Submitted URL: http://v-showtime.com/
Effective URL: http://www.v-showtime.com/
Submission: On September 16 via api from US — Scanned from DE

Summary

This website contacted 13 IPs in 5 countries across 10 domains to perform 55 HTTP transactions. The main IP is 142.252.167.207, located in United States and belongs to EGIHOSTING, US. The main domain is www.v-showtime.com.
This is the only time www.v-showtime.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 142.252.167.207 18779 (EGIHOSTING)
13 104.253.26.107 18779 (EGIHOSTING)
4 136.0.242.43 18779 (EGIHOSTING)
2 103.235.46.191 55967 (BAIDU Bei...)
24 104.22.71.230 13335 (CLOUDFLAR...)
1 120.52.95.242 133119 (UNICOM-CN...)
1 163.171.128.148 54994 (QUANTILNE...)
1 203.205.254.152 132203 (TENCENT-N...)
1 104.26.11.222 13335 (CLOUDFLAR...)
1 192.151.223.108 ()
1 104.164.50.50 18779 (EGIHOSTING)
2 118.31.32.153 37963 (CNNIC-ALI...)
55 13
Domain Requested by
24 fmtu.netfhtu.com 136.0.242.43
3 www.v-showtime.com www.v-showtime.com
2 agathaedith.com 104.253.26.107
2 hm.baidu.com www.v-showtime.com
1 tu.51cdn.club 136.0.242.43
1 siyuxxoo.com 136.0.242.43
1 p.qlogo.cn 136.0.242.43
1 img12.360buyimg.com 136.0.242.43
1 sdk.51.la 136.0.242.43
1 v-showtime.com 1 redirects
0 yd.yuanqitu.com Failed 104.253.26.107
55 11

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2
2021-07-01 -
2022-08-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-05-08 -
2022-05-07
a year crt.sh
*.jd.com
GlobalSign RSA OV SSL CA 2018
2020-08-11 -
2021-11-28
a year crt.sh
*.qpic.cn
GlobalSign Organization Validation CA - SHA256 - G2
2021-04-26 -
2022-05-28
a year crt.sh
tu.51cdn.club
GlobalSign GCC R3 DV TLS CA 2020
2021-06-18 -
2022-07-20
a year crt.sh
agathaedith.com
Go Daddy Secure Certificate Authority - G2
2021-07-13 -
2022-07-13
a year crt.sh

This page contains 2 frames:

Primary Page: http://www.v-showtime.com/
Frame ID: 32B92CC85979B45E2132BC7E1D502142
Requests: 6 HTTP requests in this frame

Frame: http://136.0.242.43/
Frame ID: 804EA464BC6359E21F489879A2FCB1B1
Requests: 49 HTTP requests in this frame

Screenshot

Page Title

中南廖妥科技有限公司亚洲av天堂综合在线观看a级,叛逆者在线观看,2012国语免费观看在线播放,国产熟睡乱子伦午夜视频中南廖妥科技有限公司

Page URL History Show full URLs

  1. http://v-showtime.com/ HTTP 301
    http://www.v-showtime.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

55
Requests

58 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

13
IPs

5
Countries

3224 kB
Transfer

3420 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://v-showtime.com/ HTTP 301
    http://www.v-showtime.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.v-showtime.com/
Redirect Chain
  • http://v-showtime.com/
  • http://www.v-showtime.com/
2 KB
730 B
Document
General
Full URL
http://www.v-showtime.com/
Protocol
HTTP/1.1
Server
142.252.167.207 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
2407d7aa2219d1fe354f030985f19862b32fe537323fdf8cc9a141fb388fd1eb

Request headers

Host
www.v-showtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx
Date
Thu, 16 Sep 2021 18:51:02 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 16 Sep 2021 18:51:02 GMT
Content-Type
text/html
Content-Length
0
Connection
keep-alive
Location
http://www.v-showtime.com/
common.js
www.v-showtime.com/
103 B
259 B
Script
General
Full URL
http://www.v-showtime.com/common.js
Requested by
Host: www.v-showtime.com
URL: http://www.v-showtime.com/
Protocol
HTTP/1.1
Server
142.252.167.207 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
56389ec19ff3596f0d5d2c4a31d28168309c2a757dda235da0cdbaaed6dc9246

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.v-showtime.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://www.v-showtime.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.v-showtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:51:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
103
Content-Type
application/x-javascript
tj.js
www.v-showtime.com/
258 B
414 B
Script
General
Full URL
http://www.v-showtime.com/tj.js
Requested by
Host: www.v-showtime.com
URL: http://www.v-showtime.com/
Protocol
HTTP/1.1
Server
142.252.167.207 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
7b396f85ba273f851dcd02248f21e2b7095d0cd3f44b56c367cfc2f062b13246

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.v-showtime.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept
*/*
Referer
http://www.v-showtime.com/
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://www.v-showtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:51:02 GMT
Server
nginx
Connection
keep-alive
Content-Length
258
Content-Type
application/x-javascript
16-20.js
104.253.26.107/
1 KB
1 KB
Script
General
Full URL
http://104.253.26.107/16-20.js
Requested by
Host: www.v-showtime.com
URL: http://www.v-showtime.com/common.js
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
fc0e3c3065bbbb22ecf3b9be823ff17d407a1422e2f167e9d327ad5270b5e162

