urlscan.io logo urlscan.io
SecurityTrails logo

kingshir.com Open in urlscan Pro
206.233.154.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://kingshir.com/
Effective URL: http://kingshir.com/byf.php
Submission: On March 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 34 HTTP transactions. The main IP is 206.233.154.33, located in United States and belongs to HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK. The main domain is kingshir.com.
This is the only time kingshir.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 206.233.154.33 139646 (HKMTC-AS-...)
4 103.235.46.191 55967 (BAIDU Bei...)
1 182.61.201.93 38365 (BAIDU Bei...)
15 67.21.72.252 46844 (SHARKTECH)
1 103.170.15.55 7483 (SKYCLOUD-...)
1 240e:97c:2f:1... 58466 (CT-GUANGZ...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 45.61.212.126 53587 (AZT)
1 45.61.212.57 53587 (AZT)
1 103.170.15.76 7483 (SKYCLOUD-...)
1 45.61.212.55 53587 (AZT)
1 1 38.54.37.233 138915 (KAOPU-HK ...)
1 82.156.94.13 ()
1 182.61.240.101 38365 (BAIDU Bei...)
34 13
3    206.233.154.33 (United States)

ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)
kingshir.com
4    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    182.61.201.93 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
push.zhanzhang.baidu.com
15    67.21.72.252 (Los Angeles, United States)

ASN46844 (SHARKTECH, US)
PTR: ip-67-21-72-252.sharktech.net
www.boyingfa.vip
1    103.170.15.55 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)
u1099.com
1    240e:97c:2f:1::32 (China)

ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN)
p.qlogo.cn
4    2606:4700:3038::6815:eaeb (United States)

ASN13335 (CLOUDFLARENET, US)
z4a.net
1    45.61.212.126 (United States)

ASN53587 (AZT, US)
66663aaa.com
1    45.61.212.57 (United States)

ASN53587 (AZT, US)
66885aaa.com
1    103.170.15.76 (Taiwan)

ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW)
88888aaa.com
1    45.61.212.55 (United States)

ASN53587 (AZT, US)
99997aaa.com
1    38.54.37.233 (Manila, Philippines)

ASN138915 (KAOPU-HK Kaopu Cloud HK Limited, HK)
img.5713a.com
1    82.156.94.13 (None, )

ASN- ()
zzpic-1255305554.cos.ap-beijing.myqcloud.com
1    182.61.240.101 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
api.share.baidu.com
Apex Domain
Subdomains		 Transfer
15 boyingfa.vip
www.boyingfa.vip
8 MB
6 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8406
push.zhanzhang.baidu.com — Cisco Umbrella Rank: 96027
api.share.baidu.com — Cisco Umbrella Rank: 68112
24 KB
4 z4a.net
z4a.net — Cisco Umbrella Rank: 420439
1 MB
3 kingshir.com
kingshir.com
2 KB
1 myqcloud.com
zzpic-1255305554.cos.ap-beijing.myqcloud.com
1 5713a.com
img.5713a.com
139 B
1 99997aaa.com
99997aaa.com
523 KB
1 88888aaa.com
88888aaa.com
639 KB
1 66885aaa.com
66885aaa.com — Cisco Umbrella Rank: 714171
370 KB
1 66663aaa.com
66663aaa.com
662 KB
1 qlogo.cn
p.qlogo.cn — Cisco Umbrella Rank: 58639
165 KB
1 u1099.com
u1099.com — Cisco Umbrella Rank: 856292
327 KB
34 12
Domain Requested by
15 www.boyingfa.vip kingshir.com
www.boyingfa.vip
4 z4a.net www.boyingfa.vip
4 hm.baidu.com kingshir.com
3 kingshir.com 1 redirects kingshir.com
1 api.share.baidu.com kingshir.com
1 zzpic-1255305554.cos.ap-beijing.myqcloud.com www.boyingfa.vip
1 img.5713a.com 1 redirects
1 99997aaa.com www.boyingfa.vip
1 88888aaa.com www.boyingfa.vip
1 66885aaa.com www.boyingfa.vip
1 66663aaa.com www.boyingfa.vip
1 p.qlogo.cn www.boyingfa.vip
1 u1099.com www.boyingfa.vip
1 push.zhanzhang.baidu.com kingshir.com
34 14

