Submitted URL: http://ultimatestagweekends.com/
Effective URL: http://www.ultimatestagweekends.com/index.php
Submission: On March 04 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 6 countries across 18 domains to perform 47 HTTP transactions. The main IP is 38.53.17.58, located in United States and belongs to PEGTECHINC, US. The main domain is www.ultimatestagweekends.com.
This is the only time www.ultimatestagweekends.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 38.53.17.58 54600 (PEGTECHINC)
1 112.34.113.148 9808 (CHINAMOBI...)
1 10 103.235.46.191 55967 (BAIDU Bei...)
1 154.7.125.142 139646 (HKMTC-AS-...)
1 182.61.201.94 38365 (BAIDU Bei...)
13 154.7.89.72 139646 (HKMTC-AS-...)
2 79.133.177.252 24429 (TAOBAO Zh...)
4 4 3.36.126.81 16509 (AMAZON-02)
3 163.181.56.169 24429 (TAOBAO Zh...)
1 23.224.37.107 40065 (CNSERVERS)
1 172.247.50.239 40065 (CNSERVERS)
1 82.156.94.45 45090 (TENCENT-N...)
1 2600:9000:200... 16509 (AMAZON-02)
2 107.148.202.17 54600 (PEGTECHINC)
4 23.75.174.220 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 172.247.109.212 40065 (CNSERVERS)
1 162.209.128.164 40065 (CNSERVERS)
47 18
Apex Domain
Subdomains
Transfer
12 baidu.com
push.zhanzhang.baidu.com — Cisco Umbrella Rank: 96027
hm.baidu.com — Cisco Umbrella Rank: 8406
api.share.baidu.com — Cisco Umbrella Rank: 68112
60 KB
4 c-ctrip.com
dimg04.c-ctrip.com — Cisco Umbrella Rank: 65117
874 B
4 ultimatestagweekends.com
ultimatestagweekends.com
www.ultimatestagweekends.com
6 KB
3 douyinpic.com
p3.douyinpic.com — Cisco Umbrella Rank: 26423
1 MB
2 8499683.com
8499683.com — Cisco Umbrella Rank: 552877
357 KB
2 3659808.com
www.1.3659808.com
840 KB
2 alicdn.com
at.alicdn.com — Cisco Umbrella Rank: 12163
7 KB
1 8499165.com
8499165.com
346 KB
1 3276a.com
img.3276a.com
119 B
1 1138999.com
img.1138999.com
118 B
1 z4a.net
z4a.net — Cisco Umbrella Rank: 420439
479 KB
1 u22055.com
u22055.com — Cisco Umbrella Rank: 915510
268 KB
1 myqcloud.com
zzpic-1255305554.cos.ap-beijing.myqcloud.com
431 KB
1 1335999.com
img.1335999.com
139 B
1 8499483.com
8499483.com — Cisco Umbrella Rank: 731879
346 KB
1 595tuchuang.com
595tuchuang.com — Cisco Umbrella Rank: 299498
181 KB
1 1833a.com
img.1833a.com
118 B
1 wv4xlsmt.xyz
sifa.wv4xlsmt.xyz
480 B
47 18
Domain Requested by
10 hm.baidu.com 1 redirects www.ultimatestagweekends.com
154.7.89.72
4 dimg04.c-ctrip.com 154.7.89.72
3 p3.douyinpic.com 154.7.89.72
3 www.ultimatestagweekends.com www.ultimatestagweekends.com
2 8499683.com 154.7.89.72
2 www.1.3659808.com 154.7.89.72
2 at.alicdn.com 154.7.89.72
at.alicdn.com
1 8499165.com 154.7.89.72
1 img.3276a.com 1 redirects
1 img.1138999.com 1 redirects
1 z4a.net 154.7.89.72
1 u22055.com 154.7.89.72
1 zzpic-1255305554.cos.ap-beijing.myqcloud.com 154.7.89.72
1 img.1335999.com 1 redirects
1 8499483.com 154.7.89.72
1 595tuchuang.com 154.7.89.72
1 img.1833a.com 1 redirects
1 api.share.baidu.com www.ultimatestagweekends.com
1 sifa.wv4xlsmt.xyz www.ultimatestagweekends.com
1 push.zhanzhang.baidu.com www.ultimatestagweekends.com
1 ultimatestagweekends.com 1 redirects
47 21

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018
2022-07-05 -
2023-08-06
a year crt.sh
06isrqdo.top
R3
2023-02-15 -
2023-05-16
3 months crt.sh
683tuchuang.com
Certum Domain Validation CA SHA2
2022-12-21 -
2024-01-19
a year crt.sh
8499483.com
ZeroSSL RSA Domain Secure Site CA
2023-02-28 -
2023-05-29
3 months crt.sh
u22055.com
Amazon RSA 2048 M02
2023-01-09 -
2024-02-07
a year crt.sh
www.86698.site
R3
2023-02-12 -
2023-05-13
3 months crt.sh
trip.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-09 -
2023-09-13
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
8499683.com
ZeroSSL RSA Domain Secure Site CA
2023-02-28 -
2023-05-29
3 months crt.sh
8499165.com
ZeroSSL RSA Domain Secure Site CA
2023-02-28 -
2023-05-29
3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.ultimatestagweekends.com/index.php
Frame ID: B7901B646ABA07ADE086D632467423F3
Requests: 13 HTTP requests in this frame

Frame: http://154.7.89.72/
Frame ID: 768F630AB2869A777597C4EDEBD0B454
Requests: 35 HTTP requests in this frame

Screenshot

Page Title

百度一下,你就知道,shuimitao88.com

Page URL History Show full URLs

  1. http://ultimatestagweekends.com/ HTTP 301
    http://www.ultimatestagweekends.com/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

