99770.hhxxee.com Open in urlscan Pro
64.140.165.116 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Submission Tags: falconsandbox
Submission: On May 07 via api (May 7th 2021, 8:47:40 am UTC) from US

Summary HTTP 72 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 13 domains to perform 72 HTTP transactions. The main IP is 64.140.165.116, located in Ogden, United States and belongs to WEBNX, US. The main domain is 99770.hhxxee.com.

This is the only time 99770.hhxxee.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	64.140.165.116 64.140.165.116	18450 (WEBNX) (WEBNX)
1	64.140.160.20 64.140.160.20	18450 (WEBNX) (WEBNX)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
2	128.1.164.123 128.1.164.123	21859 (ZNET) (ZNET)
2	35.190.35.45 35.190.35.45	15169 (GOOGLE) (GOOGLE)
2	60.199.208.47 60.199.208.47	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
2	172.104.96.30 172.104.96.30	63949 (LINODE-AP...) (LINODE-AP Linode)
6 14	34.96.119.68 34.96.119.68	15169 (GOOGLE) (GOOGLE)
4 6	172.104.64.149 172.104.64.149	63949 (LINODE-AP...) (LINODE-AP Linode)
6	2606:4700:20:... 2606:4700:20::ac43:4bc1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
6	212.82.100.146 212.82.100.146	34010 (YAHOO-IRD) (YAHOO-IRD)
4	2a00:1288:110... 2a00:1288:110:c104::2000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2606:4700:303... 2606:4700:3037::6815:4b3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.241.5.209 35.241.5.209	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	65.9.76.42 65.9.76.42	16509 (AMAZON-02) (AMAZON-02)
72	17

13 64.140.165.116 (Ogden, United States)

ASN18450 (WEBNX, US)
PTR: 64-140-165-116.static.webnx.com

99770.hhxxee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.140.160.20 (Ogden, United States)

ASN18450 (WEBNX, US)
PTR: 64-140-160-20.static.webnx.com

20.125084.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 128.1.164.123 (United States)

ASN21859 (ZNET, US)

jy.ggweb.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.35.45 (Kansas City, United States)

ASN15169 (GOOGLE, US)

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 60.199.208.47 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)

rd.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.96.30 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)

static.fzdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 34.96.119.68 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)

apn.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pmp-beacon.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.104.64.149 (Tokyo, Japan) 4 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1674-149.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::ac43:4bc1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.kiwihk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.82.100.146 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:110:c104::2000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

search.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:4b3a (United States)

ASN13335 (CLOUDFLARENET, US)

www.lookit.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.5.209 (Kansas City, United States)

ASN15169 (GOOGLE, US)

ad.adondemand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.76.42 (United States)

ASN16509 (AMAZON-02, US)

d1r1je24p3mdzk.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	appier.net 10 redirects apn.c.appier.net gocm.c.appier.net adx.c.appier.net pmp-beacon.apx.appier.net ad2.apx.appier.net	7 KB
14	yimg.com s.yimg.com	118 KB
13	hhxxee.com 99770.hhxxee.com	21 KB
12	yahoo.com ads.yap.yahoo.com search.yahoo.com geo.yahoo.com	3 KB
6	kiwihk.net js.kiwihk.net	25 KB
4	sitemaji.com ad.sitemaji.com rd.sitemaji.com	17 KB
2	cloudfront.net d1r1je24p3mdzk.cloudfront.net
2	adondemand.com ad.adondemand.com	24 KB
2	lookit.tw www.lookit.tw	1 KB
2	fzdm.com static.fzdm.com	3 KB
2	ggweb.net jy.ggweb.net	2 KB
2	baidu.com hm.baidu.com	15 KB
1	125084.com 20.125084.com	145 KB
72	13

	Domain	Requested by
14	s.yimg.com	js.kiwihk.net static.fzdm.com ad.adondemand.com
13	99770.hhxxee.com	99770.hhxxee.com
6	ads.yap.yahoo.com	s.yimg.com
6	js.kiwihk.net	static.fzdm.com js.kiwihk.net
6	adx.c.appier.net	99770.hhxxee.com apn.c.appier.net
6	gocm.c.appier.net	4 redirects 99770.hhxxee.com apn.c.appier.net
4	search.yahoo.com	static.fzdm.com
4	apn.c.appier.net	4 redirects
2	d1r1je24p3mdzk.cloudfront.net	www.lookit.tw
2	ad2.apx.appier.net	2 redirects
2	geo.yahoo.com	www.lookit.tw s.yimg.com
2	ad.adondemand.com	www.lookit.tw
2	www.lookit.tw	99770.hhxxee.com
2	pmp-beacon.apx.appier.net	apn.c.appier.net
2	static.fzdm.com	jy.ggweb.net
2	rd.sitemaji.com	ad.sitemaji.com
2	ad.sitemaji.com	99770.hhxxee.com
2	jy.ggweb.net	99770.hhxxee.com jy.ggweb.net
2	hm.baidu.com	99770.hhxxee.com
1	20.125084.com	99770.hhxxee.com
72	20

This site contains links to these domains. Also see Links.

Domain
b.99mh.com

Subject Issuer	Validity	Valid
fzdm.com R3	`2021-03-01` - `2021-05-30`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-10-20` - `2021-07-26`	9 months	crt.sh
*.c.appier.net R3	`2021-04-10` - `2021-07-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-01` - `2021-08-01`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-03` - `2021-06-23`	2 months	crt.sh
*.gw.flurry.com DigiCert SHA2 High Assurance Server CA	`2021-02-02` - `2021-07-27`	6 months	crt.sh
*.search.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-15` - `2021-09-08`	6 months	crt.sh
*.apx.appier.net R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
adondemand.com R3	`2021-04-19` - `2021-07-18`	3 months	crt.sh
analytics.query.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-08` - `2021-09-01`	6 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh

This page contains 14 frames:

Primary Page: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Frame ID: B61E34E84C66CF35BD76614CA316F7B5
Requests: 13 HTTP requests in this frame

Frame: http://99770.hhxxee.com/aitw/tn728.htm
Frame ID: EA79672B02E04754AF34E7B0BD23ED9D
Requests: 3 HTTP requests in this frame

Frame: http://99770.hhxxee.com/aitw/h/twy.htm
Frame ID: 3CEFEBC0BEF30655BCC03CAFF166C8BC
Requests: 4 HTTP requests in this frame

Frame: http://99770.hhxxee.com/aitw/gg728.htm
Frame ID: 0ACF72DE7C00739604DCC28469EA74EC
Requests: 4 HTTP requests in this frame

Frame: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=728x90
Frame ID: 53F0D8E1CD10D92DD14D75BA6963A724
Requests: 14 HTTP requests in this frame

Frame: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=300x250
Frame ID: 410709EA9764FEA1B89F21FE9E4C440D
Requests: 14 HTTP requests in this frame

Frame: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=jnMjwl8oCNeXnTAanP6UYA&hzid=HhCeHFOc
Frame ID: F5E1427F7C7B93582A13301E33131FF6
Requests: 3 HTTP requests in this frame

Frame: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=PjRfvawtCpy4XkFUnP6UYA&hzid=HhCeHFOc
Frame ID: 207C2ECEA0E39670597D9144E42B3DE2
Requests: 3 HTTP requests in this frame

Frame: https://www.lookit.tw/native.html?s=728x90_99hxe
Frame ID: 14CE9D81A474EC6545048DDE9A32393D
Requests: 5 HTTP requests in this frame

Frame: http://gocm.c.appier.net/gcm
Frame ID: 5C966254C4D850C8B5221EDED60ED1DD
Requests: 1 HTTP requests in this frame

Frame: http://gocm.c.appier.net/gcm
Frame ID: E324684AABC41D034A62A423A1112646
Requests: 1 HTTP requests in this frame

