www.juendw.com Open in urlscan Pro
38.53.27.217 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://juendw.com/
Effective URL:
http://www.juendw.com/index.php
Submission: On March 12 via api (March 12th 2023, 3:34:53 am UTC) from US — Scanned from DE

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 27 domains to perform 91 HTTP transactions. The main IP is 38.53.27.217, located in United States and belongs to PEGTECHINC, US. The main domain is www.juendw.com.

This is the only time www.juendw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	38.53.27.217 38.53.27.217	54600 (PEGTECHINC) (PEGTECHINC)
14	107.149.115.208 107.149.115.208	54600 (PEGTECHINC) (PEGTECHINC)
3	103.143.19.103 103.143.19.103	134760 (CHINANET-...) (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network)
8	103.142.36.141 103.142.36.141	54600 (PEGTECHINC) (PEGTECHINC)
32	2606:4700:10:... 2606:4700:10::6816:cd6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.247.50.243 172.247.50.243	40065 (CNSERVERS) (CNSERVERS)
2	67.21.86.202 67.21.86.202	46844 (SHARKTECH) (SHARKTECH)
1	123.234.2.90 123.234.2.90	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
4 4	45.154.214.206 45.154.214.206	201106 (SPARTANHOST) (SPARTANHOST)
4	2606:4700:303... 2606:4700:3034::ac43:ade6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.61.212.216 45.61.212.216	53587 (AZT) (AZT)
1	45.61.212.51 45.61.212.51	53587 (AZT) (AZT)
3 3	3.36.126.81 3.36.126.81	16509 (AMAZON-02) (AMAZON-02)
1	2409:8c04:100... 2409:8c04:1001:1002:0:ff:b001:368a	() ()
3	123.6.77.65 123.6.77.65	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1	220.128.218.220 220.128.218.220	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	103.142.36.152 103.142.36.152	54600 (PEGTECHINC) (PEGTECHINC)
3	183.240.166.132 183.240.166.132	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.61.212.59 45.61.212.59	() ()
1	240e:f7:c010:... 240e:f7:c010:105:3::3e8	134771 (CHINATELE...) (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU)
1	2606:4700:303... 2606:4700:3034::ac43:a135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	4.34.42.102 4.34.42.102	() ()
1	162.209.128.174 162.209.128.174	40065 (CNSERVERS) (CNSERVERS)
1	107.167.16.2 107.167.16.2	46844 (SHARKTECH) (SHARKTECH)
1	162.209.128.173 162.209.128.173	() ()
1	82.156.94.48 82.156.94.48	() ()
2	103.235.46.191 103.235.46.191	() ()
91	26

4 38.53.27.217 (United States) 1 redirects

ASN54600 (PEGTECHINC, US)

juendw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.juendw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 107.149.115.208 (United States)

ASN54600 (PEGTECHINC, US)
PTR: oix208.permissiond.com

107.149.115.208	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.142.36.141 (Hong Kong)

ASN54600 (PEGTECHINC, US)

103.142.36.141	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2606:4700:10::6816:cd6 (United States)

ASN13335 (CLOUDFLARENET, US)

lbfm.lbpictupian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.247.50.243 (United States)

ASN40065 (CNSERVERS, US)

8499136.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.21.86.202 (Los Angeles, United States)

ASN46844 (SHARKTECH, US)
PTR: ip-67-21-86-202.sharktech.net

n0522.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
n0600.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.234.2.90 (Qingdao, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

gtm-cn-j6730u6sd0b.gtm-a3b8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.154.214.206 (Seattle, United States) 4 redirects

ASN201106 (SPARTANHOST, GB)

kvkaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3034::ac43:ade6 (United States)

ASN13335 (CLOUDFLARENET, US)

kvtaaa.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.216 (United States)

ASN53587 (AZT, US)

599aaa.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.51 (United States)

ASN53587 (AZT, US)

6617398ccc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.36.126.81 (Incheon, Korea, Republic Of) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-36-126-81.ap-northeast-2.compute.amazonaws.com

img.1190555.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.1180555.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2409:8c04:1001:1002:0:ff:b001:368a (None, )

ASN- ()

help-ol.bj.bcebos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 123.6.77.65 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: hn.kd.ny.adsl

kjimg10.360buyimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 220.128.218.220 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 220-128-218-220.hinet-ip.hinet.net

taiwtp1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.142.36.152 (Hong Kong)

ASN54600 (PEGTECHINC, US)

xingchi01.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 183.240.166.132 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

files.imgopen.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.61.212.59 (None, )

ASN- ()

99885aaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:f7:c010:105:3::3e8 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)

cdn.sm.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:a135 (United States)

ASN13335 (CLOUDFLARENET, US)

aooacctp.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 4.34.42.102 (None, )

ASN- ()

p9.toutiaoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.209.128.174 (United States)

ASN40065 (CNSERVERS, US)

8499132.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.167.16.2 (Los Angeles, United States)

ASN46844 (SHARKTECH, US)
PTR: customer.sharktech.net

n0611.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.209.128.173 (None, )

ASN- ()

8499226.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.156.94.48 (None, )

ASN- ()

zzpic-1255305554.cos.ap-beijing.myqcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (None, )

ASN- ()

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	lbpictupian.com lbfm.lbpictupian.com — Cisco Umbrella Rank: 192581	264 KB
6	51.la js.users.51.la — Cisco Umbrella Rank: 78773 ia.51.la — Cisco Umbrella Rank: 67140	8 KB
4	kvtaaa.top kvtaaa.top — Cisco Umbrella Rank: 987786	1 MB
4	kvkaa.com 4 redirects kvkaa.com — Cisco Umbrella Rank: 925597	531 B
4	juendw.com 1 redirects juendw.com www.juendw.com	2 KB
3	360buyimg.com kjimg10.360buyimg.com — Cisco Umbrella Rank: 205809	3 MB
2	baidu.com hm.baidu.com	12 KB
2	1190555.com 2 redirects img.1190555.com	252 B
2	8499136.com 8499136.com	465 KB
1	myqcloud.com zzpic-1255305554.cos.ap-beijing.myqcloud.com	34 KB
1	8499226.com 8499226.com	185 KB
1	n0611.com n0611.com	32 KB
1	8499132.com 8499132.com	284 KB
1	toutiaoimg.com p9.toutiaoimg.com	116 KB
1	aooacctp.vip aooacctp.vip — Cisco Umbrella Rank: 909882	784 KB
1	sm.cn cdn.sm.cn — Cisco Umbrella Rank: 109083	273 KB
1	1180555.com 1 redirects img.1180555.com — Cisco Umbrella Rank: 418400	124 B
1	99885aaa.com 99885aaa.com	40 KB
1	imgopen.vip files.imgopen.vip — Cisco Umbrella Rank: 500825	753 KB
1	n0600.com n0600.com	21 KB
1	xingchi01.xyz xingchi01.xyz	34 KB
1	taiwtp1.com taiwtp1.com — Cisco Umbrella Rank: 603050	207 KB
1	bcebos.com help-ol.bj.bcebos.com
1	6617398ccc.com 6617398ccc.com — Cisco Umbrella Rank: 999583	452 KB
1	599aaa.us 599aaa.us	869 KB
1	gtm-a3b8.com gtm-cn-j6730u6sd0b.gtm-a3b8.com — Cisco Umbrella Rank: 240635	337 KB
1	n0522.com n0522.com	236 KB
91	27

	Domain	Requested by
32	lbfm.lbpictupian.com	107.149.115.208
4	kvtaaa.top	107.149.115.208
4	kvkaa.com	4 redirects
3	ia.51.la	www.juendw.com
3	kjimg10.360buyimg.com	107.149.115.208
3	js.users.51.la	www.juendw.com
3	www.juendw.com	www.juendw.com
2	hm.baidu.com	107.149.115.208
2	img.1190555.com	2 redirects
2	8499136.com	107.149.115.208
1	zzpic-1255305554.cos.ap-beijing.myqcloud.com	107.149.115.208
1	8499226.com	107.149.115.208
1	n0611.com	107.149.115.208
1	8499132.com	107.149.115.208
1	p9.toutiaoimg.com	107.149.115.208
1	aooacctp.vip	107.149.115.208
1	cdn.sm.cn	107.149.115.208
1	img.1180555.com	1 redirects
1	99885aaa.com	107.149.115.208
1	files.imgopen.vip	107.149.115.208
1	n0600.com	107.149.115.208
1	xingchi01.xyz	107.149.115.208
1	taiwtp1.com	107.149.115.208
1	help-ol.bj.bcebos.com	107.149.115.208
1	6617398ccc.com	107.149.115.208
1	599aaa.us	107.149.115.208
1	gtm-cn-j6730u6sd0b.gtm-a3b8.com	107.149.115.208
1	n0522.com	107.149.115.208
1	juendw.com	1 redirects
91	29

This site contains no links.

Subject Issuer	Validity	Valid
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-02` - `2024-02-01`	a year	crt.sh
8499136.com ZeroSSL RSA Domain Secure Site CA	`2023-02-28` - `2023-05-29`	3 months	crt.sh
n0522.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-29` - `2023-10-29`	a year	crt.sh
gtm-cn-j6730u6sd0b.gtm-a3b8.com TrustAsia RSA DV TLS CA G2	`2022-12-29` - `2023-12-29`	a year	crt.sh
599aaa.us Sectigo RSA Domain Validation Secure Server CA	`2023-02-13` - `2024-02-13`	a year	crt.sh
6617398ccc.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-24` - `2023-12-24`	a year	crt.sh
*.jd.com GlobalSign RSA OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
taiwtp1.com R3	`2023-01-01` - `2023-04-01`	3 months	crt.sh
n0600.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-29` - `2023-10-29`	a year	crt.sh
*.imgopen.vip E1	`2023-01-24` - `2023-04-24`	3 months	crt.sh
99885aaa.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-20` - `2023-11-20`	a year	crt.sh
*.aooacctp.vip GTS CA 1P5	`2023-02-05` - `2023-05-06`	3 months	crt.sh
*.toutiaoimg.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-07-29` - `2023-07-28`	a year	crt.sh
8499132.com ZeroSSL RSA Domain Secure Site CA	`2023-02-28` - `2023-05-29`	3 months	crt.sh
n0611.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-29` - `2023-10-29`	a year	crt.sh
8499226.com ZeroSSL RSA Domain Secure Site CA	`2022-12-26` - `2023-03-26`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.juendw.com/index.php
Frame ID: F08BE3E72115876D8B2940A52013251A
Requests: 9 HTTP requests in this frame

Frame: http://107.149.115.208/
Frame ID: 3E64880479F4337901C89AA19890BD9C
Requests: 82 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

齐齐哈尔稼桃化妆品有限公司久久露脸国产精品ww蜜芽tv,韩国三级《私人教练》,无码天堂va亚洲va在线va,亚洲av色香蕉一区二区三区齐齐哈尔稼桃化妆品有限公司

Page URL History Show full URLs

http://juendw.com/ HTTP 301
http://www.juendw.com/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Page Statistics

91
Requests

60 %
HTTPS

21 %
IPv6

27
Domains

29
Subdomains

26
IPs

5
Countries

10303 kB
Transfer

10760 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://juendw.com/ HTTP 301
http://www.juendw.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif HTTP 301
https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif

Request Chain 54

https://kvkaa.com/01dfa9bde54e701e29b1896a128d2cc1.gif HTTP 301
https://kvtaaa.top/01dfa9bde54e701e29b1896a128d2cc1.gif

Request Chain 58

https://img.1190555.com/images/640c39293ffd2507e8ecb886.gif HTTP 302
https://help-ol.bj.bcebos.com/ce862703bd3a6fd9e7acc3c32453fe84.jpg

