urlscan.io logo urlscan.io
SecurityTrails logo

fewdc.xyz Open in urlscan Pro
2606:4700:3034::6818:765a  Public Scan

Go To Rescan Add Verdict Report
URL: http://fewdc.xyz/
Submission: On February 10 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3034::6818:765a, located in United States and belongs to CLOUDFLARENET, US. The main domain is fewdc.xyz.
This is the only time fewdc.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
8 119.28.205.166 132203 (TENCENT-N...)
4 240e:e1:b400:... 4812 (CHINANET-...)
1 101.227.0.133 4812 (CHINANET-...)
1 101.89.125.228 4812 (CHINANET-...)
2 103.235.46.191 55967 (CNNIC-BAI...)
26 8
1    2606:4700:3034::6818:765a (United States)

ASN13335 (CLOUDFLARENET, US)
fewdc.xyz
7    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
8    119.28.205.166 (Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
daliuzi.cn
4    240e:e1:b400:0:3::3fd (China)

ASN4812 (CHINANET-SH-AP China Telecom (Group), CN)
static.daliuzi.cn
1    101.227.0.133 (China)

ASN4812 (CHINANET-SH-AP China Telecom (Group), CN)
static.daliuzi.cn
1    101.89.125.228 (China)

ASN4812 (CHINANET-SH-AP China Telecom (Group), CN)
dn-mars-assets.qbox.me
2    103.235.46.191 (Hong Kong)

ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
Domain Requested by
8 daliuzi.cn fewdc.xyz
5 static.daliuzi.cn fewdc.xyz
2 hm.baidu.com fewdc.xyz
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 pagead2.googlesyndication.com fewdc.xyz
pagead2.googlesyndication.com
1 dn-mars-assets.qbox.me fewdc.xyz
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 fewdc.xyz
26 10

This site contains links to these domains. Also see Links.

Domain
www.cctv.com
portal.qiniu.com
www.haogongyi.org.cn
mrju.cn
www.raredisease.cn
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
daliuzi.cn
Let's Encrypt Authority X3		 2020-01-04 -
2020-04-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.qbox.me
GeoTrust RSA CA 2018		 2018-05-07 -
2020-07-05		 2 years crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-01-13 -
2020-06-25		 5 months crt.sh

This page contains 3 frames:

Primary Page: http://fewdc.xyz/
Frame ID: FC4CAFD91D5BC55E8665AB63E86E84C8
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200206/r20190131/zrt_lookup.html
Frame ID: 2CE420EA0181CB7A04BCA4E822FFB796
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9014463065496230&output=html&adk=1812271804&adf=3025194257&lmt=1581368408&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Ffewdc.xyz%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581368408239&bpp=16&bdt=41&fdt=45&idt=45&shv=r20200206&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4062025754359&frm=20&pv=2&ga_vid=1586600509.1581368408&ga_sid=1581368408&ga_hid=444686937&ga_fc=0&iag=0&icsg=170&dssz=4&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=3043844512221399&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=66
Frame ID: 3587443C136A8F96899442F302172B11
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Page Statistics

26
Requests

69 %
HTTPS

43 %
IPv6

9
Domains

10
Subdomains

8
IPs

4
Countries

331 kB
Transfer

663 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
fewdc.xyz/ 		23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://fewdc.xyz/
Protocol
HTTP/1.1
Server
2606:4700:3034::6818:765a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0599b850823c4a490be4a6ad324d679b1f939300d0cc055a17e7303607efd24c

Request headers

Host
fewdc.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 10 Feb 2020 21:00:08 GMT
Content-Type
text/html; charset=gb2312
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dd0ba839dc91fcc209be9d917b4fced6f1581368406; expires=Wed, 11-Mar-20 21:00:06 GMT; path=/; domain=.fewdc.xyz; HttpOnly; SameSite=Lax
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
563102bdae7bd6e9-FRA
Content-Encoding
gzip
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		107 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b494509f2e971116f3f6a5b0fed71bf8f7ce58427a478c7f583817686533f34c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 10 Feb 2020 21:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
38795
x-xss-protection
0
server
cafe
etag
7420753201427664431
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 10 Feb 2020 21:00:08 GMT
style.css
daliuzi.cn/wp-content/themes/xiu/ 		63 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://daliuzi.cn/wp-content/themes/xiu/style.css?ver=1.4
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.28.205.166 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Coding Pages /
Resource Hash
bfee02bee9c2c5dd35de28d11a35e508919e0978199e37f0538ce0355d4a509f

