xrz-cloud-github-io.pages.dev Open in urlscan Pro
2606:4700:3035::ac43:d2f2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://xrz-cloud-github-io.pages.dev/
Submission: On March 19 via automatic, source certstream-suspicious (March 19th 2021, 12:51:49 pm UTC)

Summary HTTP 31 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 31 HTTP transactions. The main IP is 2606:4700:3035::ac43:d2f2, located in United States and belongs to CLOUDFLARENET, US. The main domain is xrz-cloud-github-io.pages.dev.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 19th 2021. Valid for: a year.

This is the only time xrz-cloud-github-io.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3035::ac43:d2f2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	150.109.19.98 150.109.19.98	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:4f5f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	139.170.156.233 139.170.156.233	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
1 2	106.52.189.108 106.52.189.108	45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	106.52.172.211 106.52.172.211	45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	2606:4700:303... 2606:4700:3037::6815:1be7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a01:53c0:ff0... 2a01:53c0:ff0a::43	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
31	18

1 2606:4700:3035::ac43:d2f2 (United States)

ASN13335 (CLOUDFLARENET, US)

xrz-cloud-github-io.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 150.109.19.98 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

cdn.coding.xrzyun.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:4f5f (United States)

ASN13335 (CLOUDFLARENET, US)

images.weserv.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.170.156.233 (Xining, China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

cdn.bootcss.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 106.52.189.108 (China) 1 redirects

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

api.i-meto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 106.52.172.211 (China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

www.fly3949.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:1be7 (United States)

ASN13335 (CLOUDFLARENET, US)

api.lwl12.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:53c0:ff0a::43 (United States)

ASN54994 (QUANTILNETWORKS, US)

p3.music.126.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	xrzyun.top cdn.coding.xrzyun.top	311 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	158 KB
3	jsdelivr.net cdn.jsdelivr.net	18 KB
2	i-meto.com 1 redirects api.i-meto.com	6 KB
2	doubleclick.net googleads.g.doubleclick.net	5 KB
1	126.net p3.music.126.net	10 KB
1	lwl12.com api.lwl12.com
1	fly3949.com www.fly3949.com	17 KB
1	bootcss.com cdn.bootcss.com	76 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	165 B
1	google.de adservice.google.de	165 B
1	googleadservices.com partner.googleadservices.com	638 B
1	weserv.nl images.weserv.nl	7 KB
1	pages.dev xrz-cloud-github-io.pages.dev	2 KB
31	15

	Domain	Requested by
8	cdn.coding.xrzyun.top	xrz-cloud-github-io.pages.dev cdn.coding.xrzyun.top
5	pagead2.googlesyndication.com	xrz-cloud-github-io.pages.dev pagead2.googlesyndication.com tpc.googlesyndication.com
3	cdn.jsdelivr.net	xrz-cloud-github-io.pages.dev
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	api.i-meto.com	1 redirects cdn.jsdelivr.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	p3.music.126.net	xrz-cloud-github-io.pages.dev
1	api.lwl12.com	cdn.coding.xrzyun.top
1	www.fly3949.com	cdn.coding.xrzyun.top
1	cdn.bootcss.com	cdn.coding.xrzyun.top
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	images.weserv.nl	xrz-cloud-github-io.pages.dev
1	xrz-cloud-github-io.pages.dev
31	16

This site contains links to these domains. Also see Links.

Domain
www.xrzyun.top
cf.www.xrzyun.top

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-19` - `2022-03-18`	a year	crt.sh
cdn.coding.xrzyun.top R3	`2021-02-04` - `2021-05-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.bootcss.com R3	`2021-02-08` - `2021-05-09`	3 months	crt.sh
api.i-meto.com TrustAsia TLS RSA CA	`2020-09-23` - `2021-09-24`	a year	crt.sh
fly3949.com R3	`2021-01-26` - `2021-04-26`	3 months	crt.sh
*.music.126.net GeoTrust CN RSA CA G1	`2019-09-05` - `2021-12-04`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://xrz-cloud-github-io.pages.dev/
Frame ID: 461E80081BD15077EA7C308BA8000272
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: E0EB80464F7D096C82E7306F1991E08A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584378036823590&output=html&adk=1812271804&adf=3025194257&lmt=1616158286&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxrz-cloud-github-io.pages.dev%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616158286478&bpp=14&bdt=48&idt=89&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2061565778673&frm=20&pv=2&ga_vid=1296941563.1616158287&ga_sid=1616158287&ga_hid=1474297992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C44739387&oid=3&pvsid=3667345807288590&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=125
Frame ID: 5621E27695AE161D435F1EE117BADFC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 3043553547285F62FEBA86FC16548C1F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

100 %
HTTPS

72 %
IPv6

15
Domains

16
Subdomains

18
IPs

4
Countries

639 kB
Transfer

1155 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xrzyun.top/
Title: CODING主站