Frame: https://www.lookit.tw/native.html?s=728x90_99hxe
Frame ID: 5808A94190751D16D36CCCEBC353BDF1
Requests: 5 HTTP requests in this frame

Frame: https://d1r1je24p3mdzk.cloudfront.net/pb/pb_test/5978.js?zoneid=5978&id=id8ooccm80gu0f55o
Frame ID: C2E62F7D783E8762251CD5B2C9D6A0F4
Requests: 1 HTTP requests in this frame

Frame: https://d1r1je24p3mdzk.cloudfront.net/pb/pb_test/5978.js?zoneid=5978&id=id8ooccm80gu0f55o
Frame ID: 9E35493898CFC5D58139073AF50A6818
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

72
Requests

68 %
HTTPS

29 %
IPv6

13
Domains

20
Subdomains

17
IPs

5
Countries

379 kB
Transfer

867 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://b.99mh.com/?errurl=http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Title: 點我報錯

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WtW9feNp&hzids=HhCeHFOc HTTP 307
https://gocm.c.appier.net/apnnet?haid=WtW9feNp&hzids=HhCeHFOc&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=NcgnprtPB8Ss_Gf2nP6UYA&haid=WtW9feNp&hzids=HhCeHFOc

Request Chain 24

http://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HhCeHFOc HTTP 307
https://gocm.c.appier.net/apnnet?hzid=HhCeHFOc&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=jnMjwl8oCNeXnTAanP6UYA&hzid=HhCeHFOc

Request Chain 25

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WtW9feNp&hzids=HhCeHFOc HTTP 307
https://gocm.c.appier.net/apnnet?haid=WtW9feNp&hzids=HhCeHFOc&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=CV0TyiXgCguhdQLAnP6UYA&haid=WtW9feNp&hzids=HhCeHFOc

Request Chain 26

http://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HhCeHFOc HTTP 307
https://gocm.c.appier.net/apnnet?hzid=HhCeHFOc&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=PjRfvawtCpy4XkFUnP6UYA&hzid=HhCeHFOc

Request Chain 69

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5978&id=id8ooccm80gu0f55o HTTP 302
https://d1r1je24p3mdzk.cloudfront.net/pb/pb_test/5978.js?zoneid=5978&id=id8ooccm80gu0f55o

Request Chain 70

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5978&id=id8ooccm80gu0f55o HTTP 302
https://d1r1je24p3mdzk.cloudfront.net/pb/pb_test/5978.js?zoneid=5978&id=id8ooccm80gu0f55o

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
99770.hhxxee.com/comic/36322/327188/ 6 KB
3 KB 340ms
308ms Document
text/html 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 8b241cdc5cb9c5083e8f5733bf15c183fef343dee67988f6393a182b2adf9765

Request headers

Host: 99770.hhxxee.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sun, 07 Apr 2019 16:41:29 GMT
Accept-Ranges: bytes
ETag: "8ea4eabf60edd41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 07 May 2021 08:47:06 GMT
Content-Length: 2337

GET
H/1.1 200
OK view.css
99770.hhxxee.com/css/ 22 KB
4 KB 169ms
167ms Stylesheet
text/css 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: http://99770.hhxxee.com/css/view.css
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: d14e2dd14a78d2d64cc2ec4f03a6933cad7cb5bbf52308a724b2c048aa5b61a4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 99770.hhxxee.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Connection: keep-alive
Cache-Control: no-cache
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Nov 2012 21:48:08 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "05c886868bccd1:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3940

GET
H/1.1 200
OK viewhtml.js Show response
99770.hhxxee.com/script/ 12 KB
4 KB 342ms
310ms Script
application/x-javascript 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: http://99770.hhxxee.com/script/viewhtml.js
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 4349b18da0fe0d5df07ca42b0b781b25e74913fe465507004c31d704b88bb835

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 99770.hhxxee.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Connection: keep-alive
Cache-Control: no-cache
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2020 08:48:50 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "045c2aecf97d61:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3601

GET
H/1.1 200
OK nb1.js Show response
99770.hhxxee.com/aitw/ 141 B
536 B 341ms
310ms Script
application/x-javascript 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: http://99770.hhxxee.com/aitw/nb1.js
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 631ba32694e9ef2f056d28293b6cb1c74265b70f1277e0c1fb47f992dc14ea54

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 99770.hhxxee.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Connection: keep-alive
Cache-Control: no-cache
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Jul 2016 23:26:35 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "df654a2b70d9d11:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 227

GET
H/1.1 200
OK loading.gif
99770.hhxxee.com/images/ 4 KB
4 KB 347ms
316ms Image
image/gif 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://99770.hhxxee.com/images/loading.gif
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 45a2dc2df9c528724471a61d028014f7304f1874ba08096b86acedb8d8ec5705

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 99770.hhxxee.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Connection: keep-alive
Cache-Control: no-cache
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:07 GMT
Last-Modified: Sat, 05 May 2012 00:46:35 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "8474cd85582acd1:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 4069

GET
H/1.1 200
OK nb2.js Show response
99770.hhxxee.com/aitw/ 138 B
531 B 168ms
168ms Script
application/x-javascript 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: http://99770.hhxxee.com/aitw/nb2.js
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 1f1b4ae747813b515ae57d7163cc773c3437d4b3c1fa5878aed3c559c87ab70d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 99770.hhxxee.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Connection: keep-alive
Cache-Control: no-cache
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Dec 2014 10:11:55 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "c1a94ae42a15d01:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 222

GET
H/1.1 200
OK nb3.js Show response
99770.hhxxee.com/aitw/ 283 B
548 B 175ms
174ms Script
application/x-javascript 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: http://99770.hhxxee.com/aitw/nb3.js
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 15737ff399b07aa165f6f1e78163f78bcf8e6b6a4fd9953ba437be6f3bcfd570

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 99770.hhxxee.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Connection: keep-alive
Cache-Control: no-cache
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Apr 2012 23:40:52 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "b24e354f1fcd1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 241

GET
H/1.1 200
OK nb4.js Show response
99770.hhxxee.com/aitw/ 428 B
570 B 170ms
169ms Script
application/x-javascript 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: http://99770.hhxxee.com/aitw/nb4.js
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: b289e4c23a4058fe0b4554a4e1fddf27b75493bf4ba65840982112490f412d3b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 99770.hhxxee.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Connection: keep-alive
Cache-Control: no-cache
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Apr 2016 12:05:02 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "42e0badcb39fd11:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 261

GET
H/1.1 200
OK tj.js Show response
99770.hhxxee.com/script/ 480 B
749 B 198ms
168ms Script
application/x-javascript 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: http://99770.hhxxee.com/script/tj.js
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 6a75664636dd81120330ee0914f302cd91de1cc03aec1ee73fb3a7cd897d2bb6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 99770.hhxxee.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Connection: keep-alive
Cache-Control: no-cache
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Sep 2013 13:28:15 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "8dc7956b85bbce1:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 440

GET
H/1.1 200
OK z_0027_75399.JPG
20.125084.com/dm08//ok-comic08/Z/36322/act_014/ 145 KB
145 KB 396ms
345ms Image
image/jpeg 64.140.160.20
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://20.125084.com/dm08//ok-comic08/Z/36322/act_014/z_0027_75399.JPG
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: HTTP/1.1
Server: 64.140.160.20 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-160-20.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 5e5e9b844983240e512c632233902699c413b997db026234c67276b21cddf746

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:46:39 GMT
Last-Modified: Mon, 29 Oct 2018 18:15:49 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "2a7d8d6bb36fd41:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 148547