47 %
HTTPS

11 %
IPv6

18
Domains

21
Subdomains

18
IPs

6
Countries

5430 kB
Transfer

5936 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ultimatestagweekends.com/ HTTP 301
    http://www.ultimatestagweekends.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://hm.baidu.com/hm.js?8aa418cda9f543e014929d02ef168808 HTTP 301
  • https://hm.baidu.com/hm.js?8aa418cda9f543e014929d02ef168808
Request Chain 25
  • https://img.1833a.com/images/63ef8c2fa6445499a23e1c8a.gif HTTP 302
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/439509950e1142209cdf733d5e6f74ce
Request Chain 28
  • https://img.1335999.com/images/63f21a56d85facedd09d86ed.gif HTTP 302
  • https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/a1634c2a-164b-4302-8edb-2ebb4696d6a4.png
Request Chain 37
  • https://img.1138999.com/images/63f21a6bd85facedd09d86ee.gif HTTP 302
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/daa40ebe9165498f9a41e5d2a1288ed1
Request Chain 39
  • https://img.3276a.com/images/63d4d6811eff8f93601b0370.gif HTTP 302
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/6df5fdf1b8e2428da88438433cef3e20

47 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php
www.ultimatestagweekends.com/
Redirect Chain
  • http://ultimatestagweekends.com/
  • http://www.ultimatestagweekends.com/index.php
3 KB
1 KB
Document
General
Full URL
http://www.ultimatestagweekends.com/index.php
Protocol
HTTP/1.1
Server
38.53.17.58 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
31c0d464fe180bad6d7b4c42537f4362d146be58198527d723d3d02726684a09

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 04 Mar 2023 03:07:26 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Sat, 04 Mar 2023 03:07:25 GMT
Location
http://www.ultimatestagweekends.com/index.php
Server
nginx
tj.js
www.ultimatestagweekends.com/
526 B
682 B
Script
General
Full URL
http://www.ultimatestagweekends.com/tj.js
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/index.php
Protocol
HTTP/1.1
Server
38.53.17.58 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
2d8fc52c6f080d1ce5e3213e18701d59f66b32630b0b7b5fb37fbc065843281c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ultimatestagweekends.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:27 GMT
Server
nginx
Connection
keep-alive
Content-Length
526
Content-Type
application/x-javascript
common.js
www.ultimatestagweekends.com/
19 KB
4 KB
Script
General
Full URL
http://www.ultimatestagweekends.com/common.js
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/index.php
Protocol
HTTP/1.1
Server
38.53.17.58 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
268b6c12594ffb8704eeea521afdd36174833d5c153bd304bfd13dc37028994a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ultimatestagweekends.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:27 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
push.js
push.zhanzhang.baidu.com/
281 B
752 B
Script
General
Full URL
http://push.zhanzhang.baidu.com/push.js
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/index.php
Protocol
HTTP/1.1
Server
112.34.113.148 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ultimatestagweekends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2015 07:47:55 GMT
Server
apache
Etag
"4078521116"
Vary
Accept-Encoding
Content-Type
text/javascript
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
227
Expires
Sun, 03 Mar 2024 03:07:34 GMT
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?5a01872fcb0cc87d0f67a0a59ca3958c
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
7bdaa783a4ad287bf405c029d6446e2b1e54db6a1a089b580cacd7ef500a395a
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ultimatestagweekends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:33 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
9ae194999cce3743d3bf8095611bdbcd
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11261
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?a5ecb1ba83b67ec318caf4e542a9a9de
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
827c5ee3635cec63155020b40cddb4e1057065baf58bee15aae7fa7ff8f1cce3
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ultimatestagweekends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:33 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
5dc33386bfbe2265847411876f174afd
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11254
postarning.php
sifa.wv4xlsmt.xyz/news/
213 B
480 B
XHR
General
Full URL
https://sifa.wv4xlsmt.xyz/news/postarning.php?t=0.3328810141527978
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.7.125.142 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
52340369acba8d410aa2f55637515284dd2c4ca8ce21f9de16d28185658d4d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.ultimatestagweekends.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 04 Mar 2023 03:07:34 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST,GET,OPTIONS,DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
hm.js
hm.baidu.com/
Redirect Chain
  • http://hm.baidu.com/hm.js?8aa418cda9f543e014929d02ef168808
  • https://hm.baidu.com/hm.js?8aa418cda9f543e014929d02ef168808
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?8aa418cda9f543e014929d02ef168808
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/index.php
Protocol
HTTP/1.1
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
dc3f87e3d56622ae837804824a98dce2fe385734e6c1aac4c16ad9e89fcbf967
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ultimatestagweekends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:33 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
5accf7f767f18f2ec36f3466428133e6
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11260