Search URL Search Domain Scan URL

URL: https://cf.www.xrzyun.top/
Title: CDN加速域名

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://api.i-meto.com/meting/api?server=netease&type=pic&id=7903289581284343&auth=3eb5d0c0217d5f8e4cfbd9f93111925d02daf239 HTTP 302
https://p3.music.126.net/UCTawHjiBkKCHEWz_UqqAw==/7903289581284343.jpg?param=90y90

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
xrz-cloud-github-io.pages.dev/ 5 KB
2 KB 72ms
49ms Document
text/html 2606:4700:3035::ac43:d2f2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://xrz-cloud-github-io.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d2f2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce5d4d5ea38f2226de93217e65798e2a21f0a01fee65806bb3322fe87c137efb

Request headers

:method: GET
:authority: xrz-cloud-github-io.pages.dev
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:26 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=deede972cebeed683ab9a70a7a1455d9a1616158286; expires=Sun, 18-Apr-21 12:51:26 GMT; path=/; domain=.xrz-cloud-github-io.pages.dev; HttpOnly; SameSite=Lax; Secure
cache-control: public, max-age=0, must-revalidate
cf-cache-status: MISS
cf-request-id: 08ec237a2a00000609e2b36000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6CSIB1n%2B1Lwm7PlzUwNcsPr%2FDLMg%2B%2BJLRR0MYW8iS3WLGvNa5RP24Qrvkz98z4UeP1TXtbIPPVnJPfggmWcvlb%2Bm0yuGcNqsBGZ4VEfvEe1mstUktNuC0WgN6dlnlu47Nv89WOch%2FZieVg%3D%3D"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6326d509da730609-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 minireset.min.css
cdn.coding.xrzyun.top/css/moe-cdn.fly3949.com/ 544 B
658 B 717ms
206ms Stylesheet
text/css 150.109.19.98
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.coding.xrzyun.top/css/moe-cdn.fly3949.com/minireset.min.css
Requested by: Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.19.98 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Coding Pages /
Resource Hash: e42a38554f06dbdb62e79e919b0b62c85d86d837b58c72375e7261ebabc6a512

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Mar 2021 12:51:27 GMT
last-modified: Sun, 14 Mar 2021 02:25:41 GMT
server: Coding Pages
accept-ranges: bytes
content-length: 544
content-type: text/css; charset=utf-8

GET
H2 200 main.css
cdn.coding.xrzyun.top/css/moe-cdn.fly3949.com/ 11 KB
3 KB 1033ms
523ms Stylesheet
text/css 150.109.19.98
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.coding.xrzyun.top/css/moe-cdn.fly3949.com/main.css
Requested by: Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.19.98 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Coding Pages /
Resource Hash: 8b114d361cd5523e7c73e34de39d053678b34cd977cae11a0fdd38eb5b670435

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:27 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 02:25:41 GMT
server: Coding Pages
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2662

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc515c676daf3068a7455cbde297275f96c2fb38e573ca7621f285ffbc193534

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49785
x-xss-protection: 0
server: cafe
etag: 5737719656913929434
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Mar 2021 12:51:26 GMT

GET
H2 200 /
images.weserv.nl/ 6 KB
7 KB 75ms
58ms Image
image/jpeg 2606:4700:3032::6815:4f5f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://i0.hdslb.com/bfs/article/da952fd8598cfb9f8b9b6718f8a0823d4967f367.jpg@140w_140h_1e_1c.jpg

Requested by

Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4f5f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68a6857cfed61cf59a9a1f657f732790bc3c93ec1c2eadfbb52b9748f98d98ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-images-api: 5
date: Fri, 19 Mar 2021 12:51:26 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-disposition: inline; filename=image.jpg
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6212
cf-request-id: 08ec237a7600004e089a22a000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kZv2wAs6qhxoaU2EcrPvUDDquG7r88pIldGiaIdj04EMuwxi5R37kZ0qU1WPzPjYEy6dZnE4CWk1kSudYNX78bVsxw6rZog83EuhU1oGONBmGKn5ozytYdqI7UNI"}],"group":"cf-nel"}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6326d50a59b14e08-FRA
expires: Sat, 19 Mar 2022 12:51:26 GMT

GET
H2 200 WeChat.png
cdn.coding.xrzyun.top/img/moe-cdn.fly3949.com/ 129 KB
129 KB 897ms
390ms Image
image/png 150.109.19.98
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.coding.xrzyun.top/img/moe-cdn.fly3949.com/WeChat.png
Requested by: Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.19.98 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Coding Pages /
Resource Hash: e6f081c2b2ebe270a20cfce2b58dab8265e99cfe3639f64afa96c944a596d5c0

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Mar 2021 12:51:27 GMT
last-modified: Sun, 14 Mar 2021 02:25:41 GMT
server: Coding Pages
accept-ranges: bytes
content-length: 132294
content-type: image/png

GET
H2 200 AliPay.png
cdn.coding.xrzyun.top/img/moe-cdn.fly3949.com/ 18 KB
18 KB 1031ms
524ms Image
image/png 150.109.19.98
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.coding.xrzyun.top/img/moe-cdn.fly3949.com/AliPay.png
Requested by: Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.19.98 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Coding Pages /
Resource Hash: f77c5210124824f78ab58b2e217b59d3715f010e38fb4795d4fbdf9937e77a79

