y9w.night2.org Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://nmdh63.com/
Effective URL:
https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Submission: On June 28 via api (June 28th 2024, 3:22:08 am UTC) from BE — Scanned from DE

Summary HTTP 42 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 16 domains to perform 42 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is y9w.night2.org.
TLS certificate: Issued by WE1 on June 25th 2024. Valid for: 3 months.

This is the only time y9w.night2.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.178.187 172.67.178.187	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::6815:1f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	154.85.69.8 154.85.69.8	139057 (LDPL-AS-A...) (LDPL-AS-AP LEGEND DYNASTY PTE. LTD.)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	172.67.128.103 172.67.128.103	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.132.201.10 142.132.201.10	() ()
6	198.251.81.242 198.251.81.242	() ()
2	104.20.95.138 104.20.95.138	() ()
42	10

1 172.67.178.187 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nmdh63.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:1f5 (United States)

ASN13335 (CLOUDFLARENET, US)

wb.cjvzntl3modrf0a8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.85.69.8 (Singapore, Singapore)

ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.128.103 (United States)

ASN13335 (CLOUDFLARENET, US)

jqw.cjvzntl3modrf0a8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

y9w.night2.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.132.201.10 (None, )

ASN- ()

mrtoss03.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.251.81.242 (None, )

ASN- ()

pomf2.lain.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.95.138 (None, )

ASN- ()

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	night2.org y9w.night2.org	119 KB
6	lain.la pomf2.lain.la	240 KB
4	cjvzntl3modrf0a8.com wb.cjvzntl3modrf0a8.com jqw.cjvzntl3modrf0a8.com	4 KB
2	statcounter.com www.statcounter.com c.statcounter.com	13 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
2	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 70782	69 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	203 KB
1	mrtoss03.com mrtoss03.com	399 KB
1	nmdh63.com 1 redirects nmdh63.com	523 B
0	173326.com Failed img.173326.com Failed
0	927726.com Failed img.927726.com Failed
0	w0079.com Failed w0079.com Failed
0	baidu.com Failed imgsrc.baidu.com Failed
0	888bbb777www.com Failed 888bbb777www.com Failed
0	888ppp888ppp.com Failed 888ppp888ppp.com Failed
0	666ppp666ppp.com Failed 666ppp666ppp.com Failed
42	16

	Domain	Requested by
14	y9w.night2.org	jqw.cjvzntl3modrf0a8.com y9w.night2.org
6	pomf2.lain.la	y9w.night2.org
2	jqw.cjvzntl3modrf0a8.com	wb.cjvzntl3modrf0a8.com
2	region1.google-analytics.com	www.googletagmanager.com
2	cdn.staticfile.org	wb.cjvzntl3modrf0a8.com jqw.cjvzntl3modrf0a8.com
2	www.googletagmanager.com	wb.cjvzntl3modrf0a8.com y9w.night2.org
2	wb.cjvzntl3modrf0a8.com
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	y9w.night2.org
1	mrtoss03.com	y9w.night2.org
1	nmdh63.com	1 redirects
0	img.173326.com Failed	y9w.night2.org
0	img.927726.com Failed	y9w.night2.org
0	w0079.com Failed	y9w.night2.org
0	imgsrc.baidu.com Failed	y9w.night2.org
0	888bbb777www.com Failed	y9w.night2.org
0	888ppp888ppp.com Failed	y9w.night2.org
0	666ppp666ppp.com Failed	y9w.night2.org
42	18

This site contains no links.

Subject Issuer	Validity	Valid
cjvzntl3modrf0a8.com WE1	`2024-06-25` - `2024-09-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.staticfile.org GeoTrust RSA CN CA G2	`2023-09-08` - `2024-10-04`	a year	crt.sh
night2.org WE1	`2024-06-25` - `2024-09-23`	3 months	crt.sh
mrtoss03.com R3	`2024-04-20` - `2024-07-19`	3 months	crt.sh
*.lain.la R10	`2024-06-26` - `2024-09-24`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Frame ID: BD8CE384D76D2C74380DD50949CF5C02
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://nmdh63.com/ HTTP 301
https://wb.cjvzntl3modrf0a8.com/kyg6m/%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html Page URL
https://jqw.cjvzntl3modrf0a8.com/aw1co/%E7%BD%97%E6%9B%BC%E8%92%82%E5%85%8B.html Page URL
https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