Redirect headers

Location
https://hm.baidu.com/hm.js?8aa418cda9f543e014929d02ef168808
Date
Sat, 04 Mar 2023 03:07:33 GMT
Content-Length
94
Content-Type
text/html; charset=utf-8
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1885084594&si=a5ecb1ba83b67ec318caf4e542a9a9de&v=1.3.0&lv=1&sn=6649&r=0&ww=1600&u=http%3A%2F%2Fwww.ultimatestagweekends.com%2Findex.php&tt=%E5%92%8C%E5%8E%BF%E9%B8%AD%E5%A5%96%E6%B1%BD%E8%BD%A6%E7%94%A8%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ultimatestagweekends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Mar 2023 03:07:34 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=261456190&si=5a01872fcb0cc87d0f67a0a59ca3958c&v=1.3.0&lv=1&sn=6649&r=0&ww=1600&u=http%3A%2F%2Fwww.ultimatestagweekends.com%2Findex.php&tt=%E5%92%8C%E5%8E%BF%E9%B8%AD%E5%A5%96%E6%B1%BD%E8%BD%A6%E7%94%A8%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ultimatestagweekends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Mar 2023 03:07:34 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
s.gif
api.share.baidu.com/
0
116 B
Image
General
Full URL
http://api.share.baidu.com/s.gif?l=http://www.ultimatestagweekends.com/index.php
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/index.php
Protocol
HTTP/1.1
Server
182.61.201.94 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ultimatestagweekends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:35 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1750751445&si=8aa418cda9f543e014929d02ef168808&v=1.3.0&lv=1&sn=6650&r=0&ww=1600&u=http%3A%2F%2Fwww.ultimatestagweekends.com%2Findex.php&tt=%E5%92%8C%E5%8E%BF%E9%B8%AD%E5%A5%96%E6%B1%BD%E8%BD%A6%E7%94%A8%E5%93%81%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ultimatestagweekends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Mar 2023 03:07:34 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.js
hm.baidu.com/
29 KB
11 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?8aa418cda9f543e014929d02ef168808
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/common.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
dc3f87e3d56622ae837804824a98dce2fe385734e6c1aac4c16ad9e89fcbf967
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ultimatestagweekends.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:34 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
5accf7f767f18f2ec36f3466428133e6
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11260
/
154.7.89.72/ Frame 768F
182 KB
27 KB
Document
General
Full URL
http://154.7.89.72/
Requested by
Host: www.ultimatestagweekends.com
URL: http://www.ultimatestagweekends.com/index.php
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
931df39dec1a48a8bb4b493e563134a0b60e3ccb9d713a4291191de45f8422dd

Request headers

Referer
http://www.ultimatestagweekends.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Sat, 04 Mar 2023 03:07:35 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
iconfont.css
154.7.89.72/template/mb7/statics/font/ Frame 768F
19 KB
14 KB
Stylesheet
General
Full URL
http://154.7.89.72/template/mb7/statics/font/iconfont.css
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
39150b9d98fba7afbe7b304b17db45fd730160e67894f25517d83c4bfff19e47

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Jun 2021 02:07:42 GMT
Server
nginx
ETag
W/"60c416ee-4dc6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 04 Mar 2023 15:07:35 GMT
mb7.css
154.7.89.72/template/mb7/statics/css/ Frame 768F
34 KB
8 KB
Stylesheet
General
Full URL
http://154.7.89.72/template/mb7/statics/css/mb7.css
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e41e6aabf1bf0057500fc6ab7b807fa42b1b4c22653cc3512422a47e9e5aff16

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 Aug 2022 22:20:55 GMT
Server
nginx
ETag
W/"6302afc7-8902"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 04 Mar 2023 15:07:35 GMT
hmlcss.css
154.7.89.72/template/mb7/statics/css/ Frame 768F
81 KB
18 KB
Stylesheet
General
Full URL
http://154.7.89.72/template/mb7/statics/css/hmlcss.css
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
db1ef3d62056f3a0e1079ca5e0d3f915715841ec15afc03eee8c754b652146f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Sep 2022 07:28:22 GMT
Server
nginx
ETag
W/"63184816-142e4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 04 Mar 2023 15:07:35 GMT
font_3143030_wh3toank53.css
at.alicdn.com/t/c/ Frame 768F
1 KB
1 KB
Stylesheet
General
Full URL
http://at.alicdn.com/t/c/font_3143030_wh3toank53.css
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
79.133.177.252 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
19f4bc9862ac4f3fa5c247f1cc498d3ea959532d3517204ed174d7b1a9c28332

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 22 Aug 2022 04:38:27 GMT
Via
cache14.l2us1[0,0,200-0,H], cache27.l2us1[1,0], cache7.de3[0,0,200-0,H], cache6.de3[1,0]
Content-Encoding
gzip
x-oss-request-id
6303084359DE0D373734FDB5
Content-MD5
oO72JUCBRfbg35mYp3SUPg==
Age
16756148
X-Swift-CacheTime
57293123
Transfer-Encoding
chunked
X-Cache
HIT TCP_MEM_HIT dirn:12:607891595
Connection
keep-alive
X-Swift-SaveTime
Fri, 28 Oct 2022 01:53:04 GMT
x-oss-object-type
Normal
Last-Modified
Sun, 21 Aug 2022 22:40:35 GMT
Server
Tengine
ETag
W/"A0EEF625408145F6E0DF9998A774943E"
Vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Origin
Ali-Swift-Global-Savetime
1661143107
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
x-oss-storage-class
Standard
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
2154999904202108488
EagleId
4f85b19a16778992552995595e
x-oss-server-time
38
jquery.min.js
154.7.89.72/template/mb7/statics/js/ Frame 768F
85 KB
34 KB
Script
General
Full URL
http://154.7.89.72/template/mb7/statics/js/jquery.min.js
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Jun 2021 02:07:42 GMT
Server
nginx
ETag
W/"60c416ee-1538f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 04 Mar 2023 15:07:35 GMT
index.js
154.7.89.72/template/mb7/statics/js/ Frame 768F
127 KB
41 KB
Script
General
Full URL
http://154.7.89.72/template/mb7/statics/js/index.js
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
aac08e88e610f41f21ace9043dfee9e1479049a20ddbd72af931c313f73a956b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Jun 2021 02:07:42 GMT
Server
nginx
ETag
W/"60c416ee-1fbc1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 04 Mar 2023 15:07:35 GMT
stui_default.js
154.7.89.72/template/mb7/statics/js/ Frame 768F
6 KB
3 KB
Script
General
Full URL
http://154.7.89.72/template/mb7/statics/js/stui_default.js
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
26373e5cce121843c87121746992366728bcdbf5bb3bca5210d4e61723fca417

