ql99999.top Open in urlscan Pro
103.118.41.59  Public Scan

31 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ql99999.top/	71 KB 13 KB	2318ms 886ms	Document text/html	103.118.41.59 CLOUDFORTIT-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://ql99999.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.118.41.59 , Hong Kong, ASN7586 (CLOUDFORTIT-AS-AP Cloudfort IT, CN), Reverse DNS 103.118.41.59.static.cubecloud.net Software Apache / Resource Hash abae7930459494295e63a392eb5938661a01886d7d38dc0b58249bc97743cc3c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-encoding gzip content-length 13368 content-type text/html; charset=UTF-8 date Sun, 16 Jun 2024 14:31:32 GMT server Apache vary Accept-Encoding
GET H2	200	style.css ql99999.top/css/	64 KB 19 KB	4349ms 4348ms	Stylesheet text/css	103.118.41.59 CLOUDFORTIT-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://ql99999.top/css/style.css?vdata=2024-06-16 Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.118.41.59 , Hong Kong, ASN7586 (CLOUDFORTIT-AS-AP Cloudfort IT, CN), Reverse DNS 103.118.41.59.static.cubecloud.net Software Apache / Resource Hash c2ae80f770932a97ab52fa627cabf3569f1c7992bfe710f9d9f2fb1ba8ec3b2e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:33 GMT content-encoding gzip last-modified Wed, 28 Jul 2021 15:47:59 GMT server Apache etag "8021a8f0c783d71:0" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 19327
GET H2	200	div.css ql99999.top/css/	1 KB 507 B	4348ms 4347ms	Stylesheet text/css	103.118.41.59 CLOUDFORTIT-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://ql99999.top/css/div.css?vdata=2024-06-16 Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.118.41.59 , Hong Kong, ASN7586 (CLOUDFORTIT-AS-AP Cloudfort IT, CN), Reverse DNS 103.118.41.59.static.cubecloud.net Software Apache / Resource Hash d62014d07494d1f104c878c7b8ddf0e4d2f7a35e58f766482656195c15a3eb73 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:33 GMT content-encoding gzip last-modified Tue, 25 Jul 2017 02:24:54 GMT server Apache etag "fa268f33ed4d31:0" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 422
GET H2	404	jquery.min.js ql99999.top/kj/am/js/	0 0	351ms 350ms	Script text/html	103.118.41.59 CLOUDFORTIT-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://ql99999.top/kj/am/js/jquery.min.js Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.118.41.59 , Hong Kong, ASN7586 (CLOUDFORTIT-AS-AP Cloudfort IT, CN), Reverse DNS 103.118.41.59.static.cubecloud.net Software Apache / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:33 GMT server Apache content-length 1163 content-type text/html
GET H2	200	888.jpg ql99999.top/	51 KB 51 KB	693ms 693ms	Image image/jpeg	103.118.41.59 CLOUDFORTIT-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://ql99999.top/888.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.118.41.59 , Hong Kong, ASN7586 (CLOUDFORTIT-AS-AP Cloudfort IT, CN), Reverse DNS 103.118.41.59.static.cubecloud.net Software Apache / Resource Hash b453620ef20f9b4b07ed181b98f170cc260a5ef221722fc923e3d65399d4f8c8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:33 GMT last-modified Tue, 11 Jan 2022 16:49:19 GMT server Apache accept-ranges bytes etag "96c61e2db7d81:0" content-length 51989 content-type image/jpeg
GET H2	200	jc.png ql99999.top/	14 KB 14 KB	352ms 352ms	Image image/png	103.118.41.59 CLOUDFORTIT-AS-AP...
General Check archive.org Show headers Download Go to Show image Full URL https://ql99999.top/jc.png Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 103.118.41.59 , Hong Kong, ASN7586 (CLOUDFORTIT-AS-AP Cloudfort IT, CN), Reverse DNS 103.118.41.59.static.cubecloud.net Software Apache / Resource Hash d1cdacfca4acb6ba851ec84e1bce56863166d935a784ed89a7c381046cd1417f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:33 GMT last-modified Fri, 02 Feb 2024 06:56:52 GMT server Apache accept-ranges bytes etag "efd2f0a555da1:0" content-length 14448 content-type image/png
