urlscan.io logo urlscan.io
SecurityTrails logo

www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com Open in urlscan Pro
154.90.71.234  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
Submission Tags: falconsandbox
Submission: On June 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 19 domains to perform 48 HTTP transactions. The main IP is 154.90.71.234, located in Hong Kong and belongs to SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK. The main domain is www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com. The Cisco Umbrella rank of the primary domain is 751922.
This is the only time www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    154.90.71.234 (Hong Kong)

ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK)
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com
12    122.10.48.46 (Hong Kong)

ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK)
www.1qweasd.com
4    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    103.170.15.94 (None, )

ASN- ()
rfyqtv2.com
1    20.187.70.254 (None, )

ASN- ()
n0422.com
1    45.154.215.92 (None, )

ASN- ()
kvezz.com
1    2606:4700:3034::ac43:9715 (None, )

ASN- ()
acoossu.top
1    45.61.212.224 (None, )

ASN- ()
xox9325.com
1    45.61.212.116 (None, )

ASN- ()
tmrhoe2.com
2    20.222.206.6 (None, )

ASN- ()
fadacaitp.com
1    198.16.35.243 (None, )

ASN- ()
img.catu.cc
1    104.193.88.112 (None, )

ASN- ()
pic.rmb.bdstatic.com
1    107.148.17.189 (None, )

ASN- ()
kvkaa.com
1    2606:4700:3033::6815:1ee3 (None, )

ASN- ()
kvtaaa.top
1    47.75.19.58 (None, )

ASN- ()
701.oss-cn-hongkong.aliyuncs.com
2    47.75.19.37 (None, )

ASN- ()
huazitupian.oss-cn-hongkong.aliyuncs.com
1    137.220.244.155 (None, )

ASN- ()
papatv.work
2    2606:4700:3031::6815:241b (United States)

ASN13335 (CLOUDFLARENET, US)
image.80211mesh.com
2    220.128.218.220 (None, )

ASN- ()
taiwtp1.com
12    2606:4700:3038::6815:ebae (United States)

ASN13335 (CLOUDFLARENET, US)
fmlb.netlbtu.com
Domain Requested by
12 fmlb.netlbtu.com www.1qweasd.com
12 www.1qweasd.com www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com
www.1qweasd.com
4 hm.baidu.com www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com
www.1qweasd.com
3 www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com
2 taiwtp1.com www.1qweasd.com
2 image.80211mesh.com www.1qweasd.com
2 huazitupian.oss-cn-hongkong.aliyuncs.com www.1qweasd.com
2 fadacaitp.com www.1qweasd.com
1 papatv.work www.1qweasd.com
1 701.oss-cn-hongkong.aliyuncs.com www.1qweasd.com
1 kvtaaa.top www.1qweasd.com
1 kvkaa.com 1 redirects
1 pic.rmb.bdstatic.com www.1qweasd.com
1 img.catu.cc 1 redirects
1 tmrhoe2.com www.1qweasd.com
1 xox9325.com www.1qweasd.com
1 acoossu.top www.1qweasd.com
1 kvezz.com 1 redirects
1 n0422.com www.1qweasd.com
1 rfyqtv2.com www.1qweasd.com
48 20

This site contains no links.

Subject Issuer Validity Valid
www.1qweasd.com
R3		 2022-06-26 -
2022-09-24		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2021-11-15 -
2022-08-02		 9 months crt.sh
rfyqtv2.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-23 -
2023-03-23		 a year crt.sh
n0422.com
R3		 2022-06-17 -
2022-09-15		 3 months crt.sh
xox9325.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-08		 a year crt.sh
tmrhoe2.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-03-21		 a year crt.sh
fadacaitp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-18 -
2023-05-18		 a year crt.sh
*.oss-cn-hongkong.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-01-20 -
2023-02-21		 a year crt.sh
papatv.work
ZeroSSL RSA Domain Secure Site CA		 2022-04-17 -
2022-07-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-10-20 -
2022-10-19		 a year crt.sh
taiwtp1.com
R3		 2022-04-10 -
2022-07-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
Frame ID: F4E0D0E38BDD07F24D4C4D12AC49C021
Requests: 5 HTTP requests in this frame

Frame: https://www.1qweasd.com/
Frame ID: 5A9C53F0B6385496DAADD9A810F75653
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

上饶臃等化妆品有限公司377P欧洲日本亚洲大胆,十分钟免费观看高清视频在线观看,无码欧美人与动欧交视频A片,中文字幕乱码亚洲无线码三区上饶臃等化妆品有限公司

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

48
Requests

88 %
HTTPS

20 %
IPv6

19
Domains

20
Subdomains

18
IPs

2
Countries

4815 kB
Transfer

5521 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://kvezz.com/6ed80b70f51e3203d0bd3e764a23a054.gif HTTP 301
  • https://acoossu.top/6ed80b70f51e3203d0bd3e764a23a054.gif
Request Chain 21
  • https://img.catu.cc/images/624edca94c2d5e50acafb1c6.gif HTTP 302
  • https://pic.rmb.bdstatic.com/bjh/7da09243d3c5f3093d7806eecdfcab80.gif
Request Chain 22
  • https://kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif HTTP 301
  • https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/ 		2 KB
807 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
Protocol
HTTP/1.1
Server
154.90.71.234 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
550508045871e7677f9449f974036277208c0c3c9d912c1a55133d03f8e524cc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 29 Jun 2022 02:16:17 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
common.js
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/ 		1 KB
907 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/common.js
Requested by
Host: www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com
URL: http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
Protocol
HTTP/1.1
Server
154.90.71.234 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
12dfda150de00f5758b1743f380c4fb43e8180e578f30032511ebe9725fcf252