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 Aug 2022 21:51:36 GMT
Server
nginx
ETag
W/"6302a8e8-16d5"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 04 Mar 2023 15:07:35 GMT
jquery.cookie.min.js
154.7.89.72/template/mb7/statics/js/ Frame 768F
1 KB
1 KB
Script
General
Full URL
http://154.7.89.72/template/mb7/statics/js/jquery.cookie.min.js
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Jun 2021 02:07:42 GMT
Server
nginx
ETag
W/"60c416ee-514"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 04 Mar 2023 15:07:35 GMT
jquery.lazyload.min.js
154.7.89.72/template/mb7/statics/js/ Frame 768F
3 KB
2 KB
Script
General
Full URL
http://154.7.89.72/template/mb7/statics/js/jquery.lazyload.min.js
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Jun 2021 02:07:42 GMT
Server
nginx
ETag
W/"60c416ee-d35"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 04 Mar 2023 15:07:35 GMT
home.js
154.7.89.72/template/mb7/statics/js/ Frame 768F
31 KB
9 KB
Script
General
Full URL
http://154.7.89.72/template/mb7/statics/js/home.js
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
2f82cb8179b1c4ba1d84f5f2e21869e7173f1b1d5d442151718df364103a7dca

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:35 GMT
Content-Encoding
gzip
Last-Modified
Sat, 12 Jun 2021 02:07:42 GMT
Server
nginx
ETag
W/"60c416ee-7acd"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sat, 04 Mar 2023 15:07:35 GMT
hm.js
hm.baidu.com/ Frame 768F
29 KB
11 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?e9afa87b0fedfd0f66d046ac4575c314
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
b5a3a69f5f799239e01ef37b8bd7cad594404d945234c464809b918db46761f2
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:35 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
f4949318c55c60f2875f15c1c6c4657e
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11263
a941fb893e18dfbbb947e24e0b498567.jpg
154.7.89.72/upload/site/20221016-1/ Frame 768F
25 KB
25 KB
Image
General
Full URL
http://154.7.89.72/upload/site/20221016-1/a941fb893e18dfbbb947e24e0b498567.jpg
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
569c7e172c37fceab6105baa8aad6e3004ee89ce1ff5a63d2be8014bc2322acd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:36 GMT
Last-Modified
Sat, 15 Oct 2022 16:51:18 GMT
Server
nginx
ETag
"634ae506-6489"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25737
Expires
Mon, 03 Apr 2023 03:07:36 GMT
439509950e1142209cdf733d5e6f74ce
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 768F
Redirect Chain
  • https://img.1833a.com/images/63ef8c2fa6445499a23e1c8a.gif
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/439509950e1142209cdf733d5e6f74ce
745 KB
747 KB
Image
General
Full URL
https://p3.douyinpic.com/obj/tos-cn-i-dy/439509950e1142209cdf733d5e6f74ce
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Server
163.181.56.169 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine / ImageX
Resource Hash
63343dd21b7924ca1b74963d19b8b55277000918f6c86d706d18b3b7a240fc63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Fri, 03 Mar 2023 17:17:48 GMT
via
n204-098-037, cache6.l2de2[0,0,206-0,H], cache9.l2de2[1,0], cache9.l2de2[1,0], ens-cache6.de4[0,0,200-0,H], ens-cache3.de4[3,0]
x-response-lb
image
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
age
35390
nw-session-id
202303032120465D50FD59E17BFF9F673Bq6tlj01dy
x-powered-by
ImageX
x-swift-cachetime
31510504
x-cache
HIT TCP_HIT dirn:8:114001922 mlen:0
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache;desc=HIT,edge;dur=3
x-kfc-cachekey
http://pinner-imgserver.byted.org/obj/tos-cn-i-dy/439509950e1142209cdf733d5e6f74ce
x-length
762735
x-swift-savetime
Sat, 04 Mar 2023 00:22:44 GMT
content-length
762735
last-modified
Fri, 03 Mar 2023 13:20:46 GMT
server
Tengine
x-tt-logid
202303032120465D50FD59E17BFF9F673B
x-response-date
Fri, 03 Mar 2023 21:20:46 GMT
ali-swift-global-savetime
1677863868
content-type
image/gif
access-control-allow-origin
*
nw-session-trace
2023-03-03T21:20:46.904183531+08:00 59
cache-control
max-age=31536000
x-request-ip
fdbd:dc01:16:66::217
x-response-cinfo
80.255.7.106
imagex-fmt
gif2gif
x-response-cache
edge_hit
timing-allow-origin
*, *
x-tt-trace-host
013c662efdf2e829a8b935a4ac07c4ad54185bdbc4efea9431dccd1f1deb25b4c34e2486e6ae87d1b4981f613cf10fdd481b0e195b4e6eb4b45da71dfedfe16cc044ca3c1d962e6e9e9e36b2ebd10bec90263a988c110841dda5e829dcde4ed746
eagleid
2ff62b1b16778992581386419e

Redirect headers

location
https://p3.douyinpic.com/obj/tos-cn-i-dy/439509950e1142209cdf733d5e6f74ce
cache-control
max-age=600
referrer-policy
no-referrer
960x120.gif
595tuchuang.com/ Frame 768F
181 KB
181 KB
Image
General
Full URL
https://595tuchuang.com/960x120.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.224.37.107 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
cdn /
Resource Hash
31d7984bc007f48066a4fe3115ef3cd90450fa65349034eb9eaffcf7cf223e69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 03:07:36 GMT
strict-transport-security
max-age=31536000
last-modified
Sun, 29 Jan 2023 15:25:24 GMT
server
cdn
etag
"63d68fe4-2d29f"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
184991
expires
Fri, 10 Mar 2023 13:57:23 GMT
960x120.gif
8499483.com/8499/zzxx/ Frame 768F
346 KB
346 KB
Image
General
Full URL
https://8499483.com/8499/zzxx/960x120.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.247.50.239 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
qq.com /
Resource Hash
1cc8767e7b27b286a7268e16ea46bd799c3ca8b06f79cb675e55a4375497845c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 03:07:36 GMT
last-modified
Sat, 24 Dec 2022 13:23:32 GMT
server
qq.com
etag
"566f4-5f092cf095cff"
x-cache-status
HIT
content-type
image/gif
accept-ranges
bytes
content-length
354036
a1634c2a-164b-4302-8edb-2ebb4696d6a4.png
zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/ Frame 768F
Redirect Chain
  • https://img.1335999.com/images/63f21a56d85facedd09d86ed.gif
  • https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/a1634c2a-164b-4302-8edb-2ebb4696d6a4.png
431 KB
431 KB
Image
General
Full URL
https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/a1634c2a-164b-4302-8edb-2ebb4696d6a4.png
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
82.156.94.45 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
tencent-cos /
Resource Hash
6e10229b429704a93b4955321d57a4954e0b624f79988ecc1d2f372b110fc398

