unsafe.sh Open in urlscan Pro
2606:4700:3030::ac43:c552 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://unsafe.sh/go-106038.html
Submission: On March 27 via api (March 27th 2022, 8:04:32 am UTC) from IE — Scanned from DE

Summary HTTP 80 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 80 HTTP transactions. The main IP is 2606:4700:3030::ac43:c552, located in United States and belongs to CLOUDFLARENET, US. The main domain is unsafe.sh.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 21st 2021. Valid for: a year.

This is the only time unsafe.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22 34	2606:4700:303... 2606:4700:3030::ac43:c552	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	112.90.153.42 112.90.153.42	136959 (UNICOM-FU...) (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
22	36.110.234.55 36.110.234.55	23724 (CHINANET-...) (CHINANET-IDC-BJ-AP IDC)
4	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
22	221.5.75.35 221.5.75.35	17816 (CHINA169-...) (CHINA169-GZ China Unicom IP network China169 Guangdong province)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	140.82.121.5 140.82.121.5	36459 (GITHUB) (GITHUB)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
80	16

34 2606:4700:3030::ac43:c552 (United States) 22 redirects

ASN13335 (CLOUDFLARENET, US)

unsafe.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 112.90.153.42 (China)

ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 36.110.234.55 (Beijing, China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)

blog.netlab.360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

utteranc.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 221.5.75.35 (China)

ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN)

8aqnet.cdn.bcebos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 140.82.121.5 (United States)

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-5-fra.github.com

api.github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	unsafe.sh 22 redirects unsafe.sh	108 KB
22	bcebos.com 8aqnet.cdn.bcebos.com	701 KB
22	360.com blog.netlab.360.com	698 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	196 KB
4	utteranc.es utteranc.es — Cisco Umbrella Rank: 201727	21 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	5 KB
2	51.la js.users.51.la — Cisco Umbrella Rank: 65231 ia.51.la — Cisco Umbrella Rank: 64340	3 KB
1	github.com api.github.com — Cisco Umbrella Rank: 5809	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	642 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	30 KB
80	12

	Domain	Requested by
34	unsafe.sh	22 redirects unsafe.sh
22	8aqnet.cdn.bcebos.com	unsafe.sh
22	blog.netlab.360.com	unsafe.sh
7	pagead2.googlesyndication.com	unsafe.sh pagead2.googlesyndication.com tpc.googlesyndication.com
4	utteranc.es	unsafe.sh utteranc.es
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	api.github.com	utteranc.es
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ia.51.la	unsafe.sh
1	js.users.51.la	unsafe.sh
1	code.jquery.com	unsafe.sh
80	15

This site contains links to these domains. Also see Links.

Domain
twitter.com
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-21` - `2022-12-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-04-19`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
netlab.360.com WoTrus DV Server CA [Run by the Issuer]	`2022-01-05` - `2023-01-05`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-05-16`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.github.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-16` - `2023-03-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://unsafe.sh/go-106038.html
Frame ID: D5380B0646A3673152BFA5D8DA2B18B9
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html
Frame ID: 41AE9FA0FD9DF3DC3CCC2D706B1CD588
Requests: 1 HTTP requests in this frame

Frame: https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-106038&title=%E6%96%B0%E5%A8%81%E8%83%81%EF%BC%9A%E4%BD%BF%E7%94%A8DNS+Tunnel%E6%8A%80%E6%9C%AF%E7%9A%84Linux%E5%90%8E%E9%97%A8B1txor20%E6%AD%A3%E5%9C%A8%E9%80%9A%E8%BF%87Log4j%E6%BC%8F%E6%B4%9E%E4%BC%A0%E6%92%AD&description=&og%3Atitle=&session=
Frame ID: 7C4D33953F49F5BFD2BDE684C3CBE961
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2546727783310811&output=html&adk=1812271804&adf=3025194257&lmt=1648368254&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368253939&bpp=2&bdt=680&idt=172&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=415206719959&frm=20&pv=2&ga_vid=203266856.1648368254&ga_sid=1648368254&ga_hid=1255439759&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065370%2C31065545%2C31063246&oid=2&pvsid=1263535229683695&pem=101&tmod=781319808&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=191
Frame ID: D8EEC275FB54FE86D559866F9DB0C508
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5DD4BD5EB6F88C0EF304EC1B19013FBE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B20C0960BC98EF7E08590F42D79559CF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

新威胁：使用DNS Tunnel技术的Linux后门B1txor20正在通过Log4j漏洞传播

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

73 %
HTTPS

60 %
IPv6

12
Domains

15
Subdomains

16
IPs

4
Countries

1754 kB
Transfer

2432 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/buaqbot
Title: Twitter Bot

Search URL Search Domain Scan URL

URL: https://t.me/aqinfo
Title: Telegram Bot

Search URL Search Domain Scan URL

URL: https://twitter.com/360Netlab
Title: twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_net.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/dd03c41eeaf5e2afff7872e50c303b6e.jpg

Request Chain 42

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_id.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/df8766d2aedde9039c8e53b1372c980f.jpg

Request Chain 43

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_calc.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/374ce965c7ba8a06517c1d0b9497f28a.jpg

Request Chain 44

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dec.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/3d5d73da0a5213ffc33f85740bbc21dc.jpg

Request Chain 45

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_xor.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/2595faa933297d55394cf4ad9b34e860.jpg

Request Chain 46

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_chef_xor.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/d22ae4e682e850fc1fa25e78801c3c4e.jpg

Request Chain 47

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dns.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/8b517fc1660a96033aad91e066ec588b.jpg

Request Chain 48

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_test.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/85cd5e6bc1c871bbc468696740be3152.jpg

Request Chain 49

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_show.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/0500050f71e731853e879c45a1e3a1cb.jpg

Request Chain 50

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_final.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/f7b1b2485541560dc812c95e18b99e14.jpg

Request Chain 51

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_packet.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/55ca97ef840be4c6a1d532ae556f7590.jpg

Request Chain 52

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dnstxt.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/7f004d6ba84b0cd3e8f2b34c9e4037c5.jpg

Request Chain 53

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_pre.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/f8f23ca59ffffdf9e71260a9b5da8e00.jpg

Request Chain 54

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_reg.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/92da239d50b967c0b21a483d9c38b5ec.jpg

Request Chain 55

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_process.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/7d5568f6fa29fec8397d6256a62bb204.jpg

Request Chain 56

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_tun.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/a16e776793fade94842b60b635fc00af.jpg

Request Chain 57

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_origin.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/335a803c3d6db9b6a6b9cafa3fdab94a.jpg

Request Chain 58

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_senddns.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/51231df67a19231a9e0878780890aa4f.jpg

Request Chain 59

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_recv.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/736f8c6150361280971774afdafe5fd1.jpg

Request Chain 60

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_cmd.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/4d8d27e3b034f4c5e7fb2b3d865f3765.jpg

Request Chain 61

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_after.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/239ddea915ebb28ef398d2abe63cdb39.jpg

Request Chain 62

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_bug.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/7e7ef987bc0a00f1c112aedb06cb6426.jpg

80 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request go-106038.html Show response
unsafe.sh/ 27 KB
11 KB 278ms
232ms Document
text/html 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e3b7d5878d1f29339ff241584366b39a403aaa0c37bbdd6bd539f97ba2f6d9c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yflBFN9RlmP9dqIa4V%2FTYTXGGxZAw435nqVBFBb4yJRhfLzB6sslBJgJ52iOBBAAlz%2FtyNJ6ieWOynzi247uzeFAH2M6ZS5t8R%2B0rewy4VqZM5wqwdY8t5KHXhHwND%2B67gFUQideRfE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f269d2cedf3599b-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
unsafe.sh/static/dist/css/ 160 KB
25 KB 190ms
189ms Stylesheet
text/css 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/dist/css/bootstrap.min.css
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:01:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eBNymiiiTHpbnIotJFIQR7JTExM1PmH1Am75%2BxoL3Zu6%2B6UOjac15t6UmIk3dSKqZRXbQ9jAsfmMxwLiWkuRkw4GJO2rRjxTBex%2FH8yj91XjW%2BseTQElfIJHdfElwLJHNMqpvYRnHy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f269d2f0b00599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.bundle.min.js Show response
unsafe.sh/static/dist/js/ 76 KB
24 KB 221ms
220ms Script
application/javascript 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/dist/js/bootstrap.bundle.min.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osH%2F7RpeoB9e7XNa0uOyK5dRAuryzGZz3QIrdFTwKjREwVcV03DAvluoB4Zp9j9ajs7C1XKh5sxwpHquHR59iugKwgsfOfdfAfemvlpVwiaqS87xReKOn0qHGmaW0V4StN9sN0V5zpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f269d2f0b03599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 45ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://unsafe.sh/
Origin: https://unsafe.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1648368253.dop101.fr8.t,1648368253.cds054.fr8.hn,1648368253.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H/1.1 200
OK 20302257.js Show response
js.users.51.la/ 5 KB
3 KB 597ms
196ms Script
application/javascript 112.90.153.42
UNICOM-FUOSHAN-ID...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20302257.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 112.90.153.42 , China, ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software: openresty /
Resource Hash: 0aa5755be12f1144d791d69f5b9b68d3a9e4a199aeb3e08fb90aef58578bef53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:13 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 51ms
28ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2546727783310811

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5cbb3d77e4552c3b0d20d3210e831ade5e6e99e0d535e02b4ab656ae5abcc00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://unsafe.sh/
Origin: https://unsafe.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54053
x-xss-protection: 0
server: cafe
etag: 4270562290097220806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 08:04:13 GMT