GET H2	200	2f988d2ef182d54a957f05bebb5bdd32.jpg gp.tuku.fit/Public/gp/	57 KB 57 KB	100ms 36ms	Image image/jpeg	2606:4700:20::681a:5e1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gp.tuku.fit/Public/gp/2f988d2ef182d54a957f05bebb5bdd32.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:5e1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 909822ceba06dc9eb5a7fccad2359f13603954e8a34fa690dad3163d46ecc9c9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:33 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 49686 cf-polished degrade=85, origSize=58163, status=webp_bigger content-length 58122 cf-bgj imgq:85,h2pri last-modified Sat, 15 Jun 2024 23:00:01 GMT server cloudflare etag "666e1cf1-e333" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sSMQ%2FNOacX%2FhV%2FTGCQAEPoUFSZeKE75bmPSYi06X%2BSueCEBgm9Z0ubNnQhJ8z8QbRqhytn1jaOW4FwY%2FQgb2AAxhpKwdFMcgAwEFq08ao%2BiOsslvZK7c0RM9RzzgdsG2a7areSBZj%2BqC"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes cf-ray 894b81146bed2bb2-FRA expires Tue, 16 Jul 2024 00:43:27 GMT
GET H2	200	amqlb.jpg www.tutu.finance/aomen/2024/col/168/	60 KB 61 KB	3889ms 3827ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tutu.finance/aomen/2024/col/168/amqlb.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e8653416e574cfa44f588d05111a429ae2c916f88cdf60af72b27536fae5816a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:35 GMT cf-cache-status MISS last-modified Sat, 15 Jun 2024 17:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "42c5609d45bfda1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fYCBU402li1y%2FcHRWyERYdFElJjq8xXeim5sdP3JSxA8U62Ig19VefYwDVWjMcL%2Bl%2FFos9MoP%2FpJN8nBqbO%2By3td7bkj7WYWxMwL5Bz6zPXKwAzsKily2I2BnDiUXedZJk%2FS8mn9jDRyBRdhh94%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=3600 accept-ranges bytes cf-ray 894b811518490859-FRA content-length 61793
GET H/1.1	200 OK	1528766135.jpg www.246tthcimg.com/File/UserUpload/	71 KB 71 KB	1360ms 644ms	Image image/jpeg	103.240.142.157 AZT
General Check archive.org Show headers Download Go to Show image Full URL https://www.246tthcimg.com/File/UserUpload/1528766135.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 103.240.142.157 , Hong Kong, ASN53587 (AZT, US), Reverse DNS Software openresty / ASP.NET Resource Hash 89cb31119f338ad548c7b5cea5e163244630908a0df7751f532544ee758d962e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 14:31:38 GMT Via s202211152175 Last-Modified Sun, 09 Jun 2024 15:42:30 GMT Server openresty ETag "393b64a383bada1:0" X-Powered-By ASP.NET Content-Type image/jpeg CDN-Cache HIT Connection keep-alive Accept-Ranges bytes Content-Length 72446
GET H2	200	ammh.jpg www.tutu.finance/aomen/2024/col/168/	42 KB 43 KB	1731ms 1729ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tutu.finance/aomen/2024/col/168/ammh.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e4f14a91e76125a99eb10d1475c43b18822fcf2c4cc4bd776371a0275f44fc79 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:39 GMT cf-cache-status MISS last-modified Sat, 15 Jun 2024 17:01:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "3918fe9b45bfda1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8Yl8T%2BX1Qt8elr%2FB98ViUElKhWB1sbIaR%2BcsJyyxuzXYdc0C6PThJp4omxwBEcFTVujXA1jsh8Yy0AoGYYrsoAjiRWpwnNoaOWFsJwRx0%2B8XEoZRZeC8GnaidYCf6fsTtlMy3kRYlzuDg0ql2A%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=3600 accept-ranges bytes cf-ray 894b812d1caf0859-FRA content-length 43257
GET H2	200	lbpgt.jpg www.tutu.finance/aomen/2024/col/168/	167 KB 167 KB	2039ms 2036ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tutu.finance/aomen/2024/col/168/lbpgt.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash bac07ae4e55534c79fc6f159a09f5b696eda7e656a0f1c475fd9cd0e394e2068 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:39 GMT cf-cache-status MISS last-modified Sat, 15 Jun 2024 17:01:26 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "a9517da845bfda1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGbWjOdvvPUQEG%2B7sRay3n6vhAhiSsiivSOACnQqHB0lLPbaSX%2Bs%2BLXrXLZWp57pmT%2F34yYjrBtYVNdU1enB3xAwXWokzbV6OwwYTZBBM1xFrhsUYGQ4uK3jbf%2FbxaCX07rtUSs%2Fja2iDY1oGKM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=3600 accept-ranges bytes cf-ray 894b812d1cb40859-FRA content-length 170780
