.com/yjjy/images/ Frame 053F 6 KB
6 KB 64ms
30ms Image
image/png 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/icon3.png

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

ec4e09caf790d51d43feaccf644759a2b61712e076fe96be505b6d0756060c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 06:50:32 GMT
server: nginx
etag: "64abaa38-18bf"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6335
expires: Thu, 25 Jan 2024 05:12:21 GMT

GET
H2 200 icon4.png
2w3-t3z.sovaparents.com/yjjy/images/ Frame 053F 7 KB
7 KB 67ms
33ms Image
image/png 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/icon4.png

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

1043d0018e256e1b22fa7a1bfdfa81038e556a6d7a08bcd36264fc6739720853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 06:50:34 GMT
server: nginx
etag: "64abaa3a-1a28"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6696
expires: Thu, 25 Jan 2024 05:12:21 GMT

GET
H2 200 icon5.png
2w3-t3z.sovaparents.com/yjjy/images/ Frame 053F 6 KB
7 KB 70ms
37ms Image
image/png 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/icon5.png

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

5e4da081c6399be9f72ce8ebc27492b531013b6146f06fa540a994958bbc64af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 06:50:36 GMT
server: nginx
etag: "64abaa3c-194b"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6475
expires: Thu, 25 Jan 2024 05:12:21 GMT

GET
H2

200

990c36764b088452.gif
img9.chkaja.com/files/20230915/ Frame 053F
Redirect Chain

https://img.chkaja.com/990c36764b088452.gif
https://img9.chkaja.com/files/20230915/990c36764b088452.gif

12 KB
12 KB

32ms
17ms

Image
image/gif

2606:4700:3038::6815:eb26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img9.chkaja.com/files/20230915/990c36764b088452.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Server

2606:4700:3038::6815:eb26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

848ead107d13f5e2a69ae5b4ead73fe566dc48c34d602697cee3799bc472d94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2229529
alt-svc: h3=":443"; ma=86400
content-length: 12078
last-modified: Fri, 15 Sep 2023 04:53:07 GMT
server: cloudflare
etag: "6503e333-2f2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ndyhZ4gs3z6%2FgJp30QA3RwkKIHb2rTJDnxViaSkyQAvuXHvx0yVu4PHdAn0OyYyupommwBAd48Bo58wOe4%2BV6DYtQVjoqfJHmQbDJP19DSPSjhbWf2Z0cITkbCACuYRsDpkTZkd3vfbDRR5ykIo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d411fd042369-EWR
expires: Fri, 29 Nov 2024 09:53:33 GMT

Redirect headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 293
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Rs7GRo4mxufDs8iznUHtGXdpIEhQr7%2BU3PQpqT5XRwHvsp1MMf3Xp57OddO4psFQR%2BV2vvvYIDib6R3qfFSdccB99%2BUdRrGmlAVmBCLfr%2BOcjYjJ8j3vpo8vZirCia7kYFiVvO9CciKlENByw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img9.chkaja.com/files/20230915/990c36764b088452.gif
cf-ray: 83b6d4119ae242b3-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 f738c07e0544f159.jpg
img10.chkaja.com/files/20230924/ Frame 053F 34 KB
35 KB 111ms
18ms Image
image/jpeg 2606:4700:3038::6815:eb26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20230924/f738c07e0544f159.jpg

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfc9793d52a8794382d9e92c19aa4a690270e0018809dc95061c9bd9202e26a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3088759
alt-svc: h3=":443"; ma=86400
content-length: 35155
last-modified: Sun, 24 Sep 2023 09:24:20 GMT
server: cloudflare
etag: "65100044-8953"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqBFNHhyaFxQi33Pl%2F6cVQHDk2me%2FXj7QzXUYiLAypRUDXsHdOKNvCDRP%2Fpc%2B8pOxyqHyo5MZ0p8GlXhFvuRBf9W9GtZMJQNQvw2sr3TY8S3l6nvCuMwG%2FrkrpzTdNRDNNKxQKsflLTE4kQmZpfF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d411acde2369-EWR
expires: Tue, 19 Nov 2024 11:13:02 GMT

GET
H2

200

fdf1a07ef357c66d.gif
img10.chkaja.com/files/20231223/ Frame 053F
Redirect Chain

https://img.chkaja.com/fdf1a07ef357c66d.gif
https://img10.chkaja.com/files/20231223/fdf1a07ef357c66d.gif

29 KB
29 KB

53ms
32ms

Image
image/gif

2606:4700:3038::6815:eb26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20231223/fdf1a07ef357c66d.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Server

2606:4700:3038::6815:eb26 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e4570278ff4fff428a3f39932434e04c91ad2a9a346836aea0741a17dc75820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 258479
alt-svc: h3=":443"; ma=86400
content-length: 29719
last-modified: Sat, 23 Dec 2023 04:59:16 GMT
server: cloudflare
etag: "65866924-7417"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDeqKjw50rb%2F528DUqJppxwDfeGXrP4pCQiHbZ6vRJvmjv5tydRej4MaqPd7xY%2F5Q0L6wn1In%2BJAK8CA9PsTkkohGM1jhU4YB4470Gyu75HqwhFgtmtqt85mBN1E3GaMY7pvV7NUkdRhwFVoswHw"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d4154e9c2369-EWR
expires: Sun, 22 Dec 2024 05:24:23 GMT

Redirect headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMHlA5pj91gwGGL3LiSDs%2BDrl2q3aSvbN9FM9xT6Ql2gZUy8P5HAY95Qr8OI%2BpjRitfoTtD4GbSwja5DFCkUKZLtu1bmAuqPMOTVZH0slDQLqiRV18PQRx9J28ahkJ4KNfGfGZeEh%2F6mJ6KAXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://img10.chkaja.com/files/20231223/fdf1a07ef357c66d.gif
cf-ray: 83b6d4119ae142b3-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 jc.png
2w3-t3z.sovaparents.com/yjjy/images/ Frame 053F 14 KB
14 KB 75ms
45ms Image
image/png 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/jc.png

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

d1cdacfca4acb6ba851ec84e1bce56863166d935a784ed89a7c381046cd1417f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 06:50:38 GMT
server: nginx
etag: "64abaa3e-3870"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14448
expires: Thu, 25 Jan 2024 05:12:21 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame 053F 152 KB
153 KB 1770ms
453ms Image
image/gif 134.122.135.51
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

134.122.135.51 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

openresty /

Resource Hash

cccace56c4bef8ad427988bfc89672892e3c3da5a85d5efbaaac558617bfe9cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Strict-Transport-Security: max-age=31536000
Via: ad08-a35
Last-Modified: Fri, 22 Dec 2023 07:21:01 GMT
Server: openresty
ETag: "658538dd-26086"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155782
Expires: Mon, 22 Jan 2024 09:16:39 GMT

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 053F 277 KB
277 KB 370ms
25ms Image
image/gif 2606:4700:3035::ac43:9b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9b56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ff4fd3ddb6a56d01357657c8ef42664deafff0dfcf5745c539873fe6cb4c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 986061
alt-svc: h3=":443"; ma=86400
content-length: 283173
last-modified: Sun, 26 Nov 2023 06:34:28 GMT
server: cloudflare
etag: "6562e6f4-45225"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYGCpXDqgczmuinftKlIP04jrQ06FWJiG8aXFYyu%2Fjqm%2Fmo18Lqzv3K7L8%2BiCpQMTo8rQxVLm%2BeEc2BY2jIlYNtuSGTGOjU57ecPuKQoqY7l6DCkX69P4txQGj5a8DBRBcp%2Fjrp68liaWu1lTUvxDJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83b6d413481c0f8c-EWR
expires: Fri, 29 Dec 2023 14:26:09 GMT

GET
H/1.1 200
OK 965980.gif
diggtp008.com/ Frame 053F 233 KB
233 KB 1928ms
653ms Image
image/gif 156.251.153.113
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diggtp008.com/965980.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.113 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: e2f9531d4efe3e760b4f0203e39c9e631685b14ab66c1b99347479d5c2f05d33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-One-Cache: HIT
Date: Tue, 26 Dec 2023 05:12:23 GMT
Last-Modified: Sun, 10 Sep 2023 13:41:50 GMT
Server: nginx/onex
ETag: "64fdc79e-3a40d"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 238605
Expires: Fri, 19 Jan 2024 12:18:06 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame 053F 247 KB
248 KB 1260ms
139ms Image
image/gif 107.148.196.91
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.196.91 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6a5c1acf48e696fc1da80481c0f240f411c32b0df28c9f7f3ff6d3a1d9155da8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202310299982
Last-Modified: Wed, 07 Jun 2023 23:37:21 GMT
Server: openresty
ETag: "648114b1-3dcfd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 253181
Expires: Tue, 28 Nov 2023 04:04:48 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame 053F 437 KB
437 KB 982ms
316ms Image
image/gif 198.2.211.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: f53cefa9466f22efe65d820f241bf0d5c9791d755a3b0db140eb72c17b86b987

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Via: s202310317297
Last-Modified: Sat, 24 Jun 2023 06:19:49 GMT
Server: openresty
ETag: "64968b05-6d484"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 447620
Expires: Thu, 30 Nov 2023 06:37:21 GMT

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame 053F 221 KB
222 KB 956ms
121ms Image
image/gif 107.148.194.20
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.20 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: cce57b64b7ab5adc5a4023164c15b7a9d486f2be264e5db305611c224da2c892

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Via: s202311125925
Last-Modified: Thu, 21 Dec 2023 22:48:49 GMT
Server: openresty
ETag: "6584c0d1-37586"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 226694
Expires: Sat, 20 Jan 2024 22:56:42 GMT

GET
H/1.1 200
OK 7299-712x45-io.gif
6399tp.com/tp/ Frame 053F 283 KB
284 KB 1040ms
205ms Image
image/gif 198.2.200.125
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/7299-712x45-io.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.200.125 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 8bcbd39bf123a4ce07c6bbfac5b2ca71e37062719cbc3f064c07b27120a4c00c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Via: s202310303619
Last-Modified: Sat, 04 Nov 2023 11:12:20 GMT
Server: openresty
ETag: "65462714-46d90"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 290192
Expires: Mon, 04 Dec 2023 11:13:59 GMT