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 02:16:17 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/x-javascript
tj.js
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/ 		260 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/tj.js
Requested by
Host: www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com
URL: http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
Protocol
HTTP/1.1
Server
154.90.71.234 , Hong Kong, ASN134175 (SH2206-AP UNIT A17,9F SILVERCORP INTL TOWER 707-713 NATHAN RD, HK),
Reverse DNS
Software
nginx /
Resource Hash
8c038a6e4740b4e579908c01abf67b852c43c400b6d8f226653c89dace058da4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 02:16:17 GMT
Server
nginx
Connection
keep-alive
Content-Length
260
Content-Type
application/x-javascript
/
www.1qweasd.com/ Frame 5A9C 		40 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.1qweasd.com/
Requested by
Host: www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com
URL: http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
96ff2dbc511670dcf2060c49b2d91e46ebba1e4462e0a2c9778b9f6098a2818c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 29 Jun 2022 02:16:19 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?f0b2ff1089f8e2313be54b2aa3b8dd5b
Requested by
Host: www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com
URL: http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
0f536867b2482f88e5b332fb35c7945c30b48754d4f20c5a2fb264e3a1043977
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 02:16:19 GMT
Content-Encoding
gzip
Server
apache
Etag
37a7e25beacf9e407ec69c14e597d83f
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11294
m.css
www.1qweasd.com/template/yaojiyingshi/css/ Frame 5A9C 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.1qweasd.com/template/yaojiyingshi/css/m.css
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
5f952170bae63dca3b0a71190344fe7096abc709c931a4027d46eecefba605f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
content-encoding
gzip
last-modified
Sat, 23 Oct 2021 07:02:08 GMT
server
nginx
etag
W/"6173b370-3e2e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 29 Jun 2022 14:16:20 GMT
iconfont.css
www.1qweasd.com/template/yaojiyingshi/css/ Frame 5A9C 		7 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.1qweasd.com/template/yaojiyingshi/css/iconfont.css
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
8f8521cc74fde2dba6703d71200811de97528c84d0898202117e2d43111b43a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
content-encoding
gzip
last-modified
Sat, 23 Oct 2021 07:31:00 GMT
server
nginx
etag
W/"6173ba34-1a11"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 29 Jun 2022 14:16:20 GMT
jquery.js
www.1qweasd.com/static/js/ Frame 5A9C 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1qweasd.com/static/js/jquery.js
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
content-encoding
gzip
last-modified
Sun, 10 Mar 2019 13:12:50 GMT
server
nginx
etag
W/"5c850d52-169d9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 29 Jun 2022 14:16:20 GMT
jquery.lazyload.js
www.1qweasd.com/static/js/ Frame 5A9C 		2 KB
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1qweasd.com/static/js/jquery.lazyload.js
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
b3cb7de10b74a99f823c56745aa07ae79b19cad051eb77de701881c2c3b297ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
content-encoding
gzip
last-modified
Sun, 10 Mar 2019 13:12:50 GMT
server
nginx
etag
W/"5c850d52-8ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 29 Jun 2022 14:16:20 GMT
home.js
www.1qweasd.com/static/js/ Frame 5A9C 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1qweasd.com/static/js/home.js
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
82f91ebbb2e7e2ead5095d7bf5e5eb93bd6bcfa874d77b7c90bb0b308972b4ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
content-encoding
gzip
last-modified
Fri, 25 Jun 2021 06:18:12 GMT
server
nginx
etag
W/"60d57524-994c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Wed, 29 Jun 2022 14:16:20 GMT
swiper.min.css
www.1qweasd.com/template/yaojiyingshi/css/ Frame 5A9C 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.1qweasd.com/template/yaojiyingshi/css/swiper.min.css
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
server
nginx
content-length
548
content-type
text/html
app1.css
www.1qweasd.com/template/yaojiyingshi/css/ Frame 5A9C 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.1qweasd.com/template/yaojiyingshi/css/app1.css
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
server
nginx
content-length
548
content-type
text/html
swiper.min.js
www.1qweasd.com/template/yaojiyingshi/js/ Frame 5A9C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1qweasd.com/template/yaojiyingshi/js/swiper.min.js
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
server
nginx
content-length
548
content-type
text/html
rem1.js
www.1qweasd.com/template/yaojiyingshi/js/ Frame 5A9C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1qweasd.com/template/yaojiyingshi/js/rem1.js
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
server
nginx
content-length
548
content-type
text/html
jquery.min.js
www.1qweasd.com/template/yaojiyingshi/js/ Frame 5A9C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.1qweasd.com/template/yaojiyingshi/js/jquery.min.js
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
server
nginx
content-length
548
content-type
text/html
7e5555d979804b88999e58e5f4b02356.gif
rfyqtv2.com/ Frame 5A9C 		855 KB
855 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rfyqtv2.com/7e5555d979804b88999e58e5f4b02356.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.94 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
848de6d13c434849ecfc2a7b155159cc16a5517356606edbee2ee878300181c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 28 Jun 2022 23:59:24 GMT
Last-Modified
Wed, 18 May 2022 11:48:44 GMT
Server
nginx
ETag
"6284dd1c-d5c14"
X-Cache
HIT from yd11_13-cdn-g01-la2-24
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
875540
af5b5e43207b4ab99c9800f9f6e0bf86.gif
n0422.com/ Frame 5A9C 		47 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n0422.com/af5b5e43207b4ab99c9800f9f6e0bf86.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.187.70.254 -, , ASN (),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
89036950cdc6e6fc494184e4be14c7c8c112005f3c01c2c1c7de203f262d99cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:22 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 12:29:37 GMT
server
WAF/2.4-12.1
etag
W/"625570b1-bac1"
x-cache-status
HIT
vary
Accept-Encoding
content-type
image/gif
6ed80b70f51e3203d0bd3e764a23a054.gif
acoossu.top/ Frame 5A9C
Redirect Chain
  • https://kvezz.com/6ed80b70f51e3203d0bd3e764a23a054.gif
  • https://acoossu.top/6ed80b70f51e3203d0bd3e764a23a054.gif
109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acoossu.top/6ed80b70f51e3203d0bd3e764a23a054.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Server
2606:4700:3034::ac43:9715 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d8cff0f2678147b9198cd07c4e2842da303763503c06ca39b75ddb48dcd34c84