Request Chain 71

https://kvkaa.com/96f6f08c54fe76e2ce0bf177ceb98a87.md.png HTTP 301
https://kvtaaa.top/96f6f08c54fe76e2ce0bf177ceb98a87.md.png

Request Chain 72

https://kvkaa.com/0386d45065aa4bb1d118804aea2b6df7.md.jpg HTTP 301
https://kvtaaa.top/0386d45065aa4bb1d118804aea2b6df7.md.jpg

Request Chain 73

https://img.1180555.com/images/6406d3743d6cac1048a3a402.gif HTTP 302
https://cdn.sm.cn/71368a72da013b37bb9dd91cb15a3e32/2131e97716781987910405476efb44

Request Chain 82

https://img.1190555.com/images/640c3b5e3ffd2507e8ecb887.gif HTTP 302
https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/89cfc757-a925-4dd0-9dc5-7488a1489436.png

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
www.juendw.com/
Redirect Chain

http://juendw.com/
http://www.juendw.com/index.php

2 KB
887 B

977ms
165ms

Document
text/html

38.53.27.217
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.juendw.com/index.php
Protocol: HTTP/1.1
Server: 38.53.27.217 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: fe4e7b109ffa91bd809c8c717725549d94e81c2cc348d733161984d323edf558

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 12 Mar 2023 03:34:41 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Sun, 12 Mar 2023 03:34:40 GMT
Location: http://www.juendw.com/index.php
Server: nginx

GET
H/1.1 200
OK common.js Show response
www.juendw.com/ 1 KB
911 B 166ms
165ms Script
application/x-javascript 38.53.27.217
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.juendw.com/common.js
Requested by: Host: www.juendw.com
URL: http://www.juendw.com/index.php
Protocol: HTTP/1.1
Server: 38.53.27.217 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: d6d041c6a3a3777b4659357ec0d3401a11c30837302a69edcd788815c66af4db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.juendw.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:42 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.juendw.com/ 316 B
472 B 163ms
163ms Script
application/x-javascript 38.53.27.217
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.juendw.com/tj.js
Requested by: Host: www.juendw.com
URL: http://www.juendw.com/index.php
Protocol: HTTP/1.1
Server: 38.53.27.217 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 97665f122d21083dcbd5564de9ada6965bb66d1cfb3bc3120f32054f820a010d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.juendw.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:42 GMT
Server: nginx
Connection: keep-alive
Content-Length: 316
Content-Type: application/x-javascript

GET
H/1.1 200
OK / Show response
107.149.115.208/ Frame 3E64 37 KB
7 KB 464ms
296ms Document
text/html 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/
Requested by: Host: www.juendw.com
URL: http://www.juendw.com/index.php
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: 9015c45fb3fe892c2ca0b3e6a30ee16240cb8f093c92fc2b77ba39e6e9e24a02

Request headers

Referer: http://www.juendw.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 12 Mar 2023 03:34:43 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK 21280225.js Show response
js.users.51.la/ 5 KB
3 KB 1372ms
276ms Script
application/javascript 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21280225.js
Requested by: Host: www.juendw.com
URL: http://www.juendw.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: d5225fd32b29fa3cc3ff3789d0848e2027c6081a2abcac529dde76f3729cfc0c

Request headers

Referer: http://www.juendw.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 12 Mar 2023 03:34:44 GMT
Content-Encoding: gzip
Server: CloudWAF
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 21244197.js Show response
js.users.51.la/ 5 KB
3 KB 1401ms
287ms Script
application/javascript 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21244197.js
Requested by: Host: www.juendw.com
URL: http://www.juendw.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: 8c96ceb12ca176101d883f06ed4d527d40413890045c54aed49f9fa25f78a08b

Request headers

Referer: http://www.juendw.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 12 Mar 2023 03:34:44 GMT
Content-Encoding: gzip
Server: CloudWAF
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 21244203.js Show response
js.users.51.la/ 5 KB
3 KB 1651ms
279ms Script
application/javascript 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21244203.js
Requested by: Host: www.juendw.com
URL: http://www.juendw.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: ed015286f4771e7495bef31c30d70fdd1dbd31fdd4adcd7cecad67b9bfe365f1

Request headers

Referer: http://www.juendw.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Sun, 12 Mar 2023 03:34:44 GMT
Content-Encoding: gzip
Server: CloudWAF
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK ate.css
107.149.115.208/template/m1938pc/css/ Frame 3E64 74 KB
6 KB 172ms
172ms Stylesheet
text/css 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/template/m1938pc/css/ate.css
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:43 GMT
Content-Encoding: gzip
Last-Modified: Sun, 24 Jan 2021 07:28:38 GMT
Server: nginx
ETag: W/"600d21a6-126e4"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Sun, 12 Mar 2023 15:34:43 GMT

GET
H/1.1 200
OK zui.css
107.149.115.208/template/m1938pc/css/ Frame 3E64 84 KB
19 KB 334ms
167ms Stylesheet
text/css 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/template/m1938pc/css/zui.css
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 05:34:20 GMT
Server: nginx
ETag: W/"6010fb5c-14f36"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Sun, 12 Mar 2023 15:34:43 GMT

GET
H/1.1 200
OK xx1.js Show response
107.149.115.208/template/m1938pc/ads/ Frame 3E64 128 B
441 B 334ms
167ms Script
application/javascript 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/template/m1938pc/ads/xx1.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: 7d41e569d3def8915df0d40793ccfd527cd04fe82ba5a7f3193622042b191eb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:43 GMT
Last-Modified: Thu, 09 Mar 2023 10:57:28 GMT
Server: nginx
ETag: "6409bb98-80"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128
Expires: Sun, 12 Mar 2023 15:34:43 GMT

GET
H/1.1 200
OK dh1.js Show response
107.149.115.208/template/m1938pc/ads/ Frame 3E64 130 B
443 B 338ms
168ms Script
application/javascript 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/template/m1938pc/ads/dh1.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: 6b3b76132634788988f19ad4b269dafa21894d12ff2c169ce72ca279e6fb684d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:43 GMT
Last-Modified: Thu, 09 Mar 2023 10:57:26 GMT
Server: nginx
ETag: "6409bb96-82"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 130
Expires: Sun, 12 Mar 2023 15:34:43 GMT

GET
H/1.1 200
OK dh.js Show response
107.149.115.208/template/m1938pc/ads/ Frame 3E64 129 B
442 B 345ms
171ms Script
application/javascript 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/template/m1938pc/ads/dh.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: 2e5cabac17b51a462207ffdb5eee765193beba3c501133d1835314c85a875e2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:43 GMT
Last-Modified: Thu, 09 Mar 2023 10:57:25 GMT
Server: nginx
ETag: "6409bb95-81"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 129
Expires: Sun, 12 Mar 2023 15:34:43 GMT

GET
H/1.1 200
OK 12.js Show response
103.142.36.141/js/1/ Frame 3E64 3 KB
1 KB 321ms
160ms Script
application/javascript 103.142.36.141
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://103.142.36.141/js/1/12.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 103.142.36.141 , Hong Kong, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 87576712a654eabf383a439df813e30456f6dcef62c28af608159bf6fa866e0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:43 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Mar 2023 08:55:44 GMT
Server: nginx
ETag: W/"640c4210-c7e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Sun, 12 Mar 2023 15:34:43 GMT

GET
H/1.1 200
OK xx2.js Show response
107.149.115.208/template/m1938pc/ads/ Frame 3E64 128 B
441 B 345ms
172ms Script
application/javascript 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/template/m1938pc/ads/xx2.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: f4bfe45de68d651290ee8201d0d393655b5f755cb0a6aaefb2859957cc2e6144

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:43 GMT
Last-Modified: Thu, 09 Mar 2023 10:57:29 GMT
Server: nginx
ETag: "6409bb99-80"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128
Expires: Sun, 12 Mar 2023 15:34:43 GMT

GET
H/1.1 200
OK 01.js Show response
107.149.115.208/template/m1938pc/ads/ Frame 3E64 129 B
442 B 343ms
169ms Script
application/javascript 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/template/m1938pc/ads/01.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: 624e91ed61f277297f974b02f53c79b1c5f9e306d7e735f5463f6417e9fc1c6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:43 GMT
Last-Modified: Thu, 09 Mar 2023 10:57:23 GMT
Server: nginx
ETag: "6409bb93-81"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 129
Expires: Sun, 12 Mar 2023 15:34:43 GMT

GET
H2 200 ne2ai10vwwx1515ne2ai10vwwx151810.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-26/15/ Frame 3E64 198 B
369 B 435ms
369ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-26/15/ne2ai10vwwx1515ne2ai10vwwx151810.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7522622520e02df4fd1e0376b758987a1b31dd491406f3f553b00d48ee012cac

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Sep 2022 07:15:15 GMT
server: cloudflare
cf-polished: qual=85, origFmt=jpeg, origSize=1764
etag: "63315183-6e4"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="ne2ai10vwwx1515ne2ai10vwwx151810.webp"
accept-ranges: bytes
cf-ray: 7a68fbaa6ce73a74-FRA
content-length: 198

GET
H2 200 xmsqn2pq35x1515xmsqn2pq35x161812.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-26/15/ Frame 3E64 7 KB
7 KB 389ms
323ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-26/15/xmsqn2pq35x1515xmsqn2pq35x161812.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 302e81390e6ad09906241d6e5b2a02c7c959af86639f70af8dc648606905c607

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Sep 2022 07:15:16 GMT
server: cloudflare
cf-polished: qual=85, origFmt=jpeg, origSize=8347
etag: "63315184-209b"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="xmsqn2pq35x1515xmsqn2pq35x161812.webp"
accept-ranges: bytes
cf-ray: 7a68fbaa6ce93a74-FRA
content-length: 7148

GET
H2 200 534ggx0leil1515534ggx0leil171814.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-26/15/ Frame 3E64 7 KB
7 KB 390ms
324ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-26/15/534ggx0leil1515534ggx0leil171814.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4482d2a6bc9aa35dc36b9ce3806459ffabddf2681b0ede5be44324909224ac5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Sep 2022 07:15:17 GMT
server: cloudflare
cf-polished: qual=85, origFmt=jpeg, origSize=8001
etag: "63315185-1f41"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="534ggx0leil1515534ggx0leil171814.webp"
accept-ranges: bytes
cf-ray: 7a68fbaa6cea3a74-FRA
content-length: 6784

GET
H2 200 2atbq2iauxo15152atbq2iauxo181816.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-26/15/ Frame 3E64 3 KB
4 KB 400ms
335ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-26/15/2atbq2iauxo15152atbq2iauxo181816.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bda93e4fbc7fe8acbe6896e5e9077669612dad87382be161ed54e07943921d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Sep 2022 07:15:18 GMT
server: cloudflare
cf-polished: qual=85, origFmt=jpeg, origSize=5480
etag: "63315186-1568"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="2atbq2iauxo15152atbq2iauxo181816.webp"
accept-ranges: bytes
cf-ray: 7a68fbaa6ceb3a74-FRA
content-length: 3498

GET
H2 200 00oywelbguv151500oywelbguv191818.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-26/15/ Frame 3E64 5 KB
5 KB 391ms
326ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-26/15/00oywelbguv151500oywelbguv191818.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4f8e8c19289a74844ebf5eda456c8434ab00682f8b48e38d7e149941f5fe5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Sep 2022 07:15:19 GMT
server: cloudflare
cf-polished: qual=85, origFmt=jpeg, origSize=6890
etag: "63315187-1aea"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="00oywelbguv151500oywelbguv191818.webp"
accept-ranges: bytes
cf-ray: 7a68fbaa6cec3a74-FRA
content-length: 5066