GET
H2 200 content.css
unsafe.sh/static/css/ 2 KB
932 B 187ms
187ms Stylesheet
text/css 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/css/content.css
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d869491434bb01e5ed929066e8a3bf3f2c6d6282c4649c837fed48110f399c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nd11CWlrSLwXegbce%2FCG0itNIizxetUdce4o97q20xBvmOPCpoF9%2FXQBOcqpNwGTNHIfWUWit4RQshszo6Cwupy2mtDI1KwXAA4u8Dk3dndj9PEBw7AJ9kInvrw44qWTw8qftGG0RIc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f269d2f0b06599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 imagebox.css
unsafe.sh/static/css/ 10 KB
3 KB 179ms
179ms Stylesheet
text/css 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/css/imagebox.css
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8750264db5673b91394a4a632e848704b1dec4809c1d50ae67e089f5f1fb51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHhClzjSpRyOVQHFhXNublKOsjnbmkiZJhyZsZ7N1w76%2BdGiEdg1lABQrWgGpZEpZFkNAGaU92kv4%2BnaRnZ%2Fh%2Fe1knOLIp1QI0J310gMEovS7wk6fhqSKjr1XLS1pD%2FNXu1K%2BmB0%2FWM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f269d2f0b07599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK b1t_net.png
blog.netlab.360.com/content/images/2022/03/ 153 KB
153 KB 1975ms
592ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_net.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

aea520b77c768a14d9053225c914bf7b8cc5fab4994640d6274af8b42386fec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:14 GMT
Last-Modified: Tue, 15 Mar 2022 07:02:43 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"263e9-17f8c62dc6a"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156649

GET
H/1.1 200
OK b1t_id.png
blog.netlab.360.com/content/images/2022/03/ 19 KB
19 KB 1827ms
427ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_id.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

702de2f3dccc3ddba8581367d81c98d36ea7519141dfdf7e91b494bc09183dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:14 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"4c26-17f6e4a584e"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19494

GET
H/1.1 200
OK b1t_calc.png
blog.netlab.360.com/content/images/2022/03/ 16 KB
16 KB 2468ms
1040ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_calc.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

ea06e1b5239e69624ecfd75002a556446ca0915693bc783d9a1c7e9e95ab4a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:15 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:19 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"3f50-17f6e4a566a"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16208

GET
H/1.1 200
OK b1t_dec.png
blog.netlab.360.com/content/images/2022/03/ 7 KB
7 KB 1672ms
231ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_dec.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

9f87e1b90abde5c2934f70f23d97aceb902929b1de0409304c1bb3c7ba84ff3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:14 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"1a5b-17f6e4a56ee"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6747

GET
H/1.1 200
OK b1t_xor.png
blog.netlab.360.com/content/images/2022/03/ 17 KB
17 KB 1888ms
398ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_xor.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

90d298bf5573030a8ba62260da1850505b77177e02196c8e5fbabc1345155d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:14 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"43c5-17f6e4a5a06"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17349

GET
H/1.1 200
OK b1t_chef_xor.png
blog.netlab.360.com/content/images/2022/03/ 33 KB
33 KB 2094ms
421ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_chef_xor.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

93f80c20dccdf16f2287a0a129934febdf9a23a1dd7514dbd901f24db37b2156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:15 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"83cc-17f6e4a56cb"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33740

GET
H/1.1 200
OK b1t_dns.png
blog.netlab.360.com/content/images/2022/03/ 54 KB
54 KB 321ms
166ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_dns.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

a60c1063bf81dd9cde7e4d6334780d22e4add1d5d71c3a7c3c8cd8f5734f268d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:15 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"d638-17f6e4a575f"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54840

GET
H/1.1 200
OK b1t_test.png
blog.netlab.360.com/content/images/2022/03/ 14 KB
14 KB 257ms
196ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_test.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

d03beeb0dc7f48719d7c46816c40334cd88c5b940f7f97e988f15659c2ca25f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:15 GMT
Last-Modified: Sun, 13 Mar 2022 06:13:44 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"3880-17f81e94bfc"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14464

GET
H/1.1 200
OK b1t_show.png
blog.netlab.360.com/content/images/2022/03/ 28 KB
28 KB 394ms
197ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_show.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

d0c396f19d8198f8ed11e4dcea9850c14568ad2bb280330314a33657d98a60d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:15 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"6faf-17f6e4a59cb"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28591

GET
H/1.1 200
OK b1t_final.png
blog.netlab.360.com/content/images/2022/03/ 30 KB
30 KB 190ms
181ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_final.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

66f87994937d42115b6ba5a9a73ffc6041253f7c362704da2aca5a9cf75f254e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:15 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"762f-17f6e4a5823"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30255

GET
H/1.1 200
OK b1t_packet.png
blog.netlab.360.com/content/images/2022/03/ 51 KB
51 KB 655ms
592ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_packet.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

f8c18a2a2e87063a33e448bb42e34f2a80d126137a9c7e2611f013c851ab0c12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:15 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"ca2f-17f6e4a58fe"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51759

GET
H/1.1 200
OK b1t_dnstxt.png
blog.netlab.360.com/content/images/2022/03/ 52 KB
52 KB 1100ms
864ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_dnstxt.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

ecda8fc7bf1ee5daade9416054ac9b318661060da069434ef8b202bbf52e1349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:16 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"ce15-17f6e4a57ae"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52757

GET
H/1.1 200
OK b1t_pre.png
blog.netlab.360.com/content/images/2022/03/ 15 KB
15 KB 350ms
350ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_pre.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

a1920306b100194c89ef11b8170e08934d646971f3ad7909f1664039a5f070e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:15 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"3c78-17f6e4a58b6"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15480

GET
H/1.1 200
OK b1t_reg.png
blog.netlab.360.com/content/images/2022/03/ 34 KB
34 KB 357ms
357ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_reg.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

127f0d80a8c355ec97ac827a31085c5801f42be6d7246c352f872dfbbed9cfed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:16 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"8762-17f6e4a596e"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34658

GET
H/1.1 200
OK b1t_process.png
blog.netlab.360.com/content/images/2022/03/ 7 KB
8 KB 196ms
196ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_process.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

841be4e4fe6221c22c1f830ba13850b3a9b60702b90dc90fd33ff94728422f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:16 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"1d9c-17f6e4a58e4"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7580

GET
H/1.1 200
OK b1t_tun.png
blog.netlab.360.com/content/images/2022/03/ 26 KB
26 KB 348ms
347ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_tun.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

f94e98c0f4dc2b18eb3bf460b12946c97a597859bf0aa4c2d0075a0ec3460749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:16 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"6734-17f6e4a59b3"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26420

GET
H/1.1 200
OK b1t_origin.png
blog.netlab.360.com/content/images/2022/03/ 4 KB
4 KB 648ms
648ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_origin.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

db5bba840ba66f19c50a51cf0bb1edd815dde4f7a61bb7b51624307a52e7d4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:16 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"1024-17f6e4a5878"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4132

GET
H/1.1 200
OK b1t_senddns.png
blog.netlab.360.com/content/images/2022/03/ 55 KB
56 KB 166ms
166ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_senddns.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

62643daf9e7f2a83add83c0296ac030012e891da70417b7ee7042f1580cf0af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:16 GMT
Last-Modified: Sun, 13 Mar 2022 08:21:56 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"dd66-17f825eac22"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56678

GET
H/1.1 200
OK b1t_recv.png
blog.netlab.360.com/content/images/2022/03/ 12 KB
12 KB 166ms
165ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_recv.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

6fdf9b030359ee922f9ff6469b416092f75e41fec2563ba2fedc2fe4f21861b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:16 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"3089-17f6e4a5937"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12425

GET
H/1.1 200
OK b1t_cmd.png
blog.netlab.360.com/content/images/2022/03/ 26 KB
26 KB 181ms
181ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_cmd.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

25ddb2932dfc9dd6f2af9f5707239dda844f8f1c8cbdcd021145da757dfb0395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:16 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"6865-17f6e4a56d2"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26725

GET
H/1.1 200
OK b1t_after.png
blog.netlab.360.com/content/images/2022/03/ 11 KB
12 KB 166ms
165ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_after.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

f0180f83cfbb0a8453f044a1463457ca5687163108e7487c91affffaf4fcad2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:16 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:19 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"2ce2-17f6e4a5622"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11490

GET
H/1.1 200
OK b1t_bug.png
blog.netlab.360.com/content/images/2022/03/ 27 KB
27 KB 694ms
693ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_bug.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

48a93a7dc45dcb0bbd2fd3177d2a77bd827e3f8566ea25484ed347a890e602b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:16 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:19 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"6c32-17f6e4a5649"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27698

GET
H2 200 client.js Show response
utteranc.es/ 2 KB
2 KB 92ms
42ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utteranc.es/client.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36e0332898e1f23f085fb5da06939f26b2fd57e99c306e9c1f4ad3b17efcf34

Request headers

Referer: https://unsafe.sh/
Origin: https://unsafe.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-fastly-request-id: 27f7c37604ac510fd8eb26d495f2ff809ae716bd
date: Sun, 27 Mar 2022 08:04:13 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 1090
x-cache: HIT
x-cache-hits: 2
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-mxp6932-MXP
last-modified: Fri, 11 Feb 2022 15:29:47 GMT
server: cloudflare
x-github-request-id: 9026:43D1:12AD07A:1334202:62400153
x-timer: S1648368253.355295,VS0,VE0
etag: W/"620680eb-8d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWCcW0wCUVHyep9DaM5j0%2FFKCDa5%2BM3MlOoDHBGQ3p1wvThKhKdJRH4%2FX5VVjIZTsG0%2FD5ehD7aLiLI8%2FnpMJYMi5KBAKP2MPZ5Eo6HgbH12nFFv3myHTE6pt%2FT2f2D%2BOgCIstpUnCBVeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 6f269d2f5af383a6-MXP
x-origin-cache: HIT
expires: Sun, 27 Mar 2022 06:26:51 GMT