GET H2	200	cs35.jpg www.tutu.finance/aomen/2024/col/168/	140 KB 140 KB	1808ms 1806ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tutu.finance/aomen/2024/col/168/cs35.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash c483017fdeaa22bf552fb2c0aaa40a76aa250bda7a08502c2e2abd2c83b9f1ba Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:39 GMT cf-cache-status MISS last-modified Sun, 16 Jun 2024 03:34:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "53d365b9ebfda1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YG2UgTwLnEERJW%2Bnr66vKMXziT%2FDpK2MJ9Q8P3gTBSCdRotHGA7u5%2BYhGUty%2Bf%2BckL7%2BXtkTMmolNU9a%2B8n435TcoyBr1uaAjySky%2FQsUi%2BccavNC8O8e4PwqMZz2koQmaaqIY7z5o8wWTkT8Ns%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=3600 accept-ranges bytes cf-ray 894b812d1cbd0859-FRA content-length 143202
GET H2	200	ampm.jpg www.tutu.finance/aomen/2024/col/168/	346 KB 347 KB	1963ms 1960ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tutu.finance/aomen/2024/col/168/ampm.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash a85409f1fe124a16a44b8adfa2e6fc1b5a09c131e2c66ae3356b151e3c746355 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:39 GMT cf-cache-status MISS last-modified Sat, 15 Jun 2024 17:01:07 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "fc662c9d45bfda1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FzV17YMUrBeMTJDoXdfaknayTLpLILzp6f66AyI0pZM7D2AS5TL6RYNCnGD0BX1ipEuUbGulshFIMfA3lQCcSqYQqM25ZRVbQ3vx%2BtAQqrSzRtQbkbyWixQ%2B%2BUCRX1pcinj68UzntKvfGeiH838%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=3600 accept-ranges bytes cf-ray 894b812d1cc00859-FRA content-length 354151
GET H2	200	sbxxj.jpg www.tutu.finance/aomen/2024/col/168/	112 KB 113 KB	1710ms 1707ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tutu.finance/aomen/2024/col/168/sbxxj.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 3a65a23354135f2246f0646ec6fc79ed15328c15c45e1c2122af66d63f962224 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:39 GMT cf-cache-status MISS last-modified Sat, 15 Jun 2024 17:01:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "10d812ad45bfda1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D6UTknQWPs8qqn3YgyENJd4UzrDNZqYNdbtZSQLrDH6hWaSI6wYv6ZQvnd%2BUj7MMkB3%2BK27S5fQqfxDfUX2E7DEuUDNNlLU1Xn7R4l%2Bt9feSf69WDY%2Fw3%2FA5kRjrS%2BXsJYDSOdmsPn6NNPa7AaQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=3600 accept-ranges bytes cf-ray 894b812d1cc50859-FRA content-length 114745
GET H2	200	amgjp.jpg www.tutu.finance/aomen/2024/col/168/	104 KB 104 KB	1988ms 1985ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tutu.finance/aomen/2024/col/168/amgjp.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 685e3faa457c348f86345599683e4ed0b1e763cef9ecf46b30764b41ba5134ae Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:39 GMT cf-cache-status MISS last-modified Sat, 15 Jun 2024 17:01:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7dea89b45bfda1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMIPAcujUXRLzZ1hqlPt01wnetPF4fdkpqW0L6Z2%2FOuo%2B%2FAaOhEPvBDqKXDn2F7pGsidN1hl62%2FQ3higZ%2BOEsZ3d%2Fe6xeIytVSD6SFCwFqWXVjG%2B4LHdAIa9OSXq7WQ0W9L4juvyKw50%2Fs3ujpQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=3600 accept-ranges bytes cf-ray 894b812d1cca0859-FRA content-length 106096