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
www.boyingfa.vip
Sectigo RSA Domain Validation Secure Server CA		 2022-11-20 -
2023-11-20		 a year crt.sh
u1099.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-29 -
2023-10-29		 a year crt.sh
*.qpic.cn
GlobalSign Organization Validation CA - SHA256 - G2		 2022-04-06 -
2023-05-08		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
66663aaa.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-20 -
2023-11-20		 a year crt.sh
66885aaa.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-20 -
2023-11-20		 a year crt.sh
88888aaa.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-20 -
2023-11-20		 a year crt.sh
99997aaa.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-20 -
2023-11-20		 a year crt.sh

This page contains 2 frames:

Primary Page: http://kingshir.com/byf.php
Frame ID: 48EE21A7890CD66746D700CADEEA7D78
Requests: 9 HTTP requests in this frame

Frame: https://www.boyingfa.vip/
Frame ID: BCCDDA5E9C0EC5A6C5E9BA1628973C0E
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

999论坛白菜大全网站多少-手机验证送8―88体验金-999策略白菜手机论坛

Page URL History Show full URLs

  1. http://kingshir.com/ HTTP 302
    http://kingshir.com/byf.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

85 %
HTTPS

14 %
IPv6

12
Domains

14
Subdomains

13
IPs

5
Countries

11872 kB
Transfer

11964 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kingshir.com/ HTTP 302
    http://kingshir.com/byf.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://img.5713a.com/images/63dd2e9cd4d5c5303e4f3b03.gif HTTP 302
  • https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/5b08c8ea-8005-4eac-8b95-dd90e50d747a.png

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request byf.php
kingshir.com/
Redirect Chain
  • http://kingshir.com/
  • http://kingshir.com/byf.php
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://kingshir.com/byf.php
Protocol
HTTP/1.1
Server
206.233.154.33 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
61e1140c8a5ab32bdcfc9cecd8943d4f503182caf585a97d26550ebdd118770c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Mar 2023 20:39:50 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Thu, 02 Mar 2023 20:39:50 GMT
Location
/byf.php
Server
nginx
Transfer-Encoding
chunked
jquery.js
kingshir.com/js/ 		873 B
807 B 		Script
General
Check archive.org
Download Go to
Full URL
http://kingshir.com/js/jquery.js
Requested by
Host: kingshir.com
URL: http://kingshir.com/byf.php
Protocol
HTTP/1.1
Server
206.233.154.33 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
22b3aff1d3aae76dd4944a76bcfc5a74fce8dcbc19688c0de37b47d83ad7c410