79 %
HTTPS

30 %
IPv6

16
Domains

18
Subdomains

10
IPs

4
Countries

1049 kB
Transfer

1730 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://nmdh63.com/ HTTP 301
https://wb.cjvzntl3modrf0a8.com/kyg6m/%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html Page URL
https://jqw.cjvzntl3modrf0a8.com/aw1co/%E7%BD%97%E6%9B%BC%E8%92%82%E5%85%8B.html Page URL
https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://nmdh63.com/ HTTP 301
https://wb.cjvzntl3modrf0a8.com/kyg6m/%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html Show response
wb.cjvzntl3modrf0a8.com/kyg6m/
Redirect Chain

https://nmdh63.com/
https://wb.cjvzntl3modrf0a8.com/kyg6m/%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html

2 KB
2 KB

147ms
79ms

Document
text/html

2606:4700:3033::6815:1f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wb.cjvzntl3modrf0a8.com/kyg6m/%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9019e6323bdaf4db7876a2e77a3dbcb1efc2d8c677be251ebc4dc4394c8043c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89aa8ccef9b41961-FRA
content-encoding: br
content-type: text/html
date: Fri, 28 Jun 2024 03:22:01 GMT
last-modified: Tue, 25 Jun 2024 07:52:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WkoDpXy7ZpQMizJpvKwmOZIoHI2PgMoxpBaRtkV99TFTOzXHJGb7zdMe1I4OHMpJdzQBBYN5bPr%2FSuiQRPy19rCDHcDqDmcjb%2FNo%2FjbZxqgkpd3nl5d7X5FEADPPrAz9B520ZlAvEYVpS67D6nppw9LVnh%2FuAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 89aa8cce6c653836-FRA
content-length: 167
content-type: text/html
date: Fri, 28 Jun 2024 03:22:01 GMT
expires: Fri, 28 Jun 2024 04:22:01 GMT
location: https://wb.cjvzntl3modrf0a8.com/kyg6m/维多利亚.html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lBl3KuB8b0tRZd%2BIoaRz1icAkP2bg1DR6tS3Iqc%2F%2Bbd%2FboA6X%2F6hREhj%2BlGrIlNEXQxuNxghbROUqV%2ByRJdmS6Stu7NZsVqVUxhxivtNstaqCQBU%2BlCXY7pSIksM"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
102 KB 103ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E5Y7JJY2MG

Requested by

Host: wb.cjvzntl3modrf0a8.com
URL: https://wb.cjvzntl3modrf0a8.com/kyg6m/%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31a7f70916c97579663189362e3cff47aa5036a8554bea1c6a282aaa7443dd5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://wb.cjvzntl3modrf0a8.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jun 2024 03:22:01 GMT

GET
H2 200 jquery.min.js Show response
cdn.staticfile.org/jquery/3.6.0/ 87 KB
34 KB 1610ms
1242ms Script
text/javascript 154.85.69.8
LDPL-AS-AP LEGEND...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery/3.6.0/jquery.min.js
Requested by: Host: wb.cjvzntl3modrf0a8.com
URL: https://wb.cjvzntl3modrf0a8.com/kyg6m/%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.85.69.8 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://wb.cjvzntl3modrf0a8.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:03 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-cloud-cdn: true
x-ser: BC147_dx-lt-yd-jiangsu-yancheng-8-cache-16, BC202_lt-obgp-fujian-xiamen-33-cache-2, BC3_DE-Frankfurt-Frankfurt-11-cache-1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 80ms
28ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E5Y7JJY2MG&gtm=45je46q0v9166953537za200&_p=1719544921663&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1270047748.1719544922&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719544921&sct=1&seg=0&dl=https%3A%2F%2Fwb.cjvzntl3modrf0a8.com%2Fkyg6m%2F%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html&dt=%E7%88%B1%E5%83%8F%E4%B8%80%E9%A6%96%E6%AD%8C&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=562&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E5Y7JJY2MG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://wb.cjvzntl3modrf0a8.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 03:22:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wb.cjvzntl3modrf0a8.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 favicon.ico
wb.cjvzntl3modrf0a8.com/ 552 B
470 B 84ms
83ms Other
text/html 2606:4700:3033::6815:1f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wb.cjvzntl3modrf0a8.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:1f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://wb.cjvzntl3modrf0a8.com/kyg6m/%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:03 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kdt7ZFCL4C6HRLzpmAxzUYr5AJWVUlcLGwL7VENXcuWKMaDxS4FkD8pgxZT77XcZJB8T6olyx3WwGTXd8ff2OztYe96mSxpZVd2s6yqO13bPiORc5QngMGgedA3tLslaZi7XbazMJ1L2PCggSvMPgmgaTQZhFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 89aa8cdbaba81961-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 %E7%BD%97%E6%9B%BC%E8%92%82%E5%85%8B.html Show response
jqw.cjvzntl3modrf0a8.com/aw1co/ 2 KB
1 KB 122ms
84ms Document
text/html 172.67.128.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jqw.cjvzntl3modrf0a8.com/aw1co/%E7%BD%97%E6%9B%BC%E8%92%82%E5%85%8B.html
Requested by: Host: wb.cjvzntl3modrf0a8.com
URL: https://wb.cjvzntl3modrf0a8.com/kyg6m/%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0fb9a122283e1abbef59f838c8a9a6892e979588f339a9051914874823e237f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://wb.cjvzntl3modrf0a8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89aa8ce22dd52c72-FRA
content-encoding: br
content-type: text/html
date: Fri, 28 Jun 2024 03:22:04 GMT
last-modified: Wed, 26 Jun 2024 06:45:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fzVVc2HCVd6uv0eMz2j%2F9fk1l8q25Z4LUruxt5Omi5eiB4EICO5dxdc%2F7KDulzcZ2tMEVZ03VQ%2F5J0BZcvJ%2Bfw32X4n0PLTjsY2xlGWH3inEcKe9XUdFgaSQaxoM9cZsAa6pwzQ%2FuLqBngg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST collect
region1.google-analytics.com/g/ 0
0