GET H2	200	ggz.jpg www.tutu.finance/aomen/2024/col/168/	172 KB 172 KB	1589ms 1587ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tutu.finance/aomen/2024/col/168/ggz.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash c4c0f4d3ce9a9cfd98f365402faa2129cd4ee078e0aa739c047aeb1f8c4d629d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:39 GMT cf-cache-status MISS last-modified Sat, 15 Jun 2024 17:01:17 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "f13554a345bfda1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7la3bnnB7Kmi85mMsU763EracZUh%2B8smRidAJqdD09%2FSAWXWBXrv9sBK0qpQ1k6wYuRYxd4LZ3326WReIXMmG0ffLDWLFtEqBr1MVaZmiNhAPSx239q9xhznQD4KzbGR1xoRMsEu7sPZwkkXm18%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=3600 accept-ranges bytes cf-ray 894b812d1cce0859-FRA content-length 176066
GET H2	200	80.jpg www.tutu.finance/aomen/2024/col/168/	148 KB 149 KB	1750ms 1748ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tutu.finance/aomen/2024/col/168/80.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 72442468c3c28a8ec33783d5c5d6a98d4a0386d1a525c22bafd99333178b56b8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:39 GMT cf-cache-status MISS last-modified Sat, 15 Jun 2024 16:51:33 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "436d5b4744bfda1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0D1YseyA1u5D53rjOSv43zsvQ8eIaWsV9qiK4SUo1i9IGPMOAjSw0%2FEQ10qOGXK8kYHLhm0bQTaR%2FRvi%2F1spcCpv4m%2BTeCgKCpyaCEl8zCptobvfgz404LKWCgBFDis2IJKc9dUuH7Npk3R%2BFWc%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=3600 accept-ranges bytes cf-ray 894b812d1cd00859-FRA content-length 152026
GET H2	200	mts.jpg www.tutu.finance/aomen/2024/col/168/	181 KB 181 KB	1713ms 1710ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tutu.finance/aomen/2024/col/168/mts.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash f08d4f415e4164df1962987785db7a58b3baaa0bc6250db54db99355e2136810 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:39 GMT cf-cache-status MISS last-modified Sat, 15 Jun 2024 17:01:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "19232ab45bfda1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iAluRJqUFQfqFDW1n6iIhTHK0voIdWGHVUBEk%2BgannhoSyjxyx5mARQjgLcE5sRqf87O2lC%2Bud%2BXoqJ8DBxcdzrAT0xV3RD3c%2BO2ZJ5fIBoxNCzhaPeaeDasJD1Fql40ki%2F20LePu5LSmvXhk2Y%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=3600 accept-ranges bytes cf-ray 894b812d1cd10859-FRA content-length 185089
GET		tinyindex.php ql99999.top/bm/ Frame 6F2F	0 0
GET H2	200	amgjp.jpg www.tutu.finance/aomen/2024/col/168/	104 KB 0	1986ms 1986ms	Image image/jpeg	2606:4700:20::681a:ebf CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.tutu.finance/aomen/2024/col/168/amgjp.jpg Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ebf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 685e3faa457c348f86345599683e4ed0b1e763cef9ecf46b30764b41ba5134ae Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 14:31:39 GMT cf-cache-status MISS last-modified Sat, 15 Jun 2024 17:01:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "7dea89b45bfda1:0" x-powered-by ASP.NET vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMIPAcujUXRLzZ1hqlPt01wnetPF4fdkpqW0L6Z2%2FOuo%2B%2FAaOhEPvBDqKXDn2F7pGsidN1hl62%2FQ3higZ%2BOEsZ3d%2Fe6xeIytVSD6SFCwFqWXVjG%2B4LHdAIa9OSXq7WQ0W9L4juvyKw50%2Fs3ujpQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=3600 accept-ranges bytes cf-ray 894b812d1cca0859-FRA content-length 106096
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	0 175 B	3245ms 385ms	Script text/plain	14.215.182.140 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?283c2ee282015904ce9381ffe55d23b4 Requested by Host: ql99999.top URL: https://ql99999.top/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://ql99999.top/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 16 Jun 2024 14:31:40 GMT Strict-Transport-Security max-age=172800 Server apache Content-Length 0 Content-Type text/plain; charset=utf-8
GET		i-gp.png ql99999.top/tk/static/icon/	0 0
GET		p-right-red.png ql99999.top/tk/static/icon/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ql99999.top