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:39 GMT
x-cos-hash-crc64ecma
13408553933346545611
Last-Modified
Thu, 16 Feb 2023 04:15:50 GMT
Server
tencent-cos
ETag
"d41c5c570beff601cafce40c95ed00c1"
Content-Type
image/png
x-cos-request-id
NjQwMmI1ZmJfNDk1MjQ0MGJfMmI3NzdfOGVkMDYwZQ==
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
441179

Redirect headers

location
https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/a1634c2a-164b-4302-8edb-2ebb4696d6a4.png
cache-control
max-age=600
referrer-policy
no-referrer
d159d450f50826a1edd08926f0612d0e.gif
u22055.com/ Frame 768F
268 KB
268 KB
Image
General
Full URL
https://u22055.com/d159d450f50826a1edd08926f0612d0e.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:200a:a000:15:76dc:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
65b07eda91e842ac935be91847e19685e538f397f641463de0239359e00768f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 10:46:50 GMT
via
1.1 e947961d46d4aa161784258339d7564e.cloudfront.net (CloudFront)
last-modified
Sat, 24 Dec 2022 15:45:06 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
4378847
etag
"82fc52f0e6635245fe2325068802a298"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
273956
x-amz-cf-id
NKtIqQrjVgG_2UE3tf9tVvLo0Ez73wDlSIAlrQgEB_BHed5fXGSbhg==
348.gif
www.1.3659808.com/tu/ Frame 768F
440 KB
440 KB
Image
General
Full URL
https://www.1.3659808.com/tu/348.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.148.202.17 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
b17.autismbar.com
Software
nginx /
Resource Hash
879f04e331158845717beb11ca1bff957993dcaec386bcfaf131b0e31b5bbf1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 03:07:36 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 09 Nov 2022 09:31:32 GMT
server
nginx
etag
"636b7374-6de66"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
450150
expires
Mon, 03 Apr 2023 03:07:36 GMT
488fe4d064847278dae4f2398b418599.jpg
154.7.89.72/upload/banner/20221016-1/ Frame 768F
28 KB
28 KB
Image
General
Full URL
http://154.7.89.72/upload/banner/20221016-1/488fe4d064847278dae4f2398b418599.jpg
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
6a51e6505e2574c549f8dc1f58500f9a291d2be9f4d301369a82f00fa3f48946