GET
H2 200 jquery.min.js Show response
cdn.staticfile.org/jquery/3.6.0/ 87 KB
34 KB 589ms
589ms Script
text/javascript 154.85.69.8
LDPL-AS-AP LEGEND...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery/3.6.0/jquery.min.js
Requested by: Host: jqw.cjvzntl3modrf0a8.com
URL: https://jqw.cjvzntl3modrf0a8.com/aw1co/%E7%BD%97%E6%9B%BC%E8%92%82%E5%85%8B.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.85.69.8 Singapore, Singapore, ASN139057 (LDPL-AS-AP LEGEND DYNASTY PTE. LTD., SG),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jqw.cjvzntl3modrf0a8.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:05 GMT
content-encoding: gzip
server: nginx
access-control-allow-methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
x-cloud-cdn: true
x-ser: BC147_dx-lt-yd-jiangsu-yancheng-8-cache-16, BC202_lt-obgp-fujian-xiamen-33-cache-2, BC3_DE-Frankfurt-Frankfurt-11-cache-1

GET
H3 404 favicon.ico
jqw.cjvzntl3modrf0a8.com/ 552 B
566 B 87ms
87ms Other
text/html 172.67.128.103
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jqw.cjvzntl3modrf0a8.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.128.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://jqw.cjvzntl3modrf0a8.com/aw1co/%E7%BD%97%E6%9B%BC%E8%92%82%E5%85%8B.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:05 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aEu12OTH5F9g9pcwBkL4yOqcDNGBrUbXPldc%2Fu2FccNbzRB9m082xOREFwIysqfO0IMw8qLffiaH7XsId8FhK1XXnWwAiMO66%2FzBJebhe87zVimLODCl5%2FZoescWZ3jv4LyCvLNKywE74uQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 89aa8ce708602c72-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request index.html Show response
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/ 95 KB
25 KB 128ms
88ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Requested by: Host: jqw.cjvzntl3modrf0a8.com
URL: https://jqw.cjvzntl3modrf0a8.com/aw1co/%E7%BD%97%E6%9B%BC%E8%92%82%E5%85%8B.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9615d27740014d6a930e353f386574a357ea84a4531c4d99a50191509e576666

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://jqw.cjvzntl3modrf0a8.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89aa8cf3dd7f0487-FRA
content-encoding: br
content-type: text/html
date: Fri, 28 Jun 2024 03:22:07 GMT
last-modified: Thu, 27 Jun 2024 16:11:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sm2KVBg4UVwzQ9i9ph20uhSWky3h%2F%2B97pNZpIWJyCgXUcdAbdP0psd9w97LqGW9K91041yaXIh%2FDtteVq1kmk0%2FMwfMYLN%2FE5PB6vUlteXrK7F9H98axVgk77CZ%2FPlQgmw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
102 KB 99ms
39ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BVKTHFQ675

Requested by

Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d22b3d63c8172f0d37ef568c9ce885a782ad7e04e2aa0234f88eb4c42d0ec41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jun 2024 03:22:07 GMT

GET
H3 200 cssf195.css
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/ 3 KB
2 KB 91ms
86ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/cssf195.css?v=2.1
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7910dc19d11856c6e989312407c9d16543493051207b12fda04677d3dc86b06