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kingshir.com/byf.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 20:39:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 05 Jan 2023 15:20:00 GMT
Server
nginx
ETag
W/"63b6eaa0-369"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 03 Mar 2023 08:39:51 GMT
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?a373ccc2fc932b00bf21febf1d15ce7a
Requested by
Host: kingshir.com
URL: http://kingshir.com/js/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
e4db70004ff95dbabc761b275c238bd9c4425cd6bfe2c9045c8c4f521b908f23
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kingshir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 20:39:52 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
555becdb6f00be1a06a55915297beb77
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11259
push.js
push.zhanzhang.baidu.com/ 		281 B
752 B 		Script
General
Check archive.org
Download Go to
Full URL
http://push.zhanzhang.baidu.com/push.js
Requested by
Host: kingshir.com
URL: http://kingshir.com/js/jquery.js
Protocol
HTTP/1.1
Server
182.61.201.93 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kingshir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 20:39:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:47:55 GMT
Server
apache
Etag
"4078521116"
Vary
Accept-Encoding
Content-Type
text/javascript
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
227
Expires
Fri, 01 Mar 2024 20:39:53 GMT
gg.js
www.boyingfa.vip/ 		490 B
704 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.boyingfa.vip/gg.js
Requested by
Host: kingshir.com
URL: http://kingshir.com/js/jquery.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
620dd37c3fb6591efec7249d1ef392b9738d6085555f88842bb75ab4233d9db6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://kingshir.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 05 Jan 2023 15:17:09 GMT
server
nginx
etag
"63b6e9f5-1ea"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
490
expires
Fri, 03 Mar 2023 08:39:52 GMT
/
www.boyingfa.vip/ Frame BCCD 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.boyingfa.vip/
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/gg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
740ed367cc0e66b80f42539f36a0d1486e394dc72231afb4cd332b3e6c1344e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://kingshir.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 02 Mar 2023 20:39:52 GMT
etag
W/"6400c019-2283"
last-modified
Thu, 02 Mar 2023 15:26:17 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
hm.js
hm.baidu.com/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?a67d4d081e9c1eeac203f02e24203f47
Requested by
Host: kingshir.com
URL: http://kingshir.com/byf.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
5556f40d6f1b489f073b5c9abad2570528c6bbfb89e4eccb2b8860553d05b7e8
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kingshir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 20:39:52 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
065513f3292a9e8e9c4b642e38b5f2ce
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11255
basic.css
www.boyingfa.vip/css/ Frame BCCD 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.boyingfa.vip/css/basic.css
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
bd07dea0201e7dbcbb34e56e11cdd3828f77765fae3dbfc3723307b28db355cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 10:10:38 GMT
server
nginx
etag
W/"61c1a81e-ce2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 03 Mar 2023 08:39:52 GMT
global.css
www.boyingfa.vip/css/ Frame BCCD 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.boyingfa.vip/css/global.css
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
88fd8d332cc8b4bcad5da0acc7dbee9eaade0abd8b2cf5835c41e898620cfab5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 21 Dec 2021 10:10:38 GMT
server
nginx
etag
W/"61c1a81e-cf96"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 03 Mar 2023 08:39:52 GMT
logo.png
www.boyingfa.vip/picture/ Frame BCCD 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boyingfa.vip/picture/logo.png
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
441ba3a7794bcff76b5698c3e3ffa2760e04a7f7062254d754fc243408afaf5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 07 Jan 2023 11:25:30 GMT
server
nginx
etag
"63b956aa-4916"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
18710
expires
Sat, 01 Apr 2023 20:39:52 GMT
fd85c94bcb1748c6be49a4b899de46c3.gif
u1099.com/ Frame BCCD 		326 KB
327 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u1099.com/fd85c94bcb1748c6be49a4b899de46c3.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.55 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
nginx /
Resource Hash
4aa753a9a3eb769b149e35a5ce0bba11024b4eb1deeed6229f0de32215820fb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 16:37:23 GMT
last-modified
Thu, 23 Feb 2023 11:18:48 GMT
server
nginx
etag
"63f74b98-51847"
x-cache
HIT from yd11_02-cdn-g01-la2-45
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
333895
0
p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7nSk6CELMCC78jgib9u69dnOicgQ3cbibwVk4ElKXAPyKHw/ Frame BCCD 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.qlogo.cn/qqmail_head/PiajxSqBRaELwR4xf94eWENgvxiczrusib7nSk6CELMCC78jgib9u69dnOicgQ3cbibwVk4ElKXAPyKHw/0
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
240e:97c:2f:1::32 , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN),
Reverse DNS
Software
NWSs /
Resource Hash
1da3a7bd89326009fc485f35c53ad920d2a9d4b752b5e711772102d7fb67b482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