Request headers

Referer
http://www.v-showtime.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 16 Sep 2021 18:50:44 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Sep 2021 07:57:30 GMT
Server
Microsoft-IIS/8.5
ETag
"f4a39b7fd0aad71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
857
/
136.0.242.43/ Frame 804E
21 KB
5 KB
Document
General
Full URL
http://136.0.242.43/
Requested by
Host: www.v-showtime.com
URL: http://www.v-showtime.com/
Protocol
HTTP/1.1
Server
136.0.242.43 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
06ae1584a14e2650bd60dcca90b52527794e2802c141896e86a378f54d638fb5

Request headers

Host
136.0.242.43
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://www.v-showtime.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://www.v-showtime.com/

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 17:17:23 GMT
Accept-Ranges
bytes
ETag
"80d34337c3a8d71:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Date
Thu, 16 Sep 2021 18:50:45 GMT
Content-Length
5122
hm.js
hm.baidu.com/
40 KB
15 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?aad4904d51aabde9baaad0fa12318530
Requested by
Host: www.v-showtime.com
URL: http://www.v-showtime.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
22f869f6cc686a755e1060cf63fc44f6ea02372b4c8f0bf48a44fa94dbb5a073
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.v-showtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:51:13 GMT
Content-Encoding
gzip
Server
apache
Etag
a9382c16a9365b402cdbc7a5491e81e4
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14358
ate.css
136.0.242.43/template/m1938pc/css/ Frame 804E
74 KB
5 KB
Stylesheet
General
Full URL
http://136.0.242.43/template/m1938pc/css/ate.css
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
136.0.242.43 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:50:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 22 May 2021 12:07:10 GMT
Server
Microsoft-IIS/8.5
ETag
"0ebf5fd24fd71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4498
zui.css
136.0.242.43/template/m1938pc/css/ Frame 804E
84 KB
15 KB
Stylesheet
General
Full URL
http://136.0.242.43/template/m1938pc/css/zui.css
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
136.0.242.43 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
51909852330f33decdc406448a318fb23ba091c18cf49573a0c5ebace91bfa8c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:50:45 GMT
Content-Encoding
gzip
Last-Modified
Sat, 22 May 2021 12:07:11 GMT
Server
Microsoft-IIS/8.5
ETag
"80818efe24fd71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
15340
xx1.js
104.253.26.107/ Frame 804E
2 KB
1 KB
Script
General
Full URL
http://104.253.26.107/xx1.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
ad4456f8d325face70b5eb8af19f4ba061ec3ff540b32b0382c5ea78b64ab1db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:50:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Sep 2021 15:09:28 GMT
Server
Microsoft-IIS/8.5
ETag
"8319b837aa9d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
886
dh.js
104.253.26.107/ Frame 804E
3 KB
793 B
Script
General
Full URL
http://104.253.26.107/dh.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
7ceaa505a3ff64b1108c8a5adc613cde0428444bd33f908aa5745f1e883575ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:50:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 11:03:49 GMT
Server
Microsoft-IIS/8.5
ETag
"80d87a78fa8d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
510
xx2.js
104.253.26.107/ Frame 804E
180 B
571 B
Script
General
Full URL
http://104.253.26.107/xx2.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
fb6679ef793b6b0f66cff77c808cad9e2897801bbe61fc411d7978ace4ae3360