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"643d5dbf-db0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o54ynGL4A9AEf3GEqd4wl%2BHT8m16gc%2B77JlC4Do9oUCCHlTiggOht38bwYGiDfbtu%2BfqDLTcCeJcB5TyRbbU8ts8N4eB1Lb4lt0sIByFYS%2FRfpaFcfFeNDeqGXntV2EpIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 89aa8cf48df70487-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Jul 2024 03:22:07 GMT

GET
H3 200 indexf195.css
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/ 6 KB
2 KB 74ms
68ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/indexf195.css?v=2.1
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9a219e728ebe9dd012c405151a71d79cb564eb81667ab5a83e5aec1a4a4ed01

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"643d5dbe-1891"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0t30TQ3c784uqyqyUsV6iOdyv0jk3LCy1POez6txZyk1a8Z8LGBOZzb02LOzQ7BbbhGktuLxde3y30e9VZfuPmkafHOaa%2Fw6M4SODLjgKC%2FweZbp1j2tyaSGN3TWUtsQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 89aa8cf48df90487-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Jul 2024 03:22:07 GMT

GET
H3 200 defaultf195.css
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/ 2 KB
1002 B 87ms
84ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/defaultf195.css?v=2.1
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 391a000ff317c63c7360d0ddc7494286da97fbd4bc34d3d95ba7979c249e9e25

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"643d5dbe-611"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8yet6Adgweb2XHySskISLMO8cgVX38sxvNs3jjrCrBS7EoMpa9CY36Jgj%2BCKAycOLyb3WiOgrzL3ldXEboic99pz2dd1oF4USLv3tLcVdUfLBYlI3CK08COmy0R3vmu8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 89aa8cf48dfa0487-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Jul 2024 03:22:07 GMT

GET
H3 200 nivo-sliderf195.css
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/ 1 KB
937 B 76ms
73ms Stylesheet
text/css 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/nivo-sliderf195.css?v=2.1
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 782902b1da8cac93722977d0c16df2c77b870fc7fb60af04ae323dae4baef8a0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"643d5dbe-4b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GbJ3E33vGo%2BFpwpAXOyp2Rzj4FbYfKq3AO4RUFN7PU1qwjpQnx7fTH6kf3PY%2BJcsaxzeovygiYU425mdeAVH2qWP4JWhVI%2B%2BiXsJheYxpLTo0UhzxgWBEGWkEybktup5Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 89aa8cf48dfb0487-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Jul 2024 03:22:07 GMT

GET
H3 200 jqueryf195.js Show response
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/js/ 85 KB
30 KB 117ms
114ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/js/jqueryf195.js?v=2.1
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e39c8a2ee5a6fd210aa4408d014a469b2052a16e09239c4aeeb5a7b78ecc5d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"643d5dc1-15315"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5iidS7f0L4COaVsRe7OP6mdZD19EjUknfH2GOw9MBLzwl47%2B0weKZrdZ3oShBG54k0ZG1GzlYdpnjXauM%2FeSYwkkJgGjhz6i%2FMfjRJa5mRZmhEBVGIfrmoG3jmc0ClMIGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 89aa8cf48dfc0487-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Jul 2024 03:22:07 GMT

GET
H3 200 common6fd8.js Show response
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/js/ 3 KB
2 KB 87ms
84ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/js/common6fd8.js?v=V2.1
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f537398f0998d42270c91faef338aa26d419d9c34a3e96b4132ff88727654694

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"643d5dc1-d5c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PSWQmXUqTCJ0vToJyEylRWnUOFUzSA%2B0tcZKzv%2B7p8tk8wuTolLpOLmQwxKIVxjoBfOeqdTyq8YuqoAibCj5mvOGnYft4p%2F4%2BC3tWgN9wOWxRN5P4i%2B1tE0ZUzQ3AazpKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 89aa8cf48dfd0487-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Jul 2024 03:22:07 GMT

GET
H3 200 jquery.nivo.sliderf195.js Show response
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/js/ 15 KB
4 KB 79ms
76ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/js/jquery.nivo.sliderf195.js?v=2.1
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21a40c2251e2053239d5858f5ce02b871296611c0f350c5a8ec5e2139627af1f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"643d5dc2-3cf9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6Fvkznfmhnl5oadRiUU18LygNMbu8SdLqy11VBFJu%2FNTkvZHTUxLl469ul2oqSZG4kyJM0Kc2AtGDfumwyF8dIbVZ4mAVe30xkgLsah%2F6jl1aBcEGURuUlZmDmcz%2BGRVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 89aa8cf48dfe0487-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 05 Jul 2024 03:22:07 GMT