X-DataSrc
9
Date
Thu, 02 Mar 2023 20:39:54 GMT
Size
168964
Connection
keep-alive
Content-Length
168964
X-Info
real data
X-ReqGue
0
User-ReturnCode
0
fid
0
Last-Modified
Fri, 17 Feb 2023 05:03:56 GMT
Server
NWSs
X-Cpt
filename=0
Vary
Accept,Origin
Content-Type
image/gif
X-Delay
17537 us
chid
0
Cache-Control
max-age=2592000
X-BCheck
0_1
X-NWS-LOG-UUID
cb2dae63-e293-44dc-a659-2634389095fc
960-60.gif
z4a.net/images/2023/02/15/ Frame BCCD 		480 KB
480 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z4a.net/images/2023/02/15/960-60.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a90b24c4d94518bda6f24b7ff8851167c36c37b5fcd02adf51c5fa2e4501214f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1327315
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
491072
pragma
public
last-modified
Wed, 15 Feb 2023 11:57:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMt85t23rnHLSCWKnUmIqWwZGwRqbQsTQnrfu%2B0RQmcxtkpLsIsuRb8mK17r3Emh4ZkFQRBz3rIpmA2fW7Nx7AnpR5GO%2B8q592mPlA50DALux3pi15GuT9lAFQRkaEMzL5whDGZu"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a1c739be8ae30d5-FRA
expires
Thu, 15 Feb 2024 11:57:57 GMT
58.gif
www.boyingfa.vip/picture/ Frame BCCD 		167 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boyingfa.vip/picture/58.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
9b511f8eb6e527f063258dac1400549ae0ec4f3d7c20ef81ac0e7295b78a9f76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 07 Jan 2023 11:14:06 GMT
server
nginx
etag
"63b953fe-29da9"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
171433
expires
Sat, 01 Apr 2023 20:39:52 GMT
960-60e5ef11c53bcd9aa8.gif
z4a.net/images/2023/02/15/ Frame BCCD 		221 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z4a.net/images/2023/02/15/960-60e5ef11c53bcd9aa8.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bbd0bd6239be8c6c5762c11822e2d4ca30cbabaae992af2e94cad2338c7de65
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1327315
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226581
pragma
public
last-modified
Wed, 15 Feb 2023 11:57:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6JuoX7WDfGEAozhu50QTZy4TAW173pbRIsMoPZer007oVJy7WunFapiiD7PzZBiHAuEL9rxXd42S%2BTA2nTxCxxxj1nHaGOwXSVUBNGKPnFLXyC%2B0VUbZmjfNF03TWa9hDkCL9Et"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a1c739be8b130d5-FRA
expires
Thu, 15 Feb 2024 11:57:57 GMT
960x60.gif
z4a.net/images/2022/11/19/ Frame BCCD 		239 KB
240 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z4a.net/images/2022/11/19/960x60.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff60c94afa37237e7746c8095addb9476b20739a25163536a2cd89217089a88
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7162015
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
245207
pragma
public
last-modified
Fri, 09 Dec 2022 23:12:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uT1IO%2BNCKzLtTkgiIYCgonkUFoKdlWcZlaJVSpR8fjKbvgDe4B75jmjEJjpOcXEYBrNYIV8LCL73u2Mv3LBAvaH0ydFweCWGNvC52vhuSP96%2Fzt9fDwT6lklACy9sGD8BYr9ZMla"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a1c739be8b230d5-FRA
expires
Sat, 09 Dec 2023 23:12:57 GMT
227.gif
www.boyingfa.vip/picture/ Frame BCCD 		499 KB
500 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boyingfa.vip/picture/227.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
64bfcc6f4343b3b955cbda54fe08f3b5c3b196925a2ee92b6622462e114d430c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 07 Jan 2023 11:15:26 GMT
server
nginx
etag
"63b9544e-7ccb9"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
511161
expires
Sat, 01 Apr 2023 20:39:52 GMT
f618a6e7d9fe4de29e4cc47679486fc1.gif
66663aaa.com/ Frame BCCD 		662 KB
662 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://66663aaa.com/f618a6e7d9fe4de29e4cc47679486fc1.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.126 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
7fd5a884a941ec7debff6bf4eadd3bb579a6b83f9361eb5a6dcd978e9199d3d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sun, 26 Feb 2023 22:33:28 GMT
Last-Modified
Thu, 12 Jan 2023 15:56:15 GMT
Server
nginx
ETag
"63c02d9f-a582e"
X-Cache
HIT from cloud-us2-cdnb-26
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
677934
ef14f3bd538144b6965923639ff2f8f6.gif
66885aaa.com/ Frame BCCD 		369 KB
370 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://66885aaa.com/ef14f3bd538144b6965923639ff2f8f6.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.57 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
0932de00bb38b492d7d3ea9626be48617dee34b86b650c6bde61e30d09063d2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 01 Mar 2023 07:25:23 GMT
Last-Modified
Mon, 16 Jan 2023 05:27:03 GMT
Server
nginx
ETag
"63c4e027-5c584"
X-Cache
HIT from cloud-us1-cdnb-27
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
378244
3c495a41dfe243719e9549c17fbf5823.gif
88888aaa.com/ Frame BCCD 		638 KB
639 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://88888aaa.com/3c495a41dfe243719e9549c17fbf5823.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.76 , Taiwan, ASN7483 (SKYCLOUD-NET Skycloud Computing co., Ltd., TW),
Reverse DNS
Software
nginx /
Resource Hash
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Tue, 14 Feb 2023 01:42:19 GMT
Last-Modified
Fri, 16 Dec 2022 10:12:20 GMT
Server
nginx
ETag
"639c4484-9f991"
X-Cache
HIT from yd11_13-cdn-g01-la2-06
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
653713