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:50:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Jun 2021 14:01:22 GMT
Server
Microsoft-IIS/8.5
ETag
"e850399a55bd71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
288
05e9df85356ec3a80088b12d753bbc71.jpg
fmtu.netfhtu.com/upload/vod/20210709-1/ Frame 804E
1 KB
1 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210709-1/05e9df85356ec3a80088b12d753bbc71.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 09 Jul 2021 00:26:01 GMT
server
cloudflare
etag
"60e79799-48b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
cf-polished
status=cannot_optimize
accept-ranges
bytes
cf-ray
68fc48eeabe0874d-DUS
content-length
1163
cf-bgj
imgq:85,h2pri
78c2ea891f8e8af5c11d791537f9a480.jpg
fmtu.netfhtu.com/upload/vod/20210709-1/ Frame 804E
84 KB
84 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210709-1/78c2ea891f8e8af5c11d791537f9a480.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abed25526375867129ee347dba3d7f0560c6b3631fbc12dbefac9058b01ad6de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Jul 2021 00:26:01 GMT
server
cloudflare
age
3130
etag
"60e79799-15ad0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
cf-polished
origSize=88784, status=webp_bigger
accept-ranges
bytes
cf-ray
68fc48eeabe4874d-DUS
content-length
86061
cf-bgj
imgq:85,h2pri
c5312c036a7b81bd8d986d05e508303e.jpg
fmtu.netfhtu.com/upload/vod/20210709-1/ Frame 804E
167 KB
167 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210709-1/c5312c036a7b81bd8d986d05e508303e.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac4511b057b6d625d69dfe5af98439388cb85f1c9b66e67d03cc83d8fecc05a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
HIT
age
3133
cf-polished
qual=85, origFmt=jpeg, origSize=225178
content-disposition
inline; filename="c5312c036a7b81bd8d986d05e508303e.webp"
content-length
170538
last-modified
Fri, 09 Jul 2021 00:26:01 GMT
server
cloudflare
etag
"60e79799-36f9a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68fc48eeabe9874d-DUS
cf-bgj
imgq:85,h2pri
38f6f56a5e5f5dcae67a0f7152d2cb8d.jpg
fmtu.netfhtu.com/upload/vod/20210719-1/ Frame 804E
79 KB
79 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210719-1/38f6f56a5e5f5dcae67a0f7152d2cb8d.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3c70ba21b2c4ea43d5e6e3bf9602e9034ad52eb4b69f25d6c70a353368c00b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Jul 2021 04:44:09 GMT
server
cloudflare
age
854
etag
"60f50319-145c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
cf-polished
origSize=83392, status=webp_bigger
accept-ranges
bytes
cf-ray
68fc48eeabed874d-DUS
content-length
81014
cf-bgj
imgq:85,h2pri
8fee151d84085c938d2d2e4d24c34b3a.jpg
fmtu.netfhtu.com/upload/vod/20210719-1/ Frame 804E
34 KB
35 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210719-1/8fee151d84085c938d2d2e4d24c34b3a.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ebfd5636574ee5247e149aff944f628ff1d0451119856ebbc96ed3e557a104c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Jul 2021 04:44:09 GMT
server
cloudflare
age
854
etag
"60f50319-8d91"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
cf-polished
origSize=36241, status=webp_bigger
accept-ranges
bytes
cf-ray
68fc48eeabe6874d-DUS
content-length
35121
cf-bgj
imgq:85,h2pri
773c52ec588303b26fd50188e0603965.jpg
fmtu.netfhtu.com/upload/vod/20210719-1/ Frame 804E
83 KB
84 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210719-1/773c52ec588303b26fd50188e0603965.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
688fb5865afe357f5a93e7df43779bd6a851bdf17edf71184bd3fb14de6e7b1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
HIT
last-modified
Mon, 19 Jul 2021 04:44:09 GMT
server
cloudflare
age
854
etag
"60f50319-158b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
cf-polished
origSize=88247, status=webp_bigger
accept-ranges
bytes
cf-ray
68fc48eeabef874d-DUS
content-length
85422
cf-bgj
imgq:85,h2pri
49e7098fd4d4e77d45b4f83d9ac209c2.jpg
fmtu.netfhtu.com/upload/vod/20210709-1/ Frame 804E
55 KB
55 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210709-1/49e7098fd4d4e77d45b4f83d9ac209c2.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107c497f34b3a53af4b3a7593c121d8a24be7ef2a509619fc7a9c2f99aad2989