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
202237
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
111940
last-modified
Mon, 02 May 2022 19:14:29 GMT
server
cloudflare
etag
"62702d95-1b544"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R55GniI2X7Ld%2BbkaNEkkRFJU%2BpfRrF7BQD8Xfy955%2BcSSk96rsS4LBQwLmPWRRjU3QErCCrB4sE6BVBKpAw%2FZ%2BKlUgFti5QWCAXlkcLaNEhVL5MeRQRK6JWSLyFUyPxdAtpnbzJRYLXcpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28e56df0bbbf-FRA
expires
Tue, 26 Jul 2022 18:05:45 GMT

Redirect headers

location
https://acoossu.top/6ed80b70f51e3203d0bd3e764a23a054.gif
date
Wed, 29 Jun 2022 02:16:22 GMT
server
nginx
content-length
162
strict-transport-security
max-age=31536000
content-type
text/html
b8c1f984930f4ec4ace8f26a2c6ec551.gif
xox9325.com/ Frame 5A9C 		432 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xox9325.com/b8c1f984930f4ec4ace8f26a2c6ec551.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.224 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 26 Jun 2022 06:38:27 GMT
Last-Modified
Wed, 15 Jun 2022 14:17:06 GMT
Server
nginx
ETag
"62a9e9e2-93f8b"
X-Cache
HIT from cloud-us3-cdnb-24
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
606091
93f22d8c696d4c038198db0c555d0f7f.gif
tmrhoe2.com/ Frame 5A9C 		731 KB
731 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tmrhoe2.com/93f22d8c696d4c038198db0c555d0f7f.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.116 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 28 Jun 2022 04:09:59 GMT
Last-Modified
Wed, 27 Apr 2022 11:20:16 GMT
Server
nginx
ETag
"626926f0-b6a86"
X-Cache
HIT from cloud-us2-cdnb-16
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
748166
68-960-250.gif
fadacaitp.com/ Frame 5A9C 		811 KB
810 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fadacaitp.com/68-960-250.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.222.206.6 -, , ASN (),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
b4c6d4b91092df622a5d3f60448989bf739bf1598566d763d47ec5e3937d8aa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:22 GMT
content-encoding
gzip
last-modified
Sat, 25 Jun 2022 13:09:21 GMT
server
WAF/2.4-12.1
etag
W/"62b70901-cad7f"
x-cache-status
HIT
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
expires
Thu, 28 Jul 2022 20:09:00 GMT
90-960-250.gif
fadacaitp.com/ Frame 5A9C 		273 KB
274 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fadacaitp.com/90-960-250.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
20.222.206.6 -, , ASN (),
Reverse DNS
Software
WAF/2.4-12.1 /
Resource Hash
8de193a1364e8850bae092a074b58022662d1fefab4ebbd962013ccc0ed54ff8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:22 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 10:10:12 GMT
server
WAF/2.4-12.1
etag
W/"628f5204-44546"
x-cache-status
HIT
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=2592000
strict-transport-security
max-age=31536000
expires
Thu, 28 Jul 2022 20:09:03 GMT
7da09243d3c5f3093d7806eecdfcab80.gif
pic.rmb.bdstatic.com/bjh/ Frame 5A9C
Redirect Chain
  • https://img.catu.cc/images/624edca94c2d5e50acafb1c6.gif
  • https://pic.rmb.bdstatic.com/bjh/7da09243d3c5f3093d7806eecdfcab80.gif
23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pic.rmb.bdstatic.com/bjh/7da09243d3c5f3093d7806eecdfcab80.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Server
104.193.88.112 -, , ASN (),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