GET
H2 200 nfpn3gnur4j1515nfpn3gnur4j201820.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-26/15/ Frame 3E64 3 KB
3 KB 412ms
347ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-26/15/nfpn3gnur4j1515nfpn3gnur4j201820.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e3eed836bfd8dcfb4953858c5161cc8638550751c6e90831d0206e3eb22781

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Mon, 26 Sep 2022 07:15:20 GMT
server: cloudflare
cf-polished: qual=85, origFmt=jpeg, origSize=6299
etag: "63315188-189b"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="nfpn3gnur4j1515nfpn3gnur4j201820.webp"
accept-ranges: bytes
cf-ray: 7a68fbaa6ced3a74-FRA
content-length: 3366

GET
H2 200 z2za4ywcdnd1756z2za4ywcdnd562009.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-27/17/ Frame 3E64 8 KB
8 KB 350ms
348ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-27/17/z2za4ywcdnd1756z2za4ywcdnd562009.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 821cef7564f7b28f8fb16983737342570784544e8dc708ee022389700037b5b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:44 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 09:56:56 GMT
server: cloudflare
cf-polished: qual=85, origFmt=jpeg, origSize=8858
etag: "6332c8e8-229a"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="z2za4ywcdnd1756z2za4ywcdnd562009.webp"
accept-ranges: bytes
cf-ray: 7a68fbab1d683a74-FRA
content-length: 7796

GET
H2 200 zvtwsk1qrf01756zvtwsk1qrf0572011.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-27/17/ Frame 3E64 5 KB
5 KB 335ms
333ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-27/17/zvtwsk1qrf01756zvtwsk1qrf0572011.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3cf629ff1a43dab758988c23d8a3f37bd7591c707bce5ee6a4ab850a99b5d59

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:44 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 09:56:57 GMT
server: cloudflare
cf-polished: qual=85, origFmt=jpeg, origSize=6892
etag: "6332c8e9-1aec"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="zvtwsk1qrf01756zvtwsk1qrf0572011.webp"
accept-ranges: bytes
cf-ray: 7a68fbab1d6a3a74-FRA
content-length: 5108

GET
H2 200 0htjbzbigca13570htjbzbigca0323841.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-03/13/ Frame 3E64 11 KB
11 KB 353ms
351ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-03/13/0htjbzbigca13570htjbzbigca0323841.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a3dee32c27fb660364904097ccaba0c739e74a49dc3cca104d6ae0a19b6eeba

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:44 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Sat, 03 Sep 2022 05:57:03 GMT
server: cloudflare
cf-polished: origSize=11472, status=webp_bigger
etag: "6312ecaf-2cd0"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab1d6b3a74-FRA
content-length: 10939

GET
H2 200 clrtkieg2tm1357clrtkieg2tm0423843.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-03/13/ Frame 3E64 9 KB
9 KB 340ms
338ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-03/13/clrtkieg2tm1357clrtkieg2tm0423843.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcae469be24ed4078c45e3835951c8512a724a7d7ab717df3f8f2bdbe51c3367

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:44 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Sat, 03 Sep 2022 05:57:04 GMT
server: cloudflare
cf-polished: origSize=9267, status=webp_bigger
etag: "6312ecb0-2433"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab1d6c3a74-FRA
content-length: 8918

GET
H2 200 qtrwseu5gsy1357qtrwseu5gsy0523845.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-03/13/ Frame 3E64 10 KB
10 KB 50ms
48ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-03/13/qtrwseu5gsy1357qtrwseu5gsy0523845.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92859ea4fc247506ab97c8755b795194ea74c62539293ebdab4e6dd5e14b72a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sat, 03 Sep 2022 05:57:05 GMT
server: cloudflare
age: 3392
cf-polished: origSize=10326, status=webp_bigger
etag: "6312ecb1-2856"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab1d6d3a74-FRA
content-length: 9853

GET
H2 200 q4qx5oinwin1357q4qx5oinwin0623847.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-03/13/ Frame 3E64 8 KB
9 KB 30ms
28ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-03/13/q4qx5oinwin1357q4qx5oinwin0623847.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d6614274423758febcea3d8f43b8960a5e4f63e2408877a28e9e8c9104b58aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sat, 03 Sep 2022 05:57:06 GMT
server: cloudflare
age: 3392
cf-polished: qual=85, origFmt=jpeg, origSize=9520
etag: "6312ecb2-2530"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="q4qx5oinwin1357q4qx5oinwin0623847.webp"
accept-ranges: bytes
cf-ray: 7a68fbab1d6e3a74-FRA
content-length: 8624

GET
H2 200 4ibdbem3gpz13574ibdbem3gpz0823851.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-03/13/ Frame 3E64 8 KB
8 KB 32ms
31ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-03/13/4ibdbem3gpz13574ibdbem3gpz0823851.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 177bc379e39b5d61d0caaff4357e43ce441881447f2b2d89c13c618771624f63

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sat, 03 Sep 2022 05:57:08 GMT
server: cloudflare
age: 3392
cf-polished: qual=85, origFmt=jpeg, origSize=9032
etag: "6312ecb4-2348"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="4ibdbem3gpz13574ibdbem3gpz0823851.webp"
accept-ranges: bytes
cf-ray: 7a68fbab1d6f3a74-FRA
content-length: 8224

GET
H2 200 votelig2lrw1357votelig2lrw0723849.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-03/13/ Frame 3E64 14 KB
14 KB 34ms
32ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-03/13/votelig2lrw1357votelig2lrw0723849.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ad35e63251443df208ba14466f00078debc1a6dd5fde29298a5e6a77c464624

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sat, 03 Sep 2022 05:57:07 GMT
server: cloudflare
age: 3391
cf-polished: origSize=15209, status=webp_bigger
etag: "6312ecb3-3b69"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab1d703a74-FRA
content-length: 14535

GET
H2 200 a3rws1hetbs1551a3rws1hetbs12611.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-04/15/ Frame 3E64 6 KB
6 KB 33ms
32ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-04/15/a3rws1hetbs1551a3rws1hetbs12611.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89562ed18ea8bf21709114159ad6d9ea6ea0db673e224b611e26112e2f5fdebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sun, 04 Sep 2022 07:51:12 GMT
server: cloudflare
age: 3391
cf-polished: qual=85, origFmt=jpeg, origSize=6829
etag: "631458f0-1aad"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="a3rws1hetbs1551a3rws1hetbs12611.webp"
accept-ranges: bytes
cf-ray: 7a68fbab1d713a74-FRA
content-length: 5812

GET
H2 200 yg0xqdb0u211551yg0xqdb0u2113613.jpg
lbfm.lbpictupian.com/upload/vod/2022/09-04/15/ Frame 3E64 10 KB
10 KB 51ms
49ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2022/09-04/15/yg0xqdb0u211551yg0xqdb0u2113613.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3adab6fe3abb30c4e5c11814f5921b13756625c611a44a94502b9a7b13553627

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sun, 04 Sep 2022 07:51:13 GMT
server: cloudflare
age: 869
cf-polished: origSize=10767, status=webp_bigger
etag: "631458f1-2a0f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab1d723a74-FRA
content-length: 10152

GET
H2 200 nq32fe2vup0.jpg
lbfm.lbpictupian.com/upload/vod/2023/03/ Frame 3E64 9 KB
9 KB 351ms
349ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/03/nq32fe2vup0.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c908efaaf0d8b5e9db257f5304a37751967dbe8025b9b40b2d4b9de1e6b6115

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:44 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 05:56:55 GMT
server: cloudflare
cf-polished: origSize=9519, status=webp_bigger
etag: "640823a7-252f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab1d733a74-FRA
content-length: 9037

GET
H2 200 4ggg3t1tf5e.jpg
lbfm.lbpictupian.com/upload/vod/2023/03/ Frame 3E64 8 KB
8 KB 344ms
342ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/03/4ggg3t1tf5e.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cd15d948acd08e5254b3710627fe88f1c3ce7145b7e9a9dda98ef8dbf4c0998

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:44 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 05:57:00 GMT
server: cloudflare
cf-polished: origSize=8962, status=webp_bigger
etag: "640823ac-2302"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab1d743a74-FRA
content-length: 8481

GET
H2 200 btcs0ozymt2.jpg
lbfm.lbpictupian.com/upload/vod/2023/03/ Frame 3E64 9 KB
9 KB 54ms
52ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/03/btcs0ozymt2.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb4dd62b44bb1fbab28fe432237c0223da6c055a0f12792687f8d8fcc671f79e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 05:57:05 GMT
server: cloudflare
age: 2963
cf-polished: origSize=9522, status=webp_bigger
etag: "640823b1-2532"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab1d753a74-FRA
content-length: 9070

GET
H2 200 q55ozgvposu.jpg
lbfm.lbpictupian.com/upload/vod/2023/03/ Frame 3E64 8 KB
9 KB 54ms
52ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/03/q55ozgvposu.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d0f00944b06160457f6b42a8fef511d8dba76b0285e8813427b7c3d15a26cec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 05:57:09 GMT
server: cloudflare
age: 2963
cf-polished: qual=85, origFmt=jpeg, origSize=10042
etag: "640823b5-273a"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="q55ozgvposu.webp"
accept-ranges: bytes
cf-ray: 7a68fbab1d763a74-FRA
content-length: 8544

GET
H2 200 qvxfp1dfxik.jpg
lbfm.lbpictupian.com/upload/vod/2023/03/ Frame 3E64 10 KB
10 KB 57ms
55ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/03/qvxfp1dfxik.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9e4bc64c8eefd8fd144c4c231f3b52d8ff8ce4a685efce7c535a03efa5ed61b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 05:57:14 GMT
server: cloudflare
age: 2963
cf-polished: qual=85, origFmt=jpeg, origSize=10607
etag: "640823ba-296f"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="qvxfp1dfxik.webp"
accept-ranges: bytes
cf-ray: 7a68fbab1d773a74-FRA
content-length: 9832

GET
H2 200 1tmns1de2yl.jpg
lbfm.lbpictupian.com/upload/vod/2023/03/ Frame 3E64 13 KB
13 KB 56ms
55ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/03/1tmns1de2yl.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0e5d0ef3307724016d10b476440e82970c33f21d08ac206fa48f86add7f84c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 05:57:18 GMT
server: cloudflare
age: 2963
cf-polished: qual=85, origFmt=jpeg, origSize=13180
etag: "640823be-337c"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="1tmns1de2yl.webp"
accept-ranges: bytes
cf-ray: 7a68fbab1d783a74-FRA
content-length: 13002

GET
H2 200 c3ayykpecct.jpg
lbfm.lbpictupian.com/upload/vod/2023/03/ Frame 3E64 9 KB
10 KB 56ms
54ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/03/c3ayykpecct.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbd925a6d602e363b83c21e3d16c7522ee5309b5c1eda0436b57fdfb85b23537

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 05:57:23 GMT
server: cloudflare
age: 2963
cf-polished: qual=85, origFmt=jpeg, origSize=10293
etag: "640823c3-2835"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="c3ayykpecct.webp"
accept-ranges: bytes
cf-ray: 7a68fbab1d793a74-FRA
content-length: 9622

GET
H2 200 ke3xlgx0hih.jpg
lbfm.lbpictupian.com/upload/vod/2023/03/ Frame 3E64 10 KB
10 KB 57ms
55ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/03/ke3xlgx0hih.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c99360758d7619de4324c5dc272ed9dba57aa53f1c1867928e0283710ddc13e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Wed, 08 Mar 2023 05:57:26 GMT
server: cloudflare
age: 2963
cf-polished: qual=85, origFmt=jpeg, origSize=10888
etag: "640823c6-2a88"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="ke3xlgx0hih.webp"
accept-ranges: bytes
cf-ray: 7a68fbab1d7a3a74-FRA
content-length: 10254