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 10 Feb 2020 21:00:09 GMT
content-encoding
gzip
last-modified
Sun, 09 Feb 2020 02:41:46 GMT
server
Coding Pages
etag
W/"5e3f716a-fad6"
vary
Accept-Encoding
content-type
text/css
status
200
201607144344.jpg
static.daliuzi.cn/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.daliuzi.cn/201607144344.jpg
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
HTTP/1.1
Server
240e:e1:b400:0:3::3fd , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
Tengine /
Resource Hash
7db65d37e73a926e06568136ab559fc74ef955d2582705108c893731f9e64cba

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Log
BOOTS-GATE:131;X-Log;FUSIONGATE:132
Date
Thu, 16 Jan 2020 06:04:50 GMT
Via
cache15.l2cn1807[0,200-0,H], cache44.l2cn1807[42,0], vcache21.cn655[0,200-0,H], vcache17.cn655[3,0]
X-Svr
IO
Age
2213720
X-Slim-Origin
0
X-Cache
HIT TCP_HIT dirn:10:219513785
Content-Transfer-Encoding
binary
X-Swift-CacheTime
2592000
Content-Disposition
inline; filename="201607144344.jpg"; filename*=utf-8''201607144344.jpg
Connection
keep-alive
Content-Length
14606
X-M-Reqid
5U0AAJjBb8nSSOoV
Timing-Allow-Origin
*
X-M-Log
QNM:xs472;SRCPROXY:xs481;QNM:xs1175;QNM3;SRCPROXY:133;QNM3:134
Server
Tengine
Etag
"AOvERPo1OWG9bOPaI0dWDHBaIxRv"
Access-Control-Max-Age
2592000
Ali-Swift-Global-Savetime
1579154689
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Miss, Hit
EagleId
65e300a515813684102568096e
X-Reqid
5U0AAJjBb8nSSOoV
X-Swift-SaveTime
Wed, 22 Jan 2020 14:48:18 GMT
201511116386.jpg
static.daliuzi.cn/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.daliuzi.cn/201511116386.jpg
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
HTTP/1.1
Server
240e:e1:b400:0:3::3fd , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
Tengine /
Resource Hash
5ccec9bbc99c0d0fada34742d8d25370a180b2cfa7ee52812db99953ef81d0fd

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Log
BOOTS-GATE:166;X-Log;FUSIONGATE:167
Date
Thu, 16 Jan 2020 06:04:49 GMT
Via
cache33.l2cn1807[0,200-0,H], cache34.l2cn1807[1,0], vcache28.cn655[0,200-0,H], vcache15.cn655[3,0]
X-Svr
IO
Age
2213721
X-Slim-Origin
0
X-Cache
HIT TCP_HIT dirn:1:72112399
Content-Transfer-Encoding
binary
X-Swift-CacheTime
2592000
Content-Disposition
inline; filename="201511116386.jpg"; filename*=utf-8''201511116386.jpg
Connection
keep-alive
Content-Length
34457
X-M-Reqid
y5kAAJSiiM3SSOoV
Timing-Allow-Origin
*
X-M-Log
QNM:jjh1832;QNM3:14/304
Server
Tengine
Etag
"AExsZFzuYS05F6woN-XS0yfNpQWm"
Access-Control-Max-Age
2592000
Ali-Swift-Global-Savetime
1573442418
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
EagleId
65e300a315813684102568099e
X-Reqid
woIAADNcHguL_dUV
X-Swift-SaveTime
Wed, 22 Jan 2020 14:48:18 GMT
201511119339.jpg
static.daliuzi.cn/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.daliuzi.cn/201511119339.jpg
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
HTTP/1.1
Server
240e:e1:b400:0:3::3fd , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
Tengine /
Resource Hash
1bdb382434c0555379d6691e95b78a6fe6a5e9aaf9a3d34211c2852720d2a47a