GET
H/1.1 200
OK xl.jpg
99770.hhxxee.com/images/ 371 B
618 B 319ms
309ms Image
image/jpeg 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://99770.hhxxee.com/images/xl.jpg
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 3cad34835a1bd9c23d21bf16267e5ec16bbeeba17e884ca04bfc11ac5a42d96c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: 99770.hhxxee.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Cookie: ViewCtTxt=36322*327188*%u5236%u670D%u7684%u8A98%u60D1*%u5236%u670D%u7684%u8A98%u60D1%20014%u96C6*27
Connection: keep-alive
Cache-Control: no-cache
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:07 GMT
Last-Modified: Tue, 21 Feb 2012 14:46:21 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "20fb193a7f0cc1:0"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 371

GET
H/1.1 200
OK tn728.htm Show response
99770.hhxxee.com/aitw/ Frame EA79 642 B
824 B 324ms
307ms Document
text/html 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: http://99770.hhxxee.com/aitw/tn728.htm
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/aitw/nb2.js
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: f220d59f8fa72d871fbf325c0171470c2f1a8948a32288cd585dd6355a8319d2

Request headers

Host: 99770.hhxxee.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ViewCtTxt=36322*327188*%u5236%u670D%u7684%u8A98%u60D1*%u5236%u670D%u7684%u8A98%u60D1%20014%u96C6*27
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Wed, 05 Dec 2018 14:46:46 GMT
Accept-Ranges: bytes
ETag: "e410d258a98cd41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 07 May 2021 08:47:07 GMT
Content-Length: 530

GET
H/1.1 200
OK twy.htm Show response
99770.hhxxee.com/aitw/h/ Frame 3CEF 531 B
765 B 175ms
174ms Document
text/html 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: http://99770.hhxxee.com/aitw/h/twy.htm
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/aitw/nb3.js
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: a396b60ab304be7d550eb4ca93fd1018d850c84db4e095def9297a6548dba1a9

Request headers

Host: 99770.hhxxee.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ViewCtTxt=36322*327188*%u5236%u670D%u7684%u8A98%u60D1*%u5236%u670D%u7684%u8A98%u60D1%20014%u96C6*27
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Wed, 18 Nov 2015 19:26:11 GMT
Accept-Ranges: bytes
ETag: "b814c3fb3622d11:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 07 May 2021 08:47:07 GMT
Content-Length: 471

GET
H/1.1 200
OK gg728.htm Show response
99770.hhxxee.com/aitw/ Frame 0ACF 526 B
767 B 172ms
171ms Document
text/html 64.140.165.116
WEBNX

General

Check archive.org

Show headers Download Go to

Full URL: http://99770.hhxxee.com/aitw/gg728.htm
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/aitw/nb4.js
Protocol: HTTP/1.1
Server: 64.140.165.116 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS: 64-140-165-116.static.webnx.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 44e9b56f6e69ccc50086c6004d4fe7d079641d4cf618aee0f1b5f188454956b4

Request headers

Host: 99770.hhxxee.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: ViewCtTxt=36322*327188*%u5236%u670D%u7684%u8A98%u60D1*%u5236%u670D%u7684%u8A98%u60D1%20014%u96C6*27
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 25 Apr 2019 18:20:43 GMT
Accept-Ranges: bytes
ETag: "83ef649893fbd41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 07 May 2021 08:47:07 GMT
Content-Length: 473

GET
H/1.1 200
OK h.js Show response
hm.baidu.com/ 39 KB
14 KB 786ms
752ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL: http://hm.baidu.com/h.js?4a571b24528a55a73bb7c409020543f4
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/script/tj.js
Protocol: HTTP/1.1
Server: 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software: apache /
Resource Hash: 74849262550bc2438871b5fa62b7cc267593d79fd1f1d0ae1197dcd933f4c5d3

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 07 May 2021 08:47:21 GMT
Content-Encoding: gzip
Server: apache
Etag: eed3cbdeda2385000d933ddf871df234
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 14037

GET
H/1.1 200
OK xh960.js Show response
jy.ggweb.net/ Frame EA79 321 B
635 B 376ms
326ms Script
application/javascript 128.1.164.123
ZNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jy.ggweb.net/xh960.js
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/aitw/tn728.htm
Protocol: HTTP/1.1
Server: 128.1.164.123 , United States, ASN21859 (ZNET, US),
Reverse DNS
Software: nginx /
Resource Hash: a12a8d450985c289707a6e538a0efc98168e62111d25f216fa1fddd32a29a75e

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:40 GMT
Last-Modified: Wed, 05 Jun 2019 16:34:00 GMT
Server: nginx
ETag: "5cf7eef8-141"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 321
Expires: Fri, 07 May 2021 20:47:40 GMT

GET
H/1.1 200
OK ysm_99770.js Show response
ad.sitemaji.com/ Frame 0ACF 22 KB
8 KB 95ms
54ms Script
application/javascript 35.190.35.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.sitemaji.com/ysm_99770.js
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/aitw/gg728.htm
Protocol: HTTP/1.1
Server: 35.190.35.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0356e7090e8f916213c2354e50c225dc255525863858badd9a16e18683c40da8

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:28:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Feb 2021 03:34:48 GMT
Age: 83906
ETag: W/"601b6b58-56fc"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 7831
Via: AmigoCDN 1.0, 1.1 google
Expires: Fri, 07 May 2021 09:28:56 GMT

GET
H/1.1 200
OK ysm_99770.js Show response
ad.sitemaji.com/ Frame 3CEF 22 KB
8 KB 93ms
54ms Script
application/javascript 35.190.35.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.sitemaji.com/ysm_99770.js
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/aitw/h/twy.htm
Protocol: HTTP/1.1
Server: 35.190.35.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0356e7090e8f916213c2354e50c225dc255525863858badd9a16e18683c40da8

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 06 May 2021 09:28:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Feb 2021 03:34:48 GMT
Age: 83906
ETag: W/"601b6b58-56fc"
Vary: Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Content-Length: 7831
Via: AmigoCDN 1.0, 1.1 google
Expires: Fri, 07 May 2021 09:28:56 GMT

GET
H/1.1 200
OK ask.php Show response
rd.sitemaji.com/ Frame 0ACF 56 B
369 B 656ms
623ms XHR
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: http://rd.sitemaji.com/ask.php?size=2x1,&hosthash=9eb562274349&device=d&rtb=0
Requested by: Host: ad.sitemaji.com
URL: http://ad.sitemaji.com/ysm_99770.js
Protocol: HTTP/1.1
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 2ff06a7037f2bbe722bef67146ec4fd4e7b83a9b7d396694849cc5e34594acb3

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:22 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK ask.php Show response
rd.sitemaji.com/ Frame 3CEF 56 B
369 B 649ms
619ms XHR
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: http://rd.sitemaji.com/ask.php?size=2x1,&hosthash=9eb562274349&device=d&rtb=0
Requested by: Host: ad.sitemaji.com
URL: http://ad.sitemaji.com/ysm_99770.js
Protocol: HTTP/1.1
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: nginx /
Resource Hash: 2ff06a7037f2bbe722bef67146ec4fd4e7b83a9b7d396694849cc5e34594acb3

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:22 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 ads.html Show response
static.fzdm.com/114/ Frame 53F0 954 B
2 KB 1248ms
303ms Document
text/html 172.104.96.30
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fzdm.com/114/ads.html?id=fzdm&adsType=728x90

Requested by

Host: jy.ggweb.net
URL: http://jy.ggweb.net/xh960.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.96.30 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

ee21b7e8b584a71b665b25df19059dbbb53b4e0bb916afd4f22d11fd93256cfd

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; max-age=2592000; includeSubDomains
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:method: GET
:authority: static.fzdm.com
:scheme: https
:path: /114/ads.html?id=fzdm&adsType=728x90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://99770.hhxxee.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://99770.hhxxee.com/