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
HIT
age
4849
cf-polished
qual=85, origFmt=jpeg, origSize=97269
content-disposition
inline; filename="49e7098fd4d4e77d45b4f83d9ac209c2.webp"
content-length
55918
last-modified
Fri, 09 Jul 2021 00:28:13 GMT
server
cloudflare
etag
"60e7981d-17bf5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68fc48eefca1874d-DUS
cf-bgj
imgq:85,h2pri
dd1dede90ffe4ab7f400474b04eba5f9.jpg
fmtu.netfhtu.com/upload/vod/20210714-1/ Frame 804E
132 KB
132 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210714-1/dd1dede90ffe4ab7f400474b04eba5f9.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c025212dee0dbb04038ed1d77c7253145cb95aff80bc52a9ac7ea7e6a1dd90a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Jul 2021 02:29:02 GMT
server
cloudflare
etag
"60ee4bee-985ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
cf-polished
qual=85, origFmt=jpeg, origSize=624078
content-disposition
inline; filename="dd1dede90ffe4ab7f400474b04eba5f9.webp"
accept-ranges
bytes
cf-ray
68fc48eefca4874d-DUS
content-length
134844
cf-bgj
imgq:85,h2pri
4a99fad661adf015ae55ddaf10639cae.jpg
fmtu.netfhtu.com/upload/vod/20210714-1/ Frame 804E
96 KB
96 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210714-1/4a99fad661adf015ae55ddaf10639cae.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b1ba531fa384956653961767fd6d5ea0d8077a81d4031aaf4828dd340eac2be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Jul 2021 02:29:02 GMT
server
cloudflare
etag
"60ee4bee-66517"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
cf-polished
qual=85, origFmt=jpeg, origSize=419095
content-disposition
inline; filename="4a99fad661adf015ae55ddaf10639cae.webp"
accept-ranges
bytes
cf-ray
68fc48eefca7874d-DUS
content-length
98234
cf-bgj
imgq:85,h2pri
1e214079d9f922f762003558d300df4f.jpg
fmtu.netfhtu.com/upload/vod/20210714-1/ Frame 804E
1 KB
1 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210714-1/1e214079d9f922f762003558d300df4f.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Jul 2021 02:29:02 GMT
server
cloudflare
etag
"60ee4bee-48b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
cf-polished
status=cannot_optimize
accept-ranges
bytes
cf-ray
68fc48eefcaa874d-DUS
content-length
1163
cf-bgj
imgq:85,h2pri
5c3da1ba6d124ebb589dcae269e33f7a.jpg
fmtu.netfhtu.com/upload/vod/20210709-1/ Frame 804E
81 KB
81 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210709-1/5c3da1ba6d124ebb589dcae269e33f7a.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
368b55671f61210ee74b67e8ca0364896c883ee3120a606250cc5723c877d6c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Jul 2021 00:24:39 GMT
server
cloudflare
age
3124
etag
"60e79747-14303"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
cf-polished
origSize=82691, status=webp_bigger
accept-ranges
bytes
cf-ray
68fc48eefcab874d-DUS
content-length
82460
cf-bgj
imgq:85,h2pri
dfa4008c915383d98cd7f7fcfb7f62a0.jpg
fmtu.netfhtu.com/upload/vod/20210709-1/ Frame 804E
56 KB
56 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210709-1/dfa4008c915383d98cd7f7fcfb7f62a0.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d523e8721903b5446dacbf7f3b5bf900e459bc3c098a2874ff3e43e9e1e30dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
HIT
last-modified
Fri, 09 Jul 2021 00:24:39 GMT
server
cloudflare
age
3116
etag
"60e79747-e0fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
cf-polished
status=not_needed
accept-ranges
bytes
cf-ray
68fc48eefcad874d-DUS
content-length
57598
cf-bgj
imgq:85,h2pri
a920945ae3198a97f34d1df5065badf3.jpg
fmtu.netfhtu.com/upload/vod/20210714-1/ Frame 804E
93 KB
93 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210714-1/a920945ae3198a97f34d1df5065badf3.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8cd729b82c5f73524030f177c5676678314534fd7a5b859bb1aea692a61c8b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Jul 2021 02:23:16 GMT
server
cloudflare
etag
"60ee4a94-23275"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
cf-polished
qual=85, origFmt=jpeg, origSize=143989
content-disposition
inline; filename="a920945ae3198a97f34d1df5065badf3.webp"
accept-ranges
bytes
cf-ray
68fc48eefcb0874d-DUS
content-length
94948
cf-bgj
imgq:85,h2pri
e086ccd6c4c788d6ed83a46dc0e8c570.jpg
fmtu.netfhtu.com/upload/vod/20210714-1/ Frame 804E
135 KB
135 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210714-1/e086ccd6c4c788d6ed83a46dc0e8c570.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d220eacb15844a0eea68dd30f493cf6cafd05dd2eaf5d717131da750bd72fe78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Jul 2021 02:23:16 GMT
server
cloudflare
etag
"60ee4a94-2e6ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
cf-polished
qual=85, origFmt=jpeg, origSize=190126
content-disposition
inline; filename="e086ccd6c4c788d6ed83a46dc0e8c570.webp"
accept-ranges
bytes
cf-ray
68fc48eefcb3874d-DUS
content-length
138084
cf-bgj
imgq:85,h2pri
69b57d501c77d08e9ff3bd726dc1e7f7.jpg
fmtu.netfhtu.com/upload/vod/20210714-1/ Frame 804E
170 KB
170 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210714-1/69b57d501c77d08e9ff3bd726dc1e7f7.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dda2a0aef29584bb956e86265edba9a5229e81bc63f7e43f30b28d0b8024128a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 14 Jul 2021 02:23:16 GMT
server
cloudflare
etag
"60ee4a94-37a68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
cf-polished
qual=85, origFmt=jpeg, origSize=227944
content-disposition
inline; filename="69b57d501c77d08e9ff3bd726dc1e7f7.webp"
accept-ranges
bytes
cf-ray
68fc48eefcbb874d-DUS
content-length
174174
cf-bgj
imgq:85,h2pri
1a18b671c07fbb2724409161f3f4b7a9.jpg
fmtu.netfhtu.com/upload/vod/20210705-1/ Frame 804E
9 KB
9 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210705-1/1a18b671c07fbb2724409161f3f4b7a9.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
914c5844315c9a7ef7a2509497a6b32d39e672d0ce9ac6a36424a4a823b5845c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 05 Jul 2021 04:31:47 GMT
server
cloudflare
etag
"60e28b33-271f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
cf-polished
qual=85, origFmt=jpeg, origSize=10015
content-disposition
inline; filename="1a18b671c07fbb2724409161f3f4b7a9.webp"
accept-ranges
bytes
cf-ray
68fc48eefcbd874d-DUS
content-length
9098
cf-bgj
imgq:85,h2pri
a70dcc199e165b4f0dd1ca83e0dd647d.jpg
fmtu.netfhtu.com/upload/vod/20210705-1/ Frame 804E
7 KB
7 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210705-1/a70dcc199e165b4f0dd1ca83e0dd647d.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
234bef5d1a1ce155af1345c033b8792bbd3becb5e75cb4c40483d557378aa186