GET
H2 200 imagebox.js Show response
unsafe.sh/static/js/ 36 KB
12 KB 199ms
195ms Script
application/javascript 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/js/imagebox.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9adbe4058414e8c08bffc8cbe1454c422f6152c1488237d290a08ffe5f65400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:14 GMT
server: cloudflare
cf-polished: origSize=36657
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axVK4Rfi%2FSDQisESpI5J%2Fc%2FqZZpbVOjK%2FrZ%2Fgohmknoj3DbRQjew88bbczZ16XJDwymOEs9wHMtTW0hM2er3Ggtfni8AVurd1J7a84Zxci%2BpzgibkRA%2F121oA8WMdM%2FJ3SAoe8Yr1Ac%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f269d2f0b15599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 js.js Show response
unsafe.sh/static/ 706 B
638 B 220ms
217ms Script
application/javascript 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/js.js?ver=1.0
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: becf4735a5cc67e08fa8d74c6f333b7d78d0cf9209e6415451435336d28495e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:23 GMT
server: cloudflare
cf-polished: origSize=1086
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=US2LzA9aBw0V5pondIjQ6qvsapW9ztufJ0fkc9sOEOoTGRDs6oI8VvCn1mjpYAsXidEoDJ8HxDa5FGIdK6TXyzGPMudaHTqyOLyPLlbCwh1qUDrJCXPhtydjEfHn5xTMEC8ls4MR1w4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f269d2f0b18599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 solarized_dark.min.css
unsafe.sh/static/css// 1 KB
811 B 219ms
216ms Stylesheet
text/css 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/css//solarized_dark.min.css
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a2fe5669ce5196d02b5faa73b22225a3858a1e31422e8bb3324744f19671ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMXmLlSkl%2FlLqkUcwdaYkGKOcpSR01DiN4o4%2FAcudRTHIgAJiAzWO2AAHgaJbX5yriSYv8gAwV%2Bkn6udJYHWCgwgWTzTI20BN6os8c%2F5JURZKZBzMox%2B7tzmhQzeyNMNt1qZqswOhrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f269d2f0b1a599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 highlight.min.js Show response
unsafe.sh/static/js/ 41 KB
18 KB 194ms
191ms Script
application/javascript 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/js/highlight.min.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54296ee0f649e3e92bbd8ceebccf8e88f6cab5bf188bd2f8f0ecd4734f94e60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjGXFxdd%2FxF3B37DTS%2BiYwFdrS1yGu7VoOV8JdvxKO9%2FHB51uLkXiFRUlHcOr%2BUdBlhIYL71VTD%2FcWMVFFHL1tes0PK8lXL0exdCIqQtlOqSSmnBY%2Fe27qRq27TSRUkGQiRNrzXFUMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f269d2f0b1d599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 content.js Show response
unsafe.sh/static/js/ 2 KB
1 KB 219ms
217ms Script
application/javascript 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/js/content.js?ver=1.04
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca976a970e0a309104b9664101e0e9e9e05f720452aea4ff021bb6e6804e8d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:16 GMT
server: cloudflare
cf-polished: origSize=3609
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKQtwZUislTMRsaW63cG3hcBah3dCoye%2FQISpfriLvhfWmW5ggJ51xyzaaunOE%2Bs9pFKVotOzX0K%2FjHubv%2Fyo0UgZqKymfw7o1MaZs1q%2BSb4K4pEi0a9J3FC%2F%2FKJbfhXs4uvWdC3H%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f269d2f0b1f599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 addview Show response
unsafe.sh/ 0
273 B 220ms
217ms Script
text/plain 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/addview?id=106038
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRApwPquHL%2ByPH8yyCdgoVeP25Kp4B61c2%2FigZXOwdfGXcJFcJDFU2j%2BeuS%2Flt4H29fvuiqMyVtLwCI5w6cG5T2deTgPuNavBDN8bkZiS2WyepRKEdobo5e1s48iX2knKDn4Z2w5nTc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6f269d2f0b27599b-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ 108 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f27b2160255b0a3bbe960f0af6a1772a8514e2b3ba0acbeea1e622ebb5f3e4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200 go1
ia.51.la/ 0
215 B 978ms
248ms Image
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=20302257&rt=1648368253874&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1648368253874&tt=unsafe.sh%2520-%2520%25E4%25B8%258D%25E5%25AE%2589%25E5%2585%25A8&kw=&cu=https%253A%252F%252Funsafe.sh%252Fgo-106038.html&pu=
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:04:14 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H3 200 light_content.css
unsafe.sh/static/css/ 43 B
625 B 179ms
179ms Stylesheet
text/css 2606:4700:3030::ac43:c552
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/css/light_content.css?ver=0.03
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:c552 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29030624eaa611ec02d9843d3e770460361709fcc1b02b24029088dd89ff2964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIaqlq5%2F6N43K8WWmlSdNju6IwS4klNIc8EJqXgy4ogvydZbc7koE1HtgBiod2e61MckkYxudELr6%2BJWvjzOGP%2FtKdoZbFLHBZmuY5R749RFofy%2B0GDDK%2FIdLCL%2FmKcnumPCRyPlYRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f269d32caaa5a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/ 297 KB
107 KB 50ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2546727783310811&plah=unsafe.sh

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2546727783310811

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1106fe46ac9794086d2ec2413e974ca69ec84408bb538bef08392f0ee78431f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109448
x-xss-protection: 0
server: cafe
etag: 8010832206573229063
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 08:04:13 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/ Frame 41AE 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220323/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2546727783310811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sat, 26 Mar 2022 14:18:28 GMT
expires: Sat, 09 Apr 2022 14:18:28 GMT
cache-control: public, max-age=1209600
age: 63945
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

dd03c41eeaf5e2afff7872e50c303b6e.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_net.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/dd03c41eeaf5e2afff7872e50c303b6e.jpg

153 KB
154 KB

3495ms
385ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/dd03c41eeaf5e2afff7872e50c303b6e.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: aea520b77c768a14d9053225c914bf7b8cc5fab4994640d6274af8b42386fec3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 156649
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: F0d5A9/l1Y9khnySE13HOA==
age: 155481
x-bce-storage-class: STANDARD
content-length: 156649
ohc-cache-hit: mzun62 [4], xzuncache96 [1], czix175 [1]
last-modified: Tue, 15 Mar 2022 17:25:18 GMT
server: JSP3/2.0.14
etag: "17477903dfe5d58f64867c92135dc738"
x-bce-request-id: 621df43a-cd41-4f21-9a60-0bad3625780c
content-type: image/jpeg
x-bce-debug-id: 19aM0QUW9hgSwYX6IuXvmJ7z0kZiMTbzyW2cm3eSJVUoKWCl1RHUNUQ0uj21NahNUD3wBj9rhwqluMki3s4oDg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1376192842
expires: Mon, 28 Mar 2022 12:52:56 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSzOxHPkHkFQWTKNpkZLXzsbuD8vCMjrxyeqkSssNK7axPmPiSdOJz96loyzkMx0QVXERsvm%2FnBAF161Odd39V33h%2BNmJdFJ1ObT1ksBRKjU%2BcWffj6j1jPD6mJxo%2Fc%2FRhholzCVBLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/dd03c41eeaf5e2afff7872e50c303b6e.jpg
cf-ray: 6f269d336bba5a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

df8766d2aedde9039c8e53b1372c980f.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_id.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/df8766d2aedde9039c8e53b1372c980f.jpg

19 KB
20 KB

4125ms
1273ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/df8766d2aedde9039c8e53b1372c980f.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 702de2f3dccc3ddba8581367d81c98d36ea7519141dfdf7e91b494bc09183dd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 19494
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: uKEM0GODPZ2mz8yvCp0txw==
x-bce-storage-class: STANDARD
content-length: 19494
ohc-cache-hit: mzun50 [1], xauncache50 [1], suzix112 [4]
last-modified: Tue, 15 Mar 2022 04:46:17 GMT
server: JSP3/2.0.14
etag: "b8a10cd063833d9da6cfccaf0a9d2dc7"
x-bce-request-id: 9d1106f1-5d01-464a-b636-f4134cd843bc
content-type: image/jpeg
x-bce-debug-id: OjoztfFeokx6k/96fn/+cVO9xHhQxrsy3XWHj3JzHbn08k9LzJEEq4X4shT9Ugmn3R3n2LzBVmrVKPUKONnymQ==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3585669461
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i7tGMJdDWToi9gZ3MP5STYSqIQIZWWlvNL5mxYx%2Bn%2FT4xmR83UFS0cRZZN1ufsSUbwyetKWazg7ZOnzHngDK7XnDeaNerHto7ZyA8fBjnZ4ptgx9u2%2FtFoxHBWW2pU4ehhKsW2jMI6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/df8766d2aedde9039c8e53b1372c980f.jpg
cf-ray: 6f269d336bbc5a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

374ce965c7ba8a06517c1d0b9497f28a.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_calc.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/374ce965c7ba8a06517c1d0b9497f28a.jpg

16 KB
16 KB

4145ms
1324ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/374ce965c7ba8a06517c1d0b9497f28a.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: ea06e1b5239e69624ecfd75002a556446ca0915693bc783d9a1c7e9e95ab4a0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 16208
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: HXcal4lNFH317mq4Ju01gw==
x-bce-storage-class: STANDARD
content-length: 16208
ohc-cache-hit: mzun64 [1], xauncache75 [1], suzix75 [1]
last-modified: Tue, 15 Mar 2022 04:39:33 GMT
server: JSP3/2.0.14
etag: "1d771a97894d147df5ee6ab826ed3583"
x-bce-request-id: 2b72c4e0-8cd6-4f9e-bb74-eb7a0f058bf8
content-type: image/jpeg
x-bce-debug-id: k0heXjpTq7P58+hhC5+VYFXVO9uWBxTz+jUm5dVw1ndx/c58gB4bkwgCTZw7OoCaX8CtOXyXeWsJV9WviNujuQ==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 306568201
expires: Wed, 30 Mar 2022 08:04:17 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VlkVcYQc9vUmZTtg9FfZcEXD1qJK8hytE%2Fi91PWkSHQlcOI7cnMR79CyOtPniGqb8Wb3797tsBsZCq%2BIXW7k7m17ZVN%2FPb%2BrP0xsU4FpVKvdLcHfnMSN5hokLt0jgLME345fTBXzrVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/374ce965c7ba8a06517c1d0b9497f28a.jpg
cf-ray: 6f269d336bc05a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