GET
H/1.1 200
OK 712x45a.gif
tu.jsapp5858688.com/tu688/ Frame 053F 258 KB
258 KB 833ms
106ms Image
image/gif 192.74.252.252
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tu.jsapp5858688.com/tu688/712x45a.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.74.252.252 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: cdn /
Resource Hash: 9fde3b953e8291d49c31a9549bc1793881f29d101e2c79c403eed32a856127e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Last-Modified: Sun, 12 Nov 2023 03:37:02 GMT
Server: cdn
ETag: "6550485e-4061f"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 24 Jan 2024 08:44:02 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame 053F 439 KB
440 KB 366ms
179ms Image
image/gif 2600:9000:2199:fe00:12:8d30:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2199:fe00:12:8d30:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:21:06 GMT
via: 1.1 a805f3562e8099c23b78cf69c21f7834.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD79-C1
age: 402676
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: YTMzgnG7rBN_C1dtR9cQ_sxH7994rof-lEcqdvIHu58ip47RayC_gQ==
expires: Sat, 20 Jan 2024 13:21:06 GMT

GET
H2 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame 053F 567 KB
568 KB 124ms
64ms Image
image/gif 2606:4700:3033::ac43:9c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:9c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f9506d39efd4b0703e9c96c26b45103ab2c083adee89874cf75c684af0ae7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 11:11:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2410227
etag: "63d25fe5-8db5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PnFy86PZO4elrzfZJW%2Fd%2F3aiR2vVFMcqSEpdf90vqGKG3xlAT0qqhojJ5ZKK5TML0t2UMOSimR6J9xFdUhVKacaicoeXEsTR0PKBSngezpD2PuBWRDuL1ZsK9yOIoHLHakOprNzMkuFwNiZZpjgqPIUKBtkH0Nah62fr5hxbkeD6"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 83b6d412cce40c74-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Dec 2023 04:24:45 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame 053F 223 KB
223 KB 1104ms
341ms Image
image/gif 107.148.207.6
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.207.6 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: bfd10c33218123eecda3d5f0b4e9c395f8fcfbb81b112d3a246b2d864e805392

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202311043030
Last-Modified: Fri, 22 Dec 2023 06:31:35 GMT
Server: openresty
ETag: "65852d47-37add"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 228061
Expires: Sun, 21 Jan 2024 08:47:05 GMT

GET
H2 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 053F 565 KB
566 KB 114ms
65ms Image
image/gif 2606:4700:3033::ac43:9c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:9c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da256d7f82ed3cc8679f0c805da9676ccad3c2c2a98be8531645b9f24a772319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 11:29:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1082756
etag: "65647db7-8d599"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PVJJpbmhNMUPMP7NJH2fJ8onBI%2Bu%2FkglxrgT74S%2BdqC932EfFtaFNldC0cNSsXK%2B7UUh6puvcFEkHvbm6DMWOtOsd%2FjiwKsPFpK9xwfFOif92uWDPuVyrjjDZ8inyrR7HeTXMTCSHQGLIOi2%2Bx0n%2FzAq9s6nFB577d7pJDMpkzD9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 83b6d412cce20c74-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Dec 2023 11:43:38 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame 053F 234 KB
235 KB 1805ms
1008ms Image
image/gif 107.148.194.12
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.12 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: c0f2a0bf8e0ff9ba898d82eec0787f44e826a38d366e330a6579ccc95c1c837e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202310298740
Last-Modified: Mon, 25 Dec 2023 07:10:21 GMT
Server: openresty
ETag: "65892add-3a9a0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 240032
Expires: Wed, 24 Jan 2024 07:15:16 GMT

GET
H2 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame 053F 662 KB
663 KB 87ms
27ms Image
image/gif 2606:4700:3033::ac43:9c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:9c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2125813
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYuynltuCrcG9GqifauM9zID25QUD4FAblCB0T1NLNwBz1CLIoGSjCOHXTsaUgxW5ui6Sh8erWa3RYLTDWqWmC3F6rNiANDY4DtZMJeZr0dcE1bqGyqm3%2BgfN1b8sLybpFXVwHMJQAghv2heBNHWigFrTE79fN6BfkU4OOZY0q%2F4"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 83b6d412cce30c74-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 31 Dec 2023 14:22:33 GMT

GET
H/1.1 200
OK sxlmhf80.gif
sxlmggx12.com/ Frame 053F 267 KB
267 KB 1204ms
288ms Image
image/gif 156.251.153.33
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sxlmggx12.com/sxlmhf80.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.33 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: 73c3217ba59e961b7ef42283222cc37095f141cb98c6b50964fa246c6b1b5365

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-One-Cache: HIT
Date: Tue, 26 Dec 2023 05:12:23 GMT
Last-Modified: Thu, 26 Oct 2023 22:59:14 GMT
Server: nginx/onex
ETag: "653aef42-42a6e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 273006
Expires: Tue, 23 Jan 2024 03:09:45 GMT

GET
H/1.1 200
OK npt60.gif
c8932888tp.com/tp/ Frame 053F 324 KB
324 KB 726ms
278ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/npt60.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

13a736196e8b640e07b7e7a5dc9dad78512938e1311fc909adb18fd24388f22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Sat, 23 Dec 2023 06:44:24 GMT
Server: openresty
ETag: "658681c8-50e64"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 331364
Expires: Mon, 22 Jan 2024 12:37:24 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame 053F 386 KB
387 KB 332ms
194ms Image
image/gif 2600:9000:2199:fe00:12:8d30:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2199:fe00:12:8d30:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5a61c09145413203bd895ff07b7437d96df379980021be705d3dd54ca8987702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 11:52:37 GMT
via: 1.1 a805f3562e8099c23b78cf69c21f7834.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD79-C1
age: 1012785
x-cache: Hit from cloudfront
content-length: 395400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Dec 2023 16:33:37 GMT
server: nginx
etag: "6579dce1-60888"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: hQ95EC25SgFjF5n-fjltdn3cyR5BLgALnIpnkzemuoxiA0CUp9n5Ow==
expires: Sat, 13 Jan 2024 11:52:37 GMT

GET
H2 200 dfjt-1.gif
xn--49779-szm9a5kb.xn--gecrj9c/ Frame 053F 351 KB
352 KB 294ms
96ms Image
image/gif 108.181.108.114
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--49779-szm9a5kb.xn--gecrj9c/dfjt-1.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.181.108.114 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

Software

nginx /

Resource Hash

d4f5d8e53a50f5ea3b74b9647a1ef43a08d510370e0f8ebd2f09a5a143451666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 03 Dec 2023 08:18:45 GMT
server: nginx
etag: "656c39e5-57cdc"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 359644
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 980-60.gif
z4a.net/images/2023/11/10/ Frame 053F 238 KB
239 KB 160ms
23ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/11/10/980-60.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e33d54a4b61737f0873cfb85adb79e648ba84f5810c6425e49f034034b564cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3856119
alt-svc: h3=":443"; ma=86400
content-length: 243447
pragma: public
last-modified: Sat, 11 Nov 2023 14:03:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGLqwcmGXkCeNVATLhq6BepuE2ZAFHb8XzjKTzOWlkNJjAYQLcxQdwFG8pJg%2BswmPimA0D2ddhjbaOS5Yo%2B8L2YTZkYbJ0Gb%2BE9uxRFI6L6r2J4W8w%2BnBzUFqGills3ZOIhKhVD8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d41348c041c6-EWR
expires: Sun, 10 Nov 2024 14:03:43 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 053F 223 KB
224 KB 180ms
52ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.204.238.227 , United States, ASN33387 (NOCIX, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 kj.js Show response
2w3-t3z.sovaparents.com/yjjy/ Frame 053F 5 KB
2 KB 73ms
41ms Script
application/javascript 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/yjjy/kj.js

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

919a124afa98feba8dcf9971412acaf15a00103f7d70942f66b96db2e41697f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 22 Dec 2022 12:22:16 GMT
server: nginx
etag: W/"63a44bf8-12ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 26 Dec 2023 17:12:21 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame 053F 842 KB
844 KB 162ms
25ms Image
image/gif 2600:9000:2199:fe00:12:8d30:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2199:fe00:12:8d30:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:51:57 GMT
via: 1.1 a805f3562e8099c23b78cf69c21f7834.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD79-C1
age: 1815625
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: LhQJ4Way0QH22O3nhAWyTrkJKTfqZXoC1K6td15qF3PTiA6NCLTW2A==
expires: Thu, 04 Jan 2024 04:51:57 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 053F 230 KB
230 KB 795ms
99ms Image
image/gif 137.175.92.58
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.92.58 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: d1562e636f214ad1fe1d0e84f797469144ff098b65b01dc18b48ad56effcd1dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Via: s202312031860
Last-Modified: Sat, 24 Jun 2023 22:27:01 GMT
Server: openresty
ETag: "64976db5-3973d"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 235325
Expires: Tue, 09 Jan 2024 12:49:02 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame 053F 316 KB
317 KB 1452ms
204ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 848ce2a419230c0afdc9b068cd272449fce486643edc10f9134a6d59016d082f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202311041118
Last-Modified: Fri, 22 Dec 2023 09:18:40 GMT
Server: openresty
ETag: "65855470-4f17f"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 323967
Expires: Sun, 21 Jan 2024 09:20:30 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame 053F 384 KB
384 KB 605ms
169ms Image
image/gif 198.2.211.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 80fac2b75ad5710002f81b3a98083ee16dc8778f36ca525a8d2e4f7239680b33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Via: s202310317297
Last-Modified: Fri, 18 Aug 2023 06:53:53 GMT
Server: openresty
ETag: "64df1581-5ff3c"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 393020
Expires: Thu, 30 Nov 2023 06:37:22 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 053F 438 KB
438 KB 1051ms
95ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 254aaa1010d4c5c23909bb37051613c00b7508b6da42dc9e49875e2d30ab1be9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: 192.74.245.115
Last-Modified: Fri, 22 Dec 2023 07:28:38 GMT
Server: openresty
ETag: "65853aa6-6d87e"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448638
Expires: Sun, 21 Jan 2024 07:29:38 GMT

