unsafe.sh Open in urlscan Pro
2606:4700:3032::6815:1558 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://unsafe.sh/go-106038.html
Submission: On March 23 via api (March 23rd 2022, 10:53:07 am UTC) from IE — Scanned from DE

Summary HTTP 80 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 80 HTTP transactions. The main IP is 2606:4700:3032::6815:1558, located in United States and belongs to CLOUDFLARENET, US. The main domain is unsafe.sh.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 21st 2021. Valid for: a year.

This is the only time unsafe.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22 34	2606:4700:303... 2606:4700:3032::6815:1558	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	14.17.102.110 14.17.102.110	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
7	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
22	36.110.234.55 36.110.234.55	23724 (CHINANET-...) (CHINANET-IDC-BJ-AP IDC)
4	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
22	221.5.75.35 221.5.75.35	17816 (CHINA169-...) (CHINA169-GZ China Unicom IP network China169 Guangdong province)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	140.82.121.5 140.82.121.5	36459 (GITHUB) (GITHUB)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
80	16

34 2606:4700:3032::6815:1558 (United States) 22 redirects

ASN13335 (CLOUDFLARENET, US)

unsafe.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 14.17.102.110 (Dongguan, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 36.110.234.55 (Beijing, China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)

blog.netlab.360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

utteranc.es	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 221.5.75.35 (China)

ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN)

8aqnet.cdn.bcebos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 140.82.121.5 (United States)

ASN36459 (GITHUB, US)
PTR: lb-140-82-121-5-fra.github.com

api.github.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	unsafe.sh 22 redirects unsafe.sh	109 KB
22	bcebos.com 8aqnet.cdn.bcebos.com	701 KB
22	360.com blog.netlab.360.com	698 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	197 KB
4	utteranc.es utteranc.es — Cisco Umbrella Rank: 201727	21 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	5 KB
2	51.la js.users.51.la — Cisco Umbrella Rank: 65231 ia.51.la — Cisco Umbrella Rank: 64340	3 KB
1	github.com api.github.com — Cisco Umbrella Rank: 5809	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	642 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	30 KB
80	12

	Domain	Requested by
34	unsafe.sh	22 redirects unsafe.sh
22	8aqnet.cdn.bcebos.com	unsafe.sh
22	blog.netlab.360.com	unsafe.sh
7	pagead2.googlesyndication.com	unsafe.sh pagead2.googlesyndication.com tpc.googlesyndication.com
4	utteranc.es	unsafe.sh utteranc.es
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	api.github.com	utteranc.es
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ia.51.la	unsafe.sh
1	js.users.51.la	unsafe.sh
1	code.jquery.com	unsafe.sh
80	15

This site contains links to these domains. Also see Links.

Domain
twitter.com
t.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-21` - `2022-12-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-04-19`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
netlab.360.com WoTrus DV Server CA [Run by the Issuer]	`2022-01-05` - `2023-01-05`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-05-16`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.github.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-16` - `2023-03-16`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://unsafe.sh/go-106038.html
Frame ID: 1FBF6D88E33AA8F9A345B11743C9F7A5
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Frame ID: 7403ACA853B053F3F186B3F18F6DC249
Requests: 1 HTTP requests in this frame

Frame: https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-106038&title=%E6%96%B0%E5%A8%81%E8%83%81%EF%BC%9A%E4%BD%BF%E7%94%A8DNS+Tunnel%E6%8A%80%E6%9C%AF%E7%9A%84Linux%E5%90%8E%E9%97%A8B1txor20%E6%AD%A3%E5%9C%A8%E9%80%9A%E8%BF%87Log4j%E6%BC%8F%E6%B4%9E%E4%BC%A0%E6%92%AD&description=&og%3Atitle=&session=
Frame ID: 378189EDEEA206CD39E15979200E1C1F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2546727783310811&output=html&adk=1812271804&adf=3025194257&lmt=1648032776&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648032776011&bpp=4&bdt=961&idt=199&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6276421175138&frm=20&pv=2&ga_vid=1869995262.1648032776&ga_sid=1648032776&ga_hid=1004296454&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C31065654%2C31064019&oid=2&pvsid=2507043946061531&pem=890&tmod=864611983&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219
Frame ID: E68391F08A3CBBC46D53FDE993E0C27D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6E56B7984B9805EF566D035A1CA73181
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3DE49D29E119301CF5120966AE4DB5C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

新威胁：使用DNS Tunnel技术的Linux后门B1txor20正在通过Log4j漏洞传播

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

80
Requests

73 %
HTTPS

60 %
IPv6

12
Domains

15
Subdomains

16
IPs

4
Countries

1756 kB
Transfer

2434 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/buaqbot
Title: Twitter Bot

Search URL Search Domain Scan URL

URL: https://t.me/aqinfo
Title: Telegram Bot

Search URL Search Domain Scan URL

URL: https://twitter.com/360Netlab
Title: twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_net.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/dd03c41eeaf5e2afff7872e50c303b6e.jpg

Request Chain 42

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_id.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/df8766d2aedde9039c8e53b1372c980f.jpg

Request Chain 43

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_calc.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/374ce965c7ba8a06517c1d0b9497f28a.jpg

Request Chain 44

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dec.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/3d5d73da0a5213ffc33f85740bbc21dc.jpg

Request Chain 45

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_xor.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/2595faa933297d55394cf4ad9b34e860.jpg

Request Chain 46

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_chef_xor.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/d22ae4e682e850fc1fa25e78801c3c4e.jpg

Request Chain 47

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dns.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/8b517fc1660a96033aad91e066ec588b.jpg

Request Chain 48

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_test.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/85cd5e6bc1c871bbc468696740be3152.jpg

Request Chain 49

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_show.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/0500050f71e731853e879c45a1e3a1cb.jpg

Request Chain 50

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_final.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/f7b1b2485541560dc812c95e18b99e14.jpg

Request Chain 51

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_packet.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/55ca97ef840be4c6a1d532ae556f7590.jpg

Request Chain 52

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dnstxt.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/7f004d6ba84b0cd3e8f2b34c9e4037c5.jpg

Request Chain 53

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_pre.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/f8f23ca59ffffdf9e71260a9b5da8e00.jpg

Request Chain 54

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_reg.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/92da239d50b967c0b21a483d9c38b5ec.jpg

Request Chain 55

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_process.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/7d5568f6fa29fec8397d6256a62bb204.jpg

Request Chain 56

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_tun.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/a16e776793fade94842b60b635fc00af.jpg

Request Chain 57

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_origin.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/335a803c3d6db9b6a6b9cafa3fdab94a.jpg

Request Chain 58

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_senddns.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/51231df67a19231a9e0878780890aa4f.jpg

Request Chain 59

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_recv.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/736f8c6150361280971774afdafe5fd1.jpg

Request Chain 60

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_cmd.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/4d8d27e3b034f4c5e7fb2b3d865f3765.jpg

Request Chain 61

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_after.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/239ddea915ebb28ef398d2abe63cdb39.jpg

Request Chain 62

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_bug.png&ref=https://wiki.ioin.in/url/oojD HTTP 302
https://8aqnet.cdn.bcebos.com/7e7ef987bc0a00f1c112aedb06cb6426.jpg

80 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request go-106038.html Show response
unsafe.sh/ 27 KB
11 KB 376ms
323ms Document
text/html 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bec98e217ede6c412e71d92fdc73ff1ff14f343e537b00bf6bb957fd8dfed1aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBuwTzDLReTKEx4RtRVA5STUCfJXYjS0jHVzOfoexVRuxbMg7pVI7asCjHzscV%2FHSgGPJg5QlnOu3xSKbReLXooxLvFrOmiKtdaOHwWGwc6hTiDuN8%2BzwFHhQSJD1vP2U2PdoNNv6DQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f069eca0b489067-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.min.css
unsafe.sh/static/dist/css/ 160 KB
25 KB 825ms
823ms Stylesheet
text/css 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/dist/css/bootstrap.min.css
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:01:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7akSr2Xw168IbGu44AH1NrlRiVLEUPMtNXU3P6EYaGiMC8kfL3vEKJfr339dn3WiVchLeoWqB8rfO1Py9JrN9G6XT0XVY9N5lGCiN3963EcCSSmkcW%2BG6ss%2FjGJXIRGfBPUG1TiNEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f069ecc3e769067-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 bootstrap.bundle.min.js Show response
unsafe.sh/static/dist/js/ 76 KB
24 KB 312ms
310ms Script
application/javascript 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/dist/js/bootstrap.bundle.min.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZln0GjfWDyst3nL24hKiSCqJUO7F0GifQ1%2BvKlaUf0BFukIirbIiGgZZxzLWLTNWBfZu5x%2BDmwfHOxfwY0bI9iyLynAdkzeSdLmpYhIRuwR%2FBCCJirukrhXTegiH60fhNV%2BsUjdLKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f069ecc3e779067-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 54ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://unsafe.sh/
Origin: https://unsafe.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1648032775.dop238.am5.t,1648032775.cds320.am5.hn,1648032775.cds007.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H/1.1 200
OK 20302257.js Show response
js.users.51.la/ 5 KB
3 KB 725ms
214ms Script
application/javascript 14.17.102.110
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/20302257.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.17.102.110 Dongguan, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: openresty /
Resource Hash: 0aa5755be12f1144d791d69f5b9b68d3a9e4a199aeb3e08fb90aef58578bef53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:55 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 153ms
65ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2546727783310811

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0928f592b374bd61675d7139bde50b8c220752782929ec24cd418bcbe0988899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://unsafe.sh/
Origin: https://unsafe.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54620
x-xss-protection: 0
server: cafe
etag: 1969741285672677491
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 10:52:55 GMT