abd14e6024794b0f85df7de19dd4c5f9.gif
99997aaa.com/ Frame BCCD 		523 KB
523 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://99997aaa.com/abd14e6024794b0f85df7de19dd4c5f9.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.55 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
0444cfb5c99115355c739c2a660f75ac7090d15e5814893a384efdebd28f4dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Wed, 22 Feb 2023 01:21:48 GMT
Last-Modified
Mon, 09 Jan 2023 08:18:38 GMT
Server
nginx
ETag
"63bbcdde-82a7f"
X-Cache
HIT from cloud-us1-cdnb-25
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
535167
qm2.gif
www.boyingfa.vip/picture/ Frame BCCD 		352 KB
352 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boyingfa.vip/picture/qm2.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
7eb5cb0ebffef908f39c671a02d19d04239dc9259ab197e3df5a5c05887c4793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 07 Jan 2023 11:25:47 GMT
server
nginx
etag
"63b956bb-57e02"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
359938
expires
Sat, 01 Apr 2023 20:39:52 GMT
5115.gif
www.boyingfa.vip/picture/ Frame BCCD 		306 KB
306 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boyingfa.vip/picture/5115.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
2b7c34d61d22b1ff5c859b5fb207dd8626027ccef57d75543efd9490fae77b82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 15 Jan 2023 06:03:02 GMT
server
nginx
etag
"63c39716-4c620"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
312864
expires
Sat, 01 Apr 2023 20:39:52 GMT
130.gif
www.boyingfa.vip/picture/ Frame BCCD 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boyingfa.vip/picture/130.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
bf2ada4772f03065d9f107c4098a575d83ce433d180b3ab711ac0f73d2bc67c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 28 Feb 2023 16:17:53 GMT
server
nginx
etag
"63fe2931-2fa0f0"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3121392
expires
Sat, 01 Apr 2023 20:39:52 GMT
usdt.gif
www.boyingfa.vip/picture/ Frame BCCD 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boyingfa.vip/picture/usdt.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
ea5cd84f3fde7e799af65ee222faefacfa24d0a778807862e98eaafd821ab1c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 14 Feb 2023 10:27:54 GMT
server
nginx
etag
"63eb622a-1ba64d"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1812045
expires
Sat, 01 Apr 2023 20:39:52 GMT
650.gif
www.boyingfa.vip/picture/ Frame BCCD 		442 KB
443 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boyingfa.vip/picture/650.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
97c2b44e11c651dc723630760343f8f6260facf19fb501ec7623d878c097c2d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 07 Jan 2023 11:16:36 GMT
server
nginx
etag
"63b95494-6e777"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
452471
expires
Sat, 01 Apr 2023 20:39:52 GMT
bydr.gif
www.boyingfa.vip/picture/ Frame BCCD 		534 KB
534 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boyingfa.vip/picture/bydr.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
70921c7561b02e404662cba6af3e579ff62ea5c0327b7e7843be9692ad076808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 07 Jan 2023 11:23:55 GMT
server
nginx
etag
"63b9564b-8562a"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
546346
expires
Sat, 01 Apr 2023 20:39:52 GMT
154.gif
www.boyingfa.vip/picture/ Frame BCCD 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boyingfa.vip/picture/154.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
34e4ac48aa9c20563319f0d3591e74183619fc75754448788d26bb9bddd6f9c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:52 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 21 Jan 2023 13:02:23 GMT
server
nginx
etag
"63cbe25f-36cc1"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
224449
expires
Sat, 01 Apr 2023 20:39:52 GMT
9500.gif
www.boyingfa.vip/picture/ Frame BCCD 		437 KB
437 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.boyingfa.vip/picture/9500.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.21.72.252 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS
ip-67-21-72-252.sharktech.net
Software
nginx /
Resource Hash
0e66cff2bad2fee1428d731253ee9c2c93ab731089489300f153dadbb2c62c17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:53 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 07 Jan 2023 11:21:52 GMT
server
nginx
etag
"63b955d0-6d20e"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
446990
expires
Sat, 01 Apr 2023 20:39:53 GMT
5b08c8ea-8005-4eac-8b95-dd90e50d747a.png
zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/ Frame BCCD
Redirect Chain
  • https://img.5713a.com/images/63dd2e9cd4d5c5303e4f3b03.gif
  • https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/5b08c8ea-8005-4eac-8b95-dd90e50d747a.png
24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/5b08c8ea-8005-4eac-8b95-dd90e50d747a.png
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
HTTP/1.1
Server
82.156.94.13 -, , ASN (),
Reverse DNS
Software
tencent-cos /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 20:39:57 GMT
x-cos-hash-crc64ecma
16520545076155730568
Last-Modified
Thu, 16 Feb 2023 04:20:29 GMT
Server
tencent-cos
ETag
"81ebc610fdf8152e86d187bccb2a8ece"
Content-Type
image/png
x-cos-request-id
NjQwMTA5OWRfYWE0ZjQ0MGJfYzBiMl84ZGI1ZGMw
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
214616