ohc-file-size
63690
date
Wed, 29 Jun 2022 02:16:23 GMT
content-md5
faCSQ9PF8wk9eAbuzfyrgA==
age
403434
x-cache-status
HIT
x-bce-storage-class
STANDARD
content-length
63690
ohc-cache-hit
sfo01-sys-jorcol09.sfo01.baidu.com [2], zhuzuncache54 [1], bdix227 [2]
last-modified
Wed, 25 May 2022 10:08:15 GMT
server
JSP3/2.0.14
etag
"7da09243d3c5f3093d7806eecdfcab80"
x-bce-request-id
0fd1cd5f-78c6-4147-8d53-f4cc434eb5d1
content-type
image/gif
x-bce-debug-id
xmrzL/l18d+IVD6dAD+lwv9hDSI/wV5WU+xYjmTeePtDA0g0OEFiTVjUweidivG11HA2PKmOzhVaa8w3/sruCg==
accept-ranges
bytes
timing-allow-origin
*
x-bce-content-crc32
838939442
expires
Mon, 27 Jun 2022 10:10:28 GMT

Redirect headers

location
https://pic.rmb.bdstatic.com/bjh/7da09243d3c5f3093d7806eecdfcab80.gif
referrer-policy
no-referrer
d816a0142aeb37814a5d77cfd510e67b.gif
kvtaaa.top/ Frame 5A9C
Redirect Chain
  • https://kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
  • https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
181 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Server
2606:4700:3033::6815:1ee3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1261848
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
185463
last-modified
Mon, 13 Jun 2022 10:10:31 GMT
server
cloudflare
etag
"62a70d17-2d477"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z570z4ICmZ57fZHdommnBu43PkkYtwUBYujwzdq3fV0ilkifewmLBvWgjL1Lt3wO7uvyxjgCva12AdoD7ddJFcW7rGSnwzU%2BeF9d0eeAzKEbbZuMT9SaH1xoEEmDnErdAeyo1ioxlCdo"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
722b28e56be7995d-FRA
expires
Thu, 14 Jul 2022 11:45:34 GMT

Redirect headers

location
https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
date
Wed, 29 Jun 2022 02:16:22 GMT
server
nginx
content-length
162
strict-transport-security
max-age=31536000
content-type
text/html
960x120.gif
701.oss-cn-hongkong.aliyuncs.com/gg/ Frame 5A9C 		296 KB
296 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://701.oss-cn-hongkong.aliyuncs.com/gg/960x120.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.75.19.58 -, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
0d3f80d6d694b7539cd7d3a61a75a1fac79884efdfeaa4e0a7ed4fb8b5a8d8b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Wed, 29 Jun 2022 02:16:21 GMT
x-oss-request-id
62BBB5F51F8563363813E70F
Last-Modified
Tue, 21 Jun 2022 08:13:47 GMT
Server
AliyunOSS
Content-MD5
lyUb+7eE9tTXLfaR+CqEvw==
ETag
"97251BFBB784F6D4D72DF691F82A84BF"
Content-Type
image/gif
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
8264372781429711397
Content-Length
302796
x-oss-server-time
1
1.gif
www.1qweasd.com/template/yaojiyingshi/image/ Frame 5A9C 		254 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.1qweasd.com/template/yaojiyingshi/image/1.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
122.10.48.46 , Hong Kong, ASN134548 (DXTL-HK DXTL Tseung Kwan O Service, HK),
Reverse DNS
Software
nginx /
Resource Hash
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
last-modified
Sat, 23 Oct 2021 05:14:42 GMT
server
nginx
etag
"61739a42-fe"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
254
expires
Fri, 29 Jul 2022 02:16:20 GMT
960X120.gif
huazitupian.oss-cn-hongkong.aliyuncs.com/huazidongtu/ Frame 5A9C 		94 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://huazitupian.oss-cn-hongkong.aliyuncs.com/huazidongtu/960X120.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.75.19.37 -, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Wed, 29 Jun 2022 02:16:21 GMT
x-oss-request-id
62BBB5F5DD75B734305B563B
Last-Modified
Thu, 28 Apr 2022 12:38:16 GMT
Server
AliyunOSS
Content-MD5
YZ7H3IUxEa7OBJtHt4nnXA==
ETag
"619EC7DC853111AECE049B47B789E75C"
Content-Type
image/gif
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
6429744188282091066
Content-Length
1042269
x-oss-server-time
2
ptv120.gif
papatv.work/ Frame 5A9C 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://papatv.work:1688/ptv120.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.244.155 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
63ada8945c9e0bad200eff53ac4a07e209a9f5bfe25d6817168c47b7fc44df67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:17:56 GMT
last-modified
Thu, 30 Sep 2021 06:02:41 GMT
server
nginx
etag
"61555301-48328"
strict-transport-security
max-age=31536000
content-type
image/gif
accept-ranges
bytes
content-length
295720
051302.gif
image.80211mesh.com/ Frame 5A9C 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.80211mesh.com/051302.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:241b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe901e91df3c83d8a55aff6d39878b029ba3847b2777adbaefc905546f11d051
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1758164
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
295754
last-modified
Fri, 13 May 2022 20:43:54 GMT
server
cloudflare
etag
"627ec30a-4834a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2VbcRTH3okLnTcMFuW9wAON7mou2fZNPxmFd88j2MGXb36NSh%2B6A5No8Ryz0ctiFJnHZzT4ibTjOPzhve2T9U3zJspHkNoOEfPAdsaK63pKQ7ltWvdFOfNm2lt4GRWTBO81R1dbqBYToebHua13L39U"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
722b28da4f1f9226-FRA
expires
Fri, 08 Jul 2022 17:53:35 GMT
960120.gif
taiwtp1.com/img/ Frame 5A9C 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taiwtp1.com/img/960120.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
220.128.218.220 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:15:31 GMT
last-modified
Thu, 10 Mar 2022 10:55:56 GMT
server
nginx
etag
"6229d93c-1d878"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
120952
expires
Fri, 29 Jul 2022 02:15:31 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2139911683&si=f0b2ff1089f8e2313be54b2aa3b8dd5b&v=1.2.94&lv=1&sn=6320&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com%2F&tt=%E4%B8%8A%E9%A5%B6%E8%87%83%E7%AD%89%E5%8C%96%E5%A6%86%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com
URL: http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Jun 2022 02:16:20 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
truncated
/ Frame 5A9C 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb49e2df46cb977a4722a9c5f2b42b2872848ee40a358ebccd41f34c9fd211af