GET
H2 200 content.css
unsafe.sh/static/css/ 2 KB
1008 B 278ms
277ms Stylesheet
text/css 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/css/content.css
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d869491434bb01e5ed929066e8a3bf3f2c6d6282c4649c837fed48110f399c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGXsWGRfIAKVT0tygVUJa6vVs3Qkmk%2FxavQpdr%2B1extcmEKy%2BxB9Kxo9hm6m1p5IxzW4PswWvPM5Kh%2FxugFhhryikjJ2plm4pLlqhxqM7wC%2FAAKcQfngmbtS4XQ340D%2FoINqxurdQQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f069ecc3e789067-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 imagebox.css
unsafe.sh/static/css/ 10 KB
3 KB 334ms
333ms Stylesheet
text/css 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/css/imagebox.css
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c8750264db5673b91394a4a632e848704b1dec4809c1d50ae67e089f5f1fb51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KumbQzgC65p4OZNZ%2FIi6iFQ6QORQKgN1fhRu7UryVLbpdtGwcFBEJzfe36G%2FZibA9AnsXNZPeLPQ1mjbB%2BvKjBaa9IWhpL5pfm%2BHSuf2jQaXQsxikoCX7iEFHMsZOQWu64m%2BT68er4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f069ecc3e799067-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK b1t_net.png
blog.netlab.360.com/content/images/2022/03/ 153 KB
153 KB 1516ms
327ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_net.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

aea520b77c768a14d9053225c914bf7b8cc5fab4994640d6274af8b42386fec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:56 GMT
Last-Modified: Tue, 15 Mar 2022 07:02:43 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"263e9-17f8c62dc6a"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156649

GET
H/1.1 200
OK b1t_id.png
blog.netlab.360.com/content/images/2022/03/ 19 KB
19 KB 1551ms
345ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_id.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

702de2f3dccc3ddba8581367d81c98d36ea7519141dfdf7e91b494bc09183dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:56 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"4c26-17f6e4a584e"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19494

GET
H/1.1 200
OK b1t_calc.png
blog.netlab.360.com/content/images/2022/03/ 16 KB
16 KB 1554ms
346ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_calc.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

ea06e1b5239e69624ecfd75002a556446ca0915693bc783d9a1c7e9e95ab4a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:56 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:19 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"3f50-17f6e4a566a"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16208

GET
H/1.1 200
OK b1t_dec.png
blog.netlab.360.com/content/images/2022/03/ 7 KB
7 KB 1417ms
184ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_dec.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

9f87e1b90abde5c2934f70f23d97aceb902929b1de0409304c1bb3c7ba84ff3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:56 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"1a5b-17f6e4a56ee"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6747

GET
H/1.1 200
OK b1t_xor.png
blog.netlab.360.com/content/images/2022/03/ 17 KB
17 KB 1609ms
369ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_xor.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

90d298bf5573030a8ba62260da1850505b77177e02196c8e5fbabc1345155d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:56 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"43c5-17f6e4a5a06"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17349

GET
H/1.1 200
OK b1t_chef_xor.png
blog.netlab.360.com/content/images/2022/03/ 33 KB
33 KB 2271ms
853ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_chef_xor.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

93f80c20dccdf16f2287a0a129934febdf9a23a1dd7514dbd901f24db37b2156

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:57 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"83cc-17f6e4a56cb"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33740

GET
H/1.1 200
OK b1t_dns.png
blog.netlab.360.com/content/images/2022/03/ 54 KB
54 KB 480ms
346ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_dns.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

a60c1063bf81dd9cde7e4d6334780d22e4add1d5d71c3a7c3c8cd8f5734f268d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:56 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"d638-17f6e4a575f"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54840

GET
H/1.1 200
OK b1t_test.png
blog.netlab.360.com/content/images/2022/03/ 14 KB
14 KB 350ms
347ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_test.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

d03beeb0dc7f48719d7c46816c40334cd88c5b940f7f97e988f15659c2ca25f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:56 GMT
Last-Modified: Sun, 13 Mar 2022 06:13:44 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"3880-17f81e94bfc"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14464

GET
H/1.1 200
OK b1t_show.png
blog.netlab.360.com/content/images/2022/03/ 28 KB
28 KB 912ms
856ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_show.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

d0c396f19d8198f8ed11e4dcea9850c14568ad2bb280330314a33657d98a60d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:57 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"6faf-17f6e4a59cb"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28591

GET
H/1.1 200
OK b1t_final.png
blog.netlab.360.com/content/images/2022/03/ 30 KB
30 KB 555ms
365ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_final.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

66f87994937d42115b6ba5a9a73ffc6041253f7c362704da2aca5a9cf75f254e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:56 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"762f-17f6e4a5823"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30255

GET
H/1.1 200
OK b1t_packet.png
blog.netlab.360.com/content/images/2022/03/ 51 KB
51 KB 346ms
346ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_packet.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

f8c18a2a2e87063a33e448bb42e34f2a80d126137a9c7e2611f013c851ab0c12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:57 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"ca2f-17f6e4a58fe"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51759

GET
H/1.1 200
OK b1t_dnstxt.png
blog.netlab.360.com/content/images/2022/03/ 52 KB
52 KB 174ms
174ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_dnstxt.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

ecda8fc7bf1ee5daade9416054ac9b318661060da069434ef8b202bbf52e1349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:57 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"ce15-17f6e4a57ae"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52757

GET
H/1.1 200
OK b1t_pre.png
blog.netlab.360.com/content/images/2022/03/ 15 KB
15 KB 183ms
183ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_pre.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

a1920306b100194c89ef11b8170e08934d646971f3ad7909f1664039a5f070e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:57 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"3c78-17f6e4a58b6"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15480

GET
H/1.1 200
OK b1t_reg.png
blog.netlab.360.com/content/images/2022/03/ 34 KB
34 KB 366ms
366ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_reg.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

127f0d80a8c355ec97ac827a31085c5801f42be6d7246c352f872dfbbed9cfed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:57 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"8762-17f6e4a596e"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34658

GET
H/1.1 200
OK b1t_process.png
blog.netlab.360.com/content/images/2022/03/ 7 KB
8 KB 184ms
183ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_process.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

841be4e4fe6221c22c1f830ba13850b3a9b60702b90dc90fd33ff94728422f13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:57 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"1d9c-17f6e4a58e4"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7580

GET
H/1.1 200
OK b1t_tun.png
blog.netlab.360.com/content/images/2022/03/ 26 KB
26 KB 347ms
346ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_tun.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

f94e98c0f4dc2b18eb3bf460b12946c97a597859bf0aa4c2d0075a0ec3460749

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:57 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"6734-17f6e4a59b3"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26420

GET
H/1.1 200
OK b1t_origin.png
blog.netlab.360.com/content/images/2022/03/ 4 KB
4 KB 187ms
187ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_origin.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

db5bba840ba66f19c50a51cf0bb1edd815dde4f7a61bb7b51624307a52e7d4c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:57 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"1024-17f6e4a5878"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4132

GET
H/1.1 200
OK b1t_senddns.png
blog.netlab.360.com/content/images/2022/03/ 55 KB
56 KB 368ms
367ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_senddns.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

62643daf9e7f2a83add83c0296ac030012e891da70417b7ee7042f1580cf0af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:57 GMT
Last-Modified: Sun, 13 Mar 2022 08:21:56 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"dd66-17f825eac22"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56678

GET
H/1.1 200
OK b1t_recv.png
blog.netlab.360.com/content/images/2022/03/ 12 KB
12 KB 183ms
183ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_recv.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

6fdf9b030359ee922f9ff6469b416092f75e41fec2563ba2fedc2fe4f21861b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:58 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"3089-17f6e4a5937"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12425

GET
H/1.1 200
OK b1t_cmd.png
blog.netlab.360.com/content/images/2022/03/ 26 KB
26 KB 367ms
366ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_cmd.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

25ddb2932dfc9dd6f2af9f5707239dda844f8f1c8cbdcd021145da757dfb0395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:58 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:20 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"6865-17f6e4a56d2"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26725

GET
H/1.1 200
OK b1t_after.png
blog.netlab.360.com/content/images/2022/03/ 11 KB
12 KB 173ms
173ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_after.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

f0180f83cfbb0a8453f044a1463457ca5687163108e7487c91affffaf4fcad2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:58 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:19 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"2ce2-17f6e4a5622"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11490

GET
H/1.1 200
OK b1t_bug.png
blog.netlab.360.com/content/images/2022/03/ 27 KB
27 KB 176ms
176ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2022/03/b1t_bug.png

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

48a93a7dc45dcb0bbd2fd3177d2a77bd827e3f8566ea25484ed347a890e602b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:58 GMT
Last-Modified: Wed, 09 Mar 2022 10:47:19 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"6c32-17f6e4a5649"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27698

GET
H2 200 client.js Show response
utteranc.es/ 2 KB
2 KB 47ms
18ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utteranc.es/client.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36e0332898e1f23f085fb5da06939f26b2fd57e99c306e9c1f4ad3b17efcf34

Request headers

Referer: https://unsafe.sh/
Origin: https://unsafe.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-fastly-request-id: 34bead83e5da919758cd366d9c85673b9f7dd49e
date: Wed, 23 Mar 2022 10:52:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size: 1090
x-cache: HIT
x-cache-hits: 25
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19158-FRA
last-modified: Fri, 11 Feb 2022 15:29:47 GMT
server: cloudflare
x-github-request-id: FF28:E529:A9EE8B:B2BAD3:62393904
x-timer: S1648032775.143100,VS0,VE0
etag: W/"620680eb-8d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzBy1dBcc1Pl9sikfQK2nqtWGIaSV%2FXwjoPPoq0QJsg48N6b3ocXUZx1wDVQZm5hqlI7rhnKjBmLB3zczsJF1TxZ3jDh1bCMjXfsll%2Fuq0IBOw8sgkvwLZQIbAHyIGgmW6LOrE0TDu3T7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: HIT
cf-ray: 6f069ecc9c38993f-FRA
x-origin-cache: HIT
expires: Tue, 22 Mar 2022 02:56:44 GMT