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Log
BOOTS-GATE:53;X-Log;FUSIONGATE:55
Date
Thu, 16 Jan 2020 06:04:49 GMT
Via
cache46.l2cn1807[0,200-0,H], cache46.l2cn1807[1,0], vcache25.cn655[0,200-0,H], vcache16.cn655[3,0]
X-Svr
IO
Age
2213721
X-Slim-Origin
0
X-Cache
HIT TCP_HIT dirn:11:250221294
Content-Transfer-Encoding
binary
X-Swift-CacheTime
2592000
Content-Disposition
inline; filename="201511119339.jpg"; filename*=utf-8''201511119339.jpg
Connection
keep-alive
Content-Length
21887
X-M-Reqid
EYcAAGmnSM7SSOoV
Timing-Allow-Origin
*
X-M-Log
QNM:jjh1519;QNM3:26/304
Server
Tengine
Etag
"ANVn76Takkca4BMOxvXdxG1wn5GF"
Access-Control-Max-Age
2592000
Ali-Swift-Global-Savetime
1570803482
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
EagleId
65e300a415813684109951052e
X-Reqid
FCMAAG7E7RTEmMwV
X-Swift-SaveTime
Wed, 22 Jan 2020 14:48:18 GMT
201511118652.jpg
static.daliuzi.cn/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.daliuzi.cn/201511118652.jpg
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
HTTP/1.1
Server
240e:e1:b400:0:3::3fd , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
Tengine /
Resource Hash
e29331957b4043d5a686cbf39226bc5a5029c096991065d4d3f75c05cc13b877

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Log
BOOTS-GATE:125;X-Log;FUSIONGATE:127
Date
Thu, 16 Jan 2020 06:04:49 GMT
Via
cache46.l2cn1807[0,200-0,H], cache9.l2cn1807[35,0], vcache5.cn655[0,200-0,H], vcache14.cn655[3,0]
X-Svr
IO
Age
2213721
X-Slim-Origin
0
X-Cache
HIT TCP_HIT dirn:10:532149210
Content-Transfer-Encoding
binary
X-Swift-CacheTime
2592000
Content-Disposition
inline; filename="201511118652.jpg"; filename*=utf-8''201511118652.jpg
Connection
keep-alive
Content-Length
35883
X-M-Reqid
CD0AAKX11M7SSOoV
Timing-Allow-Origin
*
X-M-Log
QNM:jjh1527;QNM3:16/304
Server
Tengine
Etag
"ACZ5_1ssJeAvi1l4pBMI-EljzdVk"
Access-Control-Max-Age
2592000
Ali-Swift-Global-Savetime
1576056622
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
EagleId
65e300a215813684102677781e
X-Reqid
jkUAAHOXx7wlR98V
X-Swift-SaveTime
Wed, 22 Jan 2020 14:48:18 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
323 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fewdc.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 10 Feb 2020 21:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fewdc.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 10 Feb 2020 21:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
104
x-xss-protection
0
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200206/r20190131/ 		221 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200206/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a85bae66dcd6773f18437aa35b16b45f12f8cf93405d2278e235317352bf06b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 10 Feb 2020 21:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
84433
x-xss-protection
0
server
cafe
etag
14126896016133818286
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 Feb 2020 21:00:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200206/r20190131/ Frame 2CE4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200206/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200206/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://fewdc.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm4I-c_sgdJDk-hlEujZlyI_Afo-N90J04aUtw-J5hviuNRILuGngtwIzZR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://fewdc.xyz/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Thu, 06 Feb 2020 15:17:35 GMT
expires
Thu, 20 Feb 2020 15:17:35 GMT
content-type
text/html; charset=UTF-8
etag
17772678075199185246
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4496
x-xss-protection
0
cache-control
public, max-age=1209600
age
366153
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
ads
googleads.g.doubleclick.net/pagead/ Frame 3587 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9014463065496230&output=html&adk=1812271804&adf=3025194257&lmt=1581368408&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Ffewdc.xyz%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581368408239&bpp=16&bdt=41&fdt=45&idt=45&shv=r20200206&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4062025754359&frm=20&pv=2&ga_vid=1586600509.1581368408&ga_sid=1581368408&ga_hid=444686937&ga_fc=0&iag=0&icsg=170&dssz=4&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=3043844512221399&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=66
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200206/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9014463065496230&output=html&adk=1812271804&adf=3025194257&lmt=1581368408&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Ffewdc.xyz%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1581368408239&bpp=16&bdt=41&fdt=45&idt=45&shv=r20200206&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4062025754359&frm=20&pv=2&ga_vid=1586600509.1581368408&ga_sid=1581368408&ga_hid=444686937&ga_fc=0&iag=0&icsg=170&dssz=4&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065304&oid=3&pvsid=3043844512221399&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=66
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://fewdc.xyz/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUm4I-c_sgdJDk-hlEujZlyI_Afo-N90J04aUtw-J5hviuNRILuGngtwIzZR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://fewdc.xyz/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 10 Feb 2020 21:00:08 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200206/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ad581d1623a2af4d58ed30c5dc142276657e6659971bac0e5eccd1f9fb9a790
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 10 Feb 2020 21:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1581078619841287"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27883
x-xss-protection
0
expires
Mon, 10 Feb 2020 21:00:08 GMT
201808050840.jpg
static.daliuzi.cn/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://static.daliuzi.cn/201808050840.jpg
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
HTTP/1.1
Server
101.227.0.133 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
Tengine /
Resource Hash
3f0cc851ae60c352f4ad0e62d3e83911b4915612cb60e5cb807581166df50839