GET
H2 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame 053F 49 KB
49 KB 406ms
281ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4761314
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Wed, 01 Nov 2023 02:37:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzMMB7BC0BoBSv9DfOtbu7ir%2F0zeg%2BY0mHsSZJvoVAfLnS4AKGJkQhXA8RI0sz0ubGz8KQlidmrtWMYAWXEV39RT6y6ihN85KpruFRKNvHCZ8x7SIydAxet2Hnd%2F%2BQOTNnYEnPau"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d41348c141c6-EWR
expires: Thu, 31 Oct 2024 02:37:08 GMT

GET
H2 200 4507.gif
ok.hdidhidihitt66.com/tp/ Frame 053F 965 KB
967 KB 422ms
179ms Image
image/gif 162.209.131.50
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok.hdidhidihitt66.com/tp/4507.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.209.131.50 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

a310304234a18eed57566b23376179791e85f925b0e4ac1b1d5c19949b3e6ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 24 Mar 2023 16:03:11 GMT
server: nginx
etag: "641dc9bf-f1527"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 988455
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame 053F 50 KB
50 KB 406ms
281ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4039356
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Thu, 09 Nov 2023 11:09:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgwlIHrXdIbGPFfRodsAclp%2F5c4NDH6uPd6bxCgdj8p%2BD%2FAXaOTFmszBTrcWRlLBOtz2ZAdZ9qmoq0pQRq1E4hXsVvV%2FIvjfgNuT8f51fZayzwzaBw0aogHbh23QpmRW3%2FT4aroU"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d41348c241c6-EWR
expires: Fri, 08 Nov 2024 11:09:46 GMT

GET
H/1.1 200
OK lhgg.gif
facaiimage.com/ Frame 053F 17 KB
17 KB 1190ms
249ms Image
image/gif 182.237.3.208
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facaiimage.com/lhgg.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 182.237.3.208 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: hkhdc.laws.ms
Software: nginx /
Resource Hash: 38a61d4dc9225e1e5238802b7ad3ce36952ededf39b0ce6509a3a210555bc42d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 08:29:47 GMT
Last-Modified: Tue, 26 Dec 2023 04:50:59 GMT
Server: nginx
ETag: "1703566259"
X-Cache: HIT, policy, memory
Content-Type: image/gif
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 17221
Expires: Wed, 24 Jan 2024 08:29:47 GMT

GET
H2 200 806.gif
2w3-t3z.sovaparents.com/yjjy/images/ Frame 053F 25 KB
26 KB 59ms
48ms Image
image/gif 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/806.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

1a5d2e7e7030378c88473b79d39febe2825fed3524ebfee9811ae69c7271998a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 06:50:13 GMT
server: nginx
etag: "64abaa25-6541"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 25921
expires: Thu, 25 Jan 2024 05:12:21 GMT

GET
H/1.1 200
OK amgpzqp.jpg
tkimg.happymakeupstars.com/am/cai/360/ Frame 053F 306 KB
307 KB 261ms
136ms Image
image/jpeg 134.195.196.128
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tkimg.happymakeupstars.com/am/cai/360/amgpzqp.jpg
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 134.195.196.128 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),
Reverse DNS: 128-196-195-134.clients.gthost.com
Software: Microsoft-IIS/10.0 /
Resource Hash: be97fd917036c85dbe987d8fae09a5698be3333b01ffe7d806018ec84e62da20

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 03:16:18 GMT
Last-Modified: Tue, 26 Dec 2023 02:33:51 GMT
Server: Microsoft-IIS/10.0
ETag: "9d17a5f6a337da1:0"
X-Cache: HIT
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 313724

GET
H/1.1 200
OK ampgt.jpg
tkimg.happymakeupstars.com/am/cai/360/ Frame 053F 374 KB
374 KB 169ms
44ms Image
image/jpeg 134.195.196.128
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tkimg.happymakeupstars.com/am/cai/360/ampgt.jpg
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 134.195.196.128 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),
Reverse DNS: 128-196-195-134.clients.gthost.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 2771a3117db32c8fa1b31008a3ccdecc6d761469768a88e3b32251e542dd944b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 03:24:53 GMT
Last-Modified: Tue, 26 Dec 2023 02:01:00 GMT
Server: Microsoft-IIS/10.0
ETag: "8f915e5f9f37da1:0"
X-Cache: HIT
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 382830

GET
H2 200 817.gif
2w3-t3z.sovaparents.com/yjjy/images/ Frame 053F 26 KB
27 KB 57ms
53ms Image
image/gif 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/817.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

646cf76a9e7bff90f85b72817b904cbcbf3f71b96615c772ef2871a6dda759f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 10 Jul 2023 06:50:15 GMT
server: nginx
etag: "64abaa27-6929"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 26921
expires: Thu, 25 Jan 2024 05:12:21 GMT

GET
H/1.1 200
OK amsbx.jpg
tkimg.happymakeupstars.com/am/cai/360/ Frame 053F 112 KB
113 KB 168ms
44ms Image
image/jpeg 134.195.196.128
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tkimg.happymakeupstars.com/am/cai/360/amsbx.jpg
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 134.195.196.128 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),
Reverse DNS: 128-196-195-134.clients.gthost.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 5d57a47bfc7022923e8633f4ba4048c96aea9d51adc1c3873c92fa19ca2fbd2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 04:42:18 GMT
Last-Modified: Tue, 26 Dec 2023 04:15:25 GMT
Server: Microsoft-IIS/10.0
ETag: "1082e126b237da1:0"
X-Cache: HIT
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114836

GET
H2 404 wei.js
2w3-t3z.sovaparents.com/yjjy/ Frame 053F 0
0 75ms
43ms Script
text/html 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://2w3-t3z.sovaparents.com/yjjy/wei.js
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
server: nginx
etag: "65002249-42"
content-length: 66
content-type: text/html

GET
H2 200 style.css
2w3-t3z.sovaparents.com/yjjy/images/ Frame 053F 13 KB
3 KB 39ms
38ms Stylesheet
text/css 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/yjjy/images/style.css

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/images/sty1e.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

e95622a43ca5104c17d00395e963bf3075777687de974d5a459dd7ec6be1211b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/images/sty1e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 10 Jul 2023 06:50:57 GMT
server: nginx
etag: W/"64abaa51-351f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 26 Dec 2023 17:12:21 GMT

GET
H2 200 jquery.min.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 4B86 87 KB
34 KB 57ms
55ms Script
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 05 May 2022 06:09:40 GMT
server: nginx
etag: W/"62736a24-15d9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 bm.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 4B86 13 KB
5 KB 58ms
56ms Script
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bm.js

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

45c91617ae58890f9a9dae1dbce100a41e56a4f49ef62605a552c85f688e2f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 22 Jan 2023 10:25:12 GMT
server: nginx
etag: W/"63cd0f08-3242"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 404 bj.jpg
2w3-t3z.sovaparents.com/yjjy/images/ Frame 053F 66 B
66 B 30ms
29ms Image
text/html 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2w3-t3z.sovaparents.com/yjjy/images/bj.jpg
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/images/sty1e.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),
Reverse DNS
Software: nginx /
Resource Hash: bed9a06fbcbbf5e774a76e51deb9e4b89d2bfe9717a78d6260bff5e79f385e1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/yjjy/images/sty1e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
server: nginx
etag: "65002249-42"
content-length: 66
content-type: text/html

GET
H2 200 4924cc.html Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 1521 6 KB
2 KB 28ms
27ms Document
text/html 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/4924cc.html

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/kj.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

77a88b3bad5035d01b0495050cf9995a569134f2575e14022708fdf0cd0fc1d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://2w3-t3z.sovaparents.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Tue, 26 Dec 2023 05:12:22 GMT
etag: W/"6481993e-16b5"
expires: Thu, 25 Jan 2024 05:12:22 GMT
last-modified: Thu, 08 Jun 2023 09:02:54 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bc.htm Show response
2w3-t3z.sovaparents.com/yjjy/ Frame 7F75 10 KB
3 KB 40ms
38ms Document
text/html 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

0923663b18a8b7c681c4b51287eb0163a21174d3bdc504d3cfd851469a438d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://2w3-t3z.sovaparents.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 26 Dec 2023 05:12:22 GMT
etag: W/"658a46a8-27db"
last-modified: Tue, 26 Dec 2023 03:21:12 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 1521 87 KB
34 KB 40ms
38ms Script
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 05 May 2022 06:09:40 GMT
server: nginx
etag: W/"62736a24-15d9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 bm.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 1521 13 KB
5 KB 44ms
42ms Script
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bm.js

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

45c91617ae58890f9a9dae1dbce100a41e56a4f49ef62605a552c85f688e2f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 22 Jan 2023 10:25:12 GMT
server: nginx
etag: W/"63cd0f08-3242"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame 9B1C 29 KB
12 KB 813ms
323ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?3c2a3f1a58d33f707bce997f4603371c

Requested by

Host: tongji.xzldbl.com
URL: https://tongji.xzldbl.com/ztw.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

7ec068641653de678cc7c398265f755aa8b64a3c93dc69ea35375207716c0dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongji.xzldbl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 9f3c35aae0826cfccd6928efeb18efa7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11255