GET
H3 200 imagebox.js Show response
unsafe.sh/static/js/ 36 KB
12 KB 195ms
194ms Script
application/javascript 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/js/imagebox.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9adbe4058414e8c08bffc8cbe1454c422f6152c1488237d290a08ffe5f65400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:14 GMT
server: cloudflare
cf-polished: origSize=36657
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8f4Ui9dkOV4%2BQsvE%2F18d0Zvm6tXfrx719LFLFACVMxN9rhaxQmVbqO3uzrPtPocfpYr0pU12dKnFU9Gh36kGSSZdu2kAcUntXxAjBRhEkL82dY69b%2FB9N5LUg2Eo9crhbidFH0b5CjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f069ecc69015c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 js.js Show response
unsafe.sh/static/ 706 B
855 B 211ms
210ms Script
application/javascript 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/js.js?ver=1.0
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: becf4735a5cc67e08fa8d74c6f333b7d78d0cf9209e6415451435336d28495e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:23 GMT
server: cloudflare
cf-polished: origSize=1086
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ruMynwY4K2dseLhXVrrNLydnTYKefYb5iJgBfoxEYDNavG%2BtHubRuHXDjOKmuJSdtMHbTsBj6mP%2FIF0HoH4pRLpdoYJHrb%2FUBwrMzfh0W925dVlGcz2SMwuk3aUDAbsqe9c6%2FbwI0OE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f069ecc69045c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 solarized_dark.min.css
unsafe.sh/static/css// 1 KB
1 KB 213ms
212ms Stylesheet
text/css 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/css//solarized_dark.min.css
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a2fe5669ce5196d02b5faa73b22225a3858a1e31422e8bb3324744f19671ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AFaGePv2WgHDJWKP8RSjLh2aSmRQHfGWqXx7IuRA80gJaM04mrLvO4St8OkzJMhRoOX3BQHcL7tbJyCb8oMv96NsQQDsKMg%2FvkCvLNddqbaQurIwu%2FVAfHIyUa2lSzyxF4c4Yjqzy4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f069ecc69065c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 highlight.min.js Show response
unsafe.sh/static/js/ 41 KB
18 KB 264ms
262ms Script
application/javascript 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/js/highlight.min.js
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b54296ee0f649e3e92bbd8ceebccf8e88f6cab5bf188bd2f8f0ecd4734f94e60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:15 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Stg%2B5i4dfahhAyqFsPS8fxBjj3xc1i887gYqnBZBZFDTYfrYVlx5TFy1oaf7pTGn5k2hnccNtsCYx970CIBV0lfozFUZwZUlp9%2FRvMbhThT2u%2FRDpjXuICO%2BRU6TepBt0nv4c1lY5tI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f069ecc69085c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 content.js Show response
unsafe.sh/static/js/ 2 KB
1 KB 223ms
222ms Script
application/javascript 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/js/content.js?ver=1.04
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca976a970e0a309104b9664101e0e9e9e05f720452aea4ff021bb6e6804e8d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:16 GMT
server: cloudflare
cf-polished: origSize=3609
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvocBvo2MrMg%2F27xPL7utxFhFtpxF%2Bs548tzjMnGwR21Lu0ZSj5gRMKqzEBv4FIeZ0blSVgkc2PhUgfAUHLJ2JFywwZ7OdOU2C5RU1DqwqT89jvcoUFLqFFonm6nf91PTvH2GYA7crg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f069ecc690c5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 addview Show response
unsafe.sh/ 0
469 B 207ms
206ms Script
text/plain 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/addview?id=106038
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9TmCfv9bWGDLQ9zQ%2BX2Req51n2NKD52tKWQfrGOzU1VUnml7uBQiNAxBG1zONJuzMnIBcK3sV%2BLj70tIx6ZHelpVWSCWYzlp1QygyWywL55W%2Bnhe%2BD9W4ES%2BCMkqShBDqLyv9hx2kA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6f069ecc690d5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ 108 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f27b2160255b0a3bbe960f0af6a1772a8514e2b3ba0acbeea1e622ebb5f3e4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200 go1
ia.51.la/ 0
215 B 1559ms
251ms Image
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=20302257&rt=1648032775936&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1648032775936&tt=unsafe.sh%2520-%2520%25E4%25B8%258D%25E5%25AE%2589%25E5%2585%25A8&kw=&cu=https%253A%252F%252Funsafe.sh%252Fgo-106038.html&pu=
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 10:52:57 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H3 200 light_content.css
unsafe.sh/static/css/ 43 B
588 B 192ms
192ms Stylesheet
text/css 2606:4700:3032::6815:1558
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://unsafe.sh/static/css/light_content.css?ver=0.03
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1558 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29030624eaa611ec02d9843d3e770460361709fcc1b02b24029088dd89ff2964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/go-106038.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: HIT
last-modified: Sun, 20 Mar 2022 14:00:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v110Sx6bnWJGczrR3%2BzlpG0a%2FPWf1Zz8s6%2FyOVTbk%2BI7nWp1n4Js2fLMnyvuBPDt94aPHJXsEYWxCR7onH5nkzc0Azu9d4ihCDAES%2BTKmuwCpsuAFXH56LK%2ByxcU1KzqITCTYfigGY8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f069ed1a9275c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/ 297 KB
107 KB 108ms
62ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2546727783310811&plah=unsafe.sh

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2546727783310811

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4eafe722db0cddc9c3d79cc271e97598833c51f463faeb0b8f3a40f4db83c6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109609
x-xss-protection: 0
server: cafe
etag: 16915179868501335202
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 10:52:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/ Frame 7403 10 KB
5 KB 126ms
40ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2546727783310811

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 22 Mar 2022 23:27:16 GMT
expires: Tue, 05 Apr 2022 23:27:16 GMT
cache-control: public, max-age=1209600
age: 41140
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

dd03c41eeaf5e2afff7872e50c303b6e.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_net.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/dd03c41eeaf5e2afff7872e50c303b6e.jpg

153 KB
154 KB

4798ms
1477ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/dd03c41eeaf5e2afff7872e50c303b6e.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: aea520b77c768a14d9053225c914bf7b8cc5fab4994640d6274af8b42386fec3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 156649
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: F0d5A9/l1Y9khnySE13HOA==
age: 127903
x-bce-storage-class: STANDARD
content-length: 156649
ohc-cache-hit: mzun62 [4], xzuncache96 [1], czix175 [1]
last-modified: Tue, 15 Mar 2022 17:25:18 GMT
server: JSP3/2.0.14
etag: "17477903dfe5d58f64867c92135dc738"
x-bce-request-id: 621df43a-cd41-4f21-9a60-0bad3625780c
content-type: image/jpeg
x-bce-debug-id: 19aM0QUW9hgSwYX6IuXvmJ7z0kZiMTbzyW2cm3eSJVUoKWCl1RHUNUQ0uj21NahNUD3wBj9rhwqluMki3s4oDg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1376192842
expires: Thu, 24 Mar 2022 23:21:17 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jZnHbfaEgjetU867bDPPFP0rQxx7hNQc3SUs8sZC7oO%2FYJatGI%2FSbQLA%2FRKTBrTD0NbQTdFVs2djH3JQMcVZto5KQgcvGvukQLnVlIWCNjyi%2F3rBuikwqsQEii21uiEwTLUzismg0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/dd03c41eeaf5e2afff7872e50c303b6e.jpg
cf-ray: 6f069ed26a6a5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

df8766d2aedde9039c8e53b1372c980f.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_id.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/df8766d2aedde9039c8e53b1372c980f.jpg

19 KB
20 KB

3710ms
368ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/df8766d2aedde9039c8e53b1372c980f.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 702de2f3dccc3ddba8581367d81c98d36ea7519141dfdf7e91b494bc09183dd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 19494
date: Wed, 23 Mar 2022 10:52:59 GMT
content-md5: uKEM0GODPZ2mz8yvCp0txw==
age: 79173
x-bce-storage-class: STANDARD
content-length: 19494
ohc-cache-hit: mzun50 [4], xauncache50 [1], suzix112 [4]
last-modified: Tue, 15 Mar 2022 04:46:17 GMT
server: JSP3/2.0.14
etag: "b8a10cd063833d9da6cfccaf0a9d2dc7"
x-bce-request-id: 9d1106f1-5d01-464a-b636-f4134cd843bc
content-type: image/jpeg
x-bce-debug-id: OjoztfFeokx6k/96fn/+cVO9xHhQxrsy3XWHj3JzHbn08k9LzJEEq4X4shT9Ugmn3R3n2LzBVmrVKPUKONnymQ==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3585669461
expires: Thu, 24 Mar 2022 06:08:44 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPce8Ifo9DAhMlUYU%2BnSo6UyZKgK%2BfeI2Vl68uPovLLoRO12isPeDPUersG%2BR26kpTTkc0wec2DULiJXi2kFCXfbIZ00%2FqsJUO6GT87cPOcmpLwK092wgq2W3QjbhcMFInGkATupoMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/df8766d2aedde9039c8e53b1372c980f.jpg
cf-ray: 6f069ed26a6c5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

374ce965c7ba8a06517c1d0b9497f28a.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_calc.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/374ce965c7ba8a06517c1d0b9497f28a.jpg

16 KB
16 KB

5064ms
1736ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/374ce965c7ba8a06517c1d0b9497f28a.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: ea06e1b5239e69624ecfd75002a556446ca0915693bc783d9a1c7e9e95ab4a0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 16208
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: HXcal4lNFH317mq4Ju01gw==
age: 224010
x-bce-storage-class: STANDARD
content-length: 16208
ohc-cache-hit: mzun64 [4], xauncache75 [2], suzix75 [1]
last-modified: Tue, 15 Mar 2022 04:39:33 GMT
server: JSP3/2.0.14
etag: "1d771a97894d147df5ee6ab826ed3583"
x-bce-request-id: 663cc9c2-a6a0-4795-bcbb-89226210f29e
content-type: image/jpeg
x-bce-debug-id: 5BCz8yHH35S1fz7AezgwL2ld4pVMfJ6j+Y/GG3d7EkUzJOj6qOTXOBTb7HKbnlgLKTeGa/N862r0/rCvuxQvoA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 306568201
expires: Wed, 23 Mar 2022 20:39:30 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GFLsfWRd4B%2BKCODySsUO%2F5WJXkeWozFG1%2Fjne0UV%2B5wJmH2ajIwbaQcpJHw8Ov6ekceAfv0WC%2BeY%2FWLi82gQBxQcWzrOqPctahOWuH0yqlEMOMC6mY9Ux%2FJDjbffuusw3nJJr6pHaAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/374ce965c7ba8a06517c1d0b9497f28a.jpg
cf-ray: 6f069ed26a6e5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

3d5d73da0a5213ffc33f85740bbc21dc.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dec.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/3d5d73da0a5213ffc33f85740bbc21dc.jpg