Request headers

Referer
Origin
https://www.1qweasd.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
hm.js
hm.baidu.com/ Frame 5A9C 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?0ed6ebef024f2fd42cbe80ccc51f0ff9
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
d52d1e065a35319adfe2002ec249ce4b93f26699937558ea89d8b892baa4633a
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 02:16:20 GMT
Content-Encoding
gzip
Server
apache
Etag
c6c73cd896366fe9f47ff1c0630e339b
Strict-Transport-Security
max-age=172800
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11297
051301.gif
image.80211mesh.com/ Frame 5A9C 		521 KB
523 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.80211mesh.com/051301.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:241b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a458de16d456cb61a110dc8f60351c55eda239eee4c03a4754de3d55a3505921
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
147140
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
533899
last-modified
Fri, 13 May 2022 20:51:48 GMT
server
cloudflare
etag
"627ec4e4-8258b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mN61pF8w5GRED%2BfVVBhU1DycCd6QpXcfKquiQUr6w3888N36eGiHkTrVNx5hQAJNnAAhzVCsyt%2F0XeRfTp3S0ISVS%2BmsKXtjeVk0rLkqn5qRgrEXsZsHFWZbg8ZVKxdTIWeLsZ5897SKyNQKS9CDho5C"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
722b28da2f099226-FRA
expires
Wed, 27 Jul 2022 09:24:00 GMT
200200.gif
taiwtp1.com/img/ Frame 5A9C 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taiwtp1.com/img/200200.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
220.128.218.220 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:15:31 GMT
last-modified
Wed, 09 Mar 2022 04:51:10 GMT
server
nginx
etag
"6228323e-125fb"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
75259
expires
Fri, 29 Jul 2022 02:15:31 GMT
100X100.gif
huazitupian.oss-cn-hongkong.aliyuncs.com/huazidongtu/ Frame 5A9C 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://huazitupian.oss-cn-hongkong.aliyuncs.com/huazidongtu/100X100.gif
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.75.19.37 -, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
b650b3903a150a9a4a8c9bebf15e720889f267f02097388f027c414d43809422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-oss-object-type
Normal
Date
Wed, 29 Jun 2022 02:16:21 GMT
x-oss-request-id
62BBB5F523C05437300EF58A
Last-Modified
Thu, 28 Apr 2022 12:38:17 GMT
Server
AliyunOSS
Content-MD5
PjNpLW9MBCdxWFVGc+pjOA==
ETag
"3E33692D6F4C04277158554673EA6338"
Content-Type
image/gif
x-oss-storage-class
Standard
Connection
keep-alive
Accept-Ranges
bytes
x-oss-hash-crc64ecma
6698640775128527236
Content-Length
14550
x-oss-server-time
1
imyccw3m0qm1114imyccw3m0qm26489.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/11/ Frame 5A9C 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/11/imyccw3m0qm1114imyccw3m0qm26489.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ba4e8cdc9ff0aeb561bc5375e39057446fcf286aa13ac72c5663df1abeb0b78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1259
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9700
last-modified
Tue, 28 Jun 2022 03:14:26 GMT
server
cloudflare
etag
"7cf2b2c9d8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czDGoV3Efe0%2F%2BL%2F9i5PS%2FhQFfgK1nSr430BtomkDXySChApQgNrRYg8DpfvPm4BB4C03hzypwYMPSl%2FiZRdIBQy4cCNfS0RsKtCTqhAzTeZRKIPAGTyBysGvJ6oSicu44hU%2BuzNPHU2RQE47pp2d"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da1a9f9016-FRA
cf-bgj
h2pri
txnucssgnk41114txnucssgnk427491.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/11/ Frame 5A9C 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/11/txnucssgnk41114txnucssgnk427491.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcb48e6bf7c37e69e1a85447011b1e6bca95607ffdc1e1666340083e6d72002b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1259
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10154
last-modified
Tue, 28 Jun 2022 03:14:27 GMT
server
cloudflare
etag
"9ff6b22c9d8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXodQ5FiIzFRSlOzfzfqawQV9ICwKxTgXZUa0oKaseqElTG9l6HC3SHF2AicgWhbZa3pQrIFmc9SSQz4NP29XE2QICOl4M8f8iyX%2BDrOuDmWuNqLZflVHzM4gCE%2Byg5PzRSCx03oClHrdVJJDx7G"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da1aa09016-FRA
cf-bgj
h2pri
eo4orz1u1u51114eo4orz1u1u528493.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/11/ Frame 5A9C 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/11/eo4orz1u1u51114eo4orz1u1u528493.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26814f3690bea0c2fef3ed2ae11dc3d274512ac8642963be1652cf0bdd60ffe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
950
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9175
last-modified
Tue, 28 Jun 2022 03:14:28 GMT
server
cloudflare
etag
"164422d9d8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XoxsHcgqmLjnq4DR44lU%2FxLK4Snnbv9HqHAy%2B0VcxPZKZwUBCITaB1wMEU86MWxWS4T2RMKC5v9IWOr%2BfVfRjo9cr2w0l4dIGNkhTcIv6yilE3WDAhEowdatzRXBZkJFrh6X9AYHmWIURmW3Ydhs"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da1aa19016-FRA
cf-bgj
h2pri
x3vpznihc2u1114x3vpznihc2u28495.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/11/ Frame 5A9C 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/11/x3vpznihc2u1114x3vpznihc2u28495.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c681be865c3d35a467a8c1b4b9bbb6be3f9c44249a3168035f21cb401d63bd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1182
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8486
last-modified
Tue, 28 Jun 2022 03:14:29 GMT
server
cloudflare
etag
"1bf9c92d9d8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aE6rMNn1IHES31v728EqML3kiOR0hpjBB57daZgVgP9yjcwLrGx8lWyNFd9qyp5uw6YfWaYSDQjW6IM0TgCnkjnv90pXSsziMRwfzvMJB%2FLkSGI2xclnzZz6mHKr2p4g%2FUJHdTXO8GHBrmT5yHBz"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da1aa29016-FRA
cf-bgj
h2pri
x2adiz0pscx1114x2adiz0pscx29497.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/11/ Frame 5A9C 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/11/x2adiz0pscx1114x2adiz0pscx29497.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
643163110366198e8c4eef17b0628a30c2276497c4747b94fc4749eb8d9635c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
253
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10270
last-modified
Tue, 28 Jun 2022 03:14:29 GMT
server
cloudflare
etag
"e21b4d2e9d8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzhrDpEqU9rq9XNF3OGDHGy2iOt6KxfygAzWv%2F6SjfWOufrMmy7PB3U9jhNu6oQxFEulgMvo9tCNNb9S2pS8MDpNCxaeEO3HZh0fgT1Yd5m%2FnBElAKhxkujo7SjmmUnCk7SIIIvCISuT9c0cZBnW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da1aa39016-FRA
cf-bgj
h2pri
i1q4ss2asoh1114i1q4ss2asoh30499.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/11/ Frame 5A9C 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/11/i1q4ss2asoh1114i1q4ss2asoh30499.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6704260fe01ed69a7625f750fa8dc7e17c7f09c1c86213f1fe759c09d6165035