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 7F75 277 KB
277 KB 69ms
0ms Image
image/gif 2606:4700:3035::ac43:9b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:9b56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ff4fd3ddb6a56d01357657c8ef42664deafff0dfcf5745c539873fe6cb4c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 986061
alt-svc: h3=":443"; ma=86400
content-length: 283173
last-modified: Sun, 26 Nov 2023 06:34:28 GMT
server: cloudflare
etag: "6562e6f4-45225"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3vwN2Y%2B6XRQZGJQt2xyXn8vbt5qgJf%2BaQN%2BfM8tFbjnWC6YnodZvzC%2B%2FuRQLU4HY0pWgnn2g08nSZwagLDwFebOho6zi8goxea8vHmk1LfaVswhF1bgNQaF6jI26AuSYIT46FueN5rbHv7pTKLJyZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83b6d414f9230f8c-EWR
expires: Fri, 29 Dec 2023 14:26:09 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame 7F75 247 KB
248 KB 1669ms
1018ms Image
image/gif 107.148.196.91
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.196.91 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6a5c1acf48e696fc1da80481c0f240f411c32b0df28c9f7f3ff6d3a1d9155da8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:24 GMT
Via: s202310299982
Last-Modified: Wed, 07 Jun 2023 23:37:21 GMT
Server: openresty
ETag: "648114b1-3dcfd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 253181
Expires: Tue, 28 Nov 2023 04:04:48 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame 7F75 437 KB
437 KB 435ms
168ms Image
image/gif 198.2.211.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: f53cefa9466f22efe65d820f241bf0d5c9791d755a3b0db140eb72c17b86b987

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Via: s202310317297
Last-Modified: Sat, 24 Jun 2023 06:19:49 GMT
Server: openresty
ETag: "64968b05-6d484"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 447620
Expires: Thu, 30 Nov 2023 06:37:21 GMT

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame 7F75 221 KB
222 KB 377ms
139ms Image
image/gif 107.148.194.20
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.20 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: cce57b64b7ab5adc5a4023164c15b7a9d486f2be264e5db305611c224da2c892

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Via: s202311125925
Last-Modified: Thu, 21 Dec 2023 22:48:49 GMT
Server: openresty
ETag: "6584c0d1-37586"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 226694
Expires: Sat, 20 Jan 2024 22:56:42 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 7F75 223 KB
224 KB 103ms
65ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.204.238.227 , United States, ASN33387 (NOCIX, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 4507.gif
ok.hdidhidihitt66.com/tp/ Frame 7F75 965 KB
967 KB 388ms
350ms Image
image/gif 162.209.131.50
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok.hdidhidihitt66.com/tp/4507.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.209.131.50 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

a310304234a18eed57566b23376179791e85f925b0e4ac1b1d5c19949b3e6ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 24 Mar 2023 16:03:11 GMT
server: nginx
etag: "641dc9bf-f1527"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 988455
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame 7F75 152 KB
153 KB 1143ms
451ms Image
image/gif 134.122.135.51
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

134.122.135.51 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

openresty /

Resource Hash

cccace56c4bef8ad427988bfc89672892e3c3da5a85d5efbaaac558617bfe9cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Strict-Transport-Security: max-age=31536000
Via: ad08-a35
Last-Modified: Fri, 22 Dec 2023 07:21:01 GMT
Server: openresty
ETag: "658538dd-26086"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155782
Expires: Mon, 22 Jan 2024 09:16:39 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame 7F75 439 KB
440 KB 59ms
22ms Image
image/gif 2600:9000:2199:fe00:12:8d30:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2199:fe00:12:8d30:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:21:06 GMT
via: 1.1 a805f3562e8099c23b78cf69c21f7834.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD79-C1
age: 402676
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: GjZUP67wd-P4K8V8gYZdLvT0_GQ2jV2U2hR3VG2sE-AgOK46k9U4GA==
expires: Sat, 20 Jan 2024 13:21:06 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame 7F75 842 KB
844 KB 175ms
139ms Image
image/gif 2600:9000:2199:fe00:12:8d30:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2199:fe00:12:8d30:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:51:57 GMT
via: 1.1 a805f3562e8099c23b78cf69c21f7834.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD79-C1
age: 1815625
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: xjGpUiwf9JL0GKxoUY2lU_WvBHowy5MHBGUGAM_ftFNVw3bJ5wNVYw==
expires: Thu, 04 Jan 2024 04:51:57 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame 7F75 234 KB
235 KB 1357ms
130ms Image
image/gif 107.148.194.12
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.12 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: c0f2a0bf8e0ff9ba898d82eec0787f44e826a38d366e330a6579ccc95c1c837e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202310298740
Last-Modified: Mon, 25 Dec 2023 07:10:21 GMT
Server: openresty
ETag: "65892add-3a9a0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 240032
Expires: Wed, 24 Jan 2024 07:15:16 GMT

GET
H/1.1 200
OK 7299-712x45-io.gif
6399tp.com/tp/ Frame 7F75 283 KB
284 KB 363ms
96ms Image
image/gif 198.2.200.125
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/7299-712x45-io.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.200.125 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 8bcbd39bf123a4ce07c6bbfac5b2ca71e37062719cbc3f064c07b27120a4c00c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Via: s202310303619
Last-Modified: Sat, 04 Nov 2023 11:12:20 GMT
Server: openresty
ETag: "65462714-46d90"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 290192
Expires: Mon, 04 Dec 2023 11:13:59 GMT

GET
H/1.1 200
OK 712x45a.gif
tu.jsapp5858688.com/tu688/ Frame 7F75 258 KB
258 KB 362ms
97ms Image
image/gif 192.74.252.252
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tu.jsapp5858688.com/tu688/712x45a.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.74.252.252 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: cdn /
Resource Hash: 9fde3b953e8291d49c31a9549bc1793881f29d101e2c79c403eed32a856127e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Last-Modified: Sun, 12 Nov 2023 03:37:02 GMT
Server: cdn
ETag: "6550485e-4061f"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 24 Jan 2024 08:44:02 GMT

GET
H/1.1 200
OK sxlmhf80.gif
sxlmggx12.com/ Frame 7F75 267 KB
267 KB 776ms
283ms Image
image/gif 156.251.153.33
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sxlmggx12.com/sxlmhf80.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.33 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: 73c3217ba59e961b7ef42283222cc37095f141cb98c6b50964fa246c6b1b5365

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-One-Cache: HIT
Date: Tue, 26 Dec 2023 05:12:23 GMT
Last-Modified: Thu, 26 Oct 2023 22:59:14 GMT
Server: nginx/onex
ETag: "653aef42-42a6e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 273006
Expires: Tue, 23 Jan 2024 03:09:45 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame 7F75 386 KB
387 KB 169ms
138ms Image
image/gif 2600:9000:2199:fe00:12:8d30:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2199:fe00:12:8d30:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5a61c09145413203bd895ff07b7437d96df379980021be705d3dd54ca8987702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 11:52:37 GMT
via: 1.1 a805f3562e8099c23b78cf69c21f7834.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD79-C1
age: 1012785
x-cache: Hit from cloudfront
content-length: 395400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Dec 2023 16:33:37 GMT
server: nginx
etag: "6579dce1-60888"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: aje7tfwlPZJRAS1cS3-gmhsIUrLPhe1COnjqDDu_S-m1a_2ILFL05A==
expires: Sat, 13 Jan 2024 11:52:37 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame 7F75 223 KB
223 KB 1125ms
91ms Image
image/gif 107.148.207.6
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.207.6 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: bfd10c33218123eecda3d5f0b4e9c395f8fcfbb81b112d3a246b2d864e805392

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202311043030
Last-Modified: Fri, 22 Dec 2023 06:31:35 GMT
Server: openresty
ETag: "65852d47-37add"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 228061
Expires: Sun, 21 Jan 2024 08:47:05 GMT

GET
H/1.1 200
OK npt60.gif
c8932888tp.com/tp/ Frame 7F75 324 KB
324 KB 369ms
165ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/npt60.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

13a736196e8b640e07b7e7a5dc9dad78512938e1311fc909adb18fd24388f22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Sat, 23 Dec 2023 06:44:24 GMT
Server: openresty
ETag: "658681c8-50e64"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 331364
Expires: Mon, 22 Jan 2024 12:37:24 GMT

GET
H2 200 980-60.gif
z4a.net/images/2023/11/10/ Frame 7F75 238 KB
238 KB 51ms
22ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/11/10/980-60.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e33d54a4b61737f0873cfb85adb79e648ba84f5810c6425e49f034034b564cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3856119
alt-svc: h3=":443"; ma=86400
content-length: 243447
pragma: public
last-modified: Sat, 11 Nov 2023 14:03:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfTx1x6MChE2%2F5435lH3tm8HapDe1ISDR%2BvTLH04XIO0jh6%2Bcz6%2F1h2M%2F4y58cFvMIuz0GB5wY1WMKnR5%2BOTbr1uaWFozAfl3vs0hn8glL2h97AZFowq6iRR1w%2BXhzCQeVpV0jEv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d4154aff41c6-EWR
expires: Sun, 10 Nov 2024 14:03:43 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame 7F75 316 KB
317 KB 1040ms
244ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 848ce2a419230c0afdc9b068cd272449fce486643edc10f9134a6d59016d082f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202311041118
Last-Modified: Fri, 22 Dec 2023 09:18:40 GMT
Server: openresty
ETag: "65855470-4f17f"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 323967
Expires: Sun, 21 Jan 2024 09:20:30 GMT

GET
H2 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame 7F75 662 KB
663 KB 216ms
189ms Image
image/gif 2606:4700:3033::ac43:9c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:9c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2125813
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vl6byU7%2B2Or2prYtuBocET8Ub5r630ypv1PgHekbBNHrMTIxXmZ3%2Bd6gzQ28xYi9%2BaKNG9MMan7BwYh1XcsOv2ds4xbpIEYhWv55pS%2FcM6gHeVwVw1vxEBGczaFmTLa9%2B48sbTx5YNei6gbY21wQrT9Iu9%2FiHzBtPeQ%2BFr188W7k"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 83b6d4154e200c74-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 31 Dec 2023 14:22:33 GMT

GET
H/1.1 200
OK lhgg.gif
facaiimage.com/ Frame 7F75 17 KB
17 KB 862ms
228ms Image
image/gif 182.237.3.208
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facaiimage.com/lhgg.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 182.237.3.208 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: hkhdc.laws.ms
Software: nginx /
Resource Hash: 38a61d4dc9225e1e5238802b7ad3ce36952ededf39b0ce6509a3a210555bc42d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 08:29:47 GMT
Last-Modified: Tue, 26 Dec 2023 04:50:59 GMT
Server: nginx
ETag: "1703566259"
X-Cache: HIT, policy, memory
Content-Type: image/gif
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 17221
Expires: Wed, 24 Jan 2024 08:29:47 GMT