7 KB
7 KB

4990ms
1680ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/3d5d73da0a5213ffc33f85740bbc21dc.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 9f87e1b90abde5c2934f70f23d97aceb902929b1de0409304c1bb3c7ba84ff3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 6747
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: BUmj+tRcdp8nn/0GN29oCg==
age: 224010
x-bce-storage-class: STANDARD
content-length: 6747
ohc-cache-hit: mzun54 [4], jnuncache54 [1], bdix212 [2]
last-modified: Thu, 17 Mar 2022 11:02:52 GMT
server: JSP3/2.0.14
etag: "0549a3fad45c769f279ffd06376f680a"
x-bce-request-id: 93848548-dd44-47a7-8668-f4c8d58499d1
content-type: image/jpeg
x-bce-debug-id: prMhyhJaaFO2pYoRdTCVt9b+UL7noxpPhAC3dSozUqMkRqoR5RMf/Rd6ynnX+DHHJLDDc1pMGTkPvVVcj4VU4w==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 264274137
expires: Wed, 23 Mar 2022 20:39:30 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yg8LXnCdsnT5sXE5OPFH8CmuvnUitmx6rZJ4UvIhRXJw0Z6FYXgtlCpsdFmQlVHRrdUXgCOleJUAHDWLT3xzbWTObnP3lN2kluzCTgcG1tznHQdL7WuH7G6aWfJ1Jb2YhS%2Boy0Q11O8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/3d5d73da0a5213ffc33f85740bbc21dc.jpg
cf-ray: 6f069ed26a725c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

2595faa933297d55394cf4ad9b34e860.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_xor.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/2595faa933297d55394cf4ad9b34e860.jpg

17 KB
17 KB

4647ms
1327ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/2595faa933297d55394cf4ad9b34e860.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 90d298bf5573030a8ba62260da1850505b77177e02196c8e5fbabc1345155d18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 17349
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: W4MJMcaTd21NtW+ZyQLmQw==
age: 79174
x-bce-storage-class: STANDARD
content-length: 17349
ohc-cache-hit: mzun53 [4], xauncache53 [1], suzix53 [4]
last-modified: Tue, 15 Mar 2022 04:44:03 GMT
server: JSP3/2.0.14
etag: "5b830931c693776d4db56f99c902e643"
x-bce-request-id: d1d94f31-f805-4c94-91c8-f4a4508c9211
content-type: image/jpeg
x-bce-debug-id: 2dz8/knKrbmx/0cg1J6tWE51iC9krTMN3P5iQynz2Csm4MuEhWJxGGBB0Mh2vWfF5ETX8J1TUtEDLpC0wUYWAQ==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1212235635
expires: Thu, 24 Mar 2022 06:08:45 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H0VJKQK0gVZGATUf52L9e%2BWgLVXRCkZ2LEbqaE%2B19JxC8%2FHH47iFqhY6SaQO8HlcBaCBreFINHl5Pdf3QTwBjVsYBBU0tFWJ633XKt%2BT3%2BpaPmDI7Do3O4sNhfzs3O%2BE5XQ2mkeldaA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/2595faa933297d55394cf4ad9b34e860.jpg
cf-ray: 6f069ed26a7e5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

d22ae4e682e850fc1fa25e78801c3c4e.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_chef_xor.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/d22ae4e682e850fc1fa25e78801c3c4e.jpg

33 KB
33 KB

4068ms
744ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/d22ae4e682e850fc1fa25e78801c3c4e.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 93f80c20dccdf16f2287a0a129934febdf9a23a1dd7514dbd901f24db37b2156

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 33740
date: Wed, 23 Mar 2022 10:52:59 GMT
content-md5: 5cAXA4WWyT+nY4zlaUN9Ww==
age: 127902
x-bce-storage-class: STANDARD
content-length: 33740
ohc-cache-hit: mzun50 [4], jnuncache87 [4], suzix201 [2]
last-modified: Tue, 15 Mar 2022 04:37:14 GMT
server: JSP3/2.0.14
etag: "e5c017038596c93fa7638ce569437d5b"
x-bce-request-id: 8e0b8cfe-9493-4970-9c1b-98c8d0292da5
content-type: image/jpeg
x-bce-debug-id: 7mhbqZ0ScTwu/g3QFRdDYgw4uKywqgZCObUz7PTHcb7Qm0E2WKT2vV0em53kdSTa9Z+Y8O+KJ6IYSsXm1pUZ/Q==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1690603238
expires: Thu, 24 Mar 2022 06:08:45 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8xgN98n1wHcHBP9BNDll%2B93tusfctKqygxRsXpLFizdOnyBUgq96ZkhGkOuO0MeM2O%2B5Kpdxpir449dRGD%2Fv5uZ470wCGE%2Bt%2BgG9bL2el0Cs67ya%2Fzo5DLxNEKzY%2BbYKEqRrYqC5U8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/d22ae4e682e850fc1fa25e78801c3c4e.jpg
cf-ray: 6f069ed26a805c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

8b517fc1660a96033aad91e066ec588b.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dns.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/8b517fc1660a96033aad91e066ec588b.jpg

54 KB
54 KB

5074ms
1747ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/8b517fc1660a96033aad91e066ec588b.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: a60c1063bf81dd9cde7e4d6334780d22e4add1d5d71c3a7c3c8cd8f5734f268d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 54840
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: iRyu0CSqoCJ0rDwCkVn9iA==
age: 218592
x-bce-storage-class: STANDARD
content-length: 54840
ohc-cache-hit: mzun66 [4], xauncache101 [2], czix101 [1]
last-modified: Thu, 17 Mar 2022 11:02:53 GMT
server: JSP3/2.0.14
etag: "891caed024aaa02274ac3c029159fd88"
x-bce-request-id: c9e84ebd-5532-4be4-8fbf-0f2f5d19b612
content-type: image/jpeg
x-bce-debug-id: qPHVF39StW6wBrgXihIV8+wYDVmgCY/hpmm355KUfGvag1ktLapg9bp7/VKJjkfAotQgpTmEJV4m82uAroZ+UA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 2793943570
expires: Wed, 23 Mar 2022 22:09:48 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C07IZfyrMkpfrSphcQcR2K%2FxSNmOr1%2BX5tqi90JJ2xNjQnBOCvDWeiOE3vDL%2Blq75VMDYWMOPNGI4qDqrz8Hogtmmcrk1kjjbOQkP9kA8xtL6gsB2SmOuO%2BJLGJgeYX7BPI3bim7J38%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/8b517fc1660a96033aad91e066ec588b.jpg
cf-ray: 6f069ed26a835c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

85cd5e6bc1c871bbc468696740be3152.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_test.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/85cd5e6bc1c871bbc468696740be3152.jpg

14 KB
15 KB

4951ms
1636ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/85cd5e6bc1c871bbc468696740be3152.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: d03beeb0dc7f48719d7c46816c40334cd88c5b940f7f97e988f15659c2ca25f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 14464
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: lRr9emTB7KILeFrRK6AkmA==
age: 257049
x-bce-storage-class: STANDARD
content-length: 14464
ohc-cache-hit: mzun64 [4], xauncache64 [1], xaix243 [1]
last-modified: Thu, 17 Mar 2022 11:02:49 GMT
server: JSP3/2.0.14
etag: "951afd7a64c1eca20b785ad12ba02498"
x-bce-request-id: e5433d08-a013-4021-b0e5-152aa8a5639e
content-type: image/jpeg
x-bce-debug-id: 9yGUWXYDiz5JcU/u1Fl8bX6Jgii3D/D2XS0KIEA+Q/6Kajd7pITOEMOK3fTMk4Jxi3LP7hUX1xcXY/xXgs7IdQ==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1271218525
expires: Wed, 23 Mar 2022 11:28:51 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4%2BSDPIJodUySAjbN5joqnE2VUo5AuvwtXMbiIw%2F4wAnUjnwuVvj5aZoo%2FmZ01z7QlrhU3%2F3yTl66urUoLZoR%2FDSHjy9G%2BZtyOioTR%2FHT2VTlEts0xqDgxJZpAffc3Y0k%2FVtAPcoIAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/85cd5e6bc1c871bbc468696740be3152.jpg
cf-ray: 6f069ed26a845c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

0500050f71e731853e879c45a1e3a1cb.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_show.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/0500050f71e731853e879c45a1e3a1cb.jpg

28 KB
28 KB

4449ms
1123ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/0500050f71e731853e879c45a1e3a1cb.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: d0c396f19d8198f8ed11e4dcea9850c14568ad2bb280330314a33657d98a60d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 28591
date: Wed, 23 Mar 2022 10:52:59 GMT
content-md5: gacsYkXDfH/iorN+rytRfQ==
age: 79173
x-bce-storage-class: STANDARD
content-length: 28591
ohc-cache-hit: mzun59 [4], xauncache59 [4], suzix154 [1]
last-modified: Tue, 15 Mar 2022 04:44:33 GMT
server: JSP3/2.0.14
etag: "81a72c6245c37c7fe2a2b37eaf2b517d"
x-bce-request-id: a102d1c1-6440-4934-8859-41fe24846dfb
content-type: image/jpeg
x-bce-debug-id: UqMH1fnlsARXC46rUXQZhxqUUsAltizWtbSQguCqgYBN1UdJSKeSVVR2n4QTQgzzigSaWatcviZWUmxav7YAlA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1052082085
expires: Thu, 24 Mar 2022 06:08:46 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jam%2F2Uw7WmxXGsWKLhOzYLM7sblMO0qf1XFSh5auLIMNWT%2Bs09bPrCno8yg1%2BfgEcuMaU9GQm3PqSM5Ni0l1hBRX9XmwOTfJNBpB5CEjWdXLyRIrW3lRtXC3VVuLeLnusQod4a9UsdM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/0500050f71e731853e879c45a1e3a1cb.jpg
cf-ray: 6f069ed26a875c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

f7b1b2485541560dc812c95e18b99e14.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_final.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/f7b1b2485541560dc812c95e18b99e14.jpg