GET
H2 200 oqvc231ej45.jpg
lbfm.lbpictupian.com/upload/vod/2023/02/ Frame 3E64 7 KB
7 KB 61ms
59ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/02/oqvc231ej45.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ced53bb711f8dfb9fb1218a1d8da25c4e1a416ea76904973a450b03bd3bd3050

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Feb 2023 12:19:47 GMT
server: cloudflare
age: 2564
cf-polished: qual=85, origFmt=jpeg, origSize=8297
etag: "63e787e3-2069"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="oqvc231ej45.webp"
accept-ranges: bytes
cf-ray: 7a68fbab3d883a74-FRA
content-length: 7112

GET
H2 200 p3e5rn0d3iq.jpg
lbfm.lbpictupian.com/upload/vod/2023/02/ Frame 3E64 8 KB
8 KB 363ms
361ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/02/p3e5rn0d3iq.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 019dc5665757e60ec0934b7d766f697c49a4667e54590253ae43104398f2d910

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:44 GMT
cf-cache-status: REVALIDATED
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Feb 2023 12:19:51 GMT
server: cloudflare
cf-polished: origSize=8710, status=webp_bigger
etag: "63e787e7-2206"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab3d8a3a74-FRA
content-length: 8269

GET
H2 200 5anjr5fcu4q.jpg
lbfm.lbpictupian.com/upload/vod/2023/02/ Frame 3E64 9 KB
9 KB 57ms
56ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/02/5anjr5fcu4q.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cec9c80a0b04a12e87fe4a62d59c2ed3fbd627d643171463b3d3c523c7b149aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Feb 2023 12:19:54 GMT
server: cloudflare
age: 2564
cf-polished: origSize=10058, status=webp_bigger
etag: "63e787ea-274a"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab3d8b3a74-FRA
content-length: 9557

GET
H2 200 ighltbbvjch.jpg
lbfm.lbpictupian.com/upload/vod/2023/02/ Frame 3E64 5 KB
5 KB 60ms
59ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/02/ighltbbvjch.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13d075f20805d196ba4c9675da5a16dc1b584ed11fd806812ad833a5ded388c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Feb 2023 12:19:58 GMT
server: cloudflare
age: 2564
cf-polished: qual=85, origFmt=jpeg, origSize=6923
etag: "63e787ee-1b0b"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="ighltbbvjch.webp"
accept-ranges: bytes
cf-ray: 7a68fbab3d8c3a74-FRA
content-length: 5292

GET
H2 200 qjjhoxlv4bi.jpg
lbfm.lbpictupian.com/upload/vod/2023/01/ Frame 3E64 10 KB
11 KB 57ms
56ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/01/qjjhoxlv4bi.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52180d6a9733258d4df3c5d6027736dd72ff18295c569360fd3e676f82d664cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sat, 21 Jan 2023 17:54:55 GMT
server: cloudflare
age: 2042
cf-polished: origSize=11271, status=webp_bigger
etag: "63cc26ef-2c07"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab3d8e3a74-FRA
content-length: 10583

GET
H2 200 yqj2rocav3e.jpg
lbfm.lbpictupian.com/upload/vod/2023/01/ Frame 3E64 10 KB
10 KB 61ms
59ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/01/yqj2rocav3e.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2fc6512d6fc0ddbb4279821468fe15f6102b595a2d572289e18a8786497d942

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sat, 21 Jan 2023 17:55:00 GMT
server: cloudflare
age: 2042
cf-polished: qual=85, origFmt=jpeg, origSize=11452
etag: "63cc26f4-2cbc"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="yqj2rocav3e.webp"
accept-ranges: bytes
cf-ray: 7a68fbab3d8f3a74-FRA
content-length: 10360

GET
H2 200 5wung5ciwnv.jpg
lbfm.lbpictupian.com/upload/vod/2023/01/ Frame 3E64 7 KB
7 KB 61ms
60ms Image
image/webp 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/01/5wung5ciwnv.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05ea66a726335433b3fc71a96535a661ad566a45fa07530086d7613d25010c79

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sat, 21 Jan 2023 17:55:04 GMT
server: cloudflare
age: 2041
cf-polished: qual=85, origFmt=jpeg, origSize=9112
etag: "63cc26f8-2398"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
content-disposition: inline; filename="5wung5ciwnv.webp"
accept-ranges: bytes
cf-ray: 7a68fbab3d903a74-FRA
content-length: 6702

GET
H2 200 r423oyle1px.jpg
lbfm.lbpictupian.com/upload/vod/2023/01/ Frame 3E64 12 KB
12 KB 60ms
59ms Image
image/jpeg 2606:4700:10::6816:cd6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lbfm.lbpictupian.com/upload/vod/2023/01/r423oyle1px.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:cd6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a77a1ec1cf3a7c06b11792ee36f51a8ce9b332a98770f5f9399457ec14364886

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:43 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Sat, 21 Jan 2023 17:55:08 GMT
server: cloudflare
age: 6843
cf-polished: origSize=13119, status=webp_bigger
etag: "63cc26fc-333f"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a68fbab3d913a74-FRA
content-length: 12479

GET
H/1.1 200
OK xx3.js Show response
107.149.115.208/template/m1938pc/ads/ Frame 3E64 128 B
441 B 167ms
167ms Script
application/javascript 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/template/m1938pc/ads/xx3.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: d5c9da32a767b4873c6b86814b7a9e587f11523a3457a10fcaf3aa5a4d34032a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:43 GMT
Last-Modified: Thu, 09 Mar 2023 10:57:29 GMT
Server: nginx
ETag: "6409bb99-80"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128
Expires: Sun, 12 Mar 2023 15:34:43 GMT

GET
H/1.1 200
OK dl.js Show response
107.149.115.208/template/m1938pc/ads/ Frame 3E64 133 B
446 B 167ms
167ms Script
application/javascript 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/template/m1938pc/ads/dl.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: 7bc7fd083133ab5ec0b398f384dd03d71c3c7a1c2bd2fbd569c518b40e224111

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:43 GMT
Last-Modified: Thu, 09 Mar 2023 10:57:27 GMT
Server: nginx
ETag: "6409bb97-85"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 133
Expires: Sun, 12 Mar 2023 15:34:43 GMT

GET
H/1.1 200
OK tj.js Show response
107.149.115.208/template/m1938pc/ads/ Frame 3E64 122 B
435 B 168ms
168ms Script
application/javascript 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/template/m1938pc/ads/tj.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: a27e548e8428581f1ccb6052a30329f63969074f5edf100ac15bfe81bc063716

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:43 GMT
Last-Modified: Thu, 09 Mar 2023 11:10:32 GMT
Server: nginx
ETag: "6409bea8-7a"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122
Expires: Sun, 12 Mar 2023 15:34:43 GMT

GET
H/1.1 200
OK 1.js Show response
103.142.36.141/js/1/ Frame 3E64 7 KB
2 KB 160ms
160ms Script
application/javascript 103.142.36.141
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://103.142.36.141/js/1/1.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/template/m1938pc/ads/xx1.js
Protocol: HTTP/1.1
Server: 103.142.36.141 , Hong Kong, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 309451fdb1712df96d5e70dc7443539072c01f6b3ef96a321e60d22ee4c10f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Mar 2023 14:18:06 GMT
Server: nginx
ETag: W/"640c8d9e-1d81"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Sun, 12 Mar 2023 15:34:44 GMT

GET
H2 200 150x150.gif
8499136.com/8499/ Frame 3E64 181 KB
181 KB 2817ms
159ms Image
image/gif 172.247.50.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8499136.com/8499/150x150.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.50.243 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash: 321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:46 GMT
last-modified: Wed, 28 Dec 2022 09:29:16 GMT
server: qq.com
etag: "2d353-5f0e00094173c"
x-cache-status: HIT
content-type: image/gif
accept-ranges: bytes
content-length: 185171

GET
H/1.1 200
OK 7d9af27f92c445be942ef4d044336d56.gif
n0522.com/ Frame 3E64 389 KB
236 KB 2158ms
320ms Image
image/gif 67.21.86.202
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0522.com/7d9af27f92c445be942ef4d044336d56.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.21.86.202 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS: ip-67-21-86-202.sharktech.net
Software: WAF/2.4-12.1 /
Resource Hash: 80fc2fb6c33d25c413e9ea60ffc08a483aef3efbbf48bff3cb1dab7f7e30d742

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Feb 2023 09:46:33 GMT
Server: WAF/2.4-12.1
ETag: W/"63f735f9-614bd"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/gif
Connection: keep-alive

GET
H/1.1 200
OK xpj960x60.gif
gtm-cn-j6730u6sd0b.gtm-a3b8.com/ Frame 3E64 337 KB
337 KB 1612ms
193ms Image
image/gif 123.234.2.90
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtm-cn-j6730u6sd0b.gtm-a3b8.com/xpj960x60.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 123.234.2.90 Qingdao, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: tencent-cos /
Resource Hash: 0eac7dfc2111bea18f69905fd0183364c76e9489a39dcd319872b83fa5a53f51

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 20:46:33 GMT
x-cos-hash-crc64ecma: 357403910767134175
Last-Modified: Thu, 29 Dec 2022 12:11:22 GMT
Server: tencent-cos
X-Cache-Lookup: Cache Hit
Etag: "4ebdabbf56c5ea36aeb13bc0dfb3cd1c"
Content-Type: image/gif
x-cos-request-id: NjQwMjVjYTlfNDU1ZTQwOV82ZmE3XzI2NDBmNzA=
X-NWS-LOG-UUID: 1840772956143377982
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 344832

GET
H2

200

d816a0142aeb37814a5d77cfd510e67b.gif
kvtaaa.top/ Frame 3E64
Redirect Chain

https://kvkaa.com/d816a0142aeb37814a5d77cfd510e67b.gif
https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif

181 KB
182 KB

539ms
27ms

Image
image/gif

2606:4700:3034::ac43:ade6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Server: 2606:4700:3034::ac43:ade6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54834
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 185463
last-modified: Mon, 13 Jun 2022 10:10:31 GMT
server: cloudflare
etag: "62a70d17-2d477"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6d1Ql75gkxO%2FCJCj0lgAoCISX6bGHT4W%2FwjHtM3bj3rdNZc0uqH6%2F%2BTRUYjXOtGgB4798mSoemAOvSmPfvJ%2FwGoBqKPevY7lvhgtTUADcWYseNYsawIqnPl6Ij33QXsEfQNliSPJvSrr"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a68fbbadb6a5c02-FRA
expires: Mon, 10 Apr 2023 12:20:52 GMT

Redirect headers

location: https://kvtaaa.top/d816a0142aeb37814a5d77cfd510e67b.gif
date: Sun, 12 Mar 2023 03:34:45 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

01dfa9bde54e701e29b1896a128d2cc1.gif
kvtaaa.top/ Frame 3E64
Redirect Chain

https://kvkaa.com/01dfa9bde54e701e29b1896a128d2cc1.gif
https://kvtaaa.top/01dfa9bde54e701e29b1896a128d2cc1.gif