GET
H2 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame 7F75 567 KB
568 KB 103ms
78ms Image
image/gif 2606:4700:3033::ac43:9c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:9c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f9506d39efd4b0703e9c96c26b45103ab2c083adee89874cf75c684af0ae7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 11:11:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2410227
etag: "63d25fe5-8db5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJLlQZRmnv%2FYA5j5ril1T2t0z2LufSPQZbYTnnmjL8Sdsgj38LTOOeEYip%2BLk2JAiALamwCJd8oksQhFgHRRYj03kmcO63e9m3DNa%2BcTO%2FqBnuA0v4813rbZ1aItQaFbnFc2tQDYo1b4BZA9OAk8qRwvtzJgKNI1CXXmwyXwChNL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 83b6d4154e220c74-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 24 Dec 2023 04:24:45 GMT

GET
H/1.1 200
OK 965980.gif
diggtp008.com/ Frame 7F75 233 KB
233 KB 896ms
282ms Image
image/gif 156.251.153.113
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diggtp008.com/965980.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.113 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: e2f9531d4efe3e760b4f0203e39c9e631685b14ab66c1b99347479d5c2f05d33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-One-Cache: HIT
Date: Tue, 26 Dec 2023 05:12:23 GMT
Last-Modified: Sun, 10 Sep 2023 13:41:50 GMT
Server: nginx/onex
ETag: "64fdc79e-3a40d"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 238605
Expires: Fri, 19 Jan 2024 12:18:06 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame 7F75 384 KB
384 KB 676ms
235ms Image
image/gif 198.2.211.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 80fac2b75ad5710002f81b3a98083ee16dc8778f36ca525a8d2e4f7239680b33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202310317297
Last-Modified: Fri, 18 Aug 2023 06:53:53 GMT
Server: openresty
ETag: "64df1581-5ff3c"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 393020
Expires: Thu, 30 Nov 2023 06:37:22 GMT

GET
H2 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame 7F75 50 KB
50 KB 336ms
315ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4039356
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Thu, 09 Nov 2023 11:09:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuzzXFn0RITHIWCbjK1My3mNp697WhFzq4i5Yi%2BZBiM9fLwKLYo3Wc%2FM1tZDGM6uBu06lAhj5yYgQ8cdg2pzQkwc4zIYg4l%2FqmdC1JD9QpoOzz1FkUNgM2coiGDzWEXWnzIRFLu2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d4154b0141c6-EWR
expires: Fri, 08 Nov 2024 11:09:46 GMT

GET
H2 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 7F75 565 KB
566 KB 93ms
72ms Image
image/gif 2606:4700:3033::ac43:9c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:9c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da256d7f82ed3cc8679f0c805da9676ccad3c2c2a98be8531645b9f24a772319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 11:29:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1082756
etag: "65647db7-8d599"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VezJi3KnRtaeXVrWcZW%2FeWx%2Bv6ctyFBBJMYGi7AEjn%2BJaM69mHBW0iiCFImuPgbdRoPQiM0UW5HoKGTaXaNncBfXyQHr%2BjuyikRyJbpHU1wiOBhSiEuzpHaMOdiMnLVpYrIU%2BCVVcFDv7eF2LSmvJbScS6J70x9u5lx%2B4KsqA4Dr"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 83b6d4154e230c74-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Dec 2023 11:43:38 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 7F75 230 KB
230 KB 438ms
98ms Image
image/gif 137.175.92.58
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.92.58 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: d1562e636f214ad1fe1d0e84f797469144ff098b65b01dc18b48ad56effcd1dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Via: s202312031860
Last-Modified: Sat, 24 Jun 2023 22:27:01 GMT
Server: openresty
ETag: "64976db5-3973d"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 235325
Expires: Tue, 09 Jan 2024 12:49:02 GMT

GET
H2 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame 7F75 49 KB
49 KB 327ms
311ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4761314
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Wed, 01 Nov 2023 02:37:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdijEqEGrVd7diWByuE7n60U1fM96TkPrhVPb%2BP3a%2B%2FpIvq4F6s293%2BccLKXZIfL9Ftez6YSNWw5RZUdpBWcCaC5wMsBQfWRiE5De%2FvJrG1osr5Eo9rlQ6uZXVNAip4DWZwgfszB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d4154b0241c6-EWR
expires: Thu, 31 Oct 2024 02:37:08 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 7F75 438 KB
438 KB 613ms
109ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 254aaa1010d4c5c23909bb37051613c00b7508b6da42dc9e49875e2d30ab1be9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: 192.74.245.115
Last-Modified: Fri, 22 Dec 2023 07:28:38 GMT
Server: openresty
ETag: "65853aa6-6d87e"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448638
Expires: Sun, 21 Jan 2024 07:29:38 GMT

GET
H2 200 dfjt-1.gif
xn--49779-szm9a5kb.xn--gecrj9c/ Frame 7F75 351 KB
352 KB 595ms
580ms Image
image/gif 108.181.108.114
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--49779-szm9a5kb.xn--gecrj9c/dfjt-1.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.181.108.114 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

Software

nginx /

Resource Hash

d4f5d8e53a50f5ea3b74b9647a1ef43a08d510370e0f8ebd2f09a5a143451666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 03 Dec 2023 08:18:45 GMT
server: nginx
etag: "656c39e5-57cdc"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 359644
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 bc.htm Show response
2w3-t3z.sovaparents.com/yjjy/ Frame EF47 10 KB
3 KB 83ms
23ms Document
text/html 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

0923663b18a8b7c681c4b51287eb0163a21174d3bdc504d3cfd851469a438d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://2w3-t3z.sovaparents.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 26 Dec 2023 05:12:22 GMT
etag: W/"658a46a8-27db"
last-modified: Tue, 26 Dec 2023 03:21:12 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 sx.htm Show response
2w3-t3z.sovaparents.com/yjjy/ Frame 54F3 24 KB
6 KB 83ms
24ms Document
text/html 23.162.200.129
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.162.200.129 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

Software

nginx /

Resource Hash

ece8d945ad8a84e3866b4d19ee8c0f7096d2cf4b2998021d678415996f181d8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://2w3-t3z.sovaparents.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 26 Dec 2023 05:12:22 GMT
etag: W/"6433ed5f-5ed3"
last-modified: Mon, 10 Apr 2023 11:05:03 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 4B86 76 B
289 B 435ms
434ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542329

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H3 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame EF47 277 KB
277 KB 21ms
19ms Image
image/gif 2606:4700:3035::ac43:9b56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:9b56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ff4fd3ddb6a56d01357657c8ef42664deafff0dfcf5745c539873fe6cb4c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2579002
alt-svc: h3=":443"; ma=86400
content-length: 283173
last-modified: Sun, 26 Nov 2023 06:34:28 GMT
server: cloudflare
etag: "6562e6f4-45225"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQKueyKvmEpGomSjBlQTogCCrGoBYQDzd5m%2F6lRmhD5XvKpfMnzyCJsN2dtA1ioGy2eGLOnuhKGU%2BhIYj%2BCyFaSWGs%2FR8eDY5Zy%2BSSVKg8FLaSE4MXFyWvSL3gX%2FQWn2db5b%2FOBmu2HS%2BY8q3XTOwXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83b6d415a982183d-EWR
expires: Tue, 26 Dec 2023 06:35:42 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame EF47 247 KB
248 KB 2351ms
1362ms Image
image/gif 107.148.196.91
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.196.91 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6a5c1acf48e696fc1da80481c0f240f411c32b0df28c9f7f3ff6d3a1d9155da8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:24 GMT
Via: s202310299982
Last-Modified: Wed, 07 Jun 2023 23:37:21 GMT
Server: openresty
ETag: "648114b1-3dcfd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 253181
Expires: Tue, 28 Nov 2023 04:04:48 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame EF47 437 KB
437 KB 361ms
167ms Image
image/gif 198.2.211.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: f53cefa9466f22efe65d820f241bf0d5c9791d755a3b0db140eb72c17b86b987

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Via: s202310317297
Last-Modified: Sat, 24 Jun 2023 06:19:49 GMT
Server: openresty
ETag: "64968b05-6d484"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 447620
Expires: Thu, 30 Nov 2023 06:37:21 GMT

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame EF47 221 KB
222 KB 695ms
385ms Image
image/gif 107.148.194.20
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.20 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: cce57b64b7ab5adc5a4023164c15b7a9d486f2be264e5db305611c224da2c892

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202311125925
Last-Modified: Thu, 21 Dec 2023 22:48:49 GMT
Server: openresty
ETag: "6584c0d1-37586"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 226694
Expires: Sat, 20 Jan 2024 22:56:42 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame EF47 223 KB
224 KB 141ms
75ms Image
image/gif 198.204.238.227
NOCIX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.204.238.227 , United States, ASN33387 (NOCIX, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 19 Oct 2023 09:05:34 GMT
server: nginx
etag: "6530f15e-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 4507.gif
ok.hdidhidihitt66.com/tp/ Frame EF47 965 KB
967 KB 294ms
228ms Image
image/gif 162.209.131.50
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ok.hdidhidihitt66.com/tp/4507.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

162.209.131.50 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

a310304234a18eed57566b23376179791e85f925b0e4ac1b1d5c19949b3e6ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 24 Mar 2023 16:03:11 GMT
server: nginx
etag: "641dc9bf-f1527"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 988455
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame EF47 152 KB
153 KB 1015ms
460ms Image
image/gif 134.122.135.51
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