URL

https://ql99999.top/bm/tinyindex.php

Domain

ql99999.top

URL

https://ql99999.top/tk/static/icon/i-gp.png

Domain

ql99999.top

URL

https://ql99999.top/tk/static/icon/p-right-red.png

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage function| setTab object| _hmt

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ql99999.top/	1969-12-31 23:59:59	Name: _d_id Value: 343c0849bb687154710999c6782e3a

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ql99999.top/kj/am/js/jquery.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gp.tuku.fit
hm.baidu.com
ql99999.top
www.246tthcimg.com
www.tutu.finance
ql99999.top
103.118.41.59
103.240.142.157
14.215.182.140
2606:4700:20::681a:5e1
2606:4700:20::681a:ebf
3a65a23354135f2246f0646ec6fc79ed15328c15c45e1c2122af66d63f962224
685e3faa457c348f86345599683e4ed0b1e763cef9ecf46b30764b41ba5134ae
72442468c3c28a8ec33783d5c5d6a98d4a0386d1a525c22bafd99333178b56b8
89cb31119f338ad548c7b5cea5e163244630908a0df7751f532544ee758d962e
909822ceba06dc9eb5a7fccad2359f13603954e8a34fa690dad3163d46ecc9c9
a85409f1fe124a16a44b8adfa2e6fc1b5a09c131e2c66ae3356b151e3c746355
abae7930459494295e63a392eb5938661a01886d7d38dc0b58249bc97743cc3c
b453620ef20f9b4b07ed181b98f170cc260a5ef221722fc923e3d65399d4f8c8
bac07ae4e55534c79fc6f159a09f5b696eda7e656a0f1c475fd9cd0e394e2068
c2ae80f770932a97ab52fa627cabf3569f1c7992bfe710f9d9f2fb1ba8ec3b2e
c483017fdeaa22bf552fb2c0aaa40a76aa250bda7a08502c2e2abd2c83b9f1ba
c4c0f4d3ce9a9cfd98f365402faa2129cd4ee078e0aa739c047aeb1f8c4d629d
d1cdacfca4acb6ba851ec84e1bce56863166d935a784ed89a7c381046cd1417f
d62014d07494d1f104c878c7b8ddf0e4d2f7a35e58f766482656195c15a3eb73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f14a91e76125a99eb10d1475c43b18822fcf2c4cc4bd776371a0275f44fc79
e8653416e574cfa44f588d05111a429ae2c916f88cdf60af72b27536fae5816a
f08d4f415e4164df1962987785db7a58b3baaa0bc6250db54db99355e2136810