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Log
BOOTS-GATE:13;X-Log;FUSIONGATE:14
Date
Tue, 24 Dec 2019 16:11:50 GMT
Via
cache44.l2cn1829[0,200-0,H], cache10.l2cn1829[14,0], vcache5.cn655[0,200-0,H], vcache6.cn655[12,0]
X-Svr
IO
Age
4164500
X-Slim-Origin
0
X-Cache
HIT TCP_HIT dirn:7:189352784
Content-Transfer-Encoding
binary
X-Swift-CacheTime
29151782
Content-Disposition
inline; filename="201808050840.jpg"; filename*=utf-8''201808050840.jpg
Connection
keep-alive
Content-Length
18787
X-M-Reqid
7U4AAMbgjKiZWuMV
Timing-Allow-Origin
*
X-M-Log
QNM:xs1174;QNM3:45/304
Server
Tengine
Etag
"AMDroE-nK1-pXQGZ08KLaUThXnxc"
Access-Control-Max-Age
2592000
Ali-Swift-Global-Savetime
1572004427
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Log, X-Reqid
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Qiniu-Zone
0
X-Qnm-Cache
Hit
EagleId
65e3009a15813684104828499e
X-Reqid
IkoAAG9adBgUocwV
X-Swift-SaveTime
Tue, 21 Jan 2020 06:28:48 GMT
img-horizontal-white-cn.png
dn-mars-assets.qbox.me/qiniulogo/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dn-mars-assets.qbox.me/qiniulogo/img-horizontal-white-cn.png
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.89.125.228 , China, ASN4812 (CHINANET-SH-AP China Telecom (Group), CN),
Reverse DNS
Software
Tengine /
Resource Hash
697696e191d54f05cfeef770f2c5849dd64bffeb98ff80af25b72761ffb2cdd2