Response headers

server: nginx
date: Fri, 07 May 2021 08:47:23 GMT
content-type: text/html; charset=UTF-8
content-length: 954
last-modified: Fri, 27 Mar 2020 08:12:42 GMT
etag: "5e7db57a-3ba"
expires: Sun, 06 Jun 2021 08:47:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubdomains; preload
public-key-pins: pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; max-age=2592000; includeSubDomains
access-control-allow-origin: *
access-control-allow-methods: GET, POST,PUT,DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
accept-ranges: bytes

GET
H/1.1 200
OK 1kxf.js Show response
jy.ggweb.net/ Frame EA79 803 B
1 KB 180ms
179ms Script
application/javascript 128.1.164.123
ZNET

General

Check archive.org

Show headers Download Go to

Full URL: http://jy.ggweb.net/1kxf.js
Requested by: Host: jy.ggweb.net
URL: http://jy.ggweb.net/xh960.js
Protocol: HTTP/1.1
Server: 128.1.164.123 , United States, ASN21859 (ZNET, US),
Reverse DNS
Software: nginx /
Resource Hash: f7eee164b3cc4d82bb66ebe0da0f5439a39a447fd3d9861db2b178f2e8523a6e

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:41 GMT
Last-Modified: Wed, 05 Jun 2019 16:28:54 GMT
Server: nginx
ETag: "5cf7edc6-323"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 803
Expires: Fri, 07 May 2021 20:47:41 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
636 B 1539ms
639ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2043212397&si=4a571b24528a55a73bb7c409020543f4&v=1.2.80&lv=1&sn=24367&r=0&ww=1600&ct=!!&u=http%3A%2F%2F99770.hhxxee.com%2Fcomic%2F36322%2F327188%2F%3Fp%3D27%26s%3D8&tt=%E5%88%B6%E6%9C%8D%E7%9A%84%E8%AA%98%E6%83%91%20%E5%A5%B3%E8%A3%9D%E8%A8%AD%E8%A8%88%E5%B8%AB%20%E5%88%B6%E6%9C%8D%E7%9A%84%E8%AA%98%E6%83%91%20014%E9%9B%86%20%E6%BC%AB%E7%95%AB%20%EF%BC%8899770%E6%BC%AB%E7%95%AB%EF%BC%89

Requested by

Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 08:47:23 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43

GET
H2 200 ads.html Show response
static.fzdm.com/114/ Frame 4107 954 B
2 KB 1084ms
322ms Document
text/html 172.104.96.30
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fzdm.com/114/ads.html?id=fzdm&adsType=300x250

Requested by

Host: jy.ggweb.net
URL: http://jy.ggweb.net/1kxf.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.104.96.30 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

Software

nginx /

Resource Hash

ee21b7e8b584a71b665b25df19059dbbb53b4e0bb916afd4f22d11fd93256cfd

Security Headers

Name	Value
Public-Key-Pins	pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; max-age=2592000; includeSubDomains
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:method: GET
:authority: static.fzdm.com
:scheme: https
:path: /114/ads.html?id=fzdm&adsType=300x250
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://99770.hhxxee.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://99770.hhxxee.com/

Response headers

server: nginx
date: Fri, 07 May 2021 08:47:23 GMT
content-type: text/html; charset=UTF-8
content-length: 954
last-modified: Fri, 27 Mar 2020 08:12:42 GMT
etag: "5e7db57a-3ba"
expires: Sun, 06 Jun 2021 08:47:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=63072000; includeSubdomains; preload
public-key-pins: pin-sha256="sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis="; pin-sha256="YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg="; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; max-age=2592000; includeSubDomains
access-control-allow-origin: *
access-control-allow-methods: GET, POST,PUT,DELETE, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
accept-ranges: bytes

GET
H2

200

pb.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 3CEF
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WtW9feNp&hzids=HhCeHFOc
https://gocm.c.appier.net/apnnet?haid=WtW9feNp&hzids=HhCeHFOc&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=NcgnprtPB8Ss_Gf2nP6UYA&haid=WtW9feNp&hzids=HhCeHFOc

380 B
370 B

328ms
324ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=NcgnprtPB8Ss_Gf2nP6UYA&haid=WtW9feNp&hzids=HhCeHFOc
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: ebf56cceb1ef0ddc6fc6c28bbde9a24f9f6a345991abef6055458f335e587e36

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
vary: Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=NcgnprtPB8Ss_Gf2nP6UYA&haid=WtW9feNp&hzids=HhCeHFOc
date: Fri, 07 May 2021 08:47:24 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 137
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

zone.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame F5E1
Redirect Chain

http://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HhCeHFOc
https://gocm.c.appier.net/apnnet?hzid=HhCeHFOc&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=jnMjwl8oCNeXnTAanP6UYA&hzid=HhCeHFOc

3 KB
1 KB

331ms
324ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=jnMjwl8oCNeXnTAanP6UYA&hzid=HhCeHFOc
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/aitw/h/twy.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 21f1d2f584d3db138d1ff6ce47651431e67c3e68453c1c4a0cfad046d6ba5d97

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=jnMjwl8oCNeXnTAanP6UYA&hzid=HhCeHFOc
date: Fri, 07 May 2021 08:47:24 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 120
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

pb.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 0ACF
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WtW9feNp&hzids=HhCeHFOc
https://gocm.c.appier.net/apnnet?haid=WtW9feNp&hzids=HhCeHFOc&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=CV0TyiXgCguhdQLAnP6UYA&haid=WtW9feNp&hzids=HhCeHFOc

380 B
363 B

333ms
329ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=CV0TyiXgCguhdQLAnP6UYA&haid=WtW9feNp&hzids=HhCeHFOc
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: ebf56cceb1ef0ddc6fc6c28bbde9a24f9f6a345991abef6055458f335e587e36

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
vary: Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=CV0TyiXgCguhdQLAnP6UYA&haid=WtW9feNp&hzids=HhCeHFOc
date: Fri, 07 May 2021 08:47:24 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 137
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

zone.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 207C
Redirect Chain

http://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HhCeHFOc
https://gocm.c.appier.net/apnnet?hzid=HhCeHFOc&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=PjRfvawtCpy4XkFUnP6UYA&hzid=HhCeHFOc

3 KB
1 KB

336ms
332ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=PjRfvawtCpy4XkFUnP6UYA&hzid=HhCeHFOc
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/aitw/gg728.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 1f7336183cff2a7f19785099e5fca18e8fb254218d93483a54d20bf28b76f80b

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=PjRfvawtCpy4XkFUnP6UYA&hzid=HhCeHFOc
date: Fri, 07 May 2021 08:47:24 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 120
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 / Show response
js.kiwihk.net/ Frame 53F0 27 KB
7 KB 50ms
20ms Script
text/plain 2606:4700:20::ac43:4bc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.kiwihk.net/?id=fzdm&adsType=728x90
Requested by: Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=728x90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.28
Resource Hash: 8f80ad24d490264f4462d9556769654207e0204abc7fb78978e02d1adc51b52c

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11913
x-powered-by: PHP/7.0.28
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EPNMHBLfHKuMGYsydYJDrNhRVVFkBtCw%2FQIQn%2Bhx2DPTFGm82tl%2BPh0w4MhV3r6him6aZePZv3uue0mZ2aP7RGn2HGWb0DDqh4Aq6GxG%2Fi36E5eXKdUAN58m"}]}
content-type: text/plain;charset=UTF-8
cache-control: max-age=3600
cf-ray: 64b92eec0bb22c3a-FRA
cf-request-id: 09e79ba78a00002c3a4a221000000001

GET
H2 200 / Show response
js.kiwihk.net/ Frame 4107 27 KB
6 KB 45ms
26ms Script
text/plain 2606:4700:20::ac43:4bc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.kiwihk.net/?id=fzdm&adsType=300x250
Requested by: Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.0.28
Resource Hash: 8f80ad24d490264f4462d9556769654207e0204abc7fb78978e02d1adc51b52c