3d5d73da0a5213ffc33f85740bbc21dc.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dec.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/3d5d73da0a5213ffc33f85740bbc21dc.jpg

7 KB
7 KB

4287ms
1209ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/3d5d73da0a5213ffc33f85740bbc21dc.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 9f87e1b90abde5c2934f70f23d97aceb902929b1de0409304c1bb3c7ba84ff3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 6747
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: BUmj+tRcdp8nn/0GN29oCg==
x-bce-storage-class: STANDARD
content-length: 6747
ohc-cache-hit: mzun54 [1], jnuncache54 [1], bdix212 [2]
last-modified: Thu, 17 Mar 2022 11:02:52 GMT
server: JSP3/2.0.14
etag: "0549a3fad45c769f279ffd06376f680a"
x-bce-request-id: 93848548-dd44-47a7-8668-f4c8d58499d1
content-type: image/jpeg
x-bce-debug-id: prMhyhJaaFO2pYoRdTCVt9b+UL7noxpPhAC3dSozUqMkRqoR5RMf/Rd6ynnX+DHHJLDDc1pMGTkPvVVcj4VU4w==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 264274137
expires: Wed, 30 Mar 2022 08:04:17 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDEboYjXBbf%2BmByednpz6SXO06%2BwlzfIb8siUo5J2rtwbbcuateEb%2FR2P%2BKUkG2tlGvRd7d6QkUyOdo09ttoLpSwrg9v6AM%2FgyDXKi6juRdG%2Fko4CbQkOcjZZ5C5D4%2Bc%2BUDR1LD4LZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/3d5d73da0a5213ffc33f85740bbc21dc.jpg
cf-ray: 6f269d336bc35a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

2595faa933297d55394cf4ad9b34e860.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_xor.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/2595faa933297d55394cf4ad9b34e860.jpg

17 KB
17 KB

4196ms
1324ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/2595faa933297d55394cf4ad9b34e860.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 90d298bf5573030a8ba62260da1850505b77177e02196c8e5fbabc1345155d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 17349
date: Sun, 27 Mar 2022 08:04:18 GMT
content-md5: W4MJMcaTd21NtW+ZyQLmQw==
age: 1
x-bce-storage-class: STANDARD
content-length: 17349
ohc-cache-hit: mzun53 [1], xauncache53 [1], suzix53 [1]
last-modified: Tue, 15 Mar 2022 04:44:03 GMT
server: JSP3/2.0.14
etag: "5b830931c693776d4db56f99c902e643"
x-bce-request-id: 0fa6c000-bcb4-4dc6-9eb6-6e9b34030992
content-type: image/jpeg
x-bce-debug-id: zPHrImKBZUUTZEPDwi4kk7kqr8qCDF5qkBLXHBdE7LRQwpRUrd9jN7BR51CpAATRsEEnUH38BTg9rLodEicOJg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1212235635
expires: Wed, 30 Mar 2022 08:04:17 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUeLYpT7ierWkMUOvgjWqQFPHzBONWwJcGyusPgyohhrMKTjrjoz3BjWw0NCOgNxZ4ywqZRtVUkiCH6wJpPDvb%2BtW4%2BZBzSqRTzwbOP%2FcDqcFrfGF8EGpvK%2BekB6mzlnH0fiZyW253I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/2595faa933297d55394cf4ad9b34e860.jpg
cf-ray: 6f269d336bc55a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

d22ae4e682e850fc1fa25e78801c3c4e.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_chef_xor.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/d22ae4e682e850fc1fa25e78801c3c4e.jpg

33 KB
33 KB

3870ms
1061ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/d22ae4e682e850fc1fa25e78801c3c4e.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 93f80c20dccdf16f2287a0a129934febdf9a23a1dd7514dbd901f24db37b2156

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 33740
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: 5cAXA4WWyT+nY4zlaUN9Ww==
x-bce-storage-class: STANDARD
content-length: 33740
ohc-cache-hit: mzun50 [1], jnuncache87 [1], suzix201 [4]
last-modified: Tue, 15 Mar 2022 04:37:14 GMT
server: JSP3/2.0.14
etag: "e5c017038596c93fa7638ce569437d5b"
x-bce-request-id: 8e0b8cfe-9493-4970-9c1b-98c8d0292da5
content-type: image/jpeg
x-bce-debug-id: 7mhbqZ0ScTwu/g3QFRdDYgw4uKywqgZCObUz7PTHcb7Qm0E2WKT2vV0em53kdSTa9Z+Y8O+KJ6IYSsXm1pUZ/Q==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1690603238
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDRKNq2%2FkLfMKdZuywvZEZ%2FYyBMdSujBogsFDz92ZSF0Q6EvK8%2FFoTj%2FEFLrQrwKaiHj1KY5nSK6X%2Bn%2B9e4jsjdfnzjZ8s%2BdQOgrUV9tjsmBaoAuT1LgRVvML3t8NyhANbvQQekPNzk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/d22ae4e682e850fc1fa25e78801c3c4e.jpg
cf-ray: 6f269d336bc65a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

8b517fc1660a96033aad91e066ec588b.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dns.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/8b517fc1660a96033aad91e066ec588b.jpg

54 KB
54 KB

4145ms
1273ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/8b517fc1660a96033aad91e066ec588b.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: a60c1063bf81dd9cde7e4d6334780d22e4add1d5d71c3a7c3c8cd8f5734f268d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 54840
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: iRyu0CSqoCJ0rDwCkVn9iA==
x-bce-storage-class: STANDARD
content-length: 54840
ohc-cache-hit: mzun66 [1], xauncache101 [1], czix101 [4]
last-modified: Thu, 17 Mar 2022 11:02:53 GMT
server: JSP3/2.0.14
etag: "891caed024aaa02274ac3c029159fd88"
x-bce-request-id: c9e84ebd-5532-4be4-8fbf-0f2f5d19b612
content-type: image/jpeg
x-bce-debug-id: qPHVF39StW6wBrgXihIV8+wYDVmgCY/hpmm355KUfGvag1ktLapg9bp7/VKJjkfAotQgpTmEJV4m82uAroZ+UA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 2793943570
expires: Sun, 27 Mar 2022 08:17:43 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vawRCQnuiV7F%2FvuhgFKG8GlGT6EPuauWV0JbsdfHgMp%2B57HecOHrk8N5gKw4Xe0JHHatAr%2BcA9%2FCQyFGM1Sl%2FTOvOy4T6DMY4ullqoH3W1mpFSgL64h0kQ6Tml7rb7lanjW4YLV6V2M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/8b517fc1660a96033aad91e066ec588b.jpg
cf-ray: 6f269d336bc85a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

85cd5e6bc1c871bbc468696740be3152.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_test.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/85cd5e6bc1c871bbc468696740be3152.jpg

14 KB
15 KB

4133ms
1065ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/85cd5e6bc1c871bbc468696740be3152.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: d03beeb0dc7f48719d7c46816c40334cd88c5b940f7f97e988f15659c2ca25f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 14464
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: lRr9emTB7KILeFrRK6AkmA==
x-bce-storage-class: STANDARD
content-length: 14464
ohc-cache-hit: mzun64 [1], xauncache64 [1], xaix243 [4]
last-modified: Thu, 17 Mar 2022 11:02:49 GMT
server: JSP3/2.0.14
etag: "951afd7a64c1eca20b785ad12ba02498"
x-bce-request-id: 30743c22-d975-4317-bf35-abbccd82dde0
content-type: image/jpeg
x-bce-debug-id: frKofKtl8sisjqk8ZZIT/uoyGZzStuQuOKvtnsMbtrhVcEwPdjWvg5EImEHmuy8TyzXmKPBPYJbbRoTh6U5EZg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1271218525
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDadDuJ%2FGdaHFRgoqgpiBsWySwODVykYKCeVjjr8DArajTVaCixKF%2FNwRTZgCZek3CvVs01O5QEZa6Is5brdZKPpj0MpffNzn%2FpdrWDIDOEkrqOr6i4JyBsR5G5URJjkdG91hnDfcWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/85cd5e6bc1c871bbc468696740be3152.jpg
cf-ray: 6f269d336bc95a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

0500050f71e731853e879c45a1e3a1cb.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_show.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/0500050f71e731853e879c45a1e3a1cb.jpg

28 KB
28 KB

4148ms
1262ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/0500050f71e731853e879c45a1e3a1cb.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: d0c396f19d8198f8ed11e4dcea9850c14568ad2bb280330314a33657d98a60d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 28591
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: gacsYkXDfH/iorN+rytRfQ==
x-bce-storage-class: STANDARD
content-length: 28591
ohc-cache-hit: mzun59 [1], xauncache59 [1], suzix154 [4]
last-modified: Tue, 15 Mar 2022 04:44:33 GMT
server: JSP3/2.0.14
etag: "81a72c6245c37c7fe2a2b37eaf2b517d"
x-bce-request-id: a102d1c1-6440-4934-8859-41fe24846dfb
content-type: image/jpeg
x-bce-debug-id: UqMH1fnlsARXC46rUXQZhxqUUsAltizWtbSQguCqgYBN1UdJSKeSVVR2n4QTQgzzigSaWatcviZWUmxav7YAlA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1052082085
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJlQK%2B8JCXtEg3YjwhQNtoAbuFja0hdljz9%2Bc8sJKLuprmc1WkAsfe9aIKwLspoQmUtRFjwBqsCFGoV9gda%2FbaG6ubEstIOpgGpVNiMi29zazAlTbeYCOcUMjOZ5pj8HoNbO46%2Bfe%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/0500050f71e731853e879c45a1e3a1cb.jpg
cf-ray: 6f269d336bca5a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

f7b1b2485541560dc812c95e18b99e14.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_final.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/f7b1b2485541560dc812c95e18b99e14.jpg