896 KB
897 KB

567ms
55ms

Image
image/gif

2606:4700:3034::ac43:ade6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvtaaa.top/01dfa9bde54e701e29b1896a128d2cc1.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Server: 2606:4700:3034::ac43:ade6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edb306fed3ef2015e2eb7a7d11d15f923367819b44e15d0650fdea692f50005e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1366345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 917343
last-modified: Sun, 25 Dec 2022 10:36:11 GMT
server: cloudflare
etag: "63a8279b-dff5f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmyhI22hRbPc1Mojj1TN4GAazEWvo5W43ur5sh3U62doA8pSMMldRkfY8IUIibeP4y7xfUH5kpuU21KABHYp4NQoQ%2BClr19ZQ935wxHK1VbwY4kfl1ceTQivbITIFyvhfsosUn9FFuIp"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a68fbbadb6b5c02-FRA
expires: Sun, 26 Mar 2023 08:02:21 GMT

Redirect headers

location: https://kvtaaa.top/01dfa9bde54e701e29b1896a128d2cc1.gif
date: Sun, 12 Mar 2023 03:34:45 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 960x60.gif
8499136.com/8499/zzxx/ Frame 3E64 284 KB
284 KB 3255ms
598ms Image
image/gif 172.247.50.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8499136.com/8499/zzxx/960x60.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.247.50.243 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash: e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:46 GMT
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
server: qq.com
etag: "46f0c-5f092cf097c3f"
x-cache-status: HIT
content-type: image/gif
accept-ranges: bytes
content-length: 290572

GET
H/1.1 200
OK 12bd0667b3784bb8af832d92507ed089.gif
599aaa.us/ Frame 3E64 869 KB
869 KB 4048ms
456ms Image
image/gif 45.61.212.216
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://599aaa.us/12bd0667b3784bb8af832d92507ed089.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.216 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d0cab3ef9b65b7d953e3b23cc49abc10597f31a98abc5036c8679baee2e8f42

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 27 Feb 2023 01:00:15 GMT
Last-Modified: Tue, 14 Feb 2023 06:29:59 GMT
Server: nginx
ETag: "63eb2a67-d92b9"
X-Cache: HIT from cloud-us3-cdnb-16
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 889529

GET
H/1.1 200
OK 854ef48f950b48c182d4e22e6ad5ef5a.gif
6617398ccc.com/ Frame 3E64 452 KB
452 KB 3539ms
161ms Image
image/gif 45.61.212.51
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6617398ccc.com/854ef48f950b48c182d4e22e6ad5ef5a.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.51 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: d90d0adad2762a3adbc66f0067ae7e85c989b91600e21ae5686f29540325f48a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Mon, 06 Mar 2023 14:28:53 GMT
Last-Modified: Wed, 08 Feb 2023 12:15:12 GMT
Server: nginx
ETag: "63e39250-71095"
X-Cache: HIT from cloud-us1-cdnb-21
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 462997

GET
H/1.1

200
OK

ce862703bd3a6fd9e7acc3c32453fe84.jpg
help-ol.bj.bcebos.com/ Frame 3E64
Redirect Chain

https://img.1190555.com/images/640c39293ffd2507e8ecb886.gif
https://help-ol.bj.bcebos.com/ce862703bd3a6fd9e7acc3c32453fe84.jpg

131 KB
0

2278ms
312ms

Image
image/jpeg

2409:8c04:1001:1002:0:ff:b001:368a

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://help-ol.bj.bcebos.com/ce862703bd3a6fd9e7acc3c32453fe84.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 2409:8c04:1001:1002:0:ff:b001:368a -, , ASN (),
Reverse DNS
Software: BceBos /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:49 GMT
Last-Modified: Sat, 11 Mar 2023 18:25:22 GMT
Server: BceBos
Content-MD5: zoYnA706b9nnrMPDJFP+hA==
ETag: "ce862703bd3a6fd9e7acc3c32453fe84"
x-bce-request-id: 110cefc4-20b2-4f29-81c9-da2c3aaa28e3
Content-Type: image/jpeg
x-bce-debug-id: PsiGaCaSweSvJ/w0M3fSGq8QNB+9WjQu9BZC5Lm7Z9KUwqVFsG3KznjwNedCJrqMB6Kdrz/7tODmBldtXrkB7g==
x-bce-storage-class: STANDARD
Connection: keep-alive
Accept-Ranges: bytes
x-bce-content-crc32: 82803196
Content-Length: 343002
Expires: Wed, 15 Mar 2023 03:34:49 GMT

Redirect headers

location: https://help-ol.bj.bcebos.com/ce862703bd3a6fd9e7acc3c32453fe84.jpg
cache-control: max-age=600
referrer-policy: no-referrer

GET
H2 200 3cef13072ce017c1.gif
kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/ Frame 3E64 873 KB
874 KB 2888ms
233ms Image
image/gif 123.6.77.65
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kjimg10.360buyimg.com/ott/jfs/t1/48391/16/19388/893726/6380d3c5E0d000912/3cef13072ce017c1.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.6.77.65 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: nginx /
Resource Hash: b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:46 GMT
via: http/1.1 ORI-CLOUD-HB3-MIX-9 (jcs [cMsSfW]), http/1.1 HENzhengzhou-UNI-01-MIX-99 (jcs [cRs f ])
last-modified: Fri, 25 Nov 2022 14:40:05 GMT
server: nginx
age: 998732
x-trace: 200-1677593355876-0-0-0-107-107;200;200-1677593355819-0-0-0-171-171;200-1678592086946-0-0-0-2-2
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 893726
expires: Sun, 27 Aug 2023 14:09:15 GMT

GET
H2 200 de7d4f3da0976d66.gif
kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/ Frame 3E64 1 MB
1 MB 3340ms
848ms Image
image/gif 123.6.77.65
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kjimg10.360buyimg.com/ott/jfs/t1/101524/9/17022/1296026/63819a6aE15dba17e/de7d4f3da0976d66.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.6.77.65 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: nginx /
Resource Hash: c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:46 GMT
via: http/1.1 ORI-CLOUD-HB3-MIX-14 (jcs [cRs f ]), http/1.1 HENzhengzhou-UNI-01-MIX-99 (jcs [cRs f ])
last-modified: Sat, 26 Nov 2022 04:47:38 GMT
server: nginx
age: 656748
x-trace: 200-1677935338394-0-0-15-97-97;200;200-1678201966652-0-0-0-1-1;200-1678592086946-0-0-0-2-2
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 1296026
expires: Thu, 31 Aug 2023 13:08:58 GMT

GET
H2 200 68bdb767b760041f.gif
kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/ Frame 3E64 1 MB
1 MB 3340ms
848ms Image
image/gif 123.6.77.65
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kjimg10.360buyimg.com/ott/jfs/t1/189066/1/30475/1197751/6380d2d3E76f8142d/68bdb767b760041f.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 123.6.77.65 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS: hn.kd.ny.adsl
Software: nginx /
Resource Hash: 5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:46 GMT
via: http/1.1 ORI-CLOUD-HB3-MIX-31 (jcs [cHs f ]), http/1.1 HENzhengzhou-UNI-01-MIX-99 (jcs [cRs f ])
last-modified: Fri, 25 Nov 2022 14:36:03 GMT
server: nginx
age: 451965
x-trace: 200-1678140121762-0-0-1-139-139;200;200-1678304415919-0-0-0-5-5;200-1678592086946-0-0-2-3-3
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=15552000
timing-allow-origin: *
content-length: 1197751
expires: Sat, 02 Sep 2023 22:02:01 GMT

GET
H2 200 960160.gif
taiwtp1.com/xin/ Frame 3E64 207 KB
207 KB 1111ms
261ms Image
image/gif 220.128.218.220
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://taiwtp1.com/xin/960160.gif

Requested by

Host: 107.149.115.208
URL: http://107.149.115.208/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

220.128.218.220 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

220-128-218-220.hinet-ip.hinet.net

Software

nginx /

Resource Hash

a7d5d8ca2e3df3ca55e0d9f6a844df7f969cb8555be8b1ace4049464aa5b2100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:27:21 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 20 Oct 2022 07:11:15 GMT
server: nginx
etag: "6350f493-33b0d"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 211725
expires: Tue, 11 Apr 2023 03:27:21 GMT

GET
H/1.1 200
OK 960%C3%97120.gif
xingchi01.xyz/ Frame 3E64 34 KB
34 KB 638ms
162ms Image
image/gif 103.142.36.152
PEGTECHINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://xingchi01.xyz/960%C3%97120.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 103.142.36.152 , Hong Kong, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7229d875a50c5fe11e5752cb8c9083f0781947a4554465d61c9f5da0e5ab9c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:44 GMT
Last-Modified: Fri, 10 Mar 2023 06:15:30 GMT
Server: nginx
ETag: "640acb02-88a7"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34983
Expires: Tue, 11 Apr 2023 03:34:44 GMT

GET
H/1.1 200
OK dh1.js Show response
103.142.36.141/js/1/ Frame 3E64 4 KB
1 KB 160ms
160ms Script
application/javascript 103.142.36.141
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://103.142.36.141/js/1/dh1.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/template/m1938pc/ads/dh1.js
Protocol: HTTP/1.1
Server: 103.142.36.141 , Hong Kong, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e6a53cfa5079aaf77917f533443e68821a5a3bf637609c9fc5973fd0a6a36b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Mar 2023 14:19:02 GMT
Server: nginx
ETag: W/"640c8dd6-ea1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Sun, 12 Mar 2023 15:34:44 GMT

GET
H/1.1 200
OK dh.js Show response
103.142.36.141/js/1/ Frame 3E64 808 B
1 KB 160ms
160ms Script
application/javascript 103.142.36.141
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://103.142.36.141/js/1/dh.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/template/m1938pc/ads/dh.js
Protocol: HTTP/1.1
Server: 103.142.36.141 , Hong Kong, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a6f5c37dce47ef5a6d6167ba4fb6098105927f5b859aa27e2bc2df4d5fcd1ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:44 GMT
Last-Modified: Sat, 11 Mar 2023 05:26:59 GMT
Server: nginx
ETag: "640c1123-328"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 808
Expires: Sun, 12 Mar 2023 15:34:44 GMT

GET
H/1.1 200 go1
ia.51.la/ 0
73 B 785ms
300ms Image
text/plain 183.240.166.132
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=21280225&rt=1678592084399&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25AC%25A7%25E7%25BE%258E%25E5%258D%2588%25E5%25A4%259C%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%252C%25E4%25BA%259A%25E6%25B4%25B2%25E8%2589%25B2%25E5%2581%25B7%25E5%2581%25B7%25E7%25BB%25BC%25E5%2590%2588%25E4%25BA%259A%25E6%25B4%25B2AVYP%252C%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581&ing=1&ekc=&sid=1678592084399&tt=%25E9%25BD%2590%25E9%25BD%2590%25E5%2593%2588%25E5%25B0%2594%25E7%25A8%25BC%25E6%25A1%2583%25E5%258C%2596%25E5%25A6%2586%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B9%2585%25E4%25B9%2585%25E9%259C%25B2%25E8%2584%25B8%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581ww%25E8%259C%259C%25E8%258A%25BDtv%252C%25E9%259F%25A9%25E5%259B%25BD%25E4%25B8%2589%25E7%25BA%25A7%25E3%2580%258A%25E7%25A7%2581%25E4%25BA%25BA%25E6%2595%2599%25E7%25BB%2583%25E3%2580%258B%252C%25E6%2597%25A0%25E7%25A0%2581%25E5%25A4%25A9%25E5%25A0%2582va%25E4%25BA%259A%25E6%25B4%25B2va%25E5%259C%25A8%25E7%25BA%25BFva%252C%25E4%25BA%259A%25E6%25B4%25B2av%25E8%2589%25B2%25E9%25A6%2599%25E8%2595%2589%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA&cu=http%253A%252F%252Fwww.juendw.com%252Findex.php&pu=
Requested by: Host: www.juendw.com
URL: http://www.juendw.com/index.php
Protocol: HTTP/1.1
Server: 183.240.166.132 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.juendw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:36 GMT
Content-Length: 0