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
MISS
last-modified
Mon, 05 Jul 2021 04:31:43 GMT
server
cloudflare
etag
"60e28b2f-1b8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68fc48eefcbe874d-DUS
content-length
7054
086dc8e2c1dd59e5f84404be6df20316.jpg
fmtu.netfhtu.com/upload/vod/20210705-1/ Frame 804E
7 KB
7 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210705-1/086dc8e2c1dd59e5f84404be6df20316.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2bfb2dfdaaf059c5dfcd28a1ac85d91f75c3bf2a370bf2c17d41ba5d204088d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 05 Jul 2021 04:31:43 GMT
server
cloudflare
etag
"60e28b2f-201e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
cf-polished
qual=85, origFmt=jpeg, origSize=8222
content-disposition
inline; filename="086dc8e2c1dd59e5f84404be6df20316.webp"
accept-ranges
bytes
cf-ray
68fc48eefcbf874d-DUS
content-length
7166
cf-bgj
imgq:85,h2pri
6a252c1472d6f23d547627753e30d9d1.jpg
fmtu.netfhtu.com/upload/vod/20210705-1/ Frame 804E
11 KB
11 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210705-1/6a252c1472d6f23d547627753e30d9d1.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e4aaf6c0f5094d8075d5dfee8cea4085dc71d1bd62d54892f880ddb6437d8af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
MISS
last-modified
Mon, 05 Jul 2021 04:31:43 GMT
server
cloudflare
etag
"60e28b2f-2ab7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68fc48eefcc0874d-DUS
content-length
10935
6cb5e733d27d527cc6bd76df8c8f40b1.jpg
fmtu.netfhtu.com/upload/vod/20210705-1/ Frame 804E
7 KB
7 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210705-1/6cb5e733d27d527cc6bd76df8c8f40b1.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
156610e5b717088e79bbc1c28b4a9f95420ecc3d4febee33c0831543c8fd523c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
HIT
age
6777
cf-polished
qual=85, origFmt=jpeg, origSize=9071
content-disposition
inline; filename="6cb5e733d27d527cc6bd76df8c8f40b1.webp"
content-length
7372
last-modified
Mon, 05 Jul 2021 04:31:43 GMT
server
cloudflare
etag
"60e28b2f-236f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68fc48eefcc1874d-DUS
cf-bgj
imgq:85,h2pri
e20d25cc0e3db59b24db6102211a4a3f.jpg
fmtu.netfhtu.com/upload/vod/20210904-1/ Frame 804E
71 KB
71 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210904-1/e20d25cc0e3db59b24db6102211a4a3f.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81f2d356ee1cceefa346fc365af224bedd24214b9c3520d4068da9a2a26c3bdc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 03 Sep 2021 19:13:37 GMT
server
cloudflare
etag
"613273e1-1f2a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
cf-polished
qual=85, origFmt=jpeg, origSize=127648
content-disposition
inline; filename="e20d25cc0e3db59b24db6102211a4a3f.webp"
accept-ranges
bytes
cf-ray
68fc48eefcc2874d-DUS
content-length
72542
cf-bgj
imgq:85,h2pri
34efc38521589c96ca3b947f17ccc018.jpg
fmtu.netfhtu.com/upload/vod/20210904-1/ Frame 804E
72 KB
72 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210904-1/34efc38521589c96ca3b947f17ccc018.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fd6d58fa5661a434f2cbe1995f275775324a4f55876ef16b5ed32da47d7cb81

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 19:13:37 GMT
server
cloudflare
etag
"613273e1-120d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68fc48eefcc5874d-DUS
content-length
73940
df2a0dfc1973da070f1c6158beafaaaa.jpg
fmtu.netfhtu.com/upload/vod/20210904-1/ Frame 804E
213 KB
213 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210904-1/df2a0dfc1973da070f1c6158beafaaaa.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c6f7988c308306eca5b87aa18276efee3c00758a60474b9a43e28d11bce64dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 03 Sep 2021 19:13:37 GMT
server
cloudflare
etag
"613273e1-5c28e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=31536000
cf-polished
origFmt=png, origSize=377486
content-disposition
inline; filename="df2a0dfc1973da070f1c6158beafaaaa.webp"
accept-ranges
bytes
cf-ray
68fc48ef0cd6874d-DUS
content-length
217948
cf-bgj
imgq:85,h2pri
c701268764d7b432d56280da2a365a86.jpg
fmtu.netfhtu.com/upload/vod/20210904-1/ Frame 804E
440 KB
441 KB
Image
General
Full URL
https://fmtu.netfhtu.com/upload/vod/20210904-1/c701268764d7b432d56280da2a365a86.jpg
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.71.230 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f31d243bf9428f3d7980fdd18cf9540412ff076477df30bb9ee241d7666173c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
cf-cache-status
MISS
last-modified
Fri, 03 Sep 2021 19:13:37 GMT
server
cloudflare
etag
"613273e1-6e13b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68fc48ef0cd8874d-DUS
content-length
450875
xx3.js
104.253.26.107/ Frame 804E
9 KB
3 KB
Script
General
Full URL
http://104.253.26.107/xx3.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
eee8151c37f8f176a3a70a34248e29dd3fdfef31e3bf07052571303369c0dd12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:50:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 13 Sep 2021 07:15:49 GMT
Server
Microsoft-IIS/8.5
ETag
"8080902d6fa8d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
3176
ddp.js
104.253.26.107/bb/ Frame 804E
0
0
Script
General
Full URL
http://104.253.26.107/bb/ddp.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

dp.js
104.253.26.107/bb/ Frame 804E
0
0
Script
General
Full URL
http://104.253.26.107/bb/dp.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