30 KB
30 KB

5010ms
1692ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/f7b1b2485541560dc812c95e18b99e14.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 66f87994937d42115b6ba5a9a73ffc6041253f7c362704da2aca5a9cf75f254e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 30255
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: atFQd2ioAycxqlmHVx/9tQ==
age: 79174
x-bce-storage-class: STANDARD
content-length: 30255
ohc-cache-hit: mzun59 [4], zhuzuncache92 [4], qdix196 [1]
last-modified: Tue, 15 Mar 2022 04:37:11 GMT
server: JSP3/2.0.14
etag: "6ad1507768a8032731aa5987571ffdb5"
x-bce-request-id: 95d5358e-80da-418e-b5fa-cd231c5fff97
content-type: image/jpeg
x-bce-debug-id: a0qxlmPsoW3LY3oWWB3ZHREiQNaT4MQYRu6CKzEDjUawlagzxR2MiHqb8LFB+iLMlvvMM3+2q5mKxERZKURflA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 4161815747
expires: Thu, 24 Mar 2022 06:08:45 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVVGVBpacR58dRQsYXhmKD4SyD04muE4uLbLtx%2FpnFFcG8ApiiHJjTHQfitbnJZN8OTbR%2B28VFefYgVDkH1ZLiMIQhrcYnSRH5BimsiOuVrBCFrPfcUK6yNdY9oHAcqpBwxYHpV1uTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/f7b1b2485541560dc812c95e18b99e14.jpg
cf-ray: 6f069ed26a885c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

55ca97ef840be4c6a1d532ae556f7590.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_packet.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/55ca97ef840be4c6a1d532ae556f7590.jpg

51 KB
51 KB

4439ms
1649ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/55ca97ef840be4c6a1d532ae556f7590.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: f8c18a2a2e87063a33e448bb42e34f2a80d126137a9c7e2611f013c851ab0c12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 51759
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: BR3CKImqZ2witEmy66PGbQ==
age: 54989
x-bce-storage-class: STANDARD
content-length: 51759
ohc-cache-hit: mzun52 [4], jnuncache101 [2], bdix208 [2]
last-modified: Tue, 15 Mar 2022 05:15:11 GMT
server: JSP3/2.0.14
etag: "051dc22889aa676c22b449b2eba3c66d"
x-bce-request-id: 0a6baa86-32e3-4099-b125-c50071206ace
content-type: image/jpeg
x-bce-debug-id: HiOjosGAfVmdf1j0snGiQeRnDeV8CHbSINADdcpdLFDxE1q3Gf5kZeaiwPrdu0kmRhmlN2IdU8UggKfn0kt+zw==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1926295959
expires: Thu, 24 Mar 2022 06:08:46 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnwbeQx1m%2B3vat4k7peNlCbyW%2FtZgtYIeNcPO1S5%2BdMhYIzmVddce4QeYHNFisK0W7SSjllM90yeoW7GI5VIkfZn5P5rWtWLqsrzJ7TtfzlmVe3TmZUiIUcUvlL16rvBfcnwDrcI%2BE8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/55ca97ef840be4c6a1d532ae556f7590.jpg
cf-ray: 6f069ed26a8b5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

7f004d6ba84b0cd3e8f2b34c9e4037c5.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_dnstxt.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/7f004d6ba84b0cd3e8f2b34c9e4037c5.jpg

52 KB
52 KB

4707ms
1400ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/7f004d6ba84b0cd3e8f2b34c9e4037c5.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: ecda8fc7bf1ee5daade9416054ac9b318661060da069434ef8b202bbf52e1349

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 52757
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: EmI24msgUMG4Y2Y1SmCniw==
age: 79174
x-bce-storage-class: STANDARD
content-length: 52757
ohc-cache-hit: mzun62 [4], jnuncache62 [1], qdix132 [4]
last-modified: Tue, 15 Mar 2022 04:44:38 GMT
server: JSP3/2.0.14
etag: "126236e26b2050c1b86366354a60a78b"
x-bce-request-id: 76c9c795-a71a-43d4-bd50-354ba980a844
content-type: image/jpeg
x-bce-debug-id: IHGI1njnhh0LC0jEPlfuI/7P/B0kTRue9EKV4lESA5pemO14UG+tzRYOXaRrBBUmQNOCQOI8w58NLyl7Me+tMw==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1965719151
expires: Thu, 24 Mar 2022 06:08:46 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BE5Q4ywkAcKSyitBadjtTJjRbaG54lcEhzK%2FStfyL2xOrNVGi4COqqWV3uIlxYbXsl1t4VLksz%2B6J6A%2FZqWIpzNB1Mqi2MJMjHI3EBJa9Vx6yGlRNtm9mlL6EM5gIFX5DFHDqaS50DM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/7f004d6ba84b0cd3e8f2b34c9e4037c5.jpg
cf-ray: 6f069ed26a8d5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

f8f23ca59ffffdf9e71260a9b5da8e00.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_pre.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/f8f23ca59ffffdf9e71260a9b5da8e00.jpg

15 KB
16 KB

4317ms
997ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/f8f23ca59ffffdf9e71260a9b5da8e00.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: a1920306b100194c89ef11b8170e08934d646971f3ad7909f1664039a5f070e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 15480
date: Wed, 23 Mar 2022 10:52:59 GMT
content-md5: +mcLBtC/IANNV04VUnPaIg==
age: 127901
x-bce-storage-class: STANDARD
content-length: 15480
ohc-cache-hit: mzun63 [4], jnuncache77 [4], suzix131 [2]
last-modified: Tue, 15 Mar 2022 04:44:39 GMT
server: JSP3/2.0.14
etag: "fa670b06d0bf20034d574e155273da22"
x-bce-request-id: da62145a-4b6d-4c16-b735-3a2abd688e56
content-type: image/jpeg
x-bce-debug-id: L/ZfLOE7ENm2WAdFElHJem7FORW0Qe0pqXLkuT/B3fLASXemCEYorFems35118s2zuejYCm0A9ygUBc/+7dFbg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 127603161
expires: Thu, 24 Mar 2022 06:08:47 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZ97IxVYKr7jY2LTz2OD9DRz1XM238KdLumavvtvI0vozfkJBAvaaCaN954fJ2uWnamZGRfu5bMnnS9ItOQZSzq8H35BjdBNAGVmIfgj%2FC2pIf7RYzc6P%2BNfIDepOZpOW%2Fd9ZT%2BqQVc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/f8f23ca59ffffdf9e71260a9b5da8e00.jpg
cf-ray: 6f069ed26a8f5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

92da239d50b967c0b21a483d9c38b5ec.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_reg.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/92da239d50b967c0b21a483d9c38b5ec.jpg

34 KB
34 KB

3961ms
622ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/92da239d50b967c0b21a483d9c38b5ec.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 127f0d80a8c355ec97ac827a31085c5801f42be6d7246c352f872dfbbed9cfed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 34658
date: Wed, 23 Mar 2022 10:52:59 GMT
content-md5: Bo2XNmiSiuv+oFjJVIcpaQ==
age: 79174
x-bce-storage-class: STANDARD
content-length: 34658
ohc-cache-hit: mzun61 [4], zhuzuncache79 [4], czix201 [2]
last-modified: Tue, 15 Mar 2022 04:44:48 GMT
server: JSP3/2.0.14
etag: "068d973668928aebfea058c954872969"
x-bce-request-id: 759554cb-e0d1-4a94-a755-bfa8f8095edb
content-type: image/jpeg
x-bce-debug-id: 4g38LV51Ema8izvvQolJZfmW731KEJfHeNyftp+SNO95OIO0JMqBkxPbCfkVLCYDTVRigqucfbxrvoRIuzxK0w==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 2754009589
expires: Thu, 24 Mar 2022 06:08:47 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SD7Q%2FIrBYiCOlvRpZRaR0cu5Quc3KTAA9qSztghJ%2FMfeMg9QIFcN4Bqs35LoillVlC6tp3Ao16ibEBTOkxS%2BegQlDGrcIDxFTmwv9Pj8huNwF9MJSr%2BJ6NlwLVr21X4T6XQwl7qKY%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/92da239d50b967c0b21a483d9c38b5ec.jpg
cf-ray: 6f069ed26a915c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

7d5568f6fa29fec8397d6256a62bb204.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_process.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/7d5568f6fa29fec8397d6256a62bb204.jpg

7 KB
8 KB

4992ms
1707ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/7d5568f6fa29fec8397d6256a62bb204.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 841be4e4fe6221c22c1f830ba13850b3a9b60702b90dc90fd33ff94728422f13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 7580
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: QmwGyZQF+8ZUESl2FIG61A==
age: 79174
x-bce-storage-class: STANDARD
content-length: 7580
ohc-cache-hit: mzun59 [4], bduncache76 [4], qdix76 [1]
last-modified: Tue, 15 Mar 2022 04:45:27 GMT
server: JSP3/2.0.14
etag: "426c06c99405fbc6541129761481bad4"
x-bce-request-id: ad61d330-5859-4efb-9b54-f9b04fbea016
content-type: image/jpeg
x-bce-debug-id: iIpG+Nf7ijj6wVrWrKjFN/Xktu4UNZZ3J8u2KihB0x1kGrgJLTTFJMoJIgVZrBfLVQyUen2+OtfpwTJebYU3fQ==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1581410099
expires: Thu, 24 Mar 2022 06:08:47 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbxhm5zGCy7Ihn1IDDQflg%2FISYcfefANE7jluSLadPe44%2FcPAEdEuBOo9FblGqzOdzMrjxY470iYb5Rp7DBmW85qI2DDkJ0sO5O%2F0WvnznTMUr19hr%2F1tNGEG5%2FVpExY9A7f9QBbwC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/7d5568f6fa29fec8397d6256a62bb204.jpg
cf-ray: 6f069ed26a935c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

a16e776793fade94842b60b635fc00af.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_tun.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/a16e776793fade94842b60b635fc00af.jpg

26 KB
26 KB

5023ms
1720ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/a16e776793fade94842b60b635fc00af.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: f94e98c0f4dc2b18eb3bf460b12946c97a597859bf0aa4c2d0075a0ec3460749

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 26420
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: 4pCuW+MxCowp/YIlQEEmSw==
age: 79174
x-bce-storage-class: STANDARD
content-length: 26420
ohc-cache-hit: mzun66 [4], cangzuncache66 [4], czix240 [4]
last-modified: Tue, 15 Mar 2022 04:44:50 GMT
server: JSP3/2.0.14
etag: "e290ae5be3310a8c29fd82254041264b"
x-bce-request-id: ab54b082-88c3-4939-a5a7-6830f2aff95c
content-type: image/jpeg
x-bce-debug-id: ElnQMBjOwNUT4U5Sy+bTfiyN0sojfOgo0Huc3cSILEheRipbNXO3GbhRpTUuF445S41AXO64sUrmfHbHmyROZA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 1501881087
expires: Thu, 24 Mar 2022 06:08:47 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BXVD5MyKgnU2sYuC6zrOd3pBhpeqewWmYSjdrWXDJBtyVMpIKNfLD0OTbVheuGaIfY7RLpLA%2F1FF6GcMZvMN9H6vtZS2rvgl2l84D78dDEbgFK5y8EITSJwTr%2FhqSdhK1x15eizpAAQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/a16e776793fade94842b60b635fc00af.jpg
cf-ray: 6f069ed26a955c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