GET
H/1.1 200 go1
ia.51.la/ 0
73 B 764ms
304ms Image
text/plain 183.240.166.132
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=21244197&rt=1678592084429&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25AC%25A7%25E7%25BE%258E%25E5%258D%2588%25E5%25A4%259C%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%252C%25E4%25BA%259A%25E6%25B4%25B2%25E8%2589%25B2%25E5%2581%25B7%25E5%2581%25B7%25E7%25BB%25BC%25E5%2590%2588%25E4%25BA%259A%25E6%25B4%25B2AVYP%252C%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581&ing=2&ekc=&sid=1678592084429&tt=%25E9%25BD%2590%25E9%25BD%2590%25E5%2593%2588%25E5%25B0%2594%25E7%25A8%25BC%25E6%25A1%2583%25E5%258C%2596%25E5%25A6%2586%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B9%2585%25E4%25B9%2585%25E9%259C%25B2%25E8%2584%25B8%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581ww%25E8%259C%259C%25E8%258A%25BDtv%252C%25E9%259F%25A9%25E5%259B%25BD%25E4%25B8%2589%25E7%25BA%25A7%25E3%2580%258A%25E7%25A7%2581%25E4%25BA%25BA%25E6%2595%2599%25E7%25BB%2583%25E3%2580%258B%252C%25E6%2597%25A0%25E7%25A0%2581%25E5%25A4%25A9%25E5%25A0%2582va%25E4%25BA%259A%25E6%25B4%25B2va%25E5%259C%25A8%25E7%25BA%25BFva%252C%25E4%25BA%259A%25E6%25B4%25B2av%25E8%2589%25B2%25E9%25A6%2599%25E8%2595%2589%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA&cu=http%253A%252F%252Fwww.juendw.com%252Findex.php&pu=
Requested by: Host: www.juendw.com
URL: http://www.juendw.com/index.php
Protocol: HTTP/1.1
Server: 183.240.166.132 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.juendw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:45 GMT
Content-Length: 0

GET
H/1.1 200
OK b32191518ec941ae8890478633919166.gif
n0600.com/ Frame 3E64 21 KB
21 KB 3036ms
321ms Image
image/gif 67.21.86.202
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0600.com/b32191518ec941ae8890478633919166.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.21.86.202 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS: ip-67-21-86-202.sharktech.net
Software: WAF/2.4-12.1 /
Resource Hash: bf9ea228576be00a31a058efb187ac154c454f2dcea7699ba2df7d843a90b3cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Feb 2023 09:47:12 GMT
Server: WAF/2.4-12.1
ETag: W/"63f73620-5366"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/gif
Connection: keep-alive

GET
H2 200 638f469c3cb29.gif
files.imgopen.vip/uploads/2022/12/06/ Frame 3E64 752 KB
753 KB 1002ms
941ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.imgopen.vip/uploads/2022/12/06/638f469c3cb29.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe25eff343e43b13b1fa0d9a7821478aa3d649349f5f227c7a85162ba3e92f61

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:45 GMT
cf-cache-status: EXPIRED
last-modified: Sun, 12 Mar 2023 00:46:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlYHGeEe1oE1pT2sSftw%2BHAbLsITd08VoJEhusRgvZ07oBTDMAOikS8ziw8%2Fiwg6U%2F3hynga1Y5iSdZ7WK8yhz%2BMWhWchbZL2R8Qw%2BN27rFy3cbePrepJ2cVJXp4oVXbjBzPy9Vww5TnEklTn1BUpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7a68fbb0aaa137d1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 769808

GET
H/1.1 200
OK 92892cb72b42424d85b5717c4e1d8e80.png
99885aaa.com/ Frame 3E64 40 KB
40 KB 4560ms
162ms Image
image/png 45.61.212.59

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://99885aaa.com/92892cb72b42424d85b5717c4e1d8e80.png
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.59 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 4a7f1fed39ca46c209390132fea4b9b3ba277c119009a8b8f009513eb60a7c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 11 Mar 2023 08:27:36 GMT
Last-Modified: Thu, 15 Dec 2022 08:27:06 GMT
Server: nginx
ETag: "639ada5a-9e1d"
X-Cache: HIT from cloud-us1-cdnb-29
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 40477

GET
H2

200

96f6f08c54fe76e2ce0bf177ceb98a87.md.png
kvtaaa.top/ Frame 3E64
Redirect Chain

https://kvkaa.com/96f6f08c54fe76e2ce0bf177ceb98a87.md.png
https://kvtaaa.top/96f6f08c54fe76e2ce0bf177ceb98a87.md.png

381 KB
382 KB

567ms
55ms

Image
image/png

2606:4700:3034::ac43:ade6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvtaaa.top/96f6f08c54fe76e2ce0bf177ceb98a87.md.png
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Server: 2606:4700:3034::ac43:ade6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c766df005f028adfbff2ab29dcb6fd702138ea3f5e9dd290be2ef66bd0463b4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2035249
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 390393
last-modified: Tue, 21 Jun 2022 13:35:07 GMT
server: cloudflare
etag: "62b1c90b-5f4f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Il25JeOXnSsJBBJLKx0%2Fydsm70T%2Fo8gcC%2Bovf4Oy5tEIteLcJ%2Fs9g9N6KBB6Xf6oOaj%2FIeR2vyX%2FGFmu7I8F3GryZIhsBeyNl1NDZnMi9kiCDAsqZC3LD2kv%2FBKsk%2Fnskg9%2B9SNSoeQ2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a68fbbadb6c5c02-FRA
expires: Sat, 18 Mar 2023 14:13:57 GMT

Redirect headers

location: https://kvtaaa.top/96f6f08c54fe76e2ce0bf177ceb98a87.md.png
date: Sun, 12 Mar 2023 03:34:45 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

0386d45065aa4bb1d118804aea2b6df7.md.jpg
kvtaaa.top/ Frame 3E64
Redirect Chain

https://kvkaa.com/0386d45065aa4bb1d118804aea2b6df7.md.jpg
https://kvtaaa.top/0386d45065aa4bb1d118804aea2b6df7.md.jpg

73 KB
73 KB

567ms
55ms

Image
image/jpeg

2606:4700:3034::ac43:ade6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kvtaaa.top/0386d45065aa4bb1d118804aea2b6df7.md.jpg
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Server: 2606:4700:3034::ac43:ade6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d00210ef7dff97905d6006f244eaac0531b376a4caf11f3891ab5bbe69477998

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1351960
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74378
last-modified: Mon, 26 Dec 2022 11:39:03 GMT
server: cloudflare
etag: "63a987d7-1228a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZHlIbWWjfxjErPAfNa2mr%2B8dILEtX%2BEiLnUVr4P8WiKn%2B4qvVRP%2Bttirz2%2Fl7JXyFijFtKF5%2Bb7oEgfWhMOa54uKrhkGbjBUTn83ZlpUVZ3sLY0%2B%2BhUyg8MAoat0StI%2FCf2HqlpyuHD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a68fbbadb6d5c02-FRA
expires: Sun, 26 Mar 2023 12:02:06 GMT

Redirect headers

location: https://kvtaaa.top/0386d45065aa4bb1d118804aea2b6df7.md.jpg
date: Sun, 12 Mar 2023 03:34:45 GMT
strict-transport-security: max-age=31536000
server: nginx
content-length: 162
content-type: text/html

GET
H2

200

2131e97716781987910405476efb44
cdn.sm.cn/71368a72da013b37bb9dd91cb15a3e32/ Frame 3E64
Redirect Chain

https://img.1180555.com/images/6406d3743d6cac1048a3a402.gif
https://cdn.sm.cn/71368a72da013b37bb9dd91cb15a3e32/2131e97716781987910405476efb44

272 KB
273 KB

1130ms
319ms

Image
image/gif

240e:f7:c010:105:3::3e8
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.sm.cn/71368a72da013b37bb9dd91cb15a3e32/2131e97716781987910405476efb44
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Server: 240e:f7:c010:105:3::3e8 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: Tengine /
Resource Hash: 7b441b8a06d674b9ccbd9d70ec71b046413191ae5e7dd64f98c5dc4d84cf2742

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 14:22:20 GMT
via: cache40.l2cn2656[53,53,200-0,M], cache41.l2cn2656[54,0], cache9.cn1407[0,0,200-0,H], cache12.cn1407[1,0]
x-oss-request-id: 6407489CBDCDCF33316B329D
age: 393148
x-swift-cachetime: 2592000
x-cache: HIT TCP_MEM_HIT dirn:13:214764410
x-oss-cdn-auth: success
x-swift-savetime: Tue, 07 Mar 2023 14:22:20 GMT
content-length: 278567
x-oss-object-type: Multipart
last-modified: Tue, 07 Mar 2023 14:19:54 GMT
server: Tengine
etag: "08B661A66EE6E44ED35EF005126B617E-1"
ali-swift-global-savetime: 1678198940
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000,s-maxage=2592000,public,immutable
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 10597904829156775297
eagleid: 73df202016785920884255931e
x-oss-server-time: 21

Redirect headers

location: https://cdn.sm.cn/71368a72da013b37bb9dd91cb15a3e32/2131e97716781987910405476efb44
cache-control: max-age=600
referrer-policy: no-referrer

GET
H2 200 xfb63.gif
aooacctp.vip/logotp/ Frame 3E64 782 KB
784 KB 640ms
30ms Image
image/gif 2606:4700:3034::ac43:a135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aooacctp.vip/logotp/xfb63.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:a135 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6a9b53114e36c800d36b460001279b5b27d86ad0b0f79d71bd5157d7d2ba8c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471784
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 800906
last-modified: Sun, 14 Aug 2022 07:55:32 GMT
server: cloudflare
etag: "62f8aa74-c388a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJoRkgm72HDfOXt0pD5KHszDXAp8ntD0JRCdtc6wEqCcL6PEH9I%2BFZalj90vI8Z%2BOCjqRCDY20Jz7XoYqm0BVpuSBjJUJ%2FMfuRAbWroS%2FxD5uUo0AxDItZSPi6R8kxxv0RmrXAO4OMKoAIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a68fbbebd985c68-FRA
expires: Wed, 05 Apr 2023 16:30:40 GMT

GET
H/1.1 200
OK 2.js Show response
103.142.36.141/js/1/ Frame 3E64 1 KB
726 B 160ms
160ms Script
application/javascript 103.142.36.141
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://103.142.36.141/js/1/2.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/template/m1938pc/ads/xx2.js
Protocol: HTTP/1.1
Server: 103.142.36.141 , Hong Kong, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8400457e3862376a50c5334203d6c217368d5313471c121dd2ae5d4cd32d64ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Mar 2023 05:26:57 GMT
Server: nginx
ETag: W/"640c1121-4cd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Sun, 12 Mar 2023 15:34:44 GMT

GET
H2 200 0663825ed25f4810a275d15954103dbe~noop.image
p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/ Frame 3E64 116 KB
116 KB 3201ms
156ms Image
image/gif 4.34.42.102