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
254
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9941
last-modified
Tue, 28 Jun 2022 03:14:30 GMT
server
cloudflare
etag
"cc9fd22e9d8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3FNjWt1%2BODJQQfRhwXWA9we8tH%2BCtqwlt6g0TwhEYnsbmXlJnafiDXrfagdXthm4SFPuAZypVlIpFKAk29IB0L8QKG3BQQDIG5Cj4qu9tgUZamSEgQYNwCza2QEFanHrfTsWB3xiL8ggDkhtjLh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da1aa49016-FRA
cf-bgj
h2pri
w5xm40tue2z1055w5xm40tue2z21243.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/10/ Frame 5A9C 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/10/w5xm40tue2z1055w5xm40tue2z21243.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fa7955a60f5562778e8db53135a7631628ff1d02ea2f934728bff003de12d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3332
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7531
last-modified
Tue, 28 Jun 2022 02:55:21 GMT
server
cloudflare
etag
"fa1cf9819a8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJL186sdbZcnMMH2VP6JgQkAJyyYtyJv5O2mTqkJazP%2FHzK4n%2Bv2X92zkG0qZTZfVLeCxwmmRsPsICDC37xq3AYpf3J1w9WEvj2Dg4KQ%2FmxwI%2B4uefHv1Bj0MVRsUVFTvQuIzT%2BL1fEXQnybkVyu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da4aba9016-FRA
cf-bgj
h2pri
qf0hpxzbh3j1055qf0hpxzbh3j22245.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/10/ Frame 5A9C 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/10/qf0hpxzbh3j1055qf0hpxzbh3j22245.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94bb5eb2032b0ffad19f53d090eede1ac56146b1141940f9a5547ed687ad7870