GET 01ff711d19b74762afd14cdd2d39d7be.gif
666ppp666ppp.com/ 0
0

GET 99adc73fd17e409384172215bd4e8280.gif
888ppp888ppp.com/ 0
0

GET bb5db24f454947cbaa3c8dc0fbea2a5c.gif
888bbb777www.com/ 0
0

GET 6c224f4a20a4462333462b5fde22720e0cf3d77b.jpg
imgsrc.baidu.com/forum/pic/item/ 0
0

GET
H2 200 be0ba627e78d598446af353f3fa29066.gif
mrtoss03.com/ 402 KB
399 KB 924ms
28ms Image
image/gif 142.132.201.10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mrtoss03.com/be0ba627e78d598446af353f3fa29066.gif
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.132.201.10 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:20:08 GMT
content-encoding: gzip
last-modified: Fri, 28 Jun 2024 03:20:08 GMT
server: nginx
etag: W/"66160edd-649d2"
vary: Accept-Encoding
x-cache: HIT, server, disk
content-type: image/gif
cache-control: max-age=2592000
expires: Sun, 28 Jul 2024 03:20:08 GMT

GET 6b8da0a1546a443a8990b672b8c022eb.gif
w0079.com/ 0
0

GET 667122a6d839b265cd1854e0.gif
img.927726.com/images/ 0
0

GET 66712275d839b265cd1854df.gif
img.173326.com/images/ 0
0

GET
H2 200 v6erygon.jpg
pomf2.lain.la/f/ 46 KB
46 KB 432ms
206ms Image
image/jpeg 198.251.81.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pomf2.lain.la/f/v6erygon.jpg
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.251.81.242 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ce47e02090c0ce5beb73f9efaf203af2974f030244d6d534a28f7f4de1ea6ce2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:19:20 GMT
last-modified: Mon, 13 May 2024 13:47:10 GMT
server: nginx
etag: "664219de-b648"
content-type: image/jpeg
access-control-allow-origin: https://cytube.lain.la
accept-ranges: bytes
content-length: 46664

GET
H2 200 m3s1q2y8.jpg
pomf2.lain.la/f/ 21 KB
21 KB 431ms
205ms Image
image/jpeg 198.251.81.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pomf2.lain.la/f/m3s1q2y8.jpg
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.251.81.242 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 281273532fde790eb992d636cafd90cecbf91b40dbae53c1116661a6877ea3ce

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:19:20 GMT
last-modified: Mon, 13 May 2024 13:47:40 GMT
server: nginx
etag: "664219fc-52eb"
content-type: image/jpeg
access-control-allow-origin: https://cytube.lain.la
accept-ranges: bytes
content-length: 21227

GET
H2 200 u00lnm9r.jpg
pomf2.lain.la/f/ 104 KB
104 KB 255ms
254ms Image
image/jpeg 198.251.81.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pomf2.lain.la/f/u00lnm9r.jpg
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.251.81.242 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 419f88bf65e7446d39e2c13156b929676ebeb1f5f5127a12124706fe024c3afc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:19:20 GMT
last-modified: Mon, 13 May 2024 13:47:42 GMT
server: nginx
etag: "664219fe-19f82"
content-type: image/jpeg
access-control-allow-origin: https://cytube.lain.la
accept-ranges: bytes
content-length: 106370

GET
H2 200 9j73ii3g.jpg
pomf2.lain.la/f/ 31 KB
31 KB 255ms
254ms Image
image/jpeg 198.251.81.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pomf2.lain.la/f/9j73ii3g.jpg
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.251.81.242 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 2a9f12d5354f467652464b0b0dbfa953b93ad316c8f69170de26b9a0be204218

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:19:20 GMT
last-modified: Mon, 13 May 2024 13:47:41 GMT
server: nginx
etag: "664219fd-7d2d"
content-type: image/jpeg
access-control-allow-origin: https://cytube.lain.la
accept-ranges: bytes
content-length: 32045

GET
H2 200 h4sgv87a.jpg
pomf2.lain.la/f/ 20 KB
20 KB 255ms
254ms Image
image/jpeg 198.251.81.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pomf2.lain.la/f/h4sgv87a.jpg
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.251.81.242 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: c604ac91dc869e5690a97ca3adb21e702c93d59c0b3a810974c7062530a7799b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:19:20 GMT
last-modified: Mon, 13 May 2024 13:47:41 GMT
server: nginx
etag: "664219fd-4fc1"
content-type: image/jpeg
access-control-allow-origin: https://cytube.lain.la
accept-ranges: bytes
content-length: 20417