335a803c3d6db9b6a6b9cafa3fdab94a.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_origin.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/335a803c3d6db9b6a6b9cafa3fdab94a.jpg

4 KB
5 KB

4023ms
1298ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/335a803c3d6db9b6a6b9cafa3fdab94a.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: db5bba840ba66f19c50a51cf0bb1edd815dde4f7a61bb7b51624307a52e7d4c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 4132
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: ltlCkmmsjZN95hLcynGIIg==
age: 224009
x-bce-storage-class: STANDARD
content-length: 4132
ohc-cache-hit: mzun67 [4], zhuzuncache67 [1], xaix67 [2]
last-modified: Thu, 17 Mar 2022 11:02:59 GMT
server: JSP3/2.0.14
etag: "96d9429269ac8d937de612dcca718822"
x-bce-request-id: fcb83b0d-350d-4a61-b81a-9d7485ba0d04
content-type: image/jpeg
x-bce-debug-id: xzVeKaUmOKgALZ2Vy86YYFW4tVDVbQz6peWyaZsIscM6aHxJPnzvTn9tEzeLO/nys3THa+eMH+PdtQy39ejJIg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 617302513
expires: Wed, 23 Mar 2022 20:39:31 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QsnNqAf860FI6fDDRF5Fq1bub599RmcdEGTWdHF4Mc6peiKsoQYnujzShUtfKyPKtIHFl7qOdAm%2B%2F%2BzcEoHk4nMC5qqAA2W%2BGTp3PPYe4gsdmEvfGuxvY6DNzSpUGlijkL6Ynea%2F36Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/335a803c3d6db9b6a6b9cafa3fdab94a.jpg
cf-ray: 6f069ed26a965c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

51231df67a19231a9e0878780890aa4f.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_senddns.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/51231df67a19231a9e0878780890aa4f.jpg

55 KB
56 KB

4550ms
1216ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/51231df67a19231a9e0878780890aa4f.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 62643daf9e7f2a83add83c0296ac030012e891da70417b7ee7042f1580cf0af5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 56678
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: iRiGr/1PtdGx1ViayyH0wA==
age: 79174
x-bce-storage-class: STANDARD
content-length: 56678
ohc-cache-hit: mzun65 [4], xzuncache108 [1], bdix234 [4]
last-modified: Tue, 15 Mar 2022 04:45:00 GMT
server: JSP3/2.0.14
etag: "891886affd4fb5d1b1d5589acb21f4c0"
x-bce-request-id: 380e6ddd-f9da-49e9-9df1-3c669e61d30d
content-type: image/jpeg
x-bce-debug-id: 2M547JZgWMS3I7wpUnMtS10wdWpz2PdNcEEWb5q2IMXHFjbzWqXjHt23DOsgyt2X5n+W1KH0yjqGVW5m8jDK6A==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 729443798
expires: Thu, 24 Mar 2022 06:08:48 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtiOygYoNoCRNapsndSsfVa25GMmVniXZd5pUzD6%2FQZVU4r2M3XjxTptR5g%2BeNrQ0rplTA2VkBgK%2FWwFhPYTeulS7eKZXqM4MXwxLnBlgJwDVJZiGMrNNvSaAiSqiqIsL5fyp8JYA%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/51231df67a19231a9e0878780890aa4f.jpg
cf-ray: 6f069ed26a975c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

736f8c6150361280971774afdafe5fd1.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_recv.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/736f8c6150361280971774afdafe5fd1.jpg

12 KB
13 KB

4498ms
1177ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/736f8c6150361280971774afdafe5fd1.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 6fdf9b030359ee922f9ff6469b416092f75e41fec2563ba2fedc2fe4f21861b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 12425
date: Wed, 23 Mar 2022 10:52:59 GMT
content-md5: ZA8Ou5g+jD3gqDa0sIBE0Q==
age: 189851
x-bce-storage-class: STANDARD
content-length: 12425
ohc-cache-hit: mzun51 [4], bduncache51 [4], xaix51 [1]
last-modified: Tue, 15 Mar 2022 04:37:45 GMT
server: JSP3/2.0.14
etag: "640f0ebb983e8c3de0a836b4b08044d1"
x-bce-request-id: 4ff1f2cf-7647-435f-9cdd-709c4e2e1ca5
content-type: image/jpeg
x-bce-debug-id: aw3IvgEgcJB1n0TlGuFAB4dQGMzt0PGFFTg89Ra6gCCmgcI7EBlm3UhxQZQaZ7omUKm5Di9NqmHf9lystQRYpg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 3203474433
expires: Thu, 24 Mar 2022 06:08:48 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKLKKADkLAQzV5L0D1ACAJ6ev33g2nfOH4YurXtxWHue90FgR7fxPJD6h8gL0F8684Jo4imdGF8nFha0jHHvZqvUjq31bnJecUVVqZi0wW%2B4ZyRw7di84lPSziQe2Iy72hSKepd8WIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/736f8c6150361280971774afdafe5fd1.jpg
cf-ray: 6f069ed26a995c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

4d8d27e3b034f4c5e7fb2b3d865f3765.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_cmd.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/4d8d27e3b034f4c5e7fb2b3d865f3765.jpg

26 KB
27 KB

4659ms
1356ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/4d8d27e3b034f4c5e7fb2b3d865f3765.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 25ddb2932dfc9dd6f2af9f5707239dda844f8f1c8cbdcd021145da757dfb0395

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 26725
date: Wed, 23 Mar 2022 10:53:00 GMT
content-md5: KoeAg1OvxTJ4MtHfa+SQZA==
age: 79174
x-bce-storage-class: STANDARD
content-length: 26725
ohc-cache-hit: mzun65 [4], xzuncache77 [4], bdix207 [4]
last-modified: Tue, 15 Mar 2022 04:44:58 GMT
server: JSP3/2.0.14
etag: "2a87808353afc5327832d1df6be49064"
x-bce-request-id: 8804fca1-82fb-46a8-acbc-54f1b69cd339
content-type: image/jpeg
x-bce-debug-id: s28beXPzex4OsW9lXDEEVAXwfE/n8NvicxSRRGe8zftvSDocrMe9pqxgHzaFS5EGTpPrmUb/HsA0Dm+j4UYwDg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 9512787
expires: Thu, 24 Mar 2022 06:08:48 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uv5hySwjyRHlEKI2Lg2m7L%2BuTdkoiLpYSTZ5v6gXlDsbXBOiVlfWNzwV6XbnupYREWUWJhq3fkjrSf9UeVolKkddEWZWbaxEFt07Woq1QVGXbv%2BQPC5ri1vi8%2FlW4GEWFmmZyT9I%2Bn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/4d8d27e3b034f4c5e7fb2b3d865f3765.jpg
cf-ray: 6f069ed26a9b5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

239ddea915ebb28ef398d2abe63cdb39.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_after.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/239ddea915ebb28ef398d2abe63cdb39.jpg

11 KB
12 KB

4278ms
942ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/239ddea915ebb28ef398d2abe63cdb39.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: f0180f83cfbb0a8453f044a1463457ca5687163108e7487c91affffaf4fcad2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 11490
date: Wed, 23 Mar 2022 10:52:59 GMT
content-md5: N8Lt9dI8+IxZcHQTAw5FZw==
age: 79173
x-bce-storage-class: STANDARD
content-length: 11490
ohc-cache-hit: mzun60 [4], jnuncache98 [1], xaix247 [4]
last-modified: Tue, 15 Mar 2022 04:44:59 GMT
server: JSP3/2.0.14
etag: "37c2edf5d23cf88c59707413030e4567"
x-bce-request-id: 008f0854-bf23-4ef0-b431-ad6d519d9f89
content-type: image/jpeg
x-bce-debug-id: e8pd3quTa+IEhwEzIHmZrWjJS+V3rBFE6RgR43uYrXupf/EQIyyVM+zzwnutnvnQpt8A2fAODM9Osi0QhpQlqg==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 2715921710
expires: Thu, 24 Mar 2022 06:08:48 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8PqkW6HyNVSGb%2BS%2Fa%2BSs%2BmwQiKu3zHFP1xkR1FNGCIlT0Cbilho%2Bg38UDN2U0LHqBU9hrp%2F6ajlBr97LpPUE9tcOAQEqQFjiX7tOycP25gYbbCJ%2FO5yMCE9UzWcJnESWKTxbLBz99Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/239ddea915ebb28ef398d2abe63cdb39.jpg
cf-ray: 6f069ed26a9c5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

7e7ef987bc0a00f1c112aedb06cb6426.jpg
8aqnet.cdn.bcebos.com/
Redirect Chain

https://unsafe.sh/image?f=https%3A%2F%2Fblog.netlab.360.com%2Fcontent%2Fimages%2F2022%2F03%2Fb1t_bug.png&ref=https://wiki.ioin.in/url/oojD
https://8aqnet.cdn.bcebos.com/7e7ef987bc0a00f1c112aedb06cb6426.jpg

27 KB
28 KB

4374ms
1049ms

Image
image/jpeg

221.5.75.35
CHINA169-GZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8aqnet.cdn.bcebos.com/7e7ef987bc0a00f1c112aedb06cb6426.jpg
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H2
Server: 221.5.75.35 , China, ASN17816 (CHINA169-GZ China Unicom IP network China169 Guangdong province, CN),
Reverse DNS
Software: JSP3/2.0.14 /
Resource Hash: 48a93a7dc45dcb0bbd2fd3177d2a77bd827e3f8566ea25484ed347a890e602b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ohc-file-size: 27698
date: Wed, 23 Mar 2022 10:52:59 GMT
content-md5: Ma0QH5mRFNCn1ozYfzdITA==
age: 224005
x-bce-storage-class: STANDARD
content-length: 27698
ohc-cache-hit: mzun61 [4], bduncache61 [1], qdix192 [1]
last-modified: Thu, 17 Mar 2022 11:02:58 GMT
server: JSP3/2.0.14
etag: "31ad101f999114d0a7d68cd87f37484c"
x-bce-request-id: a29d7acd-9349-4363-8342-a59f8fd689d6
content-type: image/jpeg
x-bce-debug-id: YgjmzvzyowTjF7zQwn2dO2iT9FEJSJu23kC4gr7ucr1fvYaB5s8jZ56cIBKz2pywispFt360AzObj7FqUDniiA==
accept-ranges: bytes
timing-allow-origin: *
x-bce-content-crc32: 4063824481
expires: Wed, 23 Mar 2022 20:39:34 GMT