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-log
X-Log
date
Mon, 10 Feb 2020 13:23:48 GMT
via
cache12.l2cn1826[0,304-0,H], cache28.l2cn1826[1,0], cache5.cn1402[8,200-0,H], cache8.cn1402[9,0]
age
27381
x-bill
Tbl:mars-assets;FileType:0
x-cache
HIT TCP_REFRESH_HIT dirn:12:915492759
status
200
content-transfer-encoding
binary
x-swift-cachetime
86400
content-disposition
inline; filename="img-horizontal-white-cn.png"; filename*=utf-8''img-horizontal-white-cn.png
x-swift-savetime
Mon, 10 Feb 2020 21:00:09 GMT
content-length
4308
last-modified
Thu, 20 Jul 2017 04:06:45 GMT
server
Tengine
etag
"FjFGP2hYMkq9cfJNyQFqUESFgHrB"
access-control-max-age
2592000
ali-swift-global-savetime
1574672557
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-Log, X-Reqid
cache-control
max-age=86400
accept-ranges
bytes
timing-allow-origin
*
eagleid
65597d1c15813684098133413e
x-reqid
b4cAAAAsbHBJDfIV
expires
Tue, 11 Feb 2020 13:23:48 GMT
jquery.js
daliuzi.cn/wp-content/themes/xiu/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://daliuzi.cn/wp-content/themes/xiu/js/jquery.js?ver=1.4
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.28.205.166 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Coding Pages /
Resource Hash

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
403
date
Mon, 10 Feb 2020 21:00:09 GMT
server
Coding Pages
content-length
9
content-type
text/plain; charset=utf-8
custom.js
daliuzi.cn/wp-content/themes/xiu/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://daliuzi.cn/wp-content/themes/xiu/js/custom.js?ver=1.4
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.28.205.166 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Coding Pages /
Resource Hash

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
403
date
Mon, 10 Feb 2020 21:00:09 GMT
server
Coding Pages
content-length
9
content-type
text/plain; charset=utf-8
hm.js
hm.baidu.com/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?23ab90cf9ba6c785f64f3c06bb0192bd
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
3264311e47ba44354a6e558487d36b7713b6f1f2827f82a23a42e196e9b4b022
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 10 Feb 2020 21:00:10 GMT
Content-Encoding
gzip
Server
apache
Etag
6bcf82ccdc7cdea51e4ce29560d6f646
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
13506
jquery.js
daliuzi.cn/wp-content/themes/xiu/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://daliuzi.cn/wp-content/themes/xiu/js/jquery.js?ver=1.4
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.28.205.166 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Coding Pages /
Resource Hash

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
403
date
Mon, 10 Feb 2020 21:00:09 GMT
server
Coding Pages
content-length
9
content-type
text/plain; charset=utf-8
bg.gif
daliuzi.cn/wp-content/themes/xiu/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daliuzi.cn/wp-content/themes/xiu/images/bg.gif
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.28.205.166 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Coding Pages /
Resource Hash
b6a6c642abbc9200d7877c4cc177d1b0e49913bac24593bdcda2ed7956ab477a

Request headers

Referer
https://daliuzi.cn/wp-content/themes/xiu/style.css?ver=1.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 10 Feb 2020 21:00:09 GMT
last-modified
Sun, 09 Feb 2020 02:41:46 GMT
server
Coding Pages
etag
"5e3f716a-693"
content-type
image/gif
status
200
accept-ranges
bytes
content-length
1683
logo-bg.png
daliuzi.cn/wp-content/themes/xiu/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daliuzi.cn/wp-content/themes/xiu/images/logo-bg.png
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.28.205.166 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Coding Pages /
Resource Hash
7a72aa9049080df4fdb3ca3f349f252bd06a327fab92a38ffdc2d54749e03f1b

Request headers

Referer
https://daliuzi.cn/wp-content/themes/xiu/style.css?ver=1.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 10 Feb 2020 21:00:09 GMT
last-modified
Sun, 09 Feb 2020 02:41:46 GMT
server
Coding Pages
etag
"5e3f716a-1abf"
content-type
image/png
status
200
accept-ranges
bytes
content-length
6847
logo.png
daliuzi.cn/wp-content/themes/xiu/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://daliuzi.cn/wp-content/themes/xiu/images/logo.png
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.28.205.166 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Coding Pages /
Resource Hash
689eff4cba80304671ad1e02245d7458fa0f68d794f355f596dd1c31b8f9ce93