xtb.js
104.253.26.107/bb/ Frame 804E
0
0
Script
General
Full URL
http://104.253.26.107/bb/xtb.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

dl.js
104.253.26.107/bb/ Frame 804E
0
0
Script
General
Full URL
http://104.253.26.107/bb/dl.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

js-sdk-pro.min.js
sdk.51.la/ Frame 804E
31 KB
14 KB
Script
General
Full URL
http://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
120.52.95.242 , China, ASN133119 (UNICOM-CN China Unicom IP network, CN),
Reverse DNS
Software
openresty /
Resource Hash
b600851415e475ae4e2967bf1c8ec204323b1e24bad2887bef5b78b8910f980a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:51:14 GMT
via
CHN-HElangfang-AREACUCC1-CACHE26[1],CHN-HElangfang-AREACUCC1-CACHE27[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE44[1243],CHN-SH-GLOBAL1-CACHE94[0,TCP_HIT,1241]
X-CCDN-CacheTTL
2592000
Age
1762940
CloudServiceDiscount
CDN
Transfer-Encoding
chunked
Connection
keep-alive
x-reserved
amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
x-amz-request-id
0000017B86DE84039304E6658D563049
x-amz-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSMuF5r7XWzGtMSyupvk5ZMozC2rwKuW
Last-Modified
Fri, 27 Aug 2021 09:07:11 GMT
Server
openresty
ETag
W/"e54a99c2008952c60912f67c9e0c045f"
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Content-Encoding
gzip
x-hcs-proxy-type
1
6d60aec7f939d135.gif
img12.360buyimg.com/ddimg/jfs/t1/177175/19/14995/102164/60f6651bE1c1a9649/ Frame 804E
100 KB
100 KB
Image
General
Full URL
https://img12.360buyimg.com/ddimg/jfs/t1/177175/19/14995/102164/60f6651bE1c1a9649/6d60aec7f939d135.gif
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
588bd0974f2299f40711176607ea3da6bc2b4624b8d26cc27e729c04fbc6f82c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:15 GMT
via
http/1.1 ORI-CLOUD-HUN-MIX-38 (jcs [cRs f ]), http/1.1 HUN-CT-6-MIX-17 (jcs [cMsSfW])
last-modified
Tue, 20 Jul 2021 05:54:35 GMT
server
nginx
age
1
x-trace
200-1626760475858-0-0-15-38-38;200-1626760506710-0-0-0-1-1;200-1626760506702-0-0-0-10-10
etag
x-ws-request-id
61439223_PSdgflkfFRA1bc9_19215-33483
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=5236310
timing-allow-origin
*
content-length
102164
x-via
1.1 PSxgHKG8sn129:8 (Cdn Cache Server V2.0), 1.1 kf230:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:5 (Cdn Cache Server V2.0)
expires
Sun, 19 Sep 2021 05:39:17 GMT
0
p.qlogo.cn/qqmail_head/PiajxSqBRaEJV1qNadEsBvC3o1y2gGSRVYJAr7T29An8WoUY2PW81XdFEPala87zbR4CMRfnMlvM/ Frame 804E
395 KB
395 KB
Image
General
Full URL
https://p.qlogo.cn/qqmail_head/PiajxSqBRaEJV1qNadEsBvC3o1y2gGSRVYJAr7T29An8WoUY2PW81XdFEPala87zbR4CMRfnMlvM/0
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.254.152 , Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
Qnginx/1.4.4 /
Resource Hash
9f56fc28956d641f7eb01b56e6339cdf0e09c497f725e97de6ac399fa16dcc15

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-datasrc
2
date
Thu, 16 Sep 2021 18:51:14 GMT
size
404140
content-length
404140
x-info
real data
x-reqgue
0
user-returncode
0
fid
0
last-modified
Thu, 19 Aug 2021 12:59:53 GMT
server
Qnginx/1.4.4
x-cpt
filename=0
vary
Accept,Origin
chid
0
x-delay
31133 us
cache-control
max-age=2592000
x-bcheck
0_1
x-nws-log-uuid
86d0d87b-e01f-4011-aa55-7910af250375
content-type
image/gif
siyu.gif
siyuxxoo.com/ Frame 804E
158 KB
159 KB
Image
General
Full URL
https://siyuxxoo.com/siyu.gif
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.11.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78939c20b8891f628250265f75226681b3291713c63802c21f4fad7b25aed330
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 18:51:13 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204677
content-length
162151
last-modified
Fri, 10 Sep 2021 17:47:56 GMT
server
cloudflare
etag
"613b9a4c-27967"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCqN%2BoYIyuSkck0rU9C30zUXz%2FCwKMeXc1CCUOdzGqhY0vJ5Qryg5pRmfKMNxCG%2B5fGeK7eq%2FidQnbrxN4pEDj76AiQUJiYgQFY5oeLJjn%2BxZXSr1cVYDWfdwx%2BJNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
68fc48f2bdf16571-LHR
expires
Thu, 14 Oct 2021 09:59:56 GMT
960x85a10014.gif
tu.51cdn.club/hf85/ Frame 804E
395 KB
395 KB
Image
General
Full URL
https://tu.51cdn.club:453/hf85/960x85a10014.gif
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.151.223.108 -, , ASN (),
Reverse DNS
Software
cdn /
Resource Hash
e8b2cdbb1a97710814af9d2e0b69c9c7527215eecb67ae2b5893fda518930f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:51:16 GMT
Last-Modified
Fri, 18 Jun 2021 12:37:49 GMT
Server
cdn
ETag
"60cc939d-62b5b"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
404315
Expires
Sat, 09 Oct 2021 08:36:56 GMT
ggzz.gif
104.164.50.50/tu/ Frame 804E
0
0
Image
General
Full URL
http://104.164.50.50/tu/ggzz.gif
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.164.50.50 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