30 KB
30 KB

3890ms
893ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/f7b1b2485541560dc812c95e18b99e14.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 66f87994937d42115b6ba5a9a73ffc6041253f7c362704da2aca5a9cf75f254e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 30255
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: atFQd2ioAycxqlmHVx/9tQ==
x-bce-storage-class: STANDARD
content-length: 30255
ohc-cache-hit: mzun59 [1], zhuzuncache92 [4], qdix196 [2]
last-modified: Tue, 15 Mar 2022 04:37:11 GMT
server: JSP3/2.0.14
etag: "6ad1507768a8032731aa5987571ffdb5"
x-bce-request-id: 95d5358e-80da-418e-b5fa-cd231c5fff97
content-type: image/jpeg
x-bce-debug-id: a0qxlmPsoW3LY3oWWB3ZHREiQNaT4MQYRu6CKzEDjUawlagzxR2MiHqb8LFB+iLMlvvMM3+2q5mKxERZKURflA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 4161815747
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZWC9IQgxRWgv8G6YNBtNaH47cM%2BRnkERkdEk%2FL0sDT5%2BOrP%2FC1TTGrCNUo8gTORZcet3u7FAt%2BdmFjWadofe%2BS96%2Bq1YnQH4cZiBpfJ100spX3qWHT580fSX32wORQjGOaVGLd1oNAk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/f7b1b2485541560dc812c95e18b99e14.jpg
cf-ray: 6f269d336bcb5a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

55ca97ef840be4c6a1d532ae556f7590.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_packet.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/55ca97ef840be4c6a1d532ae556f7590.jpg

51 KB
51 KB

3821ms
846ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/55ca97ef840be4c6a1d532ae556f7590.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: f8c18a2a2e87063a33e448bb42e34f2a80d126137a9c7e2611f013c851ab0c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 51759
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: BR3CKImqZ2witEmy66PGbQ==
x-bce-storage-class: STANDARD
content-length: 51759
ohc-cache-hit: mzun52 [1], jnuncache101 [1], bdix208 [4]
last-modified: Tue, 15 Mar 2022 05:15:11 GMT
server: JSP3/2.0.14
etag: "051dc22889aa676c22b449b2eba3c66d"
x-bce-request-id: 0a6baa86-32e3-4099-b125-c50071206ace
content-type: image/jpeg
x-bce-debug-id: HiOjosGAfVmdf1j0snGiQeRnDeV8CHbSINADdcpdLFDxE1q3Gf5kZeaiwPrdu0kmRhmlN2IdU8UggKfn0kt+zw==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1926295959
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTanL6aQ0BX5bSg7Dw6MFV3BZDLxhfK8T0ce4GA1EvmkpJvY1fGi0aUnYlZULEkTHPeTXItvkjwYomcRjDJTfth8ZQNVDwGxGkwR4IiuJms8fOXMlV3pF5WTX8nDdcS7c0tpNLU6Ecc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/55ca97ef840be4c6a1d532ae556f7590.jpg
cf-ray: 6f269d336bcd5a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

7f004d6ba84b0cd3e8f2b34c9e4037c5.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dnstxt.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/7f004d6ba84b0cd3e8f2b34c9e4037c5.jpg

52 KB
52 KB

4134ms
1065ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/7f004d6ba84b0cd3e8f2b34c9e4037c5.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: ecda8fc7bf1ee5daade9416054ac9b318661060da069434ef8b202bbf52e1349

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 52757
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: EmI24msgUMG4Y2Y1SmCniw==
x-bce-storage-class: STANDARD
content-length: 52757
ohc-cache-hit: mzun62 [1], jnuncache62 [1], qdix132 [4]
last-modified: Tue, 15 Mar 2022 04:44:38 GMT
server: JSP3/2.0.14
etag: "126236e26b2050c1b86366354a60a78b"
x-bce-request-id: 76c9c795-a71a-43d4-bd50-354ba980a844
content-type: image/jpeg
x-bce-debug-id: IHGI1njnhh0LC0jEPlfuI/7P/B0kTRue9EKV4lESA5pemO14UG+tzRYOXaRrBBUmQNOCQOI8w58NLyl7Me+tMw==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1965719151
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F602yiI9DjscZKOcnlnSF9aqxXTFTlIw3ykOhdzedn7WkHRjcBFezfimWl%2Fk5vYUyYwXC8xeCVE3TE9F5QZQ5bVjb07vdNkpirUdroG43xGdvHTpb6AOeiWBlo1hDguTUM4DSaZ%2Fg3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/7f004d6ba84b0cd3e8f2b34c9e4037c5.jpg
cf-ray: 6f269d336bce5a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

f8f23ca59ffffdf9e71260a9b5da8e00.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_pre.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/f8f23ca59ffffdf9e71260a9b5da8e00.jpg

15 KB
16 KB

4131ms
1063ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/f8f23ca59ffffdf9e71260a9b5da8e00.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: a1920306b100194c89ef11b8170e08934d646971f3ad7909f1664039a5f070e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 15480
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: +mcLBtC/IANNV04VUnPaIg==
x-bce-storage-class: STANDARD
content-length: 15480
ohc-cache-hit: mzun63 [1], jnuncache77 [4], suzix131 [4]
last-modified: Tue, 15 Mar 2022 04:44:39 GMT
server: JSP3/2.0.14
etag: "fa670b06d0bf20034d574e155273da22"
x-bce-request-id: da62145a-4b6d-4c16-b735-3a2abd688e56
content-type: image/jpeg
x-bce-debug-id: L/ZfLOE7ENm2WAdFElHJem7FORW0Qe0pqXLkuT/B3fLASXemCEYorFems35118s2zuejYCm0A9ygUBc/+7dFbg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 127603161
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2IXxk1zPbh3UhtTgifSvXxjLJOHgd%2F8b1kPJKuZ0dTpu2UbndXS%2FWKYFpPW8NN28wRC2CJLtwwpAXo6LA80RLAzBxIMc4WNlXZjHe3HLiJD8Rwxpse53Mcu9RvTjB27224T3BDHqNJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/f8f23ca59ffffdf9e71260a9b5da8e00.jpg
cf-ray: 6f269d336bcf5a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

92da239d50b967c0b21a483d9c38b5ec.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_reg.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/92da239d50b967c0b21a483d9c38b5ec.jpg

34 KB
34 KB

3692ms
847ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/92da239d50b967c0b21a483d9c38b5ec.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 127f0d80a8c355ec97ac827a31085c5801f42be6d7246c352f872dfbbed9cfed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 34658
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: Bo2XNmiSiuv+oFjJVIcpaQ==
x-bce-storage-class: STANDARD
content-length: 34658
ohc-cache-hit: mzun61 [1], zhuzuncache79 [4], czix201 [2]
last-modified: Tue, 15 Mar 2022 04:44:48 GMT
server: JSP3/2.0.14
etag: "068d973668928aebfea058c954872969"
x-bce-request-id: 759554cb-e0d1-4a94-a755-bfa8f8095edb
content-type: image/jpeg
x-bce-debug-id: 4g38LV51Ema8izvvQolJZfmW731KEJfHeNyftp+SNO95OIO0JMqBkxPbCfkVLCYDTVRigqucfbxrvoRIuzxK0w==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 2754009589
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfADgKlOxk2KtXCJX1pOY8PkyWiMvoyrEyBpOpGkCpXDSf9E1xPTar9vU7xMEhSQW3ojKsPlDf0utHeUfE7VqYyCcdkl3K6ht%2FCuIQs%2Bea6H%2BJbsbHMzuIzWlERPEhytIidpyKzHpZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/92da239d50b967c0b21a483d9c38b5ec.jpg
cf-ray: 6f269d336bd05a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

7d5568f6fa29fec8397d6256a62bb204.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_process.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/7d5568f6fa29fec8397d6256a62bb204.jpg

7 KB
8 KB

3865ms
879ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/7d5568f6fa29fec8397d6256a62bb204.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 841be4e4fe6221c22c1f830ba13850b3a9b60702b90dc90fd33ff94728422f13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 7580
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: QmwGyZQF+8ZUESl2FIG61A==
x-bce-storage-class: STANDARD
content-length: 7580
ohc-cache-hit: mzun59 [1], bduncache76 [1], qdix76 [4]
last-modified: Tue, 15 Mar 2022 04:45:27 GMT
server: JSP3/2.0.14
etag: "426c06c99405fbc6541129761481bad4"
x-bce-request-id: ad61d330-5859-4efb-9b54-f9b04fbea016
content-type: image/jpeg
x-bce-debug-id: iIpG+Nf7ijj6wVrWrKjFN/Xktu4UNZZ3J8u2KihB0x1kGrgJLTTFJMoJIgVZrBfLVQyUen2+OtfpwTJebYU3fQ==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1581410099
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOEympJV5KiqYol7PAFoR%2BFLrNL9ZZQSHNmrbjP4Q6cHjRzDMeZLL4aEtIQTAovDTV9QKmfWC3h0Z01cLi6s%2FCS3K88de9XHh561aIW9yTEu3ZDmS%2FTruvaTTh%2BEU%2B8uMRVyoSoKTjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/7d5568f6fa29fec8397d6256a62bb204.jpg
cf-ray: 6f269d336bd25a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

a16e776793fade94842b60b635fc00af.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_tun.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/a16e776793fade94842b60b635fc00af.jpg

26 KB
26 KB

3268ms
195ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/a16e776793fade94842b60b635fc00af.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: f94e98c0f4dc2b18eb3bf460b12946c97a597859bf0aa4c2d0075a0ec3460749