Request headers

Referer
https://daliuzi.cn/wp-content/themes/xiu/style.css?ver=1.4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 10 Feb 2020 21:00:09 GMT
last-modified
Sun, 09 Feb 2020 02:41:46 GMT
server
Coding Pages
etag
"5e3f716a-c4a"
content-type
image/png
status
200
accept-ranges
bytes
content-length
3146
glyphicons-halflings-regular.woff
daliuzi.cn/wp-content/themes/xiu/fonts/ 		0
0
custom.js
daliuzi.cn/wp-content/themes/xiu/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://daliuzi.cn/wp-content/themes/xiu/js/custom.js?ver=1.4
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.28.205.166 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Coding Pages /
Resource Hash

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

status
403
date
Mon, 10 Feb 2020 21:00:10 GMT
server
Coding Pages
content-length
9
content-type
text/plain; charset=utf-8
glyphicons-halflings-regular.ttf
daliuzi.cn/wp-content/themes/xiu/fonts/ 		0
0
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2130728109&si=23ab90cf9ba6c785f64f3c06bb0192bd&v=1.2.68&lv=1&sn=8861&ct=!!&tt=%E5%A4%A7%E5%88%98%E5%AD%90%20%E2%80%93%20%E4%BA%BA%E7%94%9F%E5%A6%82%E8%8C%B6%EF%BC%8C%E8%8B%A6%E6%9E%81%E5%9B%9E%E7%94%9C
Requested by
Host: fewdc.xyz
URL: http://fewdc.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
http://fewdc.xyz/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Mon, 10 Feb 2020 21:00:12 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
daliuzi.cn
URL
https://daliuzi.cn/wp-content/themes/xiu/fonts/glyphicons-halflings-regular.woff
Domain
daliuzi.cn
URL
https://daliuzi.cn/wp-content/themes/xiu/fonts/glyphicons-halflings-regular.ttf

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _hmt object| jui boolean| _bdhm_loaded_23ab90cf9ba6c785f64f3c06bb0192bd object| mini_tangram_log_sh90b1

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
daliuzi.cn
dn-mars-assets.qbox.me
fewdc.xyz
googleads.g.doubleclick.net
hm.baidu.com
pagead2.googlesyndication.com
static.daliuzi.cn
www.googletagservices.com
daliuzi.cn
101.227.0.133
101.89.125.228
103.235.46.191
119.28.205.166
240e:e1:b400:0:3::3fd
2606:4700:3034::6818:765a
2a00:1450:4001:817::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0599b850823c4a490be4a6ad324d679b1f939300d0cc055a17e7303607efd24c
1bdb382434c0555379d6691e95b78a6fe6a5e9aaf9a3d34211c2852720d2a47a
3264311e47ba44354a6e558487d36b7713b6f1f2827f82a23a42e196e9b4b022
3ad581d1623a2af4d58ed30c5dc142276657e6659971bac0e5eccd1f9fb9a790
3f0cc851ae60c352f4ad0e62d3e83911b4915612cb60e5cb807581166df50839
5ccec9bbc99c0d0fada34742d8d25370a180b2cfa7ee52812db99953ef81d0fd
689eff4cba80304671ad1e02245d7458fa0f68d794f355f596dd1c31b8f9ce93
697696e191d54f05cfeef770f2c5849dd64bffeb98ff80af25b72761ffb2cdd2
7a72aa9049080df4fdb3ca3f349f252bd06a327fab92a38ffdc2d54749e03f1b
7db65d37e73a926e06568136ab559fc74ef955d2582705108c893731f9e64cba
9a85bae66dcd6773f18437aa35b16b45f12f8cf93405d2278e235317352bf06b
b494509f2e971116f3f6a5b0fed71bf8f7ce58427a478c7f583817686533f34c
b6a6c642abbc9200d7877c4cc177d1b0e49913bac24593bdcda2ed7956ab477a
bfee02bee9c2c5dd35de28d11a35e508919e0978199e37f0538ce0355d4a509f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e29331957b4043d5a686cbf39226bc5a5029c096991065d4d3f75c05cc13b877