Redirect headers

date: Wed, 23 Mar 2022 10:52:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqde21NG8Wpfa0kgmj6CQenj2NUO4DvpV5hfe4gPU8CkrLEEw8U40ZCPopESoNjlyBQ%2BVpAo71iexZeswK0F2tnjPSoYBHwSEBP%2FjwU91lsc8u0Kkq3U9aPZdlrEs4ubqby5WFklu80%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://8aqnet.cdn.bcebos.com/7e7ef987bc0a00f1c112aedb06cb6426.jpg
cf-ray: 6f069ed26a9d5c02-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 utterances.html Show response
utteranc.es/ Frame 3781 481 B
1 KB 133ms
110ms Document
text/html 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-106038&title=%E6%96%B0%E5%A8%81%E8%83%81%EF%BC%9A%E4%BD%BF%E7%94%A8DNS+Tunnel%E6%8A%80%E6%9C%AF%E7%9A%84Linux%E5%90%8E%E9%97%A8B1txor20%E6%AD%A3%E5%9C%A8%E9%80%9A%E8%BF%87Log4j%E6%BC%8F%E6%B4%9E%E4%BC%A0%E6%92%AD&description=&og%3Atitle=&session=
Requested by: Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4ac8ed78f1c8cd424a31a787358344930077150c7aed42c1fdcd35749aec3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/

Response headers

date: Wed, 23 Mar 2022 10:52:56 GMT
content-type: text/html; charset=utf-8
x-origin-cache: HIT
last-modified: Fri, 11 Feb 2022 15:29:47 GMT
access-control-allow-origin: *
expires: Wed, 23 Mar 2022 11:02:56 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 3444:784B:23DF98C:25442C1:623AFC08
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4071-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1648032776.105273,VS0,VE85
vary: Accept-Encoding
x-fastly-request-id: 2fea19f02e6d04c7317b4413ee5a0a02f31b2e43
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAMt9j%2BS2cbRuagMMrMa%2FMAVs1F3l%2FcZbLzeNQMPxnCRHYQ2tvbFjUf0VtQWIKyZTqAQF285nXyAjFf3JzrRZ3V90bXRpQAdGSbVIsLGnjGMv3H6bZ2IkD%2BoQNHF8vtgxmUDTNS9KBXcQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f069ed29ecd9b86-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
642 B 136ms
48ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=unsafe.sh&callback=_gfp_s_&client=ca-pub-2546727783310811

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2546727783310811&plah=unsafe.sh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

73eab24b776722707b365cc20038ed93bcedd09a46ba321514442bb9524e09e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 132ms
47ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=unsafe.sh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 10:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 128ms
45ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=unsafe.sh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 10:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&tn=NAV&cls=navbar%20navbar-expand-md%20navbar-dark%20fixed-top%20bg-dark&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: unsafe.sh
URL: https://unsafe.sh/go-106038.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 10:52:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E683 603 B
68 B 102ms
57ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2546727783310811&output=html&adk=1812271804&adf=3025194257&lmt=1648032776&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648032776011&bpp=4&bdt=961&idt=199&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6276421175138&frm=20&pv=2&ga_vid=1869995262.1648032776&ga_sid=1648032776&ga_hid=1004296454&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44760475%2C31065654%2C31064019&oid=2&pvsid=2507043946061531&pem=890&tmod=864611983&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Mar 2022 10:52:56 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Mar 2022 10:52:56 GMT
cache-control: private

GET
H3 200 utterances.6ec01640.js Show response
utteranc.es/ Frame 3781 23 KB
9 KB 21ms
21ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utteranc.es/utterances.6ec01640.js
Requested by: Host: utteranc.es
URL: https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-106038&title=%E6%96%B0%E5%A8%81%E8%83%81%EF%BC%9A%E4%BD%BF%E7%94%A8DNS+Tunnel%E6%8A%80%E6%9C%AF%E7%9A%84Linux%E5%90%8E%E9%97%A8B1txor20%E6%AD%A3%E5%9C%A8%E9%80%9A%E8%BF%87Log4j%E6%BC%8F%E6%B4%9E%E4%BC%A0%E6%92%AD&description=&og%3Atitle=&session=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 373c79e86c94f0c31424633e5b225a4e9c537b8106e570835f2522f3542109a3

Request headers

Referer: https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-106038&title=%E6%96%B0%E5%A8%81%E8%83%81%EF%BC%9A%E4%BD%BF%E7%94%A8DNS+Tunnel%E6%8A%80%E6%9C%AF%E7%9A%84Linux%E5%90%8E%E9%97%A8B1txor20%E6%AD%A3%E5%9C%A8%E9%80%9A%E8%BF%87Log4j%E6%BC%8F%E6%B4%9E%E4%BC%A0%E6%92%AD&description=&og%3Atitle=&session=
Origin: https://utteranc.es
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-fastly-request-id: db88fe85270e8a1c85232735ef7412f5be86f502
date: Wed, 23 Mar 2022 10:52:56 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 203
x-cache: HIT
x-cache-hits: 1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19178-FRA
last-modified: Fri, 11 Feb 2022 15:29:47 GMT
server: cloudflare
x-github-request-id: 384C:BBF7:1C726EF:1D4B8CC:621160BC
x-timer: S1646054878.024762,VS0,VE1
etag: W/"620680eb-5ae2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hEe8%2FEo6l35dzWPojCrSg1HBvqiY11g6jmfiZFgvU22i6w3oIpj2dy8vOmw5XhVIrRIZy1TQp7BnCP45TpQ5gieV%2FLC8%2BcApQCBky3V24hWtlLAzFkVE3y44lK5SHdSsTuzvn7IormnJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 6f069ed388b09b86-FRA
x-origin-cache: HIT
expires: Tue, 22 Mar 2022 07:22:17 GMT

GET
H2 200 issues Show response
api.github.com/search/ Frame 3781 73 B
1 KB 153ms
129ms Fetch
application/json 140.82.121.5
GITHUB

General

Check archive.org

Show headers Download Go to

Full URL

https://api.github.com/search/issues?q=%22go-106038%22%20type%3Aissue%20in%3Atitle%20repo%3Acode-scan%2Futteranc&sort=created&order=asc

Requested by

Host: utteranc.es
URL: https://utteranc.es/utterances.6ec01640.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

140.82.121.5 , United States, ASN36459 (GITHUB, US),

Reverse DNS

lb-140-82-121-5-fra.github.com

Software

GitHub.com /

Resource Hash

08c082fdf7ca87ba911a2aabb0f0cf2d3e482a6feeaac9713e4578c20b2600b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

Accept: application/vnd.github.v3+json
Referer: https://utteranc.es/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:52:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-github-media-type: github.v3; format=json
x-ratelimit-limit: 10
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept, Accept-Encoding, Accept, X-Requested-With
content-length: 82
x-xss-protection: 0
x-ratelimit-used: 1
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: GitHub.com
x-github-request-id: 88B6:063F:208856A:21A9087:623AFC08
x-frame-options: deny
x-ratelimit-remaining: 9
x-ratelimit-resource: search
access-control-allow-origin: *
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
cache-control: no-cache
x-ratelimit-reset: 1648032836
content-security-policy: default-src 'none'
accept-ranges: bytes
content-type: application/json; charset=utf-8

GET
H3 200 utterances.css
utteranc.es/stylesheets/themes/github-light/ Frame 3781 38 KB
9 KB 22ms
21ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://utteranc.es/stylesheets/themes/github-light/utterances.css
Requested by: Host: utteranc.es
URL: https://utteranc.es/utterances.6ec01640.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4be56c4af49082f20845d665dfc0051dcad7e28c9d766060b4265c00da7ef025

Request headers

Referer: https://utteranc.es/utterances.html?src=https%3A%2F%2Futteranc.es%2Fclient.js&repo=code-scan%2Futteranc&issue-term=pathname&theme=github-light&crossorigin=anonymous&async=&url=https%3A%2F%2Funsafe.sh%2Fgo-106038.html&origin=https%3A%2F%2Funsafe.sh&pathname=go-106038&title=%E6%96%B0%E5%A8%81%E8%83%81%EF%BC%9A%E4%BD%BF%E7%94%A8DNS+Tunnel%E6%8A%80%E6%9C%AF%E7%9A%84Linux%E5%90%8E%E9%97%A8B1txor20%E6%AD%A3%E5%9C%A8%E9%80%9A%E8%BF%87Log4j%E6%BC%8F%E6%B4%9E%E4%BC%A0%E6%92%AD&description=&og%3Atitle=&session=
Origin: https://utteranc.es
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-fastly-request-id: 99726daa20f6ab333c02d38c922f2d10ee95079f
date: Wed, 23 Mar 2022 10:52:56 GMT
via: 1.1 varnish
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 150
x-cache: HIT
x-cache-hits: 1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19149-FRA
last-modified: Fri, 11 Feb 2022 15:29:47 GMT
server: cloudflare
x-github-request-id: 8E62:1558:6B0F87:6DCD65:62068104
x-timer: S1644593524.320652,VS0,VE1
etag: W/"620680eb-98b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INiqmFBhVSpT%2FNqP0JHtHuqYVqKmRI6wSuct0RT%2Fc7JpxR3DqHDJ%2Fzl5OFHqignYxSuVKlwMtcDk9W2seG10AQuHoKQBsTJ5K42eunuE%2FXox%2B7RKSrOMrYLdISr%2Fgpbhuzmh0nNpyufSSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 6f069ed3a8f59b86-FRA
x-origin-cache: HIT
expires: Wed, 23 Mar 2022 07:17:00 GMT