dxkfs
agathaedith.com/nnckzkzbmg/dxkfs1wrl0yfgxxc8wbbh/272/ Frame 804E
39 B
708 B
Script
General
Full URL
https://agathaedith.com:22559/nnckzkzbmg/dxkfs1wrl0yfgxxc8wbbh/272/dxkfs
Requested by
Host: 104.253.26.107
URL: http://104.253.26.107/xx3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.31.32.153 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx/1.2.4 / PHP/5.2.14p1
Resource Hash
ba55a8d3866b0f5d4e5c85526551f2ba958c571b6662ec05d97819dddd8d6633

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:51:15 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
PHP/5.2.14p1
Transfer-Encoding
chunked
P3P
CP=CAO PSA OUR
Connection
keep-alive
Pramga
no-cache
Last-Modified
Thu, 16 Sep 2021 18:51:15 GMT
Server
nginx/1.2.4
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
text/html;charset=UTF8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Content-Range, Content-Disposition, Content-Description
xtb.php
yd.yuanqitu.com/DNEW/ Frame 804E
0
0

dxkfs
agathaedith.com/nnckzkzbmg/dxkfs1wrl0yfgxxc4wbbh/272/ Frame 804E
39 B
708 B
Script
General
Full URL
https://agathaedith.com:22559/nnckzkzbmg/dxkfs1wrl0yfgxxc4wbbh/272/dxkfs
Requested by
Host: 104.253.26.107
URL: http://104.253.26.107/xx3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
118.31.32.153 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx/1.2.4 / PHP/5.2.14p1
Resource Hash
ba55a8d3866b0f5d4e5c85526551f2ba958c571b6662ec05d97819dddd8d6633

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:51:15 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
PHP/5.2.14p1
Transfer-Encoding
chunked
P3P
CP=CAO PSA OUR
Connection
keep-alive
Pramga
no-cache
Last-Modified
Thu, 16 Sep 2021 18:51:15 GMT
Server
nginx/1.2.4
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
text/html;charset=UTF8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Content-Range, Content-Disposition, Content-Description
video-play.png
136.0.242.43/template/m1938pc/images/ Frame 804E
2 KB
2 KB
Image
General
Full URL
http://136.0.242.43/template/m1938pc/images/video-play.png
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/template/m1938pc/css/zui.css
Protocol
HTTP/1.1
Server
136.0.242.43 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/template/m1938pc/css/zui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 18:50:45 GMT
Last-Modified
Sat, 22 May 2021 12:07:20 GMT
Server
Microsoft-IIS/8.5
Accept-Ranges
bytes
ETag
"8e3725434fd71:0"
Content-Length
1567
Content-Type
image/png
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=771587302&si=aad4904d51aabde9baaad0fa12318530&v=1.2.84&lv=1&sn=62309&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.v-showtime.com%2F&tt=%E4%B8%AD%E5%8D%97%E5%BB%96%E5%A6%A5%E7%A7%91%E6%8A%80%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: www.v-showtime.com
URL: http://www.v-showtime.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://www.v-showtime.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 18:51:14 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
ddp.js
104.253.26.107/bb/ Frame 804E
0
0
Script
General
Full URL
http://104.253.26.107/bb/ddp.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

dp.js
104.253.26.107/bb/ Frame 804E
0
0
Script
General
Full URL
http://104.253.26.107/bb/dp.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

xtb.js
104.253.26.107/bb/ Frame 804E
0
0
Script
General
Full URL
http://104.253.26.107/bb/xtb.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

dl.js
104.253.26.107/bb/ Frame 804E
0
0
Script
General
Full URL
http://104.253.26.107/bb/dl.js
Requested by
Host: 136.0.242.43
URL: http://136.0.242.43/
Protocol
HTTP/1.1
Server
104.253.26.107 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://136.0.242.43/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yd.yuanqitu.com
URL
http://yd.yuanqitu.com/DNEW/xtb.php?uid=15547

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster string| titlestr function| setFrame object| _hmt boolean| _bdhm_loaded_aad4904d51aabde9baaad0fa12318530 object| mini_tangram_log_ttg8ta

3 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 11597A15A302E6B2
.www.v-showtime.com/ Name: Hm_lvt_aad4904d51aabde9baaad0fa12318530
Value: 1631818274
.www.v-showtime.com/ Name: Hm_lpvt_aad4904d51aabde9baaad0fa12318530
Value: 1631818274