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 11913
x-powered-by: PHP/7.0.28
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0zyQyf8RBJ9O2kBXmINR2hPJn2a%2FL%2Fs3Irqt8biJ8wKyn9OkihOK88GhHgf2e01j8sXATkxD%2BxE7mBS2MH3pANEQ0ni6SA7NeKieQYo2KKZ9z2%2BO7EjJYMT1"}]}
content-type: text/plain;charset=UTF-8
cache-control: max-age=3600
cf-ray: 64b92eec0bb32c3a-FRA
cf-request-id: 09e79ba78a00002c3a2e3ea000000001

GET
H2 200 ysm.css
js.kiwihk.net/fzdm/v1/ Frame 53F0 14 KB
2 KB 23ms
20ms Stylesheet
text/css 2606:4700:20::ac43:4bc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.kiwihk.net/fzdm/v1/ysm.css
Requested by: Host: js.kiwihk.net
URL: https://js.kiwihk.net/?id=fzdm&adsType=728x90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9c83d52f41ea80cde310d8a391ea3ba520a62679ac3e46bea3397971f75598

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Jun 2019 04:32:03 GMT
server: cloudflare
age: 11913
etag: W/"389d-58af0a977829e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aNtVXpSrRcBNPnzP5A170hD5SRGSPHXEkHT06vEC7G6P2ydJfXo3Gzclcm7%2BCoEAW9ck5kka%2F1KFTpWFi%2F1631kS8gOoboCBV3xLHISoceTKw2Y4zQEQiS3S"}]}
content-type: text/css
cache-control: max-age=3600
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 64b92eec4c452c3a-FRA
cf-request-id: 09e79ba7b000002c3ad9a54000000001

GET
H2 200 syndication.js Show response
s.yimg.com/uv/dm/scripts/ Frame 53F0 25 KB
9 KB 28ms
10ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uv/dm/scripts/syndication.js

Requested by

Host: js.kiwihk.net
URL: https://js.kiwihk.net/?id=fzdm&adsType=728x90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b41d3866f039d722abc2f2abf5c97e4b511797010de632d46ae951d637e76602

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 07 May 2021 08:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 9149
x-amz-id-2: 4XPGfspXLvslMuu8HmTZlv7ZrEXTMfGPZ0SPyIXy6mimQWnhud3Y8xEZE2+9Y//Slajwxk5d5xA=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 May 2021 21:12:47 GMT
server: ATS
etag: "9211c6876ec9718ac70b4fb7a9250114-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: CM9S74XHEF9XPDBP
x-xss-protection: 1; mode=block
cache-control: public,max-age=60
x-amz-version-id: Lx80WD58sMXOvq52dh4KtN9rCnGOZkN9
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ypa_keywords.js Show response
js.kiwihk.net/ Frame 53F0 42 KB
4 KB 21ms
20ms Script
application/javascript 2606:4700:20::ac43:4bc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.kiwihk.net/ypa_keywords.js
Requested by: Host: js.kiwihk.net
URL: https://js.kiwihk.net/?id=fzdm&adsType=728x90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 894845105d951eae67b34a21027a519bd59e1d48598ad4443a845708071a5fa1

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Nov 2020 10:02:27 GMT
server: cloudflare
age: 12689
etag: W/"a870-5b53bfdb436c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gV9Sb8bebxy268vrifldtrAf3BA79ZBhnej5HfZA89oTu%2FdMFxt6exwm3IGp2JO38WEllXpYEODHQUmRvC7e3yPvunUI0sQDWJtRL2q%2FzquiwKxsuo%2BrFnN1"}]}
content-type: application/javascript
cache-control: max-age=3600
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 64b92eec4c492c3a-FRA
cf-request-id: 09e79ba7b000002c3ab797c000000001

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 53F0 69 KB
21 KB 33ms
16ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: js.kiwihk.net
URL: https://js.kiwihk.net/?id=fzdm&adsType=728x90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:41:51 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
age: 333
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
vary: Accept-Encoding,Origin
x-amz-request-id: 62GBW4KQZ91PDC6A
x-amz-id-2: P4naKACdchiPWbsuLsohuS7dNoie9UxccamdMaOqLi4HiBqwRUyZQYNLRrJ7h4h0jmkEOdJTQL8=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-content-type-options: nosniff
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H2 200 ysm.css
js.kiwihk.net/fzdm/v1/ Frame 4107 14 KB
2 KB 28ms
26ms Stylesheet
text/css 2606:4700:20::ac43:4bc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.kiwihk.net/fzdm/v1/ysm.css
Requested by: Host: js.kiwihk.net
URL: https://js.kiwihk.net/?id=fzdm&adsType=300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9c83d52f41ea80cde310d8a391ea3ba520a62679ac3e46bea3397971f75598

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Jun 2019 04:32:03 GMT
server: cloudflare
age: 11913
etag: W/"389d-58af0a977829e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=736qrIcjt3HLyIRlDJ68RfCHbSrK49en6%2FIIsmBJUUA2fEMjXJi2IB5F%2BaQ%2FMfvv1I%2FuwaZ7VDNQ7%2FDAaWbWMqdnHpxOujip5TXq2otzO8RqEynJpOdedYZX"}]}
content-type: text/css
cache-control: max-age=3600
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 64b92eec5c7e2c3a-FRA
cf-request-id: 09e79ba7bb00002c3afbbfb000000001

GET
H2 200 syndication.js Show response
s.yimg.com/uv/dm/scripts/ Frame 4107 25 KB
9 KB 20ms
11ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uv/dm/scripts/syndication.js

Requested by

Host: js.kiwihk.net
URL: https://js.kiwihk.net/?id=fzdm&adsType=300x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b41d3866f039d722abc2f2abf5c97e4b511797010de632d46ae951d637e76602

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 07 May 2021 08:46:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 9149
x-amz-id-2: 4XPGfspXLvslMuu8HmTZlv7ZrEXTMfGPZ0SPyIXy6mimQWnhud3Y8xEZE2+9Y//Slajwxk5d5xA=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 May 2021 21:12:47 GMT
server: ATS
etag: "9211c6876ec9718ac70b4fb7a9250114-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: CM9S74XHEF9XPDBP
x-xss-protection: 1; mode=block
cache-control: public,max-age=60
x-amz-version-id: Lx80WD58sMXOvq52dh4KtN9rCnGOZkN9
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ypa_keywords.js Show response
js.kiwihk.net/ Frame 4107 42 KB
4 KB 22ms
22ms Script
application/javascript 2606:4700:20::ac43:4bc1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.kiwihk.net/ypa_keywords.js
Requested by: Host: js.kiwihk.net
URL: https://js.kiwihk.net/?id=fzdm&adsType=300x250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bc1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 894845105d951eae67b34a21027a519bd59e1d48598ad4443a845708071a5fa1

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 29 Nov 2020 10:02:27 GMT
server: cloudflare
age: 12689
etag: W/"a870-5b53bfdb436c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6iLdIZCGHytG9oK1TCG69YMfqMcdghnWGpgAJuj4etWLmXuMnjG3H1A8QqjDX6%2BLm5KbjLJY3v1Xvf7%2BiECmC%2BbVN0Jl1j4j6ghGhojMopguHfoog2eDwhJx"}]}
content-type: application/javascript
cache-control: max-age=3600
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 64b92eec5c832c3a-FRA
cf-request-id: 09e79ba7bb00002c3a30a95000000001

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ Frame 4107 69 KB
21 KB 66ms
58ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: js.kiwihk.net
URL: https://js.kiwihk.net/?id=fzdm&adsType=300x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:41:51 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
age: 333
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
vary: Accept-Encoding,Origin
x-amz-request-id: 62GBW4KQZ91PDC6A
x-amz-id-2: P4naKACdchiPWbsuLsohuS7dNoie9UxccamdMaOqLi4HiBqwRUyZQYNLRrJ7h4h0jmkEOdJTQL8=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,stale-while-revalidate=30,max-age=3600
accept-ranges: bytes
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-content-type-options: nosniff
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ Frame 53F0 42 B
168 B 406ms
404ms Image
image/gif 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=1&rn=4.537607489802552