GET
DATA 200
OK truncated
/ Frame 3781 386 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fe0342a2e41fc9d12f43964cd18eb8a40af90ea98854b1c27537f859384f842

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 101ms
53ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220317&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e85f3ad7e1af2f723de40d3159d6e969b949e132584ae41f42e174f401183c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 10:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10532
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 142ms
61ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:53:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 10:53:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6E56 13 KB
5 KB 83ms
36ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Mar 2022 10:37:37 GMT
expires: Thu, 23 Mar 2023 10:37:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B3DE 783 B
1 KB 128ms
46ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

102848523cbda0c44ece76969c04f4b41e946134c2532703f207e61c4e974cbf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WHl4LqgM6yNOdQcT/Ob1rA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 23 Mar 2022 10:53:01 GMT
date: Wed, 23 Mar 2022 10:53:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-WHl4LqgM6yNOdQcT/Ob1rA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E56 35 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 07:09:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13802
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 07:09:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B3DE 0
0 73ms
72ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220317&jk=2507043946061531&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6E56 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?RBu6ag
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 10:53:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220317&jk=2507043946061531&bg=!FBelF1PNAAba2mK92to7ACkAdvg8Wm_fLv_TbW-U2PPv319qnTOPtatSKnAw5rG5CmljeC1jDXDR6wIAAABvUgAAAAJoAQcKAES-un1xEGctOyZq5-hRfZGcUCvXINJMHJMDblXQYbSo6lsLwg9eXVsAL9HOvKKU0jU-DAUNY6NN0s9fiatAQw4QMzc8RpkC1vmtkPZB4fQV8fKI7bTQ6gzhfcH999xdoA6OdaJcordMIn5t508RU6y7YsefQ5U2NkPiXpGIzzp1Yad4JS6I3p-LlMzcYETWOXKCH_gZmvA2jgSZt2hKjTHJKjkDOcG1uJkA1-ucAtghLfieCD8rw4zgqYTx5BZ2O24JuPQ3o7KhyFtkIDGTncrSQfBWS6RT-ESp9kvjJFhSOUp3VCk1DgxGermr3IcYINhOFV0gezSNA2JqLFLJqnkO669hvona6i2_w2JR4ypCLnY2qG2xpDDk8azwGmLoWCYuVAwsMkc3KYZUUdEtvKVjkKlrxJEHUji0janSm16J8j5K8J-Dljvfa3v9uv0eKNlIDtjqqwzbsE7wDt7Y6QwPyacC5oYui9kZXqlOdj55dTFUzvu1OInui-9-uXYjCVMU2hC4QXH52knZnhkxmxNl_0viEFAP_lpDskMsAV_jcB-3FwSXoTjrYlhgEosMpKLdudnsk0Vqp6LNUQbwa23L0Cyjz5RGzEnNVwiX_acFI5KI8oao7453YcqnMvwXCtbizN3peDwz8yZylktenliGqJhWgJ_Ujjb10OhxaQpqW5D1tXIJ7GnWwNXFdFc5DadgQTwByVJp64TP6sTASMO59oPO2gPqCa5CHiJn96fExHMaXwwTnc-98CfEYNa6fMqki0VTEfhlmWHMENLp0FDZ33nGIMRstSINY2MJRy1NSpR3GvQ9g3cgw4qSWaB8iKHyR6cWOoOOVFqzIUtwRcdIWCfDNWbe_41h9QUDeTrPiSJ2w8NIXqBPzbN4MX43Mg9ilBub-zvFIH7wWPy9ki4XxfnYDJCtblIj2UYOKX8i6nI89pNDCmUurT4Z3Tq3-eMGdFHv1wGY465IE3hGd5J0SdLWTje7H63YgfyneC0-3ypjIqsAlG9Lt-f46OEYOm7KfAxjtu41sLGoD0QX9cuM3ChDr03B9LyFCecSbg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://unsafe.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 10:53:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
unsafe.sh/	1969-12-31 23:59:59	Name: beegosessionID Value: 25b86cfa437bf461947c382b880acd46
unsafe.sh/	1969-12-31 23:59:59	Name: __tins__20302257 Value: %7B%22sid%22%3A%201648032775936%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201648034575936%7D
unsafe.sh/	1969-12-31 23:59:59	Name: __51cke__ Value:
unsafe.sh/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
.doubleclick.net/	1970-01-20 01:47:13	Name: test_cookie Value: CheckForPermission
.unsafe.sh/	1970-01-20 11:08:48	Name: __gads Value: ID=9aecc6aeaa7aa719-22ea773363cd00ef:T=1648032776:RT=1648032776:S=ALNI_MY6RkE0fXFeTzz0091LW_GFE08tfw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8aqnet.cdn.bcebos.com
adservice.google.com
adservice.google.de
api.github.com
blog.netlab.360.com
code.jquery.com
googleads.g.doubleclick.net
ia.51.la
js.users.51.la
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
unsafe.sh
utteranc.es
www.google.com
14.17.102.110
140.82.121.5
142.250.185.162
183.131.207.66
2001:4de0:ac18::1:a:1a
221.5.75.35
2606:4700:3032::6815:1558
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a06:98c1:3120::7
36.110.234.55
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
08c082fdf7ca87ba911a2aabb0f0cf2d3e482a6feeaac9713e4578c20b2600b2
0928f592b374bd61675d7139bde50b8c220752782929ec24cd418bcbe0988899
0aa5755be12f1144d791d69f5b9b68d3a9e4a199aeb3e08fb90aef58578bef53
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
102848523cbda0c44ece76969c04f4b41e946134c2532703f207e61c4e974cbf
127f0d80a8c355ec97ac827a31085c5801f42be6d7246c352f872dfbbed9cfed
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
1fe0342a2e41fc9d12f43964cd18eb8a40af90ea98854b1c27537f859384f842
25ddb2932dfc9dd6f2af9f5707239dda844f8f1c8cbdcd021145da757dfb0395
29030624eaa611ec02d9843d3e770460361709fcc1b02b24029088dd89ff2964
373c79e86c94f0c31424633e5b225a4e9c537b8106e570835f2522f3542109a3
48a93a7dc45dcb0bbd2fd3177d2a77bd827e3f8566ea25484ed347a890e602b7
4a2fe5669ce5196d02b5faa73b22225a3858a1e31422e8bb3324744f19671ecb
4be56c4af49082f20845d665dfc0051dcad7e28c9d766060b4265c00da7ef025
4ca976a970e0a309104b9664101e0e9e9e05f720452aea4ff021bb6e6804e8d9
4d869491434bb01e5ed929066e8a3bf3f2c6d6282c4649c837fed48110f399c9
4eafe722db0cddc9c3d79cc271e97598833c51f463faeb0b8f3a40f4db83c6f1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62643daf9e7f2a83add83c0296ac030012e891da70417b7ee7042f1580cf0af5
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
66f87994937d42115b6ba5a9a73ffc6041253f7c362704da2aca5a9cf75f254e
6fdf9b030359ee922f9ff6469b416092f75e41fec2563ba2fedc2fe4f21861b9
702de2f3dccc3ddba8581367d81c98d36ea7519141dfdf7e91b494bc09183dd9
73eab24b776722707b365cc20038ed93bcedd09a46ba321514442bb9524e09e1
841be4e4fe6221c22c1f830ba13850b3a9b60702b90dc90fd33ff94728422f13
8c8750264db5673b91394a4a632e848704b1dec4809c1d50ae67e089f5f1fb51
8f27b2160255b0a3bbe960f0af6a1772a8514e2b3ba0acbeea1e622ebb5f3e4a
90d298bf5573030a8ba62260da1850505b77177e02196c8e5fbabc1345155d18
93f80c20dccdf16f2287a0a129934febdf9a23a1dd7514dbd901f24db37b2156
9f87e1b90abde5c2934f70f23d97aceb902929b1de0409304c1bb3c7ba84ff3e
a1920306b100194c89ef11b8170e08934d646971f3ad7909f1664039a5f070e6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60c1063bf81dd9cde7e4d6334780d22e4add1d5d71c3a7c3c8cd8f5734f268d
aea520b77c768a14d9053225c914bf7b8cc5fab4994640d6274af8b42386fec3
b54296ee0f649e3e92bbd8ceebccf8e88f6cab5bf188bd2f8f0ecd4734f94e60
bec98e217ede6c412e71d92fdc73ff1ff14f343e537b00bf6bb957fd8dfed1aa
becf4735a5cc67e08fa8d74c6f333b7d78d0cf9209e6415451435336d28495e9
d03beeb0dc7f48719d7c46816c40334cd88c5b940f7f97e988f15659c2ca25f8
d0c396f19d8198f8ed11e4dcea9850c14568ad2bb280330314a33657d98a60d3
db5bba840ba66f19c50a51cf0bb1edd815dde4f7a61bb7b51624307a52e7d4c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e85f3ad7e1af2f723de40d3159d6e969b949e132584ae41f42e174f401183c36
ea06e1b5239e69624ecfd75002a556446ca0915693bc783d9a1c7e9e95ab4a0e
ecda8fc7bf1ee5daade9416054ac9b318661060da069434ef8b202bbf52e1349
f0180f83cfbb0a8453f044a1463457ca5687163108e7487c91affffaf4fcad2f
f36e0332898e1f23f085fb5da06939f26b2fd57e99c306e9c1f4ad3b17efcf34
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
f8c18a2a2e87063a33e448bb42e34f2a80d126137a9c7e2611f013c851ab0c12
f94e98c0f4dc2b18eb3bf460b12946c97a597859bf0aa4c2d0075a0ec3460749
f9adbe4058414e8c08bffc8cbe1454c422f6152c1488237d290a08ffe5f65400
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff4ac8ed78f1c8cd424a31a787358344930077150c7aed42c1fdcd35749aec3a

unsafe.sh Open in urlscan Pro 2606:4700:3032::6815:1558 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

80 Requests

73 %HTTPS

60 %IPv6

12 Domains

15 Subdomains

16 IPs

4 Countries

1756 kBTransfer

2434 kBSize

6 Cookies

3 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

unsafe.sh Open in urlscan Pro
2606:4700:3032::6815:1558 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

73 %
HTTPS

60 %
IPv6

12
Domains

15
Subdomains

16
IPs

4
Countries

1756 kB
Transfer

2434 kB
Size

6
Cookies

80 HTTP transactions
2 data transactions