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:36 GMT
Last-Modified
Sat, 15 Oct 2022 16:55:06 GMT
Server
nginx
ETag
"634ae5ea-6ec9"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28361
Expires
Mon, 03 Apr 2023 03:07:36 GMT
934.gif
www.1.3659808.com/tu/ Frame 768F
399 KB
400 KB
Image
General
Full URL
https://www.1.3659808.com/tu/934.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.148.202.17 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
b17.autismbar.com
Software
nginx /
Resource Hash
875a519e5650b8d7b763b1b303d481382e77a3b19fa9aab52e61d9f96d18082d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 03:07:36 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 08 Feb 2023 12:17:31 GMT
server
nginx
etag
"63e392db-63d47"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
408903
expires
Mon, 03 Apr 2023 03:07:36 GMT
0106d120009xynp2h4C59.gif
dimg04.c-ctrip.com/images/ Frame 768F
1 B
218 B
Image
General
Full URL
https://dimg04.c-ctrip.com/images/0106d120009xynp2h4C59.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.174.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-174-220.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
29
date
Sat, 04 Mar 2023 03:07:36 GMT
last-modified
Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt
0
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7172690
timing-allow-origin
*
content-length
1
expires
Fri, 26 May 2023 03:32:26 GMT
960x100.gif
z4a.net/images/2022/10/09/ Frame 768F
478 KB
479 KB
Image
General
Full URL
https://z4a.net/images/2022/10/09/960x100.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac47b197acf6bb278e4678ac0709244238097c580446208169b84348f4e40dcf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 03:07:36 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
531958
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
489044
pragma
public
last-modified
Sat, 25 Feb 2023 23:21:38 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ju849Jxtt0YmYVepZatn2IiQhJ5u2HPXY3bScbSrC0BcoDFl1CDSHFoQzkf0sLbRaR7MGXgIj96u%2FmzAKegUCB%2BcRH1aEl9wyX%2BNpt46VJyYdrzG1Ds2UocpFQKsm9o7wbi1IbH"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7a26e8f0e99e7744-LHR
expires
Sun, 25 Feb 2024 23:21:37 GMT
01003120009thg27w15E2.gif
dimg04.c-ctrip.com/images/ Frame 768F
1 B
219 B
Image
General
Full URL
https://dimg04.c-ctrip.com/images/01003120009thg27w15E2.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.174.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-174-220.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
57
date
Sat, 04 Mar 2023 03:07:36 GMT
last-modified
Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt
0
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7141771
timing-allow-origin
*
content-length
1
expires
Thu, 25 May 2023 18:57:07 GMT
150x150.gif
8499683.com/8499/ Frame 768F
181 KB
181 KB
Image
General
Full URL
https://8499683.com/8499/150x150.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.247.109.212 Portland, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
qq.com /
Resource Hash
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 03:07:37 GMT
last-modified
Wed, 28 Dec 2022 09:29:16 GMT
server
qq.com
etag
"2d353-5f0e00094173c"
x-cache-status
HIT
content-type
image/gif
accept-ranges
bytes
content-length
185171
daa40ebe9165498f9a41e5d2a1288ed1
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 768F
Redirect Chain
  • https://img.1138999.com/images/63f21a6bd85facedd09d86ee.gif
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/daa40ebe9165498f9a41e5d2a1288ed1
140 KB
141 KB
Image
General
Full URL
https://p3.douyinpic.com/obj/tos-cn-i-dy/daa40ebe9165498f9a41e5d2a1288ed1
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Server
163.181.56.169 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine / ImageX
Resource Hash
534fa30eed096cc436397bd8472b2d327620bac382250321264d024329d9aa4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 13 Feb 2023 12:40:15 GMT
via
n204-100-030, cache19.l2de2[0,0,206-0,H], cache10.l2de2[1,0], cache10.l2de2[2,0], ens-cache7.de4[0,0,200-0,H], ens-cache3.de4[4,0]
x-response-lb
image
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
age
1607243
nw-session-id
2023021320361703DEB268034940722BE62hg6j02dy
x-powered-by
ImageX
x-swift-cachetime
31535586
x-cache
HIT TCP_MEM_HIT dirn:8:355466054
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache;desc=HIT,edge;dur=4
x-swift-savetime
Mon, 13 Feb 2023 12:47:09 GMT
x-length
143622
content-length
143622
last-modified
Mon, 13 Feb 2023 12:36:17 GMT
server
Tengine
x-tt-logid
2023021320361703DEB268034940722BE6
x-response-date
Mon, 13 Feb 2023 20:36:17 GMT
ali-swift-global-savetime
1676292015
content-type
image/gif
access-control-allow-origin
*
nw-session-trace
2023-02-13T20:36:17.883756781+08:00 44
cache-control
max-age=31536000
x-request-ip
fdbd:dc01:26:259::162
x-response-cinfo
80.255.7.106
imagex-fmt
gif2gif
x-response-cache
edge_hit
timing-allow-origin
*, *
x-tt-trace-host
01517325ca91d315db695bf61bbb4c246746d7612ad8b1081c1b58323d0d9650d98ec2058a09bc09d713b8d1bae0419ea3e4a484e7df9dd628638d76fc2cd28d8a1f587967259b264e7758fc1b04e513905c2892b483ab9c3d0e2743a41a2ec684
eagleid
2ff62b1b16778992581386421e

Redirect headers

location
https://p3.douyinpic.com/obj/tos-cn-i-dy/daa40ebe9165498f9a41e5d2a1288ed1
cache-control
max-age=600
referrer-policy
no-referrer
yb150X150.gif
8499683.com/8499/ Frame 768F
176 KB
176 KB
Image
General
Full URL
https://8499683.com/8499/yb150X150.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.247.109.212 Portland, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
qq.com /
Resource Hash
5cbfb636a77f8f4ccbc0cb7bbf70735c5baa39529f226fe7af77d26c8f5159a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 03:07:37 GMT
last-modified
Sun, 08 Jan 2023 05:09:54 GMT
server
qq.com
etag
"2bf7e-5f1b9a949edff"
x-cache-status
HIT
content-type
image/gif
accept-ranges
bytes
content-length
180094
6df5fdf1b8e2428da88438433cef3e20
p3.douyinpic.com/obj/tos-cn-i-dy/ Frame 768F
Redirect Chain
  • https://img.3276a.com/images/63d4d6811eff8f93601b0370.gif
  • https://p3.douyinpic.com/obj/tos-cn-i-dy/6df5fdf1b8e2428da88438433cef3e20
540 KB
541 KB
Image
General
Full URL
https://p3.douyinpic.com/obj/tos-cn-i-dy/6df5fdf1b8e2428da88438433cef3e20
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Server
163.181.56.169 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine / ImageX
Resource Hash
478a2a6902d54c02d7cca9db461256e95befbfea4a8731c486e0bcce5d76dfbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 08:17:16 GMT
via
n150-054-026, cache4.l2de2[0,0,206-0,H], cache26.l2de2[0,0], cache26.l2de2[1,0], ens-cache1.de4[0,0,200-0,H], ens-cache3.de4[1,0]
x-response-lb
image
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
age
3005422
nw-session-id
202301281510312225EC812E3A1FFDC71C5z8hp03dy
x-powered-by
ImageX
x-swift-cachetime
31529602
x-cache
HIT TCP_MEM_HIT dirn:0:1307437078 mlen:0
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache;desc=HIT,edge;dur=1
x-swift-savetime
Sat, 28 Jan 2023 10:03:54 GMT
x-length
552916
content-length
552916
last-modified
Sat, 28 Jan 2023 07:10:31 GMT
server
Tengine
x-tt-logid
202301281510312225EC812E3A1FFDC71C
x-response-date
Sat, 28 Jan 2023 15:10:31 GMT
ali-swift-global-savetime
1674893836
content-type
image/gif
access-control-allow-origin
*
nw-session-trace
2023-01-28T15:10:31.719651055+08:00 27
cache-control
max-age=31536000
x-request-ip
fdbd:dc02:19:485::14
x-response-cinfo
80.255.7.106
imagex-fmt
gif2gif
x-response-cache
edge_hit
timing-allow-origin
*, *
x-tt-trace-host
011784aceda2f49d74ebecb08a206f1106cd3a8716f49d0d03ab510d104e159372f32b3db51a1f1f1f389e737c21de9a440ac4e2de5433a68d0980cebcbff41104360cda20c0b387dd486115b08da95ba5aa8551dd8fee35619cfb70d843c76ec4
eagleid
2ff62b1b16778992584306618e