GET
H2 200 hrrh14pr.jpg
pomf2.lain.la/f/ 18 KB
18 KB 255ms
253ms Image
image/jpeg 198.251.81.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pomf2.lain.la/f/hrrh14pr.jpg
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.251.81.242 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 035704640372281887a3ebd9af8916bde2beaa1ef58e000e332ef6e6940e760a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:19:20 GMT
last-modified: Mon, 13 May 2024 13:47:42 GMT
server: nginx
etag: "664219fe-4726"
content-type: image/jpeg
access-control-allow-origin: https://cytube.lain.la
accept-ranges: bytes
content-length: 18214

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 35 KB
13 KB 97ms
31ms Script
application/javascript 104.20.95.138

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.95.138 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 27 Jun 2024 10:03:42 GMT
server: cloudflare
age: 3950
etag: W/"667d38fe-8c17"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 89aa8cf7ab76bb65-FRA
expires: Fri, 28 Jun 2024 14:16:17 GMT

GET
H3 200 beijing.jpg
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/ 45 KB
45 KB 110ms
109ms Image
image/jpeg 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/beijing.jpg
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a253779f90a7455f9858aae69f4023d26d2a53876831ec354ab5ee9d9c8b688

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/index.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "643d5dc2-b2e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WKdvdsNnAy3%2BgB5RDRYm1pahDSwYyzefTPfz%2FOzq5m5F%2FpS2Sxrv56M3Yq6zxov0PdIuaPa7rhCDdfmcMoCdvN2PEg%2F2IQPD8oCu9RtBbC56KkTX7%2FEq0MJ%2BoMRHvXPHJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 89aa8cf59ea30487-FRA
alt-svc: h3=":443"; ma=86400
content-length: 45795
expires: Sun, 28 Jul 2024 03:22:07 GMT

GET
H3 200 logo.png
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/ 3 KB
3 KB 84ms
83ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/logo.png
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/cssf195.css?v=2.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4584cedda7b4b7931cb3f29678874a16781b3320c2138f4e466b1ccd1ee316d3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/cssf195.css?v=2.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "643d5dbd-a4b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BTzYd8hGjkb6JufW5sjoUq8YHQDi9EOIUyfpk0yVQpmn4dXU0r9Ke0mUvuq85Jdplo3SuqhYMkI0uO%2BmVo%2FZe2Kz2kjK4D6pZB17JmZliHps0EoedI1ZhLlL%2BmANvcr5zw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 89aa8cf59ea40487-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2635
expires: Sun, 28 Jul 2024 03:22:07 GMT

GET
H3 404 dian.png
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/images/ 552 B
552 B 89ms
89ms Image
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/images/dian.png
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/indexf195.css?v=2.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/indexf195.css?v=2.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZK86DqJzZMFTUl0gZIFlUBgNyun0y6%2BdL4ao0qLHB2dXt6vk5nPs9fLZuo%2BVdBZ73KqWDufcMakQ2GVYru3y5T4p5cWXnkVstcpOCeUsxjie4KYZMwyXFmXv3LS9KLhLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 89aa8cf59ea60487-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 title.png
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/ 1 KB
2 KB 79ms
78ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/title.png
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/indexf195.css?v=2.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64823b686569f3d9610db8d4f12a4f34d6f6b104419f5b0b7c2d1babdb376c16

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/indexf195.css?v=2.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "643d5dbd-497"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m8nTnCG%2BS3G6BkUPU3DZ2UJVRcZu0In3ln5GNFqkEBkzapB46wuG0B51c3nQOWy4KTMfMmKmO4KIYwv87iJTy%2B0SgtAbJrSvGEbWpDaP40UdW29tehfabNiq%2BU%2FSCGpPUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 89aa8cf59ea70487-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1175
expires: Sun, 28 Jul 2024 03:22:07 GMT

GET
H3 200 top.png
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/ 1 KB
2 KB 79ms
79ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/top.png
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/cssf195.css?v=2.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d0026398001ff50fde2c0970d64165312f5591d34e226d00ee1f7469535c19

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/cssf195.css?v=2.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:07 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "643d5dbd-431"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bw9bVkLIqcVTKDZyfBDzcs%2B3FdrhHiezlIfrlYi3GbJf76PX0xKbezfgE%2BECrYuFWO5%2FgQt8XcTfSFq19wKb3bykhWZjWW8un0TnbRy3ChKNWcLL10Fm0IIozcUmEooFqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 89aa8cf59eaa0487-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1073
expires: Sun, 28 Jul 2024 03:22:07 GMT