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=728x90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
x-content-type-options: nosniff
age: 0
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 42
x-amz-id-2: YfpJU3b/IRNx6egpTYfRFKmcywLAtWcwLncFK9fEwJeHkKfyVfbO74McTsv8DsdQ352AfakyaVo=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: AMG1ZCB9ZETV59SV
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,public
accept-ranges: bytes
content-type: image/gif
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ Frame 53F0 42 B
170 B 382ms
381ms Image
image/gif 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=2&rn=4.537607489802552

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=728x90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
x-content-type-options: nosniff
age: 0
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 42
x-amz-id-2: 6/1657UTL/TVtMqqVBwR20Zs8iajHapfntERom+XZhs2EZB8KTKKuko8fIEjVRWRtkFp7CbYC8M=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: AMGBM9GZ3AQ96CRP
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,public
accept-ranges: bytes
content-type: image/gif
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ Frame 53F0 42 B
170 B 413ms
412ms Image
image/gif 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=1&rn=2.4994214820885468

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=728x90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
x-content-type-options: nosniff
age: 2
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 42
x-amz-id-2: mhAkFN/WlbEK+5JZc1wY0MxC48WmzwMoZ/NTavmkYuS4t38ixN5wPBVFx62+tMw3k1ZisOS0QYo=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: AMGDH63HG80RAGKR
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,public
accept-ranges: bytes
content-type: image/gif
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ Frame 53F0 42 B
170 B 399ms
398ms Image
image/gif 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=2&rn=2.4994214820885468

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=728x90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
x-content-type-options: nosniff
age: 0
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 42
x-amz-id-2: zmXxQKvIyrqGucZzNilWwW0UiqjTQMFIb4pyRq5m7rTV71SncYKzRFstSq3OaZeNAk/MK0e6dgk=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: AMG2H8WBXAZWGBXQ
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,public
accept-ranges: bytes
content-type: image/gif
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ Frame 4107 42 B
169 B 404ms
403ms Image
image/gif 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=1&rn=4.590706184118671

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=300x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
x-content-type-options: nosniff
age: 2
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 42
x-amz-id-2: 6zCNlshF3i7KzSPOoCzMNrl9pN5iskr45ar/kvSUbXFp8AksUlDOe9EF1mIg9hAZ2n1kmbu5Xz8=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: AMG67TNC1GC0B0KZ
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,public
accept-ranges: bytes
content-type: image/gif
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ Frame 4107 42 B
169 B 411ms
410ms Image
image/gif 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=2&rn=4.590706184118671

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=300x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
x-content-type-options: nosniff
age: 2
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 42
x-amz-id-2: EqLq/vkdU9uapvIioEa/6MwuIEoBkDPiwfTicwOyKQjUU2rgDTtethSFKhO5DJygRcnNmH1wvcQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: AMGEBNDQT2XNZMXB
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,public
accept-ranges: bytes
content-type: image/gif
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ Frame 4107 42 B
302 B 155ms
155ms Image
image/gif 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=1&rn=2.112613277913174

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=300x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
x-content-type-options: nosniff
age: 0
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 42
x-amz-id-2: 41iLaxT90wt3/sXDhgsBA1zk1Po+RJLGKuH6rqkTyGWLFj9OrZKzM+BWoqiqeuo7NsndKlGjxIg=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: AMG0DQAX19988CNM
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,public
accept-ranges: bytes
content-type: image/gif
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 abppx-201807112148.gif
s.yimg.com/pv/static/img/ Frame 4107 42 B
170 B 426ms
425ms Image
image/gif 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/pv/static/img/abppx-201807112148.gif?ch=2&rn=2.112613277913174

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=300x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
x-content-type-options: nosniff
age: 2
x-amz-server-side-encryption: AES256
vary: Origin
content-length: 42
x-amz-id-2: RwthXJ2sH4VtxunHNbsPDkYQsvCllRWCCEBh+WSpWz8Quknopy/l/DGBSMLcQiqC7zPhpu08e0U=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 11 Jul 2018 21:48:10 GMT
server: ATS
etag: "d89746888da2d9510b64a9f031eaecd5"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: AMGD5F6JWVXKF5R6
x-xss-protection: 1; mode=block
cache-control: max-age=31536000,public
accept-ranges: bytes
content-type: image/gif
x-amz-meta-x-ysws-access: public
expires: Sat, 05 Sep 2026 00:00:00 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 53F0 256 B
276 B 447ms
157ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=2057f516-6d4d-4240-bea5-d0dd51bdcb60&apiKey=YFGVM5D4Z2N5DP9DN3XN&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fstatic.fzdm.com&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

3f50ab40076fb551a3fccf60ce8e7f7747bf9002f77b527cead9407f82871f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:23 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 4107 256 B
445 B 404ms
156ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

3f50ab40076fb551a3fccf60ce8e7f7747bf9002f77b527cead9407f82871f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:23 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 4107 162 B
210 B 140ms
139ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=d8d09d7c-02fe-459e-b20d-ccc3fcd1baa8&apiKey=YFGVM5D4Z2N5DP9DN3XN&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fstatic.fzdm.com&caps=16&cb=JSONPCallback1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

762c0a878e52859a235d63c6051acf35cae6c0e663e79ac775ac889b61a35cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 53F0 162 B
187 B 140ms
139ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

762c0a878e52859a235d63c6051acf35cae6c0e663e79ac775ac889b61a35cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 p
search.yahoo.com/beacon/geop/ Frame 53F0 43 B
518 B 128ms
43ms Image
image/gif 2a00:1288:110:c104::2000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://search.yahoo.com/beacon/geop/p?s=1197646563&abk=0&t=1620377244098&cono=e82b22b6973c431c&aC=012345678

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=728x90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c104::2000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 08:47:24 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, enforce
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-type: image/gif
content-length: 43
x-xss-protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
referrer-policy: no-referrer-when-downgrade

GET
H2 200 p
search.yahoo.com/beacon/geop/ Frame 53F0 43 B
113 B 131ms
46ms Image
image/gif 2a00:1288:110:c104::2000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://search.yahoo.com/beacon/geop/p?s=1197646563&abk=0&t=1620377244098&cono=ef102cb9a4563e72&aC=345678901

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=728x90

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c104::2000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 08:47:23 GMT
x-content-type-options: nosniff
server: ATS
age: 1
expect-ct: max-age=31536000, enforce
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 4
content-type: image/gif
content-length: 43
x-xss-protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
referrer-policy: no-referrer-when-downgrade

GET
H2 200 p
search.yahoo.com/beacon/geop/ Frame 4107 43 B
87 B 128ms
58ms Image
image/gif 2a00:1288:110:c104::2000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://search.yahoo.com/beacon/geop/p?s=1197646563&abk=0&t=1620377244102&cono=9033f1a395c64396&aC=012345678

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=300x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c104::2000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 08:47:24 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, enforce
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 6
content-type: image/gif
content-length: 43
x-xss-protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
referrer-policy: no-referrer-when-downgrade

GET
H2 200 p
search.yahoo.com/beacon/geop/ Frame 4107 43 B
88 B 127ms
58ms Image
image/gif 2a00:1288:110:c104::2000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://search.yahoo.com/beacon/geop/p?s=1197646563&abk=0&t=1620377244103&cono=d7ea34fdf02a2063&aC=345678901

Requested by

Host: static.fzdm.com
URL: https://static.fzdm.com/114/ads.html?id=fzdm&adsType=300x250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c104::2000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://csp.search.yahoo.com/xssreport

Request headers

Referer: https://static.fzdm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 08:47:24 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, enforce
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 3
content-type: image/gif
content-length: 43
x-xss-protection: 1; mode=block; report=https://csp.search.yahoo.com/xssreport
referrer-policy: no-referrer-when-downgrade