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 26420
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: 4pCuW+MxCowp/YIlQEEmSw==
age: 33162
x-bce-storage-class: STANDARD
content-length: 26420
ohc-cache-hit: mzun66 [4], cangzuncache66 [1], czix240 [4]
last-modified: Tue, 15 Mar 2022 04:44:50 GMT
server: JSP3/2.0.14
etag: "e290ae5be3310a8c29fd82254041264b"
x-bce-request-id: ab54b082-88c3-4939-a5a7-6830f2aff95c
content-type: image/jpeg
x-bce-debug-id: ElnQMBjOwNUT4U5Sy+bTfiyN0sojfOgo0Huc3cSILEheRipbNXO3GbhRpTUuF445S41AXO64sUrmfHbHmyROZA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1501881087
expires: Sun, 27 Mar 2022 10:08:28 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6yJFlSkkfuMgQyxzT808T8KtS%2FcdXYZNPw2tbUFKYtZbYtRUrh1KGXTaMDIpFc29MofonnmoVew%2BbhTSQah%2BXeY4O%2BaXo0Q9wCF%2BREshcnVQDU91CpLYRwovdK6sj5Nsirucjf7Qxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/a16e776793fade94842b60b635fc00af.jpg
cf-ray: 6f269d336bd35a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

335a803c3d6db9b6a6b9cafa3fdab94a.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_origin.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/335a803c3d6db9b6a6b9cafa3fdab94a.jpg

4 KB
5 KB

3711ms
845ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/335a803c3d6db9b6a6b9cafa3fdab94a.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: db5bba840ba66f19c50a51cf0bb1edd815dde4f7a61bb7b51624307a52e7d4c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 4132
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: ltlCkmmsjZN95hLcynGIIg==
age: 33210
x-bce-storage-class: STANDARD
content-length: 4132
ohc-cache-hit: mzun67 [4], zhuzuncache67 [4], xaix67 [2]
last-modified: Thu, 17 Mar 2022 11:02:59 GMT
server: JSP3/2.0.14
etag: "96d9429269ac8d937de612dcca718822"
x-bce-request-id: fcb83b0d-350d-4a61-b81a-9d7485ba0d04
content-type: image/jpeg
x-bce-debug-id: xzVeKaUmOKgALZ2Vy86YYFW4tVDVbQz6peWyaZsIscM6aHxJPnzvTn9tEzeLO/nys3THa+eMH+PdtQy39ejJIg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 617302513
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icJMl3wNL%2FCRjKV2ILEN2h8U7JRcclSkDDBkmBRmaR%2BeHFlEJfll%2BgG1VS9q77pD70fGu2cfkLEZZV06ItbjGMLPaezMd%2BmLWhD6xehPtsBL%2FogXGC%2FSFYxmLJU1Cf%2BuLJbx65S5bTg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/335a803c3d6db9b6a6b9cafa3fdab94a.jpg
cf-ray: 6f269d336bd65a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

51231df67a19231a9e0878780890aa4f.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_senddns.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/51231df67a19231a9e0878780890aa4f.jpg

55 KB
56 KB

4087ms
1208ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/51231df67a19231a9e0878780890aa4f.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 62643daf9e7f2a83add83c0296ac030012e891da70417b7ee7042f1580cf0af5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 56678
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: iRiGr/1PtdGx1ViayyH0wA==
x-bce-storage-class: STANDARD
content-length: 56678
ohc-cache-hit: mzun65 [1], xzuncache108 [1], bdix234 [4]
last-modified: Tue, 15 Mar 2022 04:45:00 GMT
server: JSP3/2.0.14
etag: "891886affd4fb5d1b1d5589acb21f4c0"
x-bce-request-id: 380e6ddd-f9da-49e9-9df1-3c669e61d30d
content-type: image/jpeg
x-bce-debug-id: 2M547JZgWMS3I7wpUnMtS10wdWpz2PdNcEEWb5q2IMXHFjbzWqXjHt23DOsgyt2X5n+W1KH0yjqGVW5m8jDK6A==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 729443798
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYPMax%2FKCX47V3YKEK8I91DYaE9xCfUn3EUET%2BU3tSVlc5XZ17Oem%2BKCQfB3GJYN8wKkVAmDeH3U4D0VPcGXAuc3%2BQA1i66JJYVolLHfitPqHtgsSJwWA19nYNl6%2B2y2LWuisUxj1bQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/51231df67a19231a9e0878780890aa4f.jpg
cf-ray: 6f269d336bda5a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

736f8c6150361280971774afdafe5fd1.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_recv.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/736f8c6150361280971774afdafe5fd1.jpg

12 KB
13 KB

3936ms
1061ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/736f8c6150361280971774afdafe5fd1.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 6fdf9b030359ee922f9ff6469b416092f75e41fec2563ba2fedc2fe4f21861b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 12425
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: ZA8Ou5g+jD3gqDa0sIBE0Q==
x-bce-storage-class: STANDARD
content-length: 12425
ohc-cache-hit: mzun51 [1], bduncache51 [1], xaix51 [4]
last-modified: Tue, 15 Mar 2022 04:37:45 GMT
server: JSP3/2.0.14
etag: "640f0ebb983e8c3de0a836b4b08044d1"
x-bce-request-id: 4ff1f2cf-7647-435f-9cdd-709c4e2e1ca5
content-type: image/jpeg
x-bce-debug-id: aw3IvgEgcJB1n0TlGuFAB4dQGMzt0PGFFTg89Ra6gCCmgcI7EBlm3UhxQZQaZ7omUKm5Di9NqmHf9lystQRYpg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3203474433
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fh79s0hXQyWJFyhYVw2dDG2DBkQYfN73C9N9K37DciGKDI9A508d43DOWkxC1zAAZSaWg0CVoHBUR%2Fk25w%2FsVo7L%2Bz3v%2FJiyjdoLAQ0zsYX9WzBFRMIwIUTDTqnWMEM5jLn7eifec9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/736f8c6150361280971774afdafe5fd1.jpg
cf-ray: 6f269d336bdd5a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

4d8d27e3b034f4c5e7fb2b3d865f3765.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_cmd.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/4d8d27e3b034f4c5e7fb2b3d865f3765.jpg

26 KB
27 KB

4194ms
1208ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/4d8d27e3b034f4c5e7fb2b3d865f3765.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 25ddb2932dfc9dd6f2af9f5707239dda844f8f1c8cbdcd021145da757dfb0395

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 26725
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: KoeAg1OvxTJ4MtHfa+SQZA==
x-bce-storage-class: STANDARD
content-length: 26725
ohc-cache-hit: mzun65 [1], xzuncache77 [1], bdix207 [4]
last-modified: Tue, 15 Mar 2022 04:44:58 GMT
server: JSP3/2.0.14
etag: "2a87808353afc5327832d1df6be49064"
x-bce-request-id: 8804fca1-82fb-46a8-acbc-54f1b69cd339
content-type: image/jpeg
x-bce-debug-id: s28beXPzex4OsW9lXDEEVAXwfE/n8NvicxSRRGe8zftvSDocrMe9pqxgHzaFS5EGTpPrmUb/HsA0Dm+j4UYwDg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 9512787
expires: Sun, 27 Mar 2022 08:12:20 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCXSCphySz%2BcES7RRICvRCMr3ALn3DJcGzg32Uum4tUt7EZKAoEsPMOcOqgEx5KMPPt080JYMzM%2FNHmunNiPKyGZ%2Bs%2FZWfB2qMA2sF1CABNnrTsCKfWnJQspyMuDK6koClfS4vXfNE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/4d8d27e3b034f4c5e7fb2b3d865f3765.jpg
cf-ray: 6f269d336be05a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

239ddea915ebb28ef398d2abe63cdb39.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_after.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/239ddea915ebb28ef398d2abe63cdb39.jpg

11 KB
12 KB

3831ms
846ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/239ddea915ebb28ef398d2abe63cdb39.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: f0180f83cfbb0a8453f044a1463457ca5687163108e7487c91affffaf4fcad2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 11490
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: N8Lt9dI8+IxZcHQTAw5FZw==
age: 33212
x-bce-storage-class: STANDARD
content-length: 11490
ohc-cache-hit: mzun60 [4], jnuncache98 [1], xaix247 [4]
last-modified: Tue, 15 Mar 2022 04:44:59 GMT
server: JSP3/2.0.14
etag: "37c2edf5d23cf88c59707413030e4567"
x-bce-request-id: 008f0854-bf23-4ef0-b431-ad6d519d9f89
content-type: image/jpeg
x-bce-debug-id: e8pd3quTa+IEhwEzIHmZrWjJS+V3rBFE6RgR43uYrXupf/EQIyyVM+zzwnutnvnQpt8A2fAODM9Osi0QhpQlqg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 2715921710
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsV78nvnyHRx0jc89yOl8wpSckBXVgzrhOcPxI71U1%2BPfFI4GLmLv%2FUBm4trudhOwTgNsZkRoiLv9qdHnRiJOJ5rkwaXSSyYFGudJNU2mhuGGwztXunGL9izzTCS5O0W7UoLcbLpXVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/239ddea915ebb28ef398d2abe63cdb39.jpg
cf-ray: 6f269d336be15a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

7e7ef987bc0a00f1c112aedb06cb6426.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_bug.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/7e7ef987bc0a00f1c112aedb06cb6426.jpg