GET
H3 200 arrows.png
y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/ 824 B
1 KB 54ms
53ms Image
image/png 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/arrows.png
Requested by: Host: y9w.night2.org
URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/defaultf195.css?v=2.1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/css/defaultf195.css?v=2.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:08 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Apr 2023 14:54:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "643d5dbf-338"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kihFcKyuyTv4601jXveztDKfM93g8XHaoyZnxpOLr8yiDUWsdbQbHUEqOuBs0eVBbSCbLk9yFPiWC6mt6jSFWezL%2Fuo142yB1bbZsakWMQxqp54QLwyx4yKjQddUnSt8gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 89aa8cf808130487-FRA
alt-svc: h3=":443"; ma=86400
content-length: 824
expires: Sun, 28 Jul 2024 03:22:08 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 78ms
27ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BVKTHFQ675&gtm=45je46q0v9166952518za200&_p=1719544927486&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1003750184.1719544928&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719544928&sct=1&seg=0&dl=https%3A%2F%2Fy9w.night2.org%2F%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88%2Findex.html&dr=https%3A%2F%2Fjqw.cjvzntl3modrf0a8.com%2F&dt=%E6%9F%A0%E6%AA%AC%E5%AF%BC%E8%88%AA-%E6%9F%A0%E6%AA%AC%E7%A6%8F%E5%88%A9%E8%8A%B1%E5%9B%AD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=826&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BVKTHFQ675
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 03:22:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://y9w.night2.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
595 B 185ms
171ms XHR
application/json 104.20.95.138

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=11978762&u1=DD34EA44AA884FB0FCD9CEAF83DBA6BD&java=1&security=cf1b038c&sc_snum=1&sess=99b877&p=0&pv=10&rcat=r&rdom=jqw.cjvzntl3modrf0a8.com&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=https%3A//jqw.cjvzntl3modrf0a8.com/&u=https%3A//y9w.night2.org/%25E9%25A6%2599%25E6%25B0%25B4%25E7%2599%25BE%25E5%2590%2588/index.html&t=%E6%9F%A0%E6%AA%AC%E5%AF%BC%E8%88%AA-%E6%9F%A0%E6%AA%AC%E7%A6%8F%E5%88%A9%E8%8A%B1%E5%9B%AD&invisible=1&sc_rum_e_s=841&sc_rum_e_e=848&sc_rum_f_s=0&sc_rum_f_e=694&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.95.138 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://y9w.night2.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 03:22:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://y9w.night2.org
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 89aa8cf8ec3dbb65-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E5Y7JJY2MG&gtm=45je46q0v9166953537za200&_p=1719544921663&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1270047748.1719544922&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1719544921&sct=1&seg=0&dl=https%3A%2F%2Fwb.cjvzntl3modrf0a8.com%2Fkyg6m%2F%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html&dt=%E7%88%B1%E5%83%8F%E4%B8%80%E9%A6%96%E6%AD%8C&en=scroll&epn.percent_scrolled=90&_et=5&tfd=3297&_z=fetch

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-E5Y7JJY2MG&gtm=45je46q0v9166953537za200&_p=1719544921663&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1270047748.1719544922&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1719544921&sct=1&seg=0&dl=https%3A%2F%2Fwb.cjvzntl3modrf0a8.com%2Fkyg6m%2F%E7%BB%B4%E5%A4%9A%E5%88%A9%E4%BA%9A.html&dt=%E7%88%B1%E5%83%8F%E4%B8%80%E9%A6%96%E6%AD%8C&en=user_engagement&_et=2721&tfd=3297&_z=fetch

Domain: 666ppp666ppp.com
URL: https://666ppp666ppp.com/01ff711d19b74762afd14cdd2d39d7be.gif

Domain: 888ppp888ppp.com
URL: https://888ppp888ppp.com/99adc73fd17e409384172215bd4e8280.gif

Domain: 888bbb777www.com
URL: https://888bbb777www.com/bb5db24f454947cbaa3c8dc0fbea2a5c.gif

Domain: imgsrc.baidu.com
URL: https://imgsrc.baidu.com/forum/pic/item/6c224f4a20a4462333462b5fde22720e0cf3d77b.jpg

Domain: w0079.com
URL: https://w0079.com:33236/6b8da0a1546a443a8990b672b8c022eb.gif

Domain: img.927726.com
URL: https://img.927726.com/images/667122a6d839b265cd1854e0.gif