Redirect headers

location
https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/5b08c8ea-8005-4eac-8b95-dd90e50d747a.png
cache-control
max-age=600
referrer-policy
no-referrer
980x120.gif
z4a.net/images/2022/11/19/ Frame BCCD 		400 KB
400 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z4a.net/images/2022/11/19/980x120.gif
Requested by
Host: www.boyingfa.vip
URL: https://www.boyingfa.vip/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba3a066c2d562e659594298796a3f9c05daeb913fe180cd0d1e236228fad1a5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.boyingfa.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 02 Mar 2023 20:39:53 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3945131
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
409220
pragma
public
last-modified
Mon, 16 Jan 2023 04:47:42 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5Bw2GUkd3k1BTWYCUc3yODmpX4YvalAMEhFFAHNchxS9g7Ax%2BjN5qnxUmjZ1%2BnIeyKkC4rVNh9jJAJVuuEk7ktSMIMcTwj4I7tvIWS2Jc5deum4oCViZ4qS9%2ByV4g%2BIA2qGHEfE"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a1c739c99cd30d5-FRA
expires
Tue, 16 Jan 2024 04:47:42 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1796296526&si=a373ccc2fc932b00bf21febf1d15ce7a&v=1.3.0&lv=1&sn=28058&r=0&ww=1600&u=http%3A%2F%2Fkingshir.com%2Fbyf.php&tt=999%E8%AE%BA%E5%9D%9B%E7%99%BD%E8%8F%9C%E5%A4%A7%E5%85%A8%E7%BD%91%E7%AB%99%E5%A4%9A%E5%B0%91-%E6%89%8B%E6%9C%BA%E9%AA%8C%E8%AF%81%E9%80%818%E2%80%9588%E4%BD%93%E9%AA%8C%E9%87%91-999%E7%AD%96%E7%95%A5%E7%99%BD%E8%8F%9C%E6%89%8B%E6%9C%BA%E8%AE%BA%E5%9D%9B
Requested by
Host: kingshir.com
URL: http://kingshir.com/byf.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kingshir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 20:39:52 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
s.gif
api.share.baidu.com/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://api.share.baidu.com/s.gif?l=http://kingshir.com/byf.php
Requested by
Host: kingshir.com
URL: http://kingshir.com/byf.php
Protocol
HTTP/1.1
Server
182.61.240.101 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kingshir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Thu, 02 Mar 2023 20:39:53 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1706617040&si=a67d4d081e9c1eeac203f02e24203f47&v=1.3.0&lv=1&sn=28058&r=0&ww=1600&u=http%3A%2F%2Fkingshir.com%2Fbyf.php&tt=999%E8%AE%BA%E5%9D%9B%E7%99%BD%E8%8F%9C%E5%A4%A7%E5%85%A8%E7%BD%91%E7%AB%99%E5%A4%9A%E5%B0%91-%E6%89%8B%E6%9C%BA%E9%AA%8C%E8%AF%81%E9%80%818%E2%80%9588%E4%BD%93%E9%AA%8C%E9%87%91-999%E7%AD%96%E7%95%A5%E7%99%BD%E8%8F%9C%E6%89%8B%E6%9C%BA%E8%AE%BA%E5%9D%9B
Requested by
Host: kingshir.com
URL: http://kingshir.com/byf.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://kingshir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 02 Mar 2023 20:39:53 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _rTrBTss1 object| _$ object| _hmt boolean| _bdhm_loaded_a373ccc2fc932b00bf21febf1d15ce7a object| mini_tangram_log_schg65 boolean| _bdhm_loaded_a67d4d081e9c1eeac203f02e24203f47 object| mini_tangram_log_o2cjvu

5 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: F442E2A7F8D40089
.kingshir.com/ Name: Hm_lvt_a373ccc2fc932b00bf21febf1d15ce7a
Value: 1677789593
.kingshir.com/ Name: Hm_lpvt_a373ccc2fc932b00bf21febf1d15ce7a
Value: 1677789593
.kingshir.com/ Name: Hm_lvt_a67d4d081e9c1eeac203f02e24203f47
Value: 1677789593
.kingshir.com/ Name: Hm_lpvt_a67d4d081e9c1eeac203f02e24203f47
Value: 1677789593