27 KB
28 KB

3913ms
1062ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/7e7ef987bc0a00f1c112aedb06cb6426.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 48a93a7dc45dcb0bbd2fd3177d2a77bd827e3f8566ea25484ed347a890e602b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 27698
date: Sun, 27 Mar 2022 08:04:17 GMT
content-md5: Ma0QH5mRFNCn1ozYfzdITA==
x-bce-storage-class: STANDARD
content-length: 27698
ohc-cache-hit: mzun61 [1], bduncache61 [1], qdix192 [4]
last-modified: Thu, 17 Mar 2022 11:02:58 GMT
server: JSP3/2.0.14
etag: "31ad101f999114d0a7d68cd87f37484c"
x-bce-request-id: a29d7acd-9349-4363-8342-a59f8fd689d6
content-type: image/jpeg
x-bce-debug-id: YgjmzvzyowTjF7zQwn2dO2iT9FEJSJu23kC4gr7ucr1fvYaB5s8jZ56cIBKz2pywispFt360AzObj7FqUDniiA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 4063824481
expires: Sun, 27 Mar 2022 16:44:44 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:04:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YgcGmfSzEnGn9CoYh%2F%2FKhH%2Bl2a%2FfVrGKttVE6OHaeEddecKjbr8ISRPmucsP5zTQuDoD%2F%2Bo1BcbcEukaXmv4cv5YbYUbOFVi8TPlhq92%2Br2YR1VDDqAajdvePfRmShp0vK4KnxFKQs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/7e7ef987bc0a00f1c112aedb06cb6426.jpg
cf-ray: 6f269d336be35a01-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 utterances.html Show response
utteranc.es/ Frame 7C4D 481 B
1 KB 287ms
149ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-106038&title=%E6%96%B0%E5%A8%81%E8%83%81%EF%BC%9A%E4%BD%BF%E7%94%A8DNS+Tunnel%E6%8A%80%E6%9C%AF%E7%9A%84Linux%E5%90%8E%E9%97%A8B1txor20%E6%AD%A3%E5%9C%A8%E9%80%9A%E8%BF%87Log4j%E6%BC%8F%E6%B4%9E%E4%BC%A0%E6%92%AD&description=&og%3Atitle=&session=
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4ac8ed78f1c8cd424a31a787358344930077150c7aed42c1fdcd35749aec3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/

Response headers

date: Sun, 27 Mar 2022 08:04:14 GMT
content-type: text/html; charset=utf-8
x-origin-cache: HIT
last-modified: Fri, 11 Feb 2022 15:29:47 GMT
access-control-allow-origin: *
expires: Sun, 27 Mar 2022 08:14:14 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: DECA:11C6:142A6BF:14BB795:62401A7E
via: 1.1 varnish
age: 0
x-served-by: cache-mxp6922-MXP
x-cache: MISS
x-cache-hits: 0
x-timer: S1648368254.158255,VS0,VE102
vary: Accept-Encoding
x-fastly-request-id: 98eee979c11724f2c11884a7de8d93852c69a8ac
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FznEkAYAPv28QYFwwfyvJlW9vsN2yqgZmHhv%2FXs2xp34yhealHdHWovwcv7NJ%2BWg%2Beo5Z6RrDUz4%2FGuG90kOYTZd852jd%2FpNTMjiyis5tDIERZNkBj4H666naT5GenShPg1lEuZEoG%2FeA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f269d345c803742-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
642 B 38ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=unsafe.sh&callback=_gfp_s_&client=ca-pub-2546727783310811

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2546727783310811&plah=unsafe.sh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

615729328d4e47f38b5e6b15c5c8bf177bd5a040cbe887608683af5f5123b045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=unsafe.sh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=unsafe.sh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&tn=NAV&cls=navbar%20navbar-expand-md%20navbar-dark%20fixed-top%20bg-dark&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:04:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D8EE 603 B
68 B 46ms
29ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2546727783310811&output=html&adk=1812271804&adf=3025194257&lmt=1648368254&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368253939&bpp=2&bdt=680&idt=172&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=415206719959&frm=20&pv=2&ga_vid=203266856.1648368254&ga_sid=1648368254&ga_hid=1255439759&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065370%2C31065545%2C31063246&oid=2&pvsid=1263535229683695&pem=101&tmod=781319808&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=191

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 27 Mar 2022 08:04:14 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Mar 2022 08:04:14 GMT
cache-control: private

GET
H3 200 utterances.6ec01640.js Show response
utteranc.es/ Frame 7C4D 23 KB
9 KB 38ms
38ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utteranc.es/utterances.6ec01640.js
Requested by: Host: utteranc.es
URL: https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-106038&title=%E6%96%B0%E5%A8%81%E8%83%81%EF%BC%9A%E4%BD%BF%E7%94%A8DNS+Tunnel%E6%8A%80%E6%9C%AF%E7%9A%84Linux%E5%90%8E%E9%97%A8B1txor20%E6%AD%A3%E5%9C%A8%E9%80%9A%E8%BF%87Log4j%E6%BC%8F%E6%B4%9E%E4%BC%A0%E6%92%AD&description=&og%3Atitle=&session=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373c79e86c94f0c31424633e5b225a4e9c537b8106e570835f2522f3542109a3

Request headers

Referer: https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-106038&title=%E6%96%B0%E5%A8%81%E8%83%81%EF%BC%9A%E4%BD%BF%E7%94%A8DNS+Tunnel%E6%8A%80%E6%9C%AF%E7%9A%84Linux%E5%90%8E%E9%97%A8B1txor20%E6%AD%A3%E5%9C%A8%E9%80%9A%E8%BF%87Log4j%E6%BC%8F%E6%B4%9E%E4%BC%A0%E6%92%AD&description=&og%3Atitle=&session=
Origin: https://utteranc.es
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-fastly-request-id: fc1fc22cafec14c28ebe8e53272ce5dc621b3d67
date: Sun, 27 Mar 2022 08:04:14 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138
x-cache: HIT
x-cache-hits: 1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-mxp6979-MXP
last-modified: Fri, 11 Feb 2022 15:29:47 GMT
server: cloudflare
x-github-request-id: E962:1557:34828F:369BE7:62068141
x-timer: S1644593540.076520,VS0,VE1
etag: W/"620680eb-5ae2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD4g%2FAo%2BKfD5qeDf%2BdFDyDHqJzutX2IzIHX1qYExo0rjJp81swwAbXE6ixBT4BOdibrxCKtC92aOO%2BSjNtOgH4%2F7fk6wmlAa8KA2jVFkCoAXUvQtYMDJWuV18ojJcTztIh8W0FPR1sRhLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: HIT
cf-ray: 6f269d355e4b3742-MXP
x-origin-cache: HIT
expires: Sat, 26 Mar 2022 02:18:38 GMT

GET
H2 200 issues Show response
api.github.com/search/ Frame 7C4D 73 B
1 KB 232ms
187ms Fetch
application/json 140.82.121.5
GITHUB

General

Check archive.org

Show headers Download Go to

Full URL

https://api.github.com/search/issues?q=%22go-106038%22%20type%3Aissue%20in%3Atitle%20repo%3Acode-scan%2Futteranc&sort=created&order=asc

Requested by

Host: utteranc.es
URL: https://utteranc.es/utterances.6ec01640.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

140.82.121.5 , United States, ASN36459 (GITHUB, US),

Reverse DNS

lb-140-82-121-5-fra.github.com

Software

GitHub.com /

Resource Hash

08c082fdf7ca87ba911a2aabb0f0cf2d3e482a6feeaac9713e4578c20b2600b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Accept: application/vnd.github.v3+json
Referer: https://utteranc.es/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-github-media-type: github.v3; format=json
x-ratelimit-limit: 10
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept, Accept-Encoding, Accept, X-Requested-With
content-length: 82
x-xss-protection: 0
x-ratelimit-used: 1
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
x-github-request-id: BFC6:101B3:A546B:13FD3D:62401A7E
x-frame-options: deny
x-ratelimit-remaining: 9
x-ratelimit-resource: search
access-control-allow-origin: *
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
cache-control: no-cache
x-ratelimit-reset: 1648368314
content-security-policy: default-src 'none'
accept-ranges: bytes
content-type: application/json; charset=utf-8

GET
H3 200 utterances.css
utteranc.es/stylesheets/themes/github-light/ Frame 7C4D 38 KB
9 KB 29ms
29ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utteranc.es/stylesheets/themes/github-light/utterances.css
Requested by: Host: utteranc.es
URL: https://utteranc.es/utterances.6ec01640.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be56c4af49082f20845d665dfc0051dcad7e28c9d766060b4265c00da7ef025

Request headers

Referer: https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-106038&title=%E6%96%B0%E5%A8%81%E8%83%81%EF%BC%9A%E4%BD%BF%E7%94%A8DNS+Tunnel%E6%8A%80%E6%9C%AF%E7%9A%84Linux%E5%90%8E%E9%97%A8B1txor20%E6%AD%A3%E5%9C%A8%E9%80%9A%E8%BF%87Log4j%E6%BC%8F%E6%B4%9E%E4%BC%A0%E6%92%AD&description=&og%3Atitle=&session=
Origin: https://utteranc.es
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-fastly-request-id: c8db43fbcbc319adbfab04ad0a4752bf0f9f15e6
date: Sun, 27 Mar 2022 08:04:14 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 138
x-cache: HIT
x-cache-hits: 1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-mxp6975-MXP
last-modified: Fri, 11 Feb 2022 15:29:47 GMT
server: cloudflare
x-github-request-id: D52C:1327:126EBFA:12E7636:623EF9E1
x-timer: S1648340933.379197,VS0,VE104
etag: W/"620680eb-98b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BYbIKjthpTrqEXnFrxtnnR3xWhJnPlr2XcI3x1tCSrbECMAACNz3DPYnA93F0mmcOYymcj9AO%2FlG3xkQfzDYj54zsPPltHcSOhtqxCsSMkYkOVlgzFHOcHC6qSL1V2F6qdjSFOrPvijzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 6f269d35bf123742-MXP
x-proxy-cache: MISS
expires: Sat, 26 Mar 2022 11:42:49 GMT

GET
DATA 200
OK truncated
/ Frame 7C4D 386 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fe0342a2e41fc9d12f43964cd18eb8a40af90ea98854b1c27537f859384f842