Domain: img.173326.com
URL: https://img.173326.com/images/66712275d839b265cd1854df.gif

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.cjvzntl3modrf0a8.com/	1970-01-21 07:15:04	Name: _ga Value: GA1.1.1270047748.1719544922
			.cjvzntl3modrf0a8.com/	1970-01-21 07:15:04	Name: _ga_E5Y7JJY2MG Value: GS1.1.1719544921.1.0.1719544924.0.0.0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://wb.cjvzntl3modrf0a8.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://jqw.cjvzntl3modrf0a8.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://y9w.night2.org/%E9%A6%99%E6%B0%B4%E7%99%BE%E5%90%88/images/dian.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

666ppp666ppp.com
888bbb777www.com
888ppp888ppp.com
c.statcounter.com
cdn.staticfile.org
img.173326.com
img.927726.com
imgsrc.baidu.com
jqw.cjvzntl3modrf0a8.com
mrtoss03.com
nmdh63.com
pomf2.lain.la
region1.google-analytics.com
w0079.com
wb.cjvzntl3modrf0a8.com
www.googletagmanager.com
www.statcounter.com
y9w.night2.org
666ppp666ppp.com
888bbb777www.com
888ppp888ppp.com
img.173326.com
img.927726.com
imgsrc.baidu.com
region1.google-analytics.com
w0079.com
104.20.95.138
142.132.201.10
154.85.69.8
172.67.128.103
172.67.178.187
188.114.97.3
198.251.81.242
2001:4860:4802:34::36
2606:4700:3033::6815:1f5
2a00:1450:4001:80f::2008
035704640372281887a3ebd9af8916bde2beaa1ef58e000e332ef6e6940e760a
21a40c2251e2053239d5858f5ce02b871296611c0f350c5a8ec5e2139627af1f
281273532fde790eb992d636cafd90cecbf91b40dbae53c1116661a6877ea3ce
2a9f12d5354f467652464b0b0dbfa953b93ad316c8f69170de26b9a0be204218
31a7f70916c97579663189362e3cff47aa5036a8554bea1c6a282aaa7443dd5c
391a000ff317c63c7360d0ddc7494286da97fbd4bc34d3d95ba7979c249e9e25
419f88bf65e7446d39e2c13156b929676ebeb1f5f5127a12124706fe024c3afc
41e39c8a2ee5a6fd210aa4408d014a469b2052a16e09239c4aeeb5a7b78ecc5d
4584cedda7b4b7931cb3f29678874a16781b3320c2138f4e466b1ccd1ee316d3
64823b686569f3d9610db8d4f12a4f34d6f6b104419f5b0b7c2d1babdb376c16
6821ca4ae2508bdba08e189040928a0769f0a71b12fdd4325c3ae80ef5636bb8
71d0026398001ff50fde2c0970d64165312f5591d34e226d00ee1f7469535c19
782902b1da8cac93722977d0c16df2c77b870fc7fb60af04ae323dae4baef8a0
7a253779f90a7455f9858aae69f4023d26d2a53876831ec354ab5ee9d9c8b688
9615d27740014d6a930e353f386574a357ea84a4531c4d99a50191509e576666
a0fb9a122283e1abbef59f838c8a9a6892e979588f339a9051914874823e237f
a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368
a980b60a8922f510d2da527e74ec9443a57dcc65444dbd6a3ae87dceb28090eb
b9a219e728ebe9dd012c405151a71d79cb564eb81667ab5a83e5aec1a4a4ed01
c604ac91dc869e5690a97ca3adb21e702c93d59c0b3a810974c7062530a7799b
ce47e02090c0ce5beb73f9efaf203af2974f030244d6d534a28f7f4de1ea6ce2
d22b3d63c8172f0d37ef568c9ce885a782ad7e04e2aa0234f88eb4c42d0ec41e
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
f537398f0998d42270c91faef338aa26d419d9c34a3e96b4132ff88727654694
f7910dc19d11856c6e989312407c9d16543493051207b12fda04677d3dc86b06
f9019e6323bdaf4db7876a2e77a3dbcb1efc2d8c677be251ebc4dc4394c8043c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

y9w.night2.org Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

79 %HTTPS

30 %IPv6

16 Domains

18 Subdomains

10 IPs

4 Countries

1049 kBTransfer

1730 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

y9w.night2.org Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

79 %
HTTPS

30 %
IPv6

16
Domains

18
Subdomains

10
IPs

4
Countries

1049 kB
Transfer

1730 kB
Size

2
Cookies

42 HTTP transactions
0 data transactions