11 Console Messages

Source Level URL
Text
javascript warning URL: http://www.v-showtime.com/common.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://104.253.26.107/16-20.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.v-showtime.com/common.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://104.253.26.107/16-20.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://104.253.26.107/bb/ddp.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://104.253.26.107/bb/dp.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://104.253.26.107/bb/xtb.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://104.253.26.107/bb/dl.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://104.164.50.50/tu/ggzz.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://104.253.26.107/bb/ddp.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://104.253.26.107/bb/dp.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://104.253.26.107/bb/xtb.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://104.253.26.107/bb/dl.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

agathaedith.com
fmtu.netfhtu.com
hm.baidu.com
img12.360buyimg.com
p.qlogo.cn
sdk.51.la
siyuxxoo.com
tu.51cdn.club
v-showtime.com
www.v-showtime.com
yd.yuanqitu.com
yd.yuanqitu.com
103.235.46.191
104.164.50.50
104.22.71.230
104.253.26.107
104.26.11.222
118.31.32.153
120.52.95.242
136.0.242.43
142.252.167.207
163.171.128.148
192.151.223.108
203.205.254.152
06ae1584a14e2650bd60dcca90b52527794e2802c141896e86a378f54d638fb5
0fd6d58fa5661a434f2cbe1995f275775324a4f55876ef16b5ed32da47d7cb81
107c497f34b3a53af4b3a7593c121d8a24be7ef2a509619fc7a9c2f99aad2989
156610e5b717088e79bbc1c28b4a9f95420ecc3d4febee33c0831543c8fd523c
22f869f6cc686a755e1060cf63fc44f6ea02372b4c8f0bf48a44fa94dbb5a073
234bef5d1a1ce155af1345c033b8792bbd3becb5e75cb4c40483d557378aa186
2407d7aa2219d1fe354f030985f19862b32fe537323fdf8cc9a141fb388fd1eb
2ebfd5636574ee5247e149aff944f628ff1d0451119856ebbc96ed3e557a104c
368b55671f61210ee74b67e8ca0364896c883ee3120a606250cc5723c877d6c3
4b1ba531fa384956653961767fd6d5ea0d8077a81d4031aaf4828dd340eac2be
4c025212dee0dbb04038ed1d77c7253145cb95aff80bc52a9ac7ea7e6a1dd90a
4e4aaf6c0f5094d8075d5dfee8cea4085dc71d1bd62d54892f880ddb6437d8af
51909852330f33decdc406448a318fb23ba091c18cf49573a0c5ebace91bfa8c
56389ec19ff3596f0d5d2c4a31d28168309c2a757dda235da0cdbaaed6dc9246
588bd0974f2299f40711176607ea3da6bc2b4624b8d26cc27e729c04fbc6f82c
688fb5865afe357f5a93e7df43779bd6a851bdf17edf71184bd3fb14de6e7b1a
78939c20b8891f628250265f75226681b3291713c63802c21f4fad7b25aed330
7ac4511b057b6d625d69dfe5af98439388cb85f1c9b66e67d03cc83d8fecc05a
7b396f85ba273f851dcd02248f21e2b7095d0cd3f44b56c367cfc2f062b13246
7c6f7988c308306eca5b87aa18276efee3c00758a60474b9a43e28d11bce64dd
7ceaa505a3ff64b1108c8a5adc613cde0428444bd33f908aa5745f1e883575ad
7d523e8721903b5446dacbf7f3b5bf900e459bc3c098a2874ff3e43e9e1e30dc
81f2d356ee1cceefa346fc365af224bedd24214b9c3520d4068da9a2a26c3bdc
8f31d243bf9428f3d7980fdd18cf9540412ff076477df30bb9ee241d7666173c
914c5844315c9a7ef7a2509497a6b32d39e672d0ce9ac6a36424a4a823b5845c
9f56fc28956d641f7eb01b56e6339cdf0e09c497f725e97de6ac399fa16dcc15
a3c70ba21b2c4ea43d5e6e3bf9602e9034ad52eb4b69f25d6c70a353368c00b0
a8cd729b82c5f73524030f177c5676678314534fd7a5b859bb1aea692a61c8b5
abed25526375867129ee347dba3d7f0560c6b3631fbc12dbefac9058b01ad6de
ad4456f8d325face70b5eb8af19f4ba061ec3ff540b32b0382c5ea78b64ab1db
b2bfb2dfdaaf059c5dfcd28a1ac85d91f75c3bf2a370bf2c17d41ba5d204088d
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
b600851415e475ae4e2967bf1c8ec204323b1e24bad2887bef5b78b8910f980a
ba55a8d3866b0f5d4e5c85526551f2ba958c571b6662ec05d97819dddd8d6633
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d220eacb15844a0eea68dd30f493cf6cafd05dd2eaf5d717131da750bd72fe78
dda2a0aef29584bb956e86265edba9a5229e81bc63f7e43f30b28d0b8024128a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b2cdbb1a97710814af9d2e0b69c9c7527215eecb67ae2b5893fda518930f98
eee8151c37f8f176a3a70a34248e29dd3fdfef31e3bf07052571303369c0dd12
fb6679ef793b6b0f66cff77c808cad9e2897801bbe61fc411d7978ace4ae3360
fc0e3c3065bbbb22ecf3b9be823ff17d407a1422e2f167e9d327ad5270b5e162