GET
H2 200 zone.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame F5E1 604 B
505 B 407ms
317ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=NcgnprtPB8Ss_Gf2nP6UYA&hzid=HhCeHFOc
Requested by: Host: apn.c.appier.net
URL: http://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HhCeHFOc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: ea51b65874468fae92f626072adef9b750f00327639e3a7fe01a5966c19bc593

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
via: 1.1 google
server: nginx/1.19.0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
content-encoding: gzip
alt-svc: clear

GET
H2 200 zone.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 207C 604 B
425 B 383ms
327ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=NcgnprtPB8Ss_Gf2nP6UYA&hzid=HhCeHFOc
Requested by: Host: apn.c.appier.net
URL: http://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HhCeHFOc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: ea51b65874468fae92f626072adef9b750f00327639e3a7fe01a5966c19bc593

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:24 GMT
via: 1.1 google
server: nginx/1.19.0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
content-encoding: gzip
alt-svc: clear

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame F5E1 12 B
198 B 415ms
323ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=&event=pageview
Requested by: Host: apn.c.appier.net
URL: http://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HhCeHFOc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 07 May 2021 08:47:25 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: http://99770.hhxxee.com
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: clear
content-length: 12

GET
H2 200 native.html Show response
www.lookit.tw/ Frame 14CE 441 B
878 B 309ms
283ms Document
text/html 2606:4700:3037::6815:4b3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lookit.tw/native.html?s=728x90_99hxe
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d53e1d1f95270c79198db1c8a5ab2aa679667aa5252ed819f9b829cce7973c26

Request headers

:method: GET
:authority: www.lookit.tw
:scheme: https
:path: /native.html?s=728x90_99hxe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://99770.hhxxee.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://99770.hhxxee.com/

Response headers

date: Fri, 07 May 2021 08:47:25 GMT
content-type: text/html
set-cookie: __cfduid=dcb0b818437cad4a5e9ed83914c02c16c1620377244; expires=Sun, 06-Jun-21 08:47:24 GMT; path=/; domain=.lookit.tw; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 16 Jan 2020 04:03:45 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 09e79bad3e00004aaf9a1fd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Mny3COcVxsJrAwq3JOlmkykBgefRpB%2BrSX1f9UbisiMrOpMG9pPpKXxCxD6odXUWoi2bePxtK7IIskL5T%2FzKTnJ%2F6Vs%2BDS%2BOMveVNQUURFk%2FCXivwCb8OAPQ"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 64b92ef528464aaf-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK gcm
gocm.c.appier.net/ Frame 5C96 42 B
301 B 637ms
593ms Image
image/gif 172.104.64.149
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gocm.c.appier.net/gcm
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/aitw/h/twy.htm
Protocol: HTTP/1.1
Server: 172.104.64.149 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1674-149.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:25 GMT
Cache-Control: no-store
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame 207C 12 B
73 B 409ms
327ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=&event=pageview
Requested by: Host: apn.c.appier.net
URL: http://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HhCeHFOc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 07 May 2021 08:47:25 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: http://99770.hhxxee.com
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: clear
content-length: 12

GET
H/1.1 200
OK gcm
gocm.c.appier.net/ Frame E324 42 B
301 B 626ms
586ms Image
image/gif 172.104.64.149
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://gocm.c.appier.net/gcm
Requested by: Host: apn.c.appier.net
URL: http://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HhCeHFOc
Protocol: HTTP/1.1
Server: 172.104.64.149 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1674-149.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://99770.hhxxee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 08:47:25 GMT
Cache-Control: no-store
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
P3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 native.html Show response
www.lookit.tw/ Frame 5808 441 B
557 B 312ms
292ms Document
text/html 2606:4700:3037::6815:4b3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lookit.tw/native.html?s=728x90_99hxe
Requested by: Host: 99770.hhxxee.com
URL: http://99770.hhxxee.com/comic/36322/327188/?p=27&s=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4b3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d53e1d1f95270c79198db1c8a5ab2aa679667aa5252ed819f9b829cce7973c26

Request headers

:method: GET
:authority: www.lookit.tw
:scheme: https
:path: /native.html?s=728x90_99hxe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://99770.hhxxee.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://99770.hhxxee.com/

Response headers

date: Fri, 07 May 2021 08:47:25 GMT
content-type: text/html
set-cookie: __cfduid=da2c5ca66a30dd108144804f7e7c881dd1620377245; expires=Sun, 06-Jun-21 08:47:25 GMT; path=/; domain=.lookit.tw; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 16 Jan 2020 04:03:45 GMT
vary: Accept-Encoding
x-powered-by: ASP.NET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 09e79bad3e00004aaf8d29c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5TvonVBM9rBzdqflAI0A8ADJNLiXm9wsDkUO5tYNPOPVo8AKt4vE28A1uh7ReefM0LL3barE96GNwiWKXaj7Q7lx%2B29JqBc6%2FToRxt4zsybY6lZVAYbckcZI"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 64b92ef528484aaf-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lookit_passback_aod.js Show response
ad.adondemand.com/native/ Frame 14CE 38 KB
12 KB 186ms
55ms Script
application/javascript 35.241.5.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adondemand.com/native/lookit_passback_aod.js
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90_99hxe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.209 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 56a7ccf8ff8aa14888f291400479911aacacf517a4333882d68d836bdb6cc2ba

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:15:03 GMT
content-encoding: br
last-modified: Fri, 07 May 2021 08:11:05 GMT
age: 1942
etag: W/"6094f619-96db"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 12286
via: AmigoCDN 1.0, 1.1 google
expires: Sat, 08 May 2021 08:15:03 GMT

GET
H2 200 lookit_passback_aod.js Show response
ad.adondemand.com/native/ Frame 5808 38 KB
12 KB 189ms
65ms Script
application/javascript 35.241.5.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adondemand.com/native/lookit_passback_aod.js
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90_99hxe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.5.209 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 56a7ccf8ff8aa14888f291400479911aacacf517a4333882d68d836bdb6cc2ba

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:15:03 GMT
content-encoding: br
last-modified: Fri, 07 May 2021 08:11:05 GMT
age: 1942
etag: W/"6094f619-96db"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: clear
content-length: 12286
via: AmigoCDN 1.0, 1.1 google
expires: Sat, 08 May 2021 08:15:03 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 14CE 75 KB
28 KB 56ms
7ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.adondemand.com
URL: https://ad.adondemand.com/native/lookit_passback_aod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

136606928f66c3a25fa3176ddfb65bb8c4aaa63b11a386f320e5d0c6f1cae858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 07 May 2021 08:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 28248
x-amz-id-2: K5R2Kie70s+fbJ1idxnxe4FigjlmBKSn2DqBQMqxmwp8ZXdIR1+1+efCybzcnsbapBVyfRGK4eQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Mar 2021 21:21:21 GMT
server: ATS
etag: "a0ca719a83f21a792c0b10708c948074-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: AMGCCKFFJGAXWK46
x-xss-protection: 1; mode=block
cache-control: max-age=900
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 5808 75 KB
28 KB 11ms
6ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.adondemand.com
URL: https://ad.adondemand.com/native/lookit_passback_aod.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

136606928f66c3a25fa3176ddfb65bb8c4aaa63b11a386f320e5d0c6f1cae858

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 07 May 2021 08:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 28248
x-amz-id-2: K5R2Kie70s+fbJ1idxnxe4FigjlmBKSn2DqBQMqxmwp8ZXdIR1+1+efCybzcnsbapBVyfRGK4eQ=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 17 Mar 2021 21:21:21 GMT
server: ATS
etag: "a0ca719a83f21a792c0b10708c948074-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: AMGCCKFFJGAXWK46
x-xss-protection: 1; mode=block
cache-control: max-age=900
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 14CE 294 B
333 B 157ms
155ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=f0419f91-36af-46b8-a5e6-64044570362e&apiKey=G5D534CYNKYB889CQJQ6&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fwww.lookit.tw%2Fnative.html&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