Redirect headers

location
https://p3.douyinpic.com/obj/tos-cn-i-dy/6df5fdf1b8e2428da88438433cef3e20
cache-control
max-age=600
referrer-policy
no-referrer
960x120.gif
8499165.com/8499/zzxx/ Frame 768F
346 KB
346 KB
Image
General
Full URL
https://8499165.com/8499/zzxx/960x120.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.209.128.164 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
qq.com /
Resource Hash
1cc8767e7b27b286a7268e16ea46bd799c3ca8b06f79cb675e55a4375497845c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Sat, 04 Mar 2023 03:07:38 GMT
last-modified
Sat, 24 Dec 2022 13:23:32 GMT
server
qq.com
etag
"566f4-5f092cf095cff"
x-cache-status
HIT
content-type
image/gif
accept-ranges
bytes
content-length
354036
hm.gif
hm.baidu.com/ Frame 768F
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1565109121&si=e9afa87b0fedfd0f66d046ac4575c314&su=http%3A%2F%2Fwww.ultimatestagweekends.com%2F&v=1.3.0&lv=1&sn=6652&r=0&ww=1600&u=http%3A%2F%2F154.7.89.72%2F&tt=%E6%B0%B4%E8%9C%9C%E6%A1%83%E5%BD%B1%E8%A7%86
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Mar 2023 03:07:37 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
font_3143030_wh3toank53.woff2
at.alicdn.com/t/c/ Frame 768F
4 KB
5 KB
Font
General
Full URL
http://at.alicdn.com/t/c/font_3143030_wh3toank53.woff2?t=1661121634499
Requested by
Host: at.alicdn.com
URL: http://at.alicdn.com/t/c/font_3143030_wh3toank53.css
Protocol
HTTP/1.1
Server
79.133.177.252 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
fb253b30a82aeee0b35c79114fe44bc33237743bb801269b3675026d729b9d57

Request headers

Referer
http://at.alicdn.com/t/c/font_3143030_wh3toank53.css
Origin
http://154.7.89.72
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Fri, 03 Mar 2023 06:59:12 GMT
Via
cache25.l2sg2[0,0,200-0,H], cache36.l2sg2[0,0], cache13.de3[0,0,200-0,H], cache12.de3[1,0]
x-oss-request-id
64019AC09A18D633345E25F1
Content-MD5
KAMElXmCega7wYeVRHJFeg==
Age
72505
X-Swift-CacheTime
31053017
X-Cache
HIT TCP_HIT dirn:13:835869605
Connection
keep-alive
X-Swift-SaveTime
Fri, 03 Mar 2023 21:08:55 GMT
Content-Length
4396
x-oss-object-type
Normal
Last-Modified
Sun, 21 Aug 2022 22:40:34 GMT
Server
Tengine
ETag
"2803049579827A06BBC187954472457A"
Vary
Origin
Ali-Swift-Global-Savetime
1677826752
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000
x-oss-storage-class
Standard
Accept-Ranges
bytes
Timing-Allow-Origin
*
x-oss-hash-crc64ecma
13478830783455977476
EagleId
4f85b1a016778992572598900e
x-oss-server-time
4
truncated
/ Frame 768F
12 KB
12 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
711676cc5f17db4358e0b563e742d70d3823281be5681719c1d99d8cd7e34435

Request headers

Referer
http://154.7.89.72/
Origin
http://154.7.89.72
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
0106d120009xynp2h4C59.gif
dimg04.c-ctrip.com/images/ Frame 768F
1 B
218 B
Image
General
Full URL
https://dimg04.c-ctrip.com/images/0106d120009xynp2h4C59.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.174.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-174-220.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
29
date
Sat, 04 Mar 2023 03:07:37 GMT
last-modified
Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt
0
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7172689
timing-allow-origin
*
content-length
1
expires
Fri, 26 May 2023 03:32:26 GMT
01003120009thg27w15E2.gif
dimg04.c-ctrip.com/images/ Frame 768F
1 B
219 B
Image
General
Full URL
https://dimg04.c-ctrip.com/images/01003120009thg27w15E2.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.174.220 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-174-220.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
57
date
Sat, 04 Mar 2023 03:07:37 GMT
last-modified
Tue, 12 May 2015 01:00:00 GMT
x-edgeconnect-midmile-rtt
0
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=7141770
timing-allow-origin
*
content-length
1
expires
Thu, 25 May 2023 18:57:07 GMT
load.gif
154.7.89.72/template/mb7/statics/img/ Frame 768F
458 KB
459 KB
Image
General
Full URL
http://154.7.89.72/template/mb7/statics/img/load.gif
Requested by
Host: 154.7.89.72
URL: http://154.7.89.72/template/mb7/statics/css/mb7.css
Protocol
HTTP/1.1
Server
154.7.89.72 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
940b12fd301b19341ce291a0cea1d2fb9ee33931888c724e82659e61a070b7c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://154.7.89.72/template/mb7/statics/css/mb7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Sat, 04 Mar 2023 03:07:37 GMT
Last-Modified
Mon, 23 Aug 2021 11:26:54 GMT
Server
nginx
ETag
"612385fe-728fc"
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
469244
Expires
Mon, 03 Apr 2023 03:07:37 GMT