134.122.135.51 Hong Kong, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

openresty /

Resource Hash

cccace56c4bef8ad427988bfc89672892e3c3da5a85d5efbaaac558617bfe9cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Strict-Transport-Security: max-age=31536000
Via: ad08-a35
Last-Modified: Fri, 22 Dec 2023 07:21:01 GMT
Server: openresty
ETag: "658538dd-26086"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 155782
Expires: Mon, 22 Jan 2024 09:16:39 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/mt2023/ Frame EF47 439 KB
440 KB 141ms
77ms Image
image/gif 2600:9000:2199:fe00:12:8d30:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm2.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2199:fe00:12:8d30:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 21 Dec 2023 13:21:06 GMT
via: 1.1 a805f3562e8099c23b78cf69c21f7834.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD79-C1
age: 402676
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:26 GMT
server: nginx
etag: "65843a32-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: mn6Hd-yfX3KOqznZqdT5GiV6YKmLfcsrIctDJz5ZwUnU79-TL7b_2g==
expires: Sat, 20 Jan 2024 13:21:06 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/jnc2023/ Frame EF47 842 KB
844 KB 168ms
104ms Image
image/gif 2600:9000:2199:fe00:12:8d30:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm2.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2199:fe00:12:8d30:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 04:51:57 GMT
via: 1.1 a805f3562e8099c23b78cf69c21f7834.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD79-C1
age: 1815625
x-cache: Hit from cloudfront
content-length: 862690
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:24:07 GMT
server: nginx
etag: "6502fb67-d29e2"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: UJeixtmnnqJzHUTYVCrA11280eWeA7I4QFo0UQ2g_kFRiKKxnT23Wg==
expires: Thu, 04 Jan 2024 04:51:57 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame EF47 234 KB
235 KB 1998ms
904ms Image
image/gif 107.148.194.12
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.12 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: c0f2a0bf8e0ff9ba898d82eec0787f44e826a38d366e330a6579ccc95c1c837e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:24 GMT
Via: s202310298740
Last-Modified: Mon, 25 Dec 2023 07:10:21 GMT
Server: openresty
ETag: "65892add-3a9a0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 240032
Expires: Wed, 24 Jan 2024 07:15:16 GMT

GET
H/1.1 200
OK 7299-712x45-io.gif
6399tp.com/tp/ Frame EF47 283 KB
284 KB 285ms
99ms Image
image/gif 198.2.200.125
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/7299-712x45-io.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.200.125 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 8bcbd39bf123a4ce07c6bbfac5b2ca71e37062719cbc3f064c07b27120a4c00c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Via: s202310303619
Last-Modified: Sat, 04 Nov 2023 11:12:20 GMT
Server: openresty
ETag: "65462714-46d90"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 290192
Expires: Mon, 04 Dec 2023 11:13:59 GMT

GET
H/1.1 200
OK 712x45a.gif
tu.jsapp5858688.com/tu688/ Frame EF47 258 KB
258 KB 285ms
100ms Image
image/gif 192.74.252.252
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tu.jsapp5858688.com/tu688/712x45a.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.74.252.252 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: cdn /
Resource Hash: 9fde3b953e8291d49c31a9549bc1793881f29d101e2c79c403eed32a856127e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Last-Modified: Sun, 12 Nov 2023 03:37:02 GMT
Server: cdn
ETag: "6550485e-4061f"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Wed, 24 Jan 2024 08:44:02 GMT

GET
H/1.1 200
OK sxlmhf80.gif
sxlmggx12.com/ Frame EF47 267 KB
267 KB 749ms
287ms Image
image/gif 156.251.153.33
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sxlmggx12.com/sxlmhf80.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.33 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: 73c3217ba59e961b7ef42283222cc37095f141cb98c6b50964fa246c6b1b5365

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-One-Cache: HIT
Date: Tue, 26 Dec 2023 05:12:23 GMT
Last-Modified: Thu, 26 Oct 2023 22:59:14 GMT
Server: nginx/onex
ETag: "653aef42-42a6e"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 273006
Expires: Tue, 23 Jan 2024 03:09:45 GMT

GET
H2 200 pm2.gif
pppmmm.tututufafafa.com/yh2023/ Frame EF47 386 KB
387 KB 213ms
154ms Image
image/gif 2600:9000:2199:fe00:12:8d30:9800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm2.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2199:fe00:12:8d30:9800:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5a61c09145413203bd895ff07b7437d96df379980021be705d3dd54ca8987702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 11:52:37 GMT
via: 1.1 a805f3562e8099c23b78cf69c21f7834.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: IAD79-C1
age: 1012785
x-cache: Hit from cloudfront
content-length: 395400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 13 Dec 2023 16:33:37 GMT
server: nginx
etag: "6579dce1-60888"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: qvboY3MUMcGay5wO-ESRCghr3qQc4ZJCG3C8XJOafplZzL8PyDaYiA==
expires: Sat, 13 Jan 2024 11:52:37 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame EF47 223 KB
223 KB 1484ms
398ms Image
image/gif 107.148.207.6
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.207.6 Shenzhen, China, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: bfd10c33218123eecda3d5f0b4e9c395f8fcfbb81b112d3a246b2d864e805392

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:24 GMT
Via: s202311043030
Last-Modified: Fri, 22 Dec 2023 06:31:35 GMT
Server: openresty
ETag: "65852d47-37add"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 228061
Expires: Sun, 21 Jan 2024 08:47:05 GMT

GET
H/1.1 200
OK npt60.gif
c8932888tp.com/tp/ Frame EF47 324 KB
324 KB 337ms
157ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/npt60.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

13a736196e8b640e07b7e7a5dc9dad78512938e1311fc909adb18fd24388f22c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:22 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Sat, 23 Dec 2023 06:44:24 GMT
Server: openresty
ETag: "658681c8-50e64"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 331364
Expires: Mon, 22 Jan 2024 12:37:24 GMT

GET
H3 200 980-60.gif
z4a.net/images/2023/11/10/ Frame EF47 238 KB
238 KB 58ms
32ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/11/10/980-60.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e33d54a4b61737f0873cfb85adb79e648ba84f5810c6425e49f034034b564cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2399965
alt-svc: h3=":443"; ma=86400
content-length: 243447
pragma: public
last-modified: Tue, 28 Nov 2023 10:32:57 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qa8Z4cDtpthQxe6Mjh8z2gvwquSyzKtYDTT9rNQI5ZFggZnSB218iydKZK9nXA%2FLp5NbxoPWm0jw5byZqJ6c1fE86ce64VjMDG6ijvDiBh92bPTeypkZxGtv9BCaWXBMjxcZvhn"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d4161d2b8c6f-EWR
expires: Wed, 27 Nov 2024 10:32:57 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame EF47 316 KB
317 KB 874ms
245ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 848ce2a419230c0afdc9b068cd272449fce486643edc10f9134a6d59016d082f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202311041118
Last-Modified: Fri, 22 Dec 2023 09:18:40 GMT
Server: openresty
ETag: "65855470-4f17f"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 323967
Expires: Sun, 21 Jan 2024 09:20:30 GMT

GET
H3 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame EF47 662 KB
663 KB 46ms
29ms Image
image/gif 2606:4700:3033::ac43:9c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:9c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 461780
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtHVfFzM8kScH6OGPaWCUOrVYHzzgZjnksO%2FcsjAqCyIADcToAFXEJgsZzrpUeReNdkQGbFRxut7dUSB2fV8tjz6KxFUZ5g3FImxi0y2ROCHVPEY%2FwOfEkQU8aU51zBnVJ14ZP3C4gy4gBe6vbtEJgoC%2BxbDiFRdL421dex64iU0"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 83b6d4161be419db-EWR
alt-svc: h3=":443"; ma=86400
expires: Sun, 31 Dec 2023 14:22:33 GMT

GET
H/1.1 200
OK lhgg.gif
facaiimage.com/ Frame EF47 17 KB
17 KB 759ms
234ms Image
image/gif 182.237.3.208
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://facaiimage.com/lhgg.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 182.237.3.208 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),
Reverse DNS: hkhdc.laws.ms
Software: nginx /
Resource Hash: 38a61d4dc9225e1e5238802b7ad3ce36952ededf39b0ce6509a3a210555bc42d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 25 Dec 2023 08:29:47 GMT
Last-Modified: Tue, 26 Dec 2023 04:50:59 GMT
Server: nginx
ETag: "1703566259"
X-Cache: HIT, policy, memory
Content-Type: image/gif
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 17221
Expires: Wed, 24 Jan 2024 08:29:47 GMT

GET
H3 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame EF47 567 KB
568 KB 564ms
547ms Image
image/gif 2606:4700:3033::ac43:9c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:9c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8f9506d39efd4b0703e9c96c26b45103ab2c083adee89874cf75c684af0ae7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 26 Jan 2023 11:11:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1121041
etag: "63d25fe5-8db5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97R7fGhXIrUYiVakQkZkutw6SzFiBzwC%2FSYgAM0bHBErWVAJmLfsXkDUw4cs%2FlKKWPteBjySXyl2jk%2BnuC4IxjkjT%2FSxmFjwqa3R2MUvYfD7T%2BRnYS3UZgA2WWbJ0wvAy50LPUwVhNDq8iCNhfHP7IyuHAAtHnX%2B5n2FmBR2UE5i"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 83b6d4161be519db-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 30 Dec 2023 10:25:34 GMT

GET
H/1.1 200
OK 965980.gif
diggtp008.com/ Frame EF47 233 KB
233 KB 1010ms
545ms Image
image/gif 156.251.153.113
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://diggtp008.com/965980.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 156.251.153.113 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx/onex /
Resource Hash: e2f9531d4efe3e760b4f0203e39c9e631685b14ab66c1b99347479d5c2f05d33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

X-One-Cache: HIT
Date: Tue, 26 Dec 2023 05:12:23 GMT
Last-Modified: Sun, 10 Sep 2023 13:41:50 GMT
Server: nginx/onex
ETag: "64fdc79e-3a40d"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 238605
Expires: Fri, 19 Jan 2024 12:18:06 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame EF47 384 KB
384 KB 679ms
79ms Image
image/gif 198.2.211.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 80fac2b75ad5710002f81b3a98083ee16dc8778f36ca525a8d2e4f7239680b33

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202310317297
Last-Modified: Fri, 18 Aug 2023 06:53:53 GMT
Server: openresty
ETag: "64df1581-5ff3c"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 393020
Expires: Thu, 30 Nov 2023 06:37:22 GMT