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p9.toutiaoimg.com/img/tos-cn-i-siecs4i2o7/0663825ed25f4810a275d15954103dbe~noop.image
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.34.42.102 -, , ASN (),
Reverse DNS
Software: nginx / ImageX
Resource Hash: 9a4e8004131968bc7716ca547cd59fd8380078c2f1edfa352d09e4e3031c1c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:49 GMT
x-response-lb: image
x-tt-trace-tag: id=09;cdn-cache=hit;type=static
nw-session-id: 20220720180059010158029097191E0A095lwgb02tt
x-powered-by: ImageX
x-cache: HIT from BC102_US-Colorado-Denver-1-cache-1(baishan)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache;desc=HIT,edge;dur=1
x-length: 118320
content-length: 118320
last-modified: Wed, 20 Jul 2022 10:00:59 GMT
server: nginx
x-tt-logid: 20220720180059010158029097191E0A09
x-response-date: Wed, 20 Jul 2022 18:00:59 GMT
content-type: image/gif
access-control-allow-origin: *
nw-session-trace: 2022-07-20T18:00:59.803929552+08:00 606
cache-control: max-age=31536000
x-response-cinfo: 217.114.218.19
imagex-fmt: gif2gif
x-response-cache: edge_hit
timing-allow-origin: *
x-ser: BC117_dx-lt-yd-zhejiang-jinhua-5-cache-13, BC117_dx-lt-yd-zhejiang-jinhua-5-cache-13, BC6_US-Georgia-atlanta-1-cache-2, BC6_US-Georgia-atlanta-1-cache-2, BC102_US-Colorado-Denver-1-cache-1, BC102_US-Colorado-Denver-1-cache-1

GET
H2 200 960x60.gif
8499132.com/8499/zzxx/ Frame 3E64 284 KB
284 KB 1185ms
164ms Image
image/gif 162.209.128.174
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8499132.com/8499/zzxx/960x60.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.209.128.174 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: qq.com /
Resource Hash: e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:47 GMT
last-modified: Sat, 24 Dec 2022 13:23:32 GMT
server: qq.com
etag: "46f0c-5f092cf097c3f"
x-cache-status: HIT
content-type: image/gif
accept-ranges: bytes
content-length: 290572

GET
H/1.1 200
OK 01.js Show response
103.142.36.141/js/1/ Frame 3E64 2 KB
924 B 160ms
160ms Script
application/javascript 103.142.36.141
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://103.142.36.141/js/1/01.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/template/m1938pc/ads/01.js
Protocol: HTTP/1.1
Server: 103.142.36.141 , Hong Kong, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 673eef52ec664cbb411384a45b110ed94827ea6fb784526871da5d6b5046884f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:44 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Mar 2023 08:50:26 GMT
Server: nginx
ETag: W/"640c40d2-951"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Sun, 12 Mar 2023 15:34:44 GMT

GET
H/1.1 200 go1
ia.51.la/ 0
73 B 580ms
304ms Image
text/plain 183.240.166.132
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=21244203&rt=1678592084678&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E6%25AC%25A7%25E7%25BE%258E%25E5%258D%2588%25E5%25A4%259C%25E7%25B2%25BE%25E5%2593%2581%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%252C%25E4%25BA%259A%25E6%25B4%25B2%25E8%2589%25B2%25E5%2581%25B7%25E5%2581%25B7%25E7%25BB%25BC%25E5%2590%2588%25E4%25BA%259A%25E6%25B4%25B2AVYP%252C%25E6%25AC%25A7%25E6%25B4%25B2%25E7%25B2%25BE%25E5%2593%2581&ing=3&ekc=&sid=1678592084678&tt=%25E9%25BD%2590%25E9%25BD%2590%25E5%2593%2588%25E5%25B0%2594%25E7%25A8%25BC%25E6%25A1%2583%25E5%258C%2596%25E5%25A6%2586%25E5%2593%2581%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E4%25B9%2585%25E4%25B9%2585%25E9%259C%25B2%25E8%2584%25B8%25E5%259B%25BD%25E4%25BA%25A7%25E7%25B2%25BE%25E5%2593%2581ww%25E8%259C%259C%25E8%258A%25BDtv%252C%25E9%259F%25A9%25E5%259B%25BD%25E4%25B8%2589%25E7%25BA%25A7%25E3%2580%258A%25E7%25A7%2581%25E4%25BA%25BA%25E6%2595%2599%25E7%25BB%2583%25E3%2580%258B%252C%25E6%2597%25A0%25E7%25A0%2581%25E5%25A4%25A9%25E5%25A0%2582va%25E4%25BA%259A%25E6%25B4%25B2va%25E5%259C%25A8%25E7%25BA%25BFva%252C%25E4%25BA%259A%25E6%25B4%25B2av%25E8%2589%25B2%25E9%25A6%2599%25E8%2595%2589%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B8%2589%25E5%258C%25BA&cu=http%253A%252F%252Fwww.juendw.com%252Findex.php&pu=
Requested by: Host: www.juendw.com
URL: http://www.juendw.com/index.php
Protocol: HTTP/1.1
Server: 183.240.166.132 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.juendw.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:36 GMT
Content-Length: 0

GET
H/1.1 200
OK fdfc1e0e132146bca79cc8d0e3d770b5.gif
n0611.com/ Frame 3E64 32 KB
32 KB 898ms
332ms Image
image/gif 107.167.16.2
SHARKTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n0611.com/fdfc1e0e132146bca79cc8d0e3d770b5.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.167.16.2 Los Angeles, United States, ASN46844 (SHARKTECH, US),
Reverse DNS: customer.sharktech.net
Software: WAF/2.4-12.1 /
Resource Hash: 9f93111552d1a26900f17f7b54da8f6f3b6f14f9bbcb84132e60de4c11288bfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Feb 2023 09:46:53 GMT
Server: WAF/2.4-12.1
ETag: W/"63f7360d-7f36"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/gif
Connection: keep-alive

GET
H2 200 320x185.gif
8499226.com/8499/ Frame 3E64 184 KB
185 KB 1978ms
169ms Image
image/gif 162.209.128.173

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8499226.com/8499/320x185.gif
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.209.128.173 -, , ASN (),
Reverse DNS
Software: qq.com /
Resource Hash: 9ca2b0643406090c29973b82953032ca7f0027b0ae2d871e5de77e89ce2f1c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 03:34:48 GMT
last-modified: Wed, 28 Dec 2022 08:15:26 GMT
server: qq.com
etag: "2e150-5f0def882b185"
x-cache-status: HIT
content-type: image/gif
accept-ranges: bytes
content-length: 188752

GET
H/1.1

200
OK

89cfc757-a925-4dd0-9dc5-7488a1489436.png
zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/ Frame 3E64
Redirect Chain

https://img.1190555.com/images/640c3b5e3ffd2507e8ecb887.gif
https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/89cfc757-a925-4dd0-9dc5-7488a1489436.png

34 KB
34 KB

3273ms
335ms

Image
image/png

82.156.94.48

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/89cfc757-a925-4dd0-9dc5-7488a1489436.png
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/
Protocol: HTTP/1.1
Server: 82.156.94.48 -, , ASN (),
Reverse DNS
Software: tencent-cos /
Resource Hash: 7480a7f149e608892186b9d0e65e85b0447d8efea0f6001e6ef281f4affc35a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:50 GMT
x-cos-hash-crc64ecma: 1843146663955595418
Last-Modified: Thu, 16 Feb 2023 04:27:23 GMT
Server: tencent-cos
ETag: "4d860862cdb297ae09c9a5ef2d2e6892"
Content-Type: image/png
x-cos-request-id: NjQwZDQ4NWFfNWRhZTE0MGJfNmRmMV8xNDI4YTZjNA==
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34460

Redirect headers

location: https://zzpic-1255305554.cos.ap-beijing.myqcloud.com/zhuanzh/89cfc757-a925-4dd0-9dc5-7488a1489436.png
cache-control: max-age=600
referrer-policy: no-referrer

GET
H/1.1 200
OK 3.js Show response
103.142.36.141/js/1/ Frame 3E64 294 B
608 B 160ms
160ms Script
application/javascript 103.142.36.141
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://103.142.36.141/js/1/3.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/template/m1938pc/ads/xx3.js
Protocol: HTTP/1.1
Server: 103.142.36.141 , Hong Kong, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 611776da4e781ecf31c2eb097cc926f1f906ebb3a6d58b061bc00c572d0a0407

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:44 GMT
Last-Modified: Sat, 11 Mar 2023 05:26:57 GMT
Server: nginx
ETag: "640c1121-126"
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 294
Expires: Sun, 12 Mar 2023 15:34:44 GMT

GET
H/1.1 200
OK video-mask.png
107.149.115.208/template/m1938pc/images/ Frame 3E64 107 B
409 B 168ms
168ms Image
image/png 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://107.149.115.208/template/m1938pc/images/video-mask.png
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/template/m1938pc/css/zui.css
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:47 GMT
Last-Modified: Sun, 24 Jan 2021 07:28:44 GMT
Server: nginx
ETag: "600d21ac-6b"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107
Expires: Tue, 11 Apr 2023 03:34:47 GMT

GET
H/1.1 200
OK video-play.png
107.149.115.208/template/m1938pc/images/ Frame 3E64 2 KB
2 KB 168ms
168ms Image
image/png 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://107.149.115.208/template/m1938pc/images/video-play.png
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/template/m1938pc/css/zui.css
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:47 GMT
Last-Modified: Sun, 24 Jan 2021 07:28:48 GMT
Server: nginx
ETag: "600d21b0-61f"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1567
Expires: Tue, 11 Apr 2023 03:34:47 GMT

GET
H/1.1 200
OK xuanfu.js Show response
103.142.36.141/js/1/ Frame 3E64 2 KB
1 KB 160ms
160ms Script
application/javascript 103.142.36.141
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://103.142.36.141/js/1/xuanfu.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/template/m1938pc/ads/dl.js
Protocol: HTTP/1.1
Server: 103.142.36.141 , Hong Kong, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b229f7c4c53c764b1b4da491c92de25e680c50026a17987ef48d8c4ba859ddd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:45 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Mar 2023 05:27:01 GMT
Server: nginx
ETag: W/"640c1125-647"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=43200
Connection: keep-alive
Expires: Sun, 12 Mar 2023 15:34:45 GMT

GET
H/1.1 404
Not Found tj.js
107.149.115.208/103.142.36.141/js/8/ Frame 3E64 0
0 168ms
168ms Script
text/html 107.149.115.208
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: http://107.149.115.208/103.142.36.141/js/8/tj.js
Requested by: Host: 107.149.115.208
URL: http://107.149.115.208/template/m1938pc/ads/tj.js
Protocol: HTTP/1.1
Server: 107.149.115.208 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS: oix208.permissiond.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:45 GMT
Server: nginx
Connection: keep-alive
Content-Length: 548
Content-Type: text/html

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame 3E64 29 KB
12 KB 1542ms
386ms Script
application/javascript 103.235.46.191

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3

Requested by

Host: 107.149.115.208
URL: http://107.149.115.208/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 -, , ASN (),

Reverse DNS

Software

apache /

Resource Hash

4fdb443c448de856bef7d102d109b94237616c79888f0e3dd59e8b965a1b103b

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 03:34:48 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 690eea11c3efb5a35ae4b1d7de20813e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11257

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame 3E64 43 B
299 B 379ms
378ms Image
image/gif 103.235.46.191

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=743884429&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.juendw.com%2F&v=1.3.0&lv=1&sn=44135&r=0&ww=1600&u=http%3A%2F%2F107.149.115.208%2F&tt=337p%E7%B2%89%E5%AB%A9%E6%97%A5%E6%9C%AC%E6%AC%A7%E6%B4%B2%E4%BA%9A%E7%A6%8F%E5%88%A9%2C%E6%9C%80%E5%90%8E%E7%9A%84%E6%80%A7%E4%B8%8E%E7%88%B1%2C99%E4%B9%85%E4%B9%85%E5%85%8D%E8%B4%B9%E5%9B%BD%E4%BA%A7%E7%B2%BE%E5%93%812021%2C%E5%9B%BD%E4%BA%A7%E5%8D%88%E5%A4%9C%E4%B8%8D%E5%8D%A1av%E5%85%8D%E8%B4%B9