3 Console Messages

Source Level URL
Text
javascript warning URL: http://kingshir.com/js/jquery.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.boyingfa.vip/gg.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://kingshir.com/js/jquery.js(Line 18)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.boyingfa.vip/gg.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
rendering warning URL: https://www.boyingfa.vip/gg.js(Line 1)
Message:
The value "dwvice-width" for key "width" is invalid, and has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66663aaa.com
66885aaa.com
88888aaa.com
99997aaa.com
api.share.baidu.com
hm.baidu.com
img.5713a.com
kingshir.com
p.qlogo.cn
push.zhanzhang.baidu.com
u1099.com
www.boyingfa.vip
z4a.net
zzpic-1255305554.cos.ap-beijing.myqcloud.com
103.170.15.55
103.170.15.76
103.235.46.191
182.61.201.93
182.61.240.101
206.233.154.33
240e:97c:2f:1::32
2606:4700:3038::6815:eaeb
38.54.37.233
45.61.212.126
45.61.212.55
45.61.212.57
67.21.72.252
82.156.94.13
0444cfb5c99115355c739c2a660f75ac7090d15e5814893a384efdebd28f4dd9
0932de00bb38b492d7d3ea9626be48617dee34b86b650c6bde61e30d09063d2e
0e66cff2bad2fee1428d731253ee9c2c93ab731089489300f153dadbb2c62c17
1ba3a066c2d562e659594298796a3f9c05daeb913fe180cd0d1e236228fad1a5
1da3a7bd89326009fc485f35c53ad920d2a9d4b752b5e711772102d7fb67b482
22b3aff1d3aae76dd4944a76bcfc5a74fce8dcbc19688c0de37b47d83ad7c410
2b7c34d61d22b1ff5c859b5fb207dd8626027ccef57d75543efd9490fae77b82
34e4ac48aa9c20563319f0d3591e74183619fc75754448788d26bb9bddd6f9c9
441ba3a7794bcff76b5698c3e3ffa2760e04a7f7062254d754fc243408afaf5e
4aa753a9a3eb769b149e35a5ce0bba11024b4eb1deeed6229f0de32215820fb1
4dc0708abb2de56eaee1961f8143ec911357863a2b259c4154701ddd128d3a37
5556f40d6f1b489f073b5c9abad2570528c6bbfb89e4eccb2b8860553d05b7e8
61e1140c8a5ab32bdcfc9cecd8943d4f503182caf585a97d26550ebdd118770c
620dd37c3fb6591efec7249d1ef392b9738d6085555f88842bb75ab4233d9db6
64bfcc6f4343b3b955cbda54fe08f3b5c3b196925a2ee92b6622462e114d430c
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
70921c7561b02e404662cba6af3e579ff62ea5c0327b7e7843be9692ad076808
740ed367cc0e66b80f42539f36a0d1486e394dc72231afb4cd332b3e6c1344e1
7bbd0bd6239be8c6c5762c11822e2d4ca30cbabaae992af2e94cad2338c7de65
7eb5cb0ebffef908f39c671a02d19d04239dc9259ab197e3df5a5c05887c4793
7fd5a884a941ec7debff6bf4eadd3bb579a6b83f9361eb5a6dcd978e9199d3d6
88fd8d332cc8b4bcad5da0acc7dbee9eaade0abd8b2cf5835c41e898620cfab5
8ff60c94afa37237e7746c8095addb9476b20739a25163536a2cd89217089a88
97c2b44e11c651dc723630760343f8f6260facf19fb501ec7623d878c097c2d4
9b511f8eb6e527f063258dac1400549ae0ec4f3d7c20ef81ac0e7295b78a9f76
a90b24c4d94518bda6f24b7ff8851167c36c37b5fcd02adf51c5fa2e4501214f
bd07dea0201e7dbcbb34e56e11cdd3828f77765fae3dbfc3723307b28db355cd
bf2ada4772f03065d9f107c4098a575d83ce433d180b3ab711ac0f73d2bc67c6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4db70004ff95dbabc761b275c238bd9c4425cd6bfe2c9045c8c4f521b908f23
ea5cd84f3fde7e799af65ee222faefacfa24d0a778807862e98eaafd821ab1c4