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 37ms
22ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220323&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3b87df12ff39eeccb9f9333feadd47190e3422d9fa8455feccfcced9a36383d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10590
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 43ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 08:04:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5DD4 13 KB
5 KB 23ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 06:46:59 GMT
expires: Mon, 27 Mar 2023 06:46:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B20C 783 B
1 KB 41ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

443188679bb738c2831d73223e2e633be0519baa81165ebfd07b3b7fe4bba0f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LwNbW7ZiAlbh3HaS2nRaPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 27 Mar 2022 08:04:18 GMT
date: Sun, 27 Mar 2022 08:04:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-LwNbW7ZiAlbh3HaS2nRaPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DD4 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 16:54:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 140990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13638
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Mar 2023 16:54:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B20C 0
0 59ms
59ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220323&jk=1263535229683695&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5DD4 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ITtQew
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:04:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220323&jk=1263535229683695&bg=!Pj2lPXnNAAbzJazn0yU7ACkAdvg8Wo4OR87CA74HhtgGrF9VoFkL6gwqlwxZJ26CO5X1T_pA4K2aNwIAAAB2UgAAAAJoAQeZAsQ8OYqGBeghol4UL7pdleL0mnxpbDnv7UshoSMj9GiFgKhviqIy7fKXr-iD17nyYpRGwpY10LPD3tA03CSWuL1JoV_q3jeFbTEVpYPaAivN0sNYjqN-QywbOr80dvahAmFPtPZ9NCDjdff7rRMIGKctp0u4y_JCV14JyUj81pgZz4pJ1P_nQwqZv5OyEIoKfvlhtPMIvjCh_E8uGo-u8DBYeiEEMxibtET7mjyHvj-axS9EBkGZo9nG4trj9ZENfJg_UZa8q_UDVtqXsBSlMQ66_OTKXd3Gmdl8nfoyq7v5OIqN0ucLhBkDrVlFL3iCGtkY-pm8x6ktGFrfKDSvyxs4TxLfjtiGyOb_bAuyUw5bOzCFHWelPo49skApNaHfDeCdQPGRFouESxlblet10tFBW1gMQn9dg1zkfFiaWtrhfGVbtaaTHGHHjeyPXQXdERGyDBFbz0e057Jl68H1p5FJ4Eu_D1zUXFAFp-5prT66UNiYVQqS2aELQM6wuefq68wtFsr2RuO7-CTXoOVfdlyt_8wbT9AzdI6TFBhrH1oo6L9p6KOq7fJdu30Xr5R2YmF3svztOSRmQJWNe-rdh3Z-LPdF8Li3TwZXBN-SX-2TiqhQhXL9fqI1ZxsJ162EE-5-RsxBtt1YQKAcmZxY-SQpRXO8QU0ryo53xmRww9MwcG-kdrxH3JeKhjTblEd8WGB20OvJZjW3T-uCKll9mUItxU4uwJzTCMGNFCN4GMiJ3IjRXsR0jej8FNu5cMLtJ2eSpKaVD0UMRonH_7e9bPyo_yoEQ1xU295bUaZhptbKL2nOPx6mKllDGwp7PmhUTPNHeB95qN1wQtP9RFWO5ZX8Exu8nmuec6ju7T66A7whAE4-VvuSkOLJwidRrS1oED9C4WxdaH1ivVaTlHmUNhpItQ4x_FX2NulTbJRDo46WaMlMbwg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:04:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
unsafe.sh/	1969-12-31 23:59:59	Name: beegosessionID Value: ff95718325ff6fc42cf7aaeb01895f98
unsafe.sh/	1969-12-31 23:59:59	Name: __tins__20302257 Value: %7B%22sid%22%3A%201648368253874%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201648370053874%7D
unsafe.sh/	1969-12-31 23:59:59	Name: __51cke__ Value:
unsafe.sh/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
.unsafe.sh/	1970-01-20 11:14:24	Name: __gads Value: ID=6fc2041e4b6f7433-222a638f65cd00cb:T=1648368254:RT=1648368254:S=ALNI_Mbl82GnAIzkEVQk0OM03fyP2bsytg
.doubleclick.net/	1970-01-20 01:52:49	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8aqnet.cdn.bcebos.com
adservice.google.com
adservice.google.de
api.github.com
blog.netlab.360.com
code.jquery.com
googleads.g.doubleclick.net
ia.51.la
js.users.51.la
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
unsafe.sh
utteranc.es
www.google.com
112.90.153.42
140.82.121.5
142.250.185.130
183.131.207.66
2001:4de0:ac18::1:a:1a
221.5.75.35
2606:4700:3030::ac43:c552
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a06:98c1:3120::7
36.110.234.55
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
08c082fdf7ca87ba911a2aabb0f0cf2d3e482a6feeaac9713e4578c20b2600b2
0aa5755be12f1144d791d69f5b9b68d3a9e4a199aeb3e08fb90aef58578bef53
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
127f0d80a8c355ec97ac827a31085c5801f42be6d7246c352f872dfbbed9cfed
1fe0342a2e41fc9d12f43964cd18eb8a40af90ea98854b1c27537f859384f842
25ddb2932dfc9dd6f2af9f5707239dda844f8f1c8cbdcd021145da757dfb0395
29030624eaa611ec02d9843d3e770460361709fcc1b02b24029088dd89ff2964
373c79e86c94f0c31424633e5b225a4e9c537b8106e570835f2522f3542109a3
443188679bb738c2831d73223e2e633be0519baa81165ebfd07b3b7fe4bba0f1
48a93a7dc45dcb0bbd2fd3177d2a77bd827e3f8566ea25484ed347a890e602b7
4a2fe5669ce5196d02b5faa73b22225a3858a1e31422e8bb3324744f19671ecb
4be56c4af49082f20845d665dfc0051dcad7e28c9d766060b4265c00da7ef025
4ca976a970e0a309104b9664101e0e9e9e05f720452aea4ff021bb6e6804e8d9
4d869491434bb01e5ed929066e8a3bf3f2c6d6282c4649c837fed48110f399c9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
615729328d4e47f38b5e6b15c5c8bf177bd5a040cbe887608683af5f5123b045
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62643daf9e7f2a83add83c0296ac030012e891da70417b7ee7042f1580cf0af5
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
66f87994937d42115b6ba5a9a73ffc6041253f7c362704da2aca5a9cf75f254e
6fdf9b030359ee922f9ff6469b416092f75e41fec2563ba2fedc2fe4f21861b9
702de2f3dccc3ddba8581367d81c98d36ea7519141dfdf7e91b494bc09183dd9
7e3b7d5878d1f29339ff241584366b39a403aaa0c37bbdd6bd539f97ba2f6d9c
841be4e4fe6221c22c1f830ba13850b3a9b60702b90dc90fd33ff94728422f13
8c8750264db5673b91394a4a632e848704b1dec4809c1d50ae67e089f5f1fb51
8f27b2160255b0a3bbe960f0af6a1772a8514e2b3ba0acbeea1e622ebb5f3e4a
90d298bf5573030a8ba62260da1850505b77177e02196c8e5fbabc1345155d18
93f80c20dccdf16f2287a0a129934febdf9a23a1dd7514dbd901f24db37b2156
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
9f87e1b90abde5c2934f70f23d97aceb902929b1de0409304c1bb3c7ba84ff3e
a1920306b100194c89ef11b8170e08934d646971f3ad7909f1664039a5f070e6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60c1063bf81dd9cde7e4d6334780d22e4add1d5d71c3a7c3c8cd8f5734f268d
aea520b77c768a14d9053225c914bf7b8cc5fab4994640d6274af8b42386fec3
b54296ee0f649e3e92bbd8ceebccf8e88f6cab5bf188bd2f8f0ecd4734f94e60
b5cbb3d77e4552c3b0d20d3210e831ade5e6e99e0d535e02b4ab656ae5abcc00
becf4735a5cc67e08fa8d74c6f333b7d78d0cf9209e6415451435336d28495e9
d03beeb0dc7f48719d7c46816c40334cd88c5b940f7f97e988f15659c2ca25f8
d0c396f19d8198f8ed11e4dcea9850c14568ad2bb280330314a33657d98a60d3
db5bba840ba66f19c50a51cf0bb1edd815dde4f7a61bb7b51624307a52e7d4c1
e1106fe46ac9794086d2ec2413e974ca69ec84408bb538bef08392f0ee78431f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea06e1b5239e69624ecfd75002a556446ca0915693bc783d9a1c7e9e95ab4a0e
ecda8fc7bf1ee5daade9416054ac9b318661060da069434ef8b202bbf52e1349
f0180f83cfbb0a8453f044a1463457ca5687163108e7487c91affffaf4fcad2f
f36e0332898e1f23f085fb5da06939f26b2fd57e99c306e9c1f4ad3b17efcf34
f3b87df12ff39eeccb9f9333feadd47190e3422d9fa8455feccfcced9a36383d
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f8c18a2a2e87063a33e448bb42e34f2a80d126137a9c7e2611f013c851ab0c12
f94e98c0f4dc2b18eb3bf460b12946c97a597859bf0aa4c2d0075a0ec3460749
f9adbe4058414e8c08bffc8cbe1454c422f6152c1488237d290a08ffe5f65400
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff4ac8ed78f1c8cd424a31a787358344930077150c7aed42c1fdcd35749aec3a

unsafe.sh Open in urlscan Pro 2606:4700:3030::ac43:c552 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

73 %HTTPS

60 %IPv6

12 Domains

15 Subdomains

16 IPs

4 Countries

1754 kBTransfer

2432 kBSize

6 Cookies

3 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

unsafe.sh Open in urlscan Pro
2606:4700:3030::ac43:c552 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

73 %
HTTPS

60 %
IPv6

12
Domains

15
Subdomains

16
IPs

4
Countries

1754 kB
Transfer

2432 kB
Size

6
Cookies

80 HTTP transactions
2 data transactions