GET
H3 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame EF47 50 KB
50 KB 256ms
225ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2326471
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Wed, 29 Nov 2023 06:57:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAlWak8%2BVvPjKqxd0eNHUdqCuQpF8oge8%2FaRQATxeE4nE6hQeeFYj4nyg5OE3gx1R1Zkgt0d3zqEaoCvgHn%2Bv2oRmKh8fDG8ta%2BOaBBi%2BbBhDeiCJuyP%2B5kaUh%2BUVSSCs6b9VGDd"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d4164d428c6f-EWR
expires: Thu, 28 Nov 2024 06:57:51 GMT

GET
H3 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame EF47 565 KB
566 KB 873ms
839ms Image
image/gif 2606:4700:3033::ac43:9c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:9c05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da256d7f82ed3cc8679f0c805da9676ccad3c2c2a98be8531645b9f24a772319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 11:29:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2481791
etag: "65647db7-8d599"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cKkI2dHIyj7Tam5cjrI%2FymsbzSRprUgHx8oMzE5Ouf4LQ6u3igW6851pOjjF9HDBDsisyoT4mWirxwDgHXoBb%2FMNCr0m5fG5w29SfB3whVTlkvxGcw%2FGlw9dhRSqGZVFBevGppl%2BshDZV3LUEyKDnSizEa1kgz%2B8vioLvs8ejij"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 83b6d4169c2019db-EWR
alt-svc: h3=":443"; ma=86400
expires: Wed, 27 Dec 2023 11:43:38 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame EF47 230 KB
230 KB 516ms
97ms Image
image/gif 137.175.92.58
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.92.58 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: d1562e636f214ad1fe1d0e84f797469144ff098b65b01dc18b48ad56effcd1dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: s202312031860
Last-Modified: Sat, 24 Jun 2023 22:27:01 GMT
Server: openresty
ETag: "64976db5-3973d"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 235325
Expires: Tue, 09 Jan 2024 12:49:02 GMT

GET
H3 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame EF47 49 KB
49 KB 285ms
251ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2397298
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Tue, 28 Nov 2023 11:17:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ntrIcvh24imKNhQre%2FbcePPDAFfF5y%2Ft1cA1pNWUWVLdU9fNpjIltVSxKD51RAfaYzY3%2Baw2r2lcBPLebPuuJbmfSWQ%2BM0epdXG0U5m07m4V90LtDxLnOoyynh3zmo6MgPiw9D4N"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83b6d4169d8b8c6f-EWR
expires: Wed, 27 Nov 2024 11:17:24 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame EF47 438 KB
438 KB 422ms
96ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 254aaa1010d4c5c23909bb37051613c00b7508b6da42dc9e49875e2d30ab1be9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 26 Dec 2023 05:12:23 GMT
Via: 192.74.245.115
Last-Modified: Fri, 22 Dec 2023 07:28:38 GMT
Server: openresty
ETag: "65853aa6-6d87e"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448638
Expires: Sun, 21 Jan 2024 07:29:38 GMT

GET
H2 200 dfjt-1.gif
xn--49779-szm9a5kb.xn--gecrj9c/ Frame EF47 351 KB
352 KB 451ms
405ms Image
image/gif 108.181.108.114
AS40676

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xn--49779-szm9a5kb.xn--gecrj9c/dfjt-1.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.181.108.114 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

Software

nginx /

Resource Hash

d4f5d8e53a50f5ea3b74b9647a1ef43a08d510370e0f8ebd2f09a5a143451666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 03 Dec 2023 08:18:45 GMT
server: nginx
etag: "656c39e5-57cdc"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 359644
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 tu.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 583 B
788 B 162ms
31ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/tu.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

0fada6383084eea37080722a0b38e8bbb5c22b5e96c5c1a30e7132d501bebbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:01 GMT
server: nginx
etag: "626cff05-247"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 583
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 hu.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 729 B
934 B 162ms
32ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/hu.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

a34f9448e801cbb09648b7f84b23ed4c99f350d45b388f02eb94619405d06dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:54 GMT
server: nginx
etag: "626cfefe-2d9"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 729
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 niu.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 572 B
777 B 128ms
51ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/niu.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

7aba29366a261480736a289f19748f4c063cb9b1d23440b4ac77f6d797ea070f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:58 GMT
server: nginx
etag: "626cff02-23c"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 572
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 shu.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 526 B
731 B 114ms
38ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/shu.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

7258ca0727e3213dcc632719b008ae0a03845e123214a881be9cf7d6ba0fa125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:00 GMT
server: nginx
etag: "626cff04-20e"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 526
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 zhu.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 586 B
791 B 125ms
50ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/zhu.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

3021fb252ad35d85b4528031714d988ae09b0b3eb118ccf2426c56f0ba4f84ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:03 GMT
server: nginx
etag: "626cff07-24a"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 586
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 gou.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 603 B
808 B 125ms
50ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/gou.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

5754a557446c93493bac7a65f4b3ec1e9bce67e2da63ffa61a32b174a9cc6671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:52 GMT
server: nginx
etag: "626cfefc-25b"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 603
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 ji.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 753 B
958 B 65ms
37ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/ji.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

daf6d005b90cef0c3554059480c79555bcb6ec6968ee5392889fdd15dc6eb7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:55 GMT
server: nginx
etag: "626cfeff-2f1"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 753
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 hou.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 777 B
982 B 64ms
36ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/hou.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

c131eeb45d5ef0c50bbd376d618ac73fc3eb31d9fa0a21398a474748091d48e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:53 GMT
server: nginx
etag: "626cfefd-309"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 777
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 yang.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 641 B
847 B 59ms
30ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/yang.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

3dd447444516a3a7bb51016f53b9d5e51f5e2630382cd45e7cd7aa4f7d73210e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:02 GMT
server: nginx
etag: "626cff06-281"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 641
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 ma.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 600 B
805 B 77ms
48ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/ma.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

c3e192e3723193ba163c47df28401d03a95b20a26cebc13cad1025f23dc9b0b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:57 GMT
server: nginx
etag: "626cff01-258"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 600
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 she.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 572 B
777 B 64ms
36ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/she.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

b3c1487a4dc0bb8f182ae99cdbc7ae6d50e78fc4ae12aad752704f47cf482eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:59 GMT
server: nginx
etag: "626cff03-23c"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 572
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 long.gif
s1x3d.mexicorecreation.com/tp/ Frame 54F3 843 B
1 KB 63ms
35ms Image
image/gif 134.195.196.147
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/long.gif

Requested by

Host: 2w3-t3z.sovaparents.com
URL: https://2w3-t3z.sovaparents.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.196.147 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

147-196-195-134.clients.gthost.com

Software

nginx /

Resource Hash

379b79374fd85419732e9048da588738ef21b50c15673af1160e98cf44a6fd66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2w3-t3z.sovaparents.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:56 GMT
server: nginx
etag: "626cff00-34b"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 843
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 1521 76 B
289 B 316ms
290ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542615

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:22 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame 9B1C 43 B
299 B 327ms
326ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1&et=0&ja=0&ln=en-us&lo=0&rnd=1097105181&si=3c2a3f1a58d33f707bce997f4603371c&su=https%3A%2F%2F2w3-t3z.sovaparents.com%2F&v=1.3.0&lv=1&sn=50754&r=0&ww=720&u=https%3A%2F%2Ftongji.xzldbl.com%2Fztw.html&tt=%E5%87%A1%E6%98%AF%E5%88%B0%E8%BE%BE%E4%BA%86%E7%9A%84%E5%9C%B0%E6%96%B9%EF%BC%8C%E9%83%BD%E5%B1%9E%E4%BA%8E%E6%98%A8%E5%A4%A9%E3%80%82%E5%93%AA%E6%80%95%E9%82%A3%E5%B1%B1%E5%86%8D%E9%9D%92%EF%BC%8C%E9%82%A3%E6%B0%B4%E5%86%8D%E7%A7%80%EF%BC%8C%E9%82%A3%E9%A3%8E%E5%86%8D%E6%B8%A9%E6%9F%94%E3%80%82%E5%B8%A6%E6%B7%B1%E7%9A%84%E6%B5%81%E8%BF%9E%E4%BE%BF%E6%88%90%E4%BA%86%E4%B8%80%E7%A7%8D%E7%BE%81%E7%BB%8A%EF%BC%8C%E7%BB%8A%E4%BD%8F%E7%9A%84%E4%B8%8D%E4%BB%85%E6%98%AF%E5%8F%8C%E8%84%9A%EF%BC%8C%E8%BF%98%E6%9C%89%E6%9C%AA%E6%9D%A5%E3%80%82

Requested by

Host: tongji.xzldbl.com
URL: https://tongji.xzldbl.com/ztw.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tongji.xzldbl.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 26 Dec 2023 05:12:23 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 4B86 76 B
289 B 30ms
29ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542330

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:25 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:25 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 1521 76 B
289 B 29ms
29ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542616

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:25 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:25 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 4B86 76 B
289 B 27ms
26ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542331

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:27 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 1521 76 B
289 B 27ms
26ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542617

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:27 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 4B86 76 B
289 B 27ms
26ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542332

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:29 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 1521 76 B
289 B 28ms
27ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542618

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:29 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 4B86 76 B
289 B 27ms
27ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542333

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:31 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:31 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 1521 76 B
289 B 27ms
26ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542619

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:31 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:31 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 4B86 76 B
289 B 27ms
26ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542334

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:33 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 1521 76 B
289 B 26ms
26ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542620

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:33 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 4B86 76 B
289 B 27ms
27ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542335

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:35 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:35 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 1521 76 B
289 B 27ms
27ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542621

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:35 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:35 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 4B86 76 B
289 B 27ms
26ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542336

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/dbkj.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:37 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:37 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame 1521 76 B
289 B 27ms
26ms XHR
application/javascript 198.57.27.99
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1703567542622