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11849
last-modified
Tue, 28 Jun 2022 02:55:22 GMT
server
cloudflare
etag
"793e7c829a8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVCsvFHmhSRX8WjdfDrHmV72DXmeKQ7uWGK%2BHvm%2F%2BiIWJzdfP8HpRdd%2F%2BOR92dgHX58N2Qdrmotz9naQPYT6axipp8F5mNPefmUsjH1m5%2BrRnpKi2jR1JT9TwLX5NdaKVisoDzWKoGgVgQHg0E8A"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da4abc9016-FRA
cf-bgj
h2pri
3f2kejmk4ke10553f2kejmk4ke23247.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/10/ Frame 5A9C 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/10/3f2kejmk4ke10553f2kejmk4ke23247.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8daed1bcae60c2acf23237c8c712e98de7ad8160f21c40118e9b63b9725c11d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5594
last-modified
Tue, 28 Jun 2022 02:55:23 GMT
server
cloudflare
etag
"5c31839a8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ipIIQmvQ868LkUY3HH3jWytXzVe7eu9bTNfJbF%2BjbHVYFI6xh9H4Dbj9rASkhgS4LGxeyC7xDLW4GwqTZuQkrEuB2jBhqCkQDf1ed4FZVJ%2FaWNf5s2pgvy%2BTrlyvBjkmqM7IEVgriEUZ7UTyU2u"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da4abd9016-FRA
cf-bgj
h2pri
vwyscrmng0f1055vwyscrmng0f24249.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/10/ Frame 5A9C 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/10/vwyscrmng0f1055vwyscrmng0f24249.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef9692afac931415823eb4f657806339346191b20532633f0a2b613778a7eea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8744
last-modified
Tue, 28 Jun 2022 02:55:24 GMT
server
cloudflare
etag
"cbaa89839a8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHXMr4SV%2B%2Fg8Nek8BAcAHD%2FN0W05G7jgMRkW7cPHqprpoAZ8GzhLuJzoERUljR%2BbSy479LTHN2HxKZGFQ5Z3jL82%2F%2BYt%2FyH9EJ%2Bl2k6zjWCSNv383Pz28C3y%2FY1ggkLUSSEKDdOwixdV7pZPoEz1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da4abe9016-FRA
cf-bgj
h2pri
45okv12byko105545okv12byko25251.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/10/ Frame 5A9C 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/10/45okv12byko105545okv12byko25251.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1cb199e1910357d2f44445390fd73d859ea2babfb077615065bfe4cfadf7ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8459
last-modified
Tue, 28 Jun 2022 02:55:25 GMT
server
cloudflare
etag
"37f413849a8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1av5h4EzJOlBy%2FMnoi%2BAeRHeY%2BP2AUBYvoIO30AkjCCr6YgJYJFHqFxg9xM4FEHKgwRwmrQkY9FVqS2hsuc%2FEly9M0eT26Rqm6OJMqOnfs9nz%2FVIA5CxdtLt5LEze1PObKOGEKiAxf3VjhduAuQK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da4abf9016-FRA
cf-bgj
h2pri
w3m0b4hipdj1055w3m0b4hipdj26253.jpg
fmlb.netlbtu.com/upload/vod/2022/06-28/10/ Frame 5A9C 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fmlb.netlbtu.com/upload/vod/2022/06-28/10/w3m0b4hipdj1055w3m0b4hipdj26253.jpg
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dfb178cc563400ef268187598e032348f45e0980c28b97554ef2cce6042d210

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 02:16:20 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2666
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7245
last-modified
Tue, 28 Jun 2022 02:55:26 GMT
server
cloudflare
etag
"79b394849a8ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ok7FS8pztdyme2mvtGtmjWZbdd2dS7%2FV%2FeeQMpIg3CxzFELLl31uLbH6yCbOqkA0k7eqi%2BkD8d1sDPcQcYMT%2B8M%2BI8nL2asLMGiT1niK6mzZRfsbxVBLKuNuC8HypEP7p2y3VwRdKmK6LjDKGGM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
722b28da5ac09016-FRA
cf-bgj
h2pri
hm.gif
hm.baidu.com/ Frame 5A9C 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=67891609&si=0ed6ebef024f2fd42cbe80ccc51f0ff9&su=http%3A%2F%2Fwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com%2F&v=1.2.94&lv=1&sn=6321&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.1qweasd.com%2F&tt=%E5%A6%96%E5%A7%AC%E5%BD%B1%E8%A7%86
Requested by
Host: www.1qweasd.com
URL: https://www.1qweasd.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.1qweasd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Jun 2022 02:16:21 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| titlestr function| setFrame object| _hmt boolean| _bdhm_loaded_f0b2ff1089f8e2313be54b2aa3b8dd5b object| mini_tangram_log_k0louv

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 1245181B1AAB7E56
.www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/ Name: Hm_lvt_f0b2ff1089f8e2313be54b2aa3b8dd5b
Value: 1656468980
.www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com/ Name: Hm_lpvt_f0b2ff1089f8e2313be54b2aa3b8dd5b
Value: 1656468980