Requested by

Host: 107.149.115.208
URL: http://107.149.115.208/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 -, , ASN (),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://107.149.115.208/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 03:34:49 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless string| titlestr function| setFrame

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.juendw.com/	1969-12-31 23:59:59	Name: __tins__21280225 Value: %7B%22sid%22%3A%201678592084399%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201678593884399%7D
www.juendw.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
www.juendw.com/	1969-12-31 23:59:59	Name: __tins__21244197 Value: %7B%22sid%22%3A%201678592084429%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201678593884429%7D
www.juendw.com/	1969-12-31 23:59:59	Name: __tins__21244203 Value: %7B%22sid%22%3A%201678592084678%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201678593884678%7D
www.juendw.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 3

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.juendw.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21280225.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.juendw.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21280225.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.juendw.com/tj.js(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21244197.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.juendw.com/tj.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21244203.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://107.149.115.208/103.142.36.141/js/8/tj.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

599aaa.us
6617398ccc.com
8499132.com
8499136.com
8499226.com
99885aaa.com
aooacctp.vip
cdn.sm.cn
files.imgopen.vip
gtm-cn-j6730u6sd0b.gtm-a3b8.com
help-ol.bj.bcebos.com
hm.baidu.com
ia.51.la
img.1180555.com
img.1190555.com
js.users.51.la
juendw.com
kjimg10.360buyimg.com
kvkaa.com
kvtaaa.top
lbfm.lbpictupian.com
n0522.com
n0600.com
n0611.com
p9.toutiaoimg.com
taiwtp1.com
www.juendw.com
xingchi01.xyz
zzpic-1255305554.cos.ap-beijing.myqcloud.com
103.142.36.141
103.142.36.152
103.143.19.103
103.235.46.191
107.149.115.208
107.167.16.2
123.234.2.90
123.6.77.65
162.209.128.173
162.209.128.174
172.247.50.243
183.240.166.132
220.128.218.220
2409:8c04:1001:1002:0:ff:b001:368a
240e:f7:c010:105:3::3e8
2606:4700:10::6816:cd6
2606:4700:3034::ac43:a135
2606:4700:3034::ac43:ade6
2a06:98c1:3120::3
3.36.126.81
38.53.27.217
4.34.42.102
45.154.214.206
45.61.212.216
45.61.212.51
45.61.212.59
67.21.86.202
82.156.94.48
019dc5665757e60ec0934b7d766f697c49a4667e54590253ae43104398f2d910
05ea66a726335433b3fc71a96535a661ad566a45fa07530086d7613d25010c79
0b229f7c4c53c764b1b4da491c92de25e680c50026a17987ef48d8c4ba859ddd
0bda93e4fbc7fe8acbe6896e5e9077669612dad87382be161ed54e07943921d0
0d0cab3ef9b65b7d953e3b23cc49abc10597f31a98abc5036c8679baee2e8f42
0eac7dfc2111bea18f69905fd0183364c76e9489a39dcd319872b83fa5a53f51
13d075f20805d196ba4c9675da5a16dc1b584ed11fd806812ad833a5ded388c6
177bc379e39b5d61d0caaff4357e43ce441881447f2b2d89c13c618771624f63
1d6614274423758febcea3d8f43b8960a5e4f63e2408877a28e9e8c9104b58aa
2b6a9b53114e36c800d36b460001279b5b27d86ad0b0f79d71bd5157d7d2ba8c
2d0f00944b06160457f6b42a8fef511d8dba76b0285e8813427b7c3d15a26cec
2e5cabac17b51a462207ffdb5eee765193beba3c501133d1835314c85a875e2e
302e81390e6ad09906241d6e5b2a02c7c959af86639f70af8dc648606905c607
309451fdb1712df96d5e70dc7443539072c01f6b3ef96a321e60d22ee4c10f03
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0
3adab6fe3abb30c4e5c11814f5921b13756625c611a44a94502b9a7b13553627
3c908efaaf0d8b5e9db257f5304a37751967dbe8025b9b40b2d4b9de1e6b6115
4482d2a6bc9aa35dc36b9ce3806459ffabddf2681b0ede5be44324909224ac5d
4a7f1fed39ca46c209390132fea4b9b3ba277c119009a8b8f009513eb60a7c1d
4fdb443c448de856bef7d102d109b94237616c79888f0e3dd59e8b965a1b103b
52180d6a9733258d4df3c5d6027736dd72ff18295c569360fd3e676f82d664cc
5ccc1726994dfc6d2667e13bf946785f79bb01401fedb59db1cbdf6942dbaee6
5e0e5d0ef3307724016d10b476440e82970c33f21d08ac206fa48f86add7f84c
611776da4e781ecf31c2eb097cc926f1f906ebb3a6d58b061bc00c572d0a0407
624e91ed61f277297f974b02f53c79b1c5f9e306d7e735f5463f6417e9fc1c6e
673eef52ec664cbb411384a45b110ed94827ea6fb784526871da5d6b5046884f
68e3eed836bfd8dcfb4953858c5161cc8638550751c6e90831d0206e3eb22781
6b3b76132634788988f19ad4b269dafa21894d12ff2c169ce72ca279e6fb684d
7229d875a50c5fe11e5752cb8c9083f0781947a4554465d61c9f5da0e5ab9c6a
7480a7f149e608892186b9d0e65e85b0447d8efea0f6001e6ef281f4affc35a7
7522622520e02df4fd1e0376b758987a1b31dd491406f3f553b00d48ee012cac
75e2ad510799f05ddf20510e09f538233254217314fc7b301370407112eab0e2
7ad35e63251443df208ba14466f00078debc1a6dd5fde29298a5e6a77c464624
7b441b8a06d674b9ccbd9d70ec71b046413191ae5e7dd64f98c5dc4d84cf2742
7bc7fd083133ab5ec0b398f384dd03d71c3c7a1c2bd2fbd569c518b40e224111
7d41e569d3def8915df0d40793ccfd527cd04fe82ba5a7f3193622042b191eb9
80fc2fb6c33d25c413e9ea60ffc08a483aef3efbbf48bff3cb1dab7f7e30d742
821cef7564f7b28f8fb16983737342570784544e8dc708ee022389700037b5b3
8400457e3862376a50c5334203d6c217368d5313471c121dd2ae5d4cd32d64ea
87576712a654eabf383a439df813e30456f6dcef62c28af608159bf6fa866e0b
89562ed18ea8bf21709114159ad6d9ea6ea0db673e224b611e26112e2f5fdebe
8a6f5c37dce47ef5a6d6167ba4fb6098105927f5b859aa27e2bc2df4d5fcd1ce
8c96ceb12ca176101d883f06ed4d527d40413890045c54aed49f9fa25f78a08b
8c99360758d7619de4324c5dc272ed9dba57aa53f1c1867928e0283710ddc13e
8cd15d948acd08e5254b3710627fe88f1c3ce7145b7e9a9dda98ef8dbf4c0998
8e6a53cfa5079aaf77917f533443e68821a5a3bf637609c9fc5973fd0a6a36b4
9015c45fb3fe892c2ca0b3e6a30ee16240cb8f093c92fc2b77ba39e6e9e24a02
92859ea4fc247506ab97c8755b795194ea74c62539293ebdab4e6dd5e14b72a8
97665f122d21083dcbd5564de9ada6965bb66d1cfb3bc3120f32054f820a010d
9a3dee32c27fb660364904097ccaba0c739e74a49dc3cca104d6ae0a19b6eeba
9a4e8004131968bc7716ca547cd59fd8380078c2f1edfa352d09e4e3031c1c86
9ca2b0643406090c29973b82953032ca7f0027b0ae2d871e5de77e89ce2f1c21
9f93111552d1a26900f17f7b54da8f6f3b6f14f9bbcb84132e60de4c11288bfd
a27e548e8428581f1ccb6052a30329f63969074f5edf100ac15bfe81bc063716
a2fc6512d6fc0ddbb4279821468fe15f6102b595a2d572289e18a8786497d942
a77a1ec1cf3a7c06b11792ee36f51a8ce9b332a98770f5f9399457ec14364886
a7d5d8ca2e3df3ca55e0d9f6a844df7f969cb8555be8b1ace4049464aa5b2100
a9e4bc64c8eefd8fd144c4c231f3b52d8ff8ce4a685efce7c535a03efa5ed61b
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
b63a862a0f65ff9f685e9b67fd171a6df96878469b0a85d1da2f644399c0409f
bbd925a6d602e363b83c21e3d16c7522ee5309b5c1eda0436b57fdfb85b23537
bf9ea228576be00a31a058efb187ac154c454f2dcea7699ba2df7d843a90b3cd
c6d85123315be8a70786b6699f59eecff590bc8fbf1a48a477bcb2cacd660320
c766df005f028adfbff2ab29dcb6fd702138ea3f5e9dd290be2ef66bd0463b4c
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
cb4dd62b44bb1fbab28fe432237c0223da6c055a0f12792687f8d8fcc671f79e
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cec9c80a0b04a12e87fe4a62d59c2ed3fbd627d643171463b3d3c523c7b149aa
ced53bb711f8dfb9fb1218a1d8da25c4e1a416ea76904973a450b03bd3bd3050
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00210ef7dff97905d6006f244eaac0531b376a4caf11f3891ab5bbe69477998
d3cf629ff1a43dab758988c23d8a3f37bd7591c707bce5ee6a4ab850a99b5d59
d5225fd32b29fa3cc3ff3789d0848e2027c6081a2abcac529dde76f3729cfc0c
d5c9da32a767b4873c6b86814b7a9e587f11523a3457a10fcaf3aa5a4d34032a
d6d041c6a3a3777b4659357ec0d3401a11c30837302a69edcd788815c66af4db
d90d0adad2762a3adbc66f0067ae7e85c989b91600e21ae5686f29540325f48a
dcae469be24ed4078c45e3835951c8512a724a7d7ab717df3f8f2bdbe51c3367
e10903ca99193ba8ffd6c5f74753461cf070e75026e73fda3c040496f8dcfdb6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecdaaaecc2e442eb2cd78382fd0d79e6d9f1c2cd99b691a259721de74e037f47
ed015286f4771e7495bef31c30d70fdd1dbd31fdd4adcd7cecad67b9bfe365f1
edb306fed3ef2015e2eb7a7d11d15f923367819b44e15d0650fdea692f50005e
f4bfe45de68d651290ee8201d0d393655b5f755cb0a6aaefb2859957cc2e6144
fe25eff343e43b13b1fa0d9a7821478aa3d649349f5f227c7a85162ba3e92f61
fe4e7b109ffa91bd809c8c717725549d94e81c2cc348d733161984d323edf558
fe4f8e8c19289a74844ebf5eda456c8434ab00682f8b48e38d7e149941f5fe5c

www.juendw.com Open in urlscan Pro 38.53.27.217 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

60 %HTTPS

21 %IPv6

27 Domains

29 Subdomains

26 IPs

5 Countries

10303 kBTransfer

10760 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.juendw.com Open in urlscan Pro
38.53.27.217 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

60 %
HTTPS

21 %
IPv6

27
Domains

29
Subdomains

26
IPs

5
Countries

10303 kB
Transfer

10760 kB
Size

5
Cookies

91 HTTP transactions
0 data transactions