74287ac3ea84ea20f705016627591dbc5918f24f941f24afde4d41d856e83cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:25 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 b
geo.yahoo.com/ Frame 14CE 43 B
530 B 111ms
39ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90_99hxe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 08:47:25 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 2
content-type: image/gif
content-length: 43

GET
H2 200 b
geo.yahoo.com/ Frame 5808 43 B
161 B 111ms
42ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 08:47:25 GMT
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 3
content-type: image/gif
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 5808 294 B
310 B 159ms
159ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

74287ac3ea84ea20f705016627591dbc5918f24f941f24afde4d41d856e83cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 08:47:25 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H/1.1

403
Forbidden

5978.js
d1r1je24p3mdzk.cloudfront.net/pb/pb_test/ Frame C2E6
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5978&id=id8ooccm80gu0f55o
https://d1r1je24p3mdzk.cloudfront.net/pb/pb_test/5978.js?zoneid=5978&id=id8ooccm80gu0f55o

0
0

700ms
603ms

Script
application/xml

65.9.76.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1r1je24p3mdzk.cloudfront.net/pb/pb_test/5978.js?zoneid=5978&id=id8ooccm80gu0f55o
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90_99hxe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.76.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 07 May 2021 08:47:25 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: text/html
location: https://d1r1je24p3mdzk.cloudfront.net/pb/pb_test/5978.js?zoneid=5978&id=id8ooccm80gu0f55o
access-control-allow-credentials: true
alt-svc: clear
content-length: 167

GET
H/1.1

403
Forbidden

5978.js
d1r1je24p3mdzk.cloudfront.net/pb/pb_test/ Frame 9E35
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=5978&id=id8ooccm80gu0f55o
https://d1r1je24p3mdzk.cloudfront.net/pb/pb_test/5978.js?zoneid=5978&id=id8ooccm80gu0f55o

0
0

1221ms
1129ms

Script
application/xml

65.9.76.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1r1je24p3mdzk.cloudfront.net/pb/pb_test/5978.js?zoneid=5978&id=id8ooccm80gu0f55o
Requested by: Host: www.lookit.tw
URL: https://www.lookit.tw/native.html?s=728x90_99hxe
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.76.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.lookit.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 07 May 2021 08:47:25 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: text/html
location: https://d1r1je24p3mdzk.cloudfront.net/pb/pb_test/5978.js?zoneid=5978&id=id8ooccm80gu0f55o
access-control-allow-credentials: true
alt-svc: clear
content-length: 167

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20.125084.com
99770.hhxxee.com
ad.adondemand.com
ad.sitemaji.com
ad2.apx.appier.net
ads.yap.yahoo.com
adx.c.appier.net
apn.c.appier.net
d1r1je24p3mdzk.cloudfront.net
geo.yahoo.com
gocm.c.appier.net
hm.baidu.com
js.kiwihk.net
jy.ggweb.net
pmp-beacon.apx.appier.net
rd.sitemaji.com
s.yimg.com
search.yahoo.com
static.fzdm.com
www.lookit.tw
103.235.46.191
128.1.164.123
172.104.64.149
172.104.96.30
212.82.100.146
2606:4700:20::ac43:4bc1
2606:4700:3037::6815:4b3a
2a00:1288:110:c104::2000
2a00:1288:110:c204::b000
2a00:1288:80:800::7000
34.96.119.68
35.190.35.45
35.241.5.209
60.199.208.47
64.140.160.20
64.140.165.116
65.9.76.42
0356e7090e8f916213c2354e50c225dc255525863858badd9a16e18683c40da8
136606928f66c3a25fa3176ddfb65bb8c4aaa63b11a386f320e5d0c6f1cae858
15737ff399b07aa165f6f1e78163f78bcf8e6b6a4fd9953ba437be6f3bcfd570
1f1b4ae747813b515ae57d7163cc773c3437d4b3c1fa5878aed3c559c87ab70d
1f7336183cff2a7f19785099e5fca18e8fb254218d93483a54d20bf28b76f80b
21f1d2f584d3db138d1ff6ce47651431e67c3e68453c1c4a0cfad046d6ba5d97
2ff06a7037f2bbe722bef67146ec4fd4e7b83a9b7d396694849cc5e34594acb3
3cad34835a1bd9c23d21bf16267e5ec16bbeeba17e884ca04bfc11ac5a42d96c
3f50ab40076fb551a3fccf60ce8e7f7747bf9002f77b527cead9407f82871f89
4349b18da0fe0d5df07ca42b0b781b25e74913fe465507004c31d704b88bb835
44e9b56f6e69ccc50086c6004d4fe7d079641d4cf618aee0f1b5f188454956b4
45a2dc2df9c528724471a61d028014f7304f1874ba08096b86acedb8d8ec5705
56a7ccf8ff8aa14888f291400479911aacacf517a4333882d68d836bdb6cc2ba
56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4
5e5e9b844983240e512c632233902699c413b997db026234c67276b21cddf746
631ba32694e9ef2f056d28293b6cb1c74265b70f1277e0c1fb47f992dc14ea54
6a75664636dd81120330ee0914f302cd91de1cc03aec1ee73fb3a7cd897d2bb6
74287ac3ea84ea20f705016627591dbc5918f24f941f24afde4d41d856e83cde
74849262550bc2438871b5fa62b7cc267593d79fd1f1d0ae1197dcd933f4c5d3
762c0a878e52859a235d63c6051acf35cae6c0e663e79ac775ac889b61a35cf6
894845105d951eae67b34a21027a519bd59e1d48598ad4443a845708071a5fa1
8b241cdc5cb9c5083e8f5733bf15c183fef343dee67988f6393a182b2adf9765
8f80ad24d490264f4462d9556769654207e0204abc7fb78978e02d1adc51b52c
a12a8d450985c289707a6e538a0efc98168e62111d25f216fa1fddd32a29a75e
a396b60ab304be7d550eb4ca93fd1018d850c84db4e095def9297a6548dba1a9
ad9c83d52f41ea80cde310d8a391ea3ba520a62679ac3e46bea3397971f75598
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b289e4c23a4058fe0b4554a4e1fddf27b75493bf4ba65840982112490f412d3b
b41d3866f039d722abc2f2abf5c97e4b511797010de632d46ae951d637e76602
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14e2dd14a78d2d64cc2ec4f03a6933cad7cb5bbf52308a724b2c048aa5b61a4
d53e1d1f95270c79198db1c8a5ab2aa679667aa5252ed819f9b829cce7973c26
ea51b65874468fae92f626072adef9b750f00327639e3a7fe01a5966c19bc593
ebf56cceb1ef0ddc6fc6c28bbde9a24f9f6a345991abef6055458f335e587e36
ee21b7e8b584a71b665b25df19059dbbb53b4e0bb916afd4f22d11fd93256cfd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f220d59f8fa72d871fbf325c0171470c2f1a8948a32288cd585dd6355a8319d2
f7eee164b3cc4d82bb66ebe0da0f5439a39a447fd3d9861db2b178f2e8523a6e

99770.hhxxee.com Open in urlscan Pro 64.140.165.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

72 Requests

68 %HTTPS

29 %IPv6

13 Domains

20 Subdomains

17 IPs

5 Countries

379 kBTransfer

867 kBSize

0 Cookies

1 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

99770.hhxxee.com Open in urlscan Pro
64.140.165.116 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

68 %
HTTPS

29 %
IPv6

13
Domains

20
Subdomains

17
IPs

5
Countries

379 kB
Transfer

867 kB
Size

0
Cookies

72 HTTP transactions
0 data transactions