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| _hmt string| cushd string| n object| linkList string| olink boolean| innerWeb string| s string| host string| urlid string| url function| getData function| setFrame function| ajax function| formatParams function| tjjs function| tj function| setCookie function| getCookie boolean| _bdhm_loaded_a5ecb1ba83b67ec318caf4e542a9a9de object| mini_tangram_log_qveq7b boolean| _bdhm_loaded_5a01872fcb0cc87d0f67a0a59ca3958c object| mini_tangram_log_3qqais boolean| _bdhm_loaded_8aa418cda9f543e014929d02ef168808 object| mini_tangram_log_hlncfo object| innerTxt string| tjs string| nam string| mgs string| innerUrl

8 Cookies

Domain/Path Name / Value
.www.ultimatestagweekends.com/ Name: Hm_lvt_a5ecb1ba83b67ec318caf4e542a9a9de
Value: 1677899254
.www.ultimatestagweekends.com/ Name: Hm_lpvt_a5ecb1ba83b67ec318caf4e542a9a9de
Value: 1677899254
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 5D014BB0EB5FAFB7
.www.ultimatestagweekends.com/ Name: Hm_lvt_5a01872fcb0cc87d0f67a0a59ca3958c
Value: 1677899254
.www.ultimatestagweekends.com/ Name: Hm_lpvt_5a01872fcb0cc87d0f67a0a59ca3958c
Value: 1677899254
.www.ultimatestagweekends.com/ Name: Hm_lvt_8aa418cda9f543e014929d02ef168808
Value: 1677899255
.www.ultimatestagweekends.com/ Name: Hm_lpvt_8aa418cda9f543e014929d02ef168808
Value: 1677899255
www.ultimatestagweekends.com/ Name: Cookies_KL
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

595tuchuang.com
8499165.com
8499483.com
8499683.com
api.share.baidu.com
at.alicdn.com
dimg04.c-ctrip.com
hm.baidu.com
img.1138999.com
img.1335999.com
img.1833a.com
img.3276a.com
p3.douyinpic.com
push.zhanzhang.baidu.com
sifa.wv4xlsmt.xyz
u22055.com
ultimatestagweekends.com
www.1.3659808.com
www.ultimatestagweekends.com
z4a.net
zzpic-1255305554.cos.ap-beijing.myqcloud.com
103.235.46.191
107.148.202.17
112.34.113.148
154.7.125.142
154.7.89.72
162.209.128.164
163.181.56.169
172.247.109.212
172.247.50.239
182.61.201.94
23.224.37.107
23.75.174.220
2600:9000:200a:a000:15:76dc:4140:93a1
2606:4700:3038::6815:eaeb
3.36.126.81
38.53.17.58
79.133.177.252
82.156.94.45
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19f4bc9862ac4f3fa5c247f1cc498d3ea959532d3517204ed174d7b1a9c28332
1cc8767e7b27b286a7268e16ea46bd799c3ca8b06f79cb675e55a4375497845c
26373e5cce121843c87121746992366728bcdbf5bb3bca5210d4e61723fca417
268b6c12594ffb8704eeea521afdd36174833d5c153bd304bfd13dc37028994a
2d8fc52c6f080d1ce5e3213e18701d59f66b32630b0b7b5fb37fbc065843281c
2f82cb8179b1c4ba1d84f5f2e21869e7173f1b1d5d442151718df364103a7dca
31c0d464fe180bad6d7b4c42537f4362d146be58198527d723d3d02726684a09
31d7984bc007f48066a4fe3115ef3cd90450fa65349034eb9eaffcf7cf223e69
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0
39150b9d98fba7afbe7b304b17db45fd730160e67894f25517d83c4bfff19e47
478a2a6902d54c02d7cca9db461256e95befbfea4a8731c486e0bcce5d76dfbe
52340369acba8d410aa2f55637515284dd2c4ca8ce21f9de16d28185658d4d09
534fa30eed096cc436397bd8472b2d327620bac382250321264d024329d9aa4f
569c7e172c37fceab6105baa8aad6e3004ee89ce1ff5a63d2be8014bc2322acd
5cbfb636a77f8f4ccbc0cb7bbf70735c5baa39529f226fe7af77d26c8f5159a1
63343dd21b7924ca1b74963d19b8b55277000918f6c86d706d18b3b7a240fc63
65b07eda91e842ac935be91847e19685e538f397f641463de0239359e00768f3
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6a51e6505e2574c549f8dc1f58500f9a291d2be9f4d301369a82f00fa3f48946
6e10229b429704a93b4955321d57a4954e0b624f79988ecc1d2f372b110fc398
711676cc5f17db4358e0b563e742d70d3823281be5681719c1d99d8cd7e34435
7bdaa783a4ad287bf405c029d6446e2b1e54db6a1a089b580cacd7ef500a395a
827c5ee3635cec63155020b40cddb4e1057065baf58bee15aae7fa7ff8f1cce3
875a519e5650b8d7b763b1b303d481382e77a3b19fa9aab52e61d9f96d18082d
879f04e331158845717beb11ca1bff957993dcaec386bcfaf131b0e31b5bbf1a
931df39dec1a48a8bb4b493e563134a0b60e3ccb9d713a4291191de45f8422dd
940b12fd301b19341ce291a0cea1d2fb9ee33931888c724e82659e61a070b7c4
aac08e88e610f41f21ace9043dfee9e1479049a20ddbd72af931c313f73a956b
ac47b197acf6bb278e4678ac0709244238097c580446208169b84348f4e40dcf
b5a3a69f5f799239e01ef37b8bd7cad594404d945234c464809b918db46761f2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
db1ef3d62056f3a0e1079ca5e0d3f915715841ec15afc03eee8c754b652146f6
dc3f87e3d56622ae837804824a98dce2fe385734e6c1aac4c16ad9e89fcbf967
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41e6aabf1bf0057500fc6ab7b807fa42b1b4c22653cc3512422a47e9e5aff16
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
fb253b30a82aeee0b35c79114fe44bc33237743bb801269b3675026d729b9d57