5 Console Messages

Source Level URL
Text
network error URL: https://www.1qweasd.com/template/yaojiyingshi/css/swiper.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.1qweasd.com/template/yaojiyingshi/css/app1.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.1qweasd.com/template/yaojiyingshi/js/swiper.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.1qweasd.com/template/yaojiyingshi/js/rem1.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.1qweasd.com/template/yaojiyingshi/js/jquery.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

701.oss-cn-hongkong.aliyuncs.com
acoossu.top
fadacaitp.com
fmlb.netlbtu.com
hm.baidu.com
huazitupian.oss-cn-hongkong.aliyuncs.com
image.80211mesh.com
img.catu.cc
kvezz.com
kvkaa.com
kvtaaa.top
n0422.com
papatv.work
pic.rmb.bdstatic.com
rfyqtv2.com
taiwtp1.com
tmrhoe2.com
www.1qweasd.com
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com
xox9325.com
103.170.15.94
103.235.46.191
104.193.88.112
107.148.17.189
122.10.48.46
137.220.244.155
154.90.71.234
198.16.35.243
20.187.70.254
20.222.206.6
220.128.218.220
2606:4700:3031::6815:241b
2606:4700:3033::6815:1ee3
2606:4700:3034::ac43:9715
2606:4700:3038::6815:ebae
45.154.215.92
45.61.212.116
45.61.212.224
47.75.19.37
47.75.19.58
0c184e206259e8d0c54d3fc12d3d5332e9f6ff5f0404630fcb2daefe65fe1bfe
0d3f80d6d694b7539cd7d3a61a75a1fac79884efdfeaa4e0a7ed4fb8b5a8d8b5
0f536867b2482f88e5b332fb35c7945c30b48754d4f20c5a2fb264e3a1043977
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
12dfda150de00f5758b1743f380c4fb43e8180e578f30032511ebe9725fcf252
20638e363fcc5152155f24b281303e17da62da62d24ef5dcf863b184d9a25734
26814f3690bea0c2fef3ed2ae11dc3d274512ac8642963be1652cf0bdd60ffe9
3c681be865c3d35a467a8c1b4b9bbb6be3f9c44249a3168035f21cb401d63bd1
4c1cb199e1910357d2f44445390fd73d859ea2babfb077615065bfe4cfadf7ba
550508045871e7677f9449f974036277208c0c3c9d912c1a55133d03f8e524cc
5a7a72fa04186d44d08de8b590fcf1644ad8370bc65007e51ba9300af2541dce
5b0fa7955a60f5562778e8db53135a7631628ff1d02ea2f934728bff003de12d
5dfb178cc563400ef268187598e032348f45e0980c28b97554ef2cce6042d210
5f952170bae63dca3b0a71190344fe7096abc709c931a4027d46eecefba605f2
63ada8945c9e0bad200eff53ac4a07e209a9f5bfe25d6817168c47b7fc44df67
643163110366198e8c4eef17b0628a30c2276497c4747b94fc4749eb8d9635c5
6704260fe01ed69a7625f750fa8dc7e17c7f09c1c86213f1fe759c09d6165035
6ba4e8cdc9ff0aeb561bc5375e39057446fcf286aa13ac72c5663df1abeb0b78
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
82f91ebbb2e7e2ead5095d7bf5e5eb93bd6bcfa874d77b7c90bb0b308972b4ce
848de6d13c434849ecfc2a7b155159cc16a5517356606edbee2ee878300181c9
89036950cdc6e6fc494184e4be14c7c8c112005f3c01c2c1c7de203f262d99cb
8c038a6e4740b4e579908c01abf67b852c43c400b6d8f226653c89dace058da4
8daed1bcae60c2acf23237c8c712e98de7ad8160f21c40118e9b63b9725c11d9
8de193a1364e8850bae092a074b58022662d1fefab4ebbd962013ccc0ed54ff8
8f8521cc74fde2dba6703d71200811de97528c84d0898202117e2d43111b43a2
94bb5eb2032b0ffad19f53d090eede1ac56146b1141940f9a5547ed687ad7870
96ff2dbc511670dcf2060c49b2d91e46ebba1e4462e0a2c9778b9f6098a2818c
a458de16d456cb61a110dc8f60351c55eda239eee4c03a4754de3d55a3505921
b3cb7de10b74a99f823c56745aa07ae79b19cad051eb77de701881c2c3b297ec
b4c6d4b91092df622a5d3f60448989bf739bf1598566d763d47ec5e3937d8aa8
b650b3903a150a9a4a8c9bebf15e720889f267f02097388f027c414d43809422
cb49e2df46cb977a4722a9c5f2b42b2872848ee40a358ebccd41f34c9fd211af
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d52d1e065a35319adfe2002ec249ce4b93f26699937558ea89d8b892baa4633a
d8cff0f2678147b9198cd07c4e2842da303763503c06ca39b75ddb48dcd34c84
ef9692afac931415823eb4f657806339346191b20532633f0a2b613778a7eea5
fcb48e6bf7c37e69e1a85447011b1e6bca95607ffdc1e1666340083e6d72002b
fe901e91df3c83d8a55aff6d39878b029ba3847b2777adbaefc905546f11d051