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

198.57.27.99 Toronto, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

99-27-57-198.clients.gthost.com

Software

nginx /

Resource Hash

88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/4924cc.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:12:37 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:34:44 GMT
server: nginx
etag: "658984f4-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 25 Jan 2024 05:12:37 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hm.baidu.com/	1970-01-21 02:48:47	Name: HMACCOUNT_BFESS Value: 64B111D4AFE977E1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://2w3-t3z.sovaparents.com/skin/images/search.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://2w3-t3z.sovaparents.com/yjjy/wei.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://xza4p9plj.xzldbl.com:8443/tanchuang.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://2w3-t3z.sovaparents.com/yjjy/images/bj.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1325tp.com
2w3-t3z.sovaparents.com
5698tp.com
6399tp.com
9216tp.com
9323tp.cc
9831tc.com
c7575tp.com
c8932888tp.com
diggtp008.com
facaiimage.com
hm.baidu.com
img.chkaja.com
img10.chkaja.com
img9.chkaja.com
ok.hdidhidihitt66.com
pjkbv034cbdft6qwd.com
pppmmm.tututufafafa.com
s1x3d.mexicorecreation.com
sxlmggx12.com
tkimg.happymakeupstars.com
tongji.xzldbl.com
tu.jsapp5858688.com
tupain2.baitu4lliltvmwelqubyqm.com
www.3400tupian.com
www.7859888tp.com
www.8122888tp.com
www.9129666tp.com
xn--49779-szm9a5kb.xn--gecrj9c
xza4p9plj.xzldbl.com
z4a.net
ztwyqsgdh.dglietou.com
103.235.46.191
107.148.194.12
107.148.194.20
107.148.196.91
107.148.207.6
108.181.108.114
134.122.135.51
134.195.196.128
134.195.196.147
134.195.197.62
137.175.69.133
137.175.92.58
156.251.153.113
156.251.153.33
162.209.131.50
182.237.3.208
192.74.232.140
192.74.245.123
192.74.252.252
198.2.200.125
198.2.211.83
198.204.238.227
198.57.27.99
23.162.200.129
2600:9000:2199:fe00:12:8d30:9800:93a1
2606:4700:3033::ac43:9c05
2606:4700:3035::ac43:9b56
2606:4700:3038::6815:eaeb
2606:4700:3038::6815:eb25
2606:4700:3038::6815:eb26
0923663b18a8b7c681c4b51287eb0163a21174d3bdc504d3cfd851469a438d05
0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74
0fada6383084eea37080722a0b38e8bbb5c22b5e96c5c1a30e7132d501bebbfe
1043d0018e256e1b22fa7a1bfdfa81038e556a6d7a08bcd36264fc6739720853
13a736196e8b640e07b7e7a5dc9dad78512938e1311fc909adb18fd24388f22c
1936c27bacc5c82d91f4fd12748ba5ad3350a265e41abf44f62abe9449fd2e1e
1a5d2e7e7030378c88473b79d39febe2825fed3524ebfee9811ae69c7271998a
1b310c28414990fb6e8ec2edea762b0216a09a1e2722a601471daf355399f052
24ff4fd3ddb6a56d01357657c8ef42664deafff0dfcf5745c539873fe6cb4c3f
254aaa1010d4c5c23909bb37051613c00b7508b6da42dc9e49875e2d30ab1be9
2771a3117db32c8fa1b31008a3ccdecc6d761469768a88e3b32251e542dd944b
2bbaaf535c3a4a737078130d63c4495e6ec278e46523e4f35331737fd40c321a
3021fb252ad35d85b4528031714d988ae09b0b3eb118ccf2426c56f0ba4f84ca
379b79374fd85419732e9048da588738ef21b50c15673af1160e98cf44a6fd66
38a61d4dc9225e1e5238802b7ad3ce36952ededf39b0ce6509a3a210555bc42d
3dd447444516a3a7bb51016f53b9d5e51f5e2630382cd45e7cd7aa4f7d73210e
45c91617ae58890f9a9dae1dbce100a41e56a4f49ef62605a552c85f688e2f23
5754a557446c93493bac7a65f4b3ec1e9bce67e2da63ffa61a32b174a9cc6671
58051c36292407b7485e6fa6579d759ebc00ae57fa0691e5347861210d86c429
5a61c09145413203bd895ff07b7437d96df379980021be705d3dd54ca8987702
5a6c65212536aee82be7df91227252bc9bd059d9e1b8e90151cc88b90a8a0588
5d57a47bfc7022923e8633f4ba4048c96aea9d51adc1c3873c92fa19ca2fbd2a
5e4570278ff4fff428a3f39932434e04c91ad2a9a346836aea0741a17dc75820
5e4da081c6399be9f72ce8ebc27492b531013b6146f06fa540a994958bbc64af
5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e
60839b3083a45efefe0141f077799057a5f1f949ac7919b9f956348700bad589
646cf76a9e7bff90f85b72817b904cbcbf3f71b96615c772ef2871a6dda759f8
6a5c1acf48e696fc1da80481c0f240f411c32b0df28c9f7f3ff6d3a1d9155da8
6aef251dc8cff2873aa959b4cde1f77e9bc9bcbdc0838d2b8a2c748fa807d32a
7258ca0727e3213dcc632719b008ae0a03845e123214a881be9cf7d6ba0fa125
73c3217ba59e961b7ef42283222cc37095f141cb98c6b50964fa246c6b1b5365
77a88b3bad5035d01b0495050cf9995a569134f2575e14022708fdf0cd0fc1d9
7aba29366a261480736a289f19748f4c063cb9b1d23440b4ac77f6d797ea070f
7ec068641653de678cc7c398265f755aa8b64a3c93dc69ea35375207716c0dbf
80459a81d8425e49203077d93f0b18a243ee414934c1bebb0935d99f1463844b
80fac2b75ad5710002f81b3a98083ee16dc8778f36ca525a8d2e4f7239680b33
848ce2a419230c0afdc9b068cd272449fce486643edc10f9134a6d59016d082f
848ead107d13f5e2a69ae5b4ead73fe566dc48c34d602697cee3799bc472d94b
88255790023cb12dd1410f6e5997a6602325a9ac600e2bb618c4e697111e6cae
8bcbd39bf123a4ce07c6bbfac5b2ca71e37062719cbc3f064c07b27120a4c00c
919a124afa98feba8dcf9971412acaf15a00103f7d70942f66b96db2e41697f1
9fde3b953e8291d49c31a9549bc1793881f29d101e2c79c403eed32a856127e2
a310304234a18eed57566b23376179791e85f925b0e4ac1b1d5c19949b3e6ff8
a34f9448e801cbb09648b7f84b23ed4c99f350d45b388f02eb94619405d06dd9
a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef
b3c1487a4dc0bb8f182ae99cdbc7ae6d50e78fc4ae12aad752704f47cf482eae
b725895face63e4fa56d42badd9f6c9a23a15d6f75d87f8f7e406fa3d79ab952
bc766bbb2a5ee3127e54dc9f67aa3852b5d5d37246690552456300b25cf91928
be97fd917036c85dbe987d8fae09a5698be3333b01ffe7d806018ec84e62da20
bed9a06fbcbbf5e774a76e51deb9e4b89d2bfe9717a78d6260bff5e79f385e1c
bfd10c33218123eecda3d5f0b4e9c395f8fcfbb81b112d3a246b2d864e805392
c0f2a0bf8e0ff9ba898d82eec0787f44e826a38d366e330a6579ccc95c1c837e
c131eeb45d5ef0c50bbd376d618ac73fc3eb31d9fa0a21398a474748091d48e1
c3e192e3723193ba163c47df28401d03a95b20a26cebc13cad1025f23dc9b0b5
c55ad4ba886a6eb120543cbd9e52c70dfd7c7ecaab1adb7c4d704381bfccd948
cba72e74268a5fc04a724239a6158f98976ba29e527e8b14ed8306eb5bc63415
cccace56c4bef8ad427988bfc89672892e3c3da5a85d5efbaaac558617bfe9cb
cce57b64b7ab5adc5a4023164c15b7a9d486f2be264e5db305611c224da2c892
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1562e636f214ad1fe1d0e84f797469144ff098b65b01dc18b48ad56effcd1dc
d1cdacfca4acb6ba851ec84e1bce56863166d935a784ed89a7c381046cd1417f
d4f5d8e53a50f5ea3b74b9647a1ef43a08d510370e0f8ebd2f09a5a143451666
d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5
da256d7f82ed3cc8679f0c805da9676ccad3c2c2a98be8531645b9f24a772319
daf6d005b90cef0c3554059480c79555bcb6ec6968ee5392889fdd15dc6eb7a2
dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd
df4f52a9df949b89740d5abd67be8b10c53512a5ca03eb557a99923315676b23
dfc9793d52a8794382d9e92c19aa4a690270e0018809dc95061c9bd9202e26a8
e2f9531d4efe3e760b4f0203e39c9e631685b14ab66c1b99347479d5c2f05d33
e33d54a4b61737f0873cfb85adb79e648ba84f5810c6425e49f034034b564cf5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f80a371083e7631cbef67e71d4ae94c83d06120eaa1c4009216781e3595cd
e95622a43ca5104c17d00395e963bf3075777687de974d5a459dd7ec6be1211b
e9e120e44e2599302942a1c25a1e4778f7f9af14aea6dbaac6d327bee5f7ef17
ec4e09caf790d51d43feaccf644759a2b61712e076fe96be505b6d0756060c28
ece8d945ad8a84e3866b4d19ee8c0f7096d2cf4b2998021d678415996f181d8c
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f53cefa9466f22efe65d820f241bf0d5c9791d755a3b0db140eb72c17b86b987
f8f9506d39efd4b0703e9c96c26b45103ab2c083adee89874cf75c684af0ae7f

2w3-t3z.sovaparents.com Open in urlscan Pro 23.162.200.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

158 Requests

83 %HTTPS

20 %IPv6

29 Domains

32 Subdomains

29 IPs

4 Countries

30866 kBTransfer

31110 kBSize

1 Cookies

1 Outgoing links

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

2w3-t3z.sovaparents.com Open in urlscan Pro
23.162.200.129 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

83 %
HTTPS

20 %
IPv6

29
Domains

32
Subdomains

29
IPs

4
Countries

30866 kB
Transfer

31110 kB
Size

1
Cookies

158 HTTP transactions
0 data transactions