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Mar 2021 12:51:27 GMT
last-modified: Sun, 14 Mar 2021 02:25:41 GMT
server: Coding Pages
accept-ranges: bytes
content-length: 18093
content-type: image/png

GET
H2 200 jquery.min.js Show response
cdn.coding.xrzyun.top/js/moe-cdn.fly3949.com/ 85 KB
35 KB 716ms
208ms Script
application/javascript 150.109.19.98
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.coding.xrzyun.top/js/moe-cdn.fly3949.com/jquery.min.js
Requested by: Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.19.98 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Coding Pages /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:27 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 02:25:42 GMT
server: Coding Pages
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 main.js Show response
cdn.coding.xrzyun.top/js/moe-cdn.fly3949.com/ 3 KB
1 KB 1190ms
682ms Script
application/javascript 150.109.19.98
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.coding.xrzyun.top/js/moe-cdn.fly3949.com/main.js
Requested by: Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.19.98 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Coding Pages /
Resource Hash: 49b8e764dd20872f1f7559ea1e305bcc779eef0c87c50d3ac0505f645a5e6ff7

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:27 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 02:25:42 GMT
server: Coding Pages
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1324

GET
H2 200 APlayer.min.css
cdn.jsdelivr.net/npm/aplayer/dist/ 12 KB
3 KB 26ms
8ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/aplayer/dist/APlayer.min.css

Requested by

Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

baa4101a70dc9912af84ac1ce559b85d3d46436a15eadd54d0d47637db55f814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 9329
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2537
etag: W/"30f0-BzcqK6UHOI0P7RZtdhscLCplnc4"
x-served-by: cache-fra19142-FRA
date: Fri, 19 Mar 2021 12:51:26 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 APlayer.min.js Show response
cdn.jsdelivr.net/npm/aplayer/dist/ 58 KB
14 KB 27ms
9ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/aplayer/dist/APlayer.min.js

Requested by

Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e98ec22436a5b6878d824f997ed8020fd8cb8261afe31294a3c9d0d07800c15a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 11918
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 13754
etag: W/"e7bd-Isqij/a0Ghb/QPFdOPFzniI1lHg"
x-served-by: cache-fra19142-FRA
date: Fri, 19 Mar 2021 12:51:26 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 Meting.min.js Show response
cdn.jsdelivr.net/npm/meting@2/dist/ 3 KB
1 KB 27ms
9ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/meting@2/dist/Meting.min.js

Requested by

Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

94e50ffa5f6a2db31368260a2cd74beac05917ef0966b1715e65eb55bcd2823d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 8866
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1424
etag: W/"d90-8rPSC4vWTM0DHGRijysTIweK4yQ"
x-served-by: cache-fra19142-FRA
date: Fri, 19 Mar 2021 12:51:26 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ 226 KB
85 KB 67ms
52ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1584378036823590&plah=xrz-cloud-github-io.pages.dev&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86501
x-xss-protection: 0
server: cafe
etag: 16342648926818324530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 Mar 2021 12:51:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame E0EB 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210316/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://xrz-cloud-github-io.pages.dev/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://xrz-cloud-github-io.pages.dev/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 18 Mar 2021 18:01:35 GMT
expires: Thu, 01 Apr 2021 18:01:35 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 67791
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
638 B 105ms
55ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=xrz-cloud-github-io.pages.dev&callback=_gfp_s_&client=ca-pub-1584378036823590

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1584378036823590&plah=xrz-cloud-github-io.pages.dev&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

8fc4641722f045f08b57edbec9f1d0d4912abbef49ed2263994adf66dac7ec84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=xrz-cloud-github-io.pages.dev

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=xrz-cloud-github-io.pages.dev

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5621 603 B
608 B 54ms
40ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1584378036823590&output=html&adk=1812271804&adf=3025194257&lmt=1616158286&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxrz-cloud-github-io.pages.dev%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616158286478&bpp=14&bdt=48&idt=89&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2061565778673&frm=20&pv=2&ga_vid=1296941563.1616158287&ga_sid=1616158287&ga_hid=1474297992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C44739387&oid=3&pvsid=3667345807288590&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=125

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1584378036823590&output=html&adk=1812271804&adf=3025194257&lmt=1616158286&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fxrz-cloud-github-io.pages.dev%2F&ea=0&flash=0&pra=5&wgl=1&dt=1616158286478&bpp=14&bdt=48&idt=89&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2061565778673&frm=20&pv=2&ga_vid=1296941563.1616158287&ga_sid=1616158287&ga_hid=1474297992&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44736525%2C44739387&oid=3&pvsid=3667345807288590&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=125
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://xrz-cloud-github-io.pages.dev/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://xrz-cloud-github-io.pages.dev/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Mar 2021 12:51:26 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Mar-2021 13:06:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Mar 2021 12:51:26 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1615980824644616"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28204
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:51:26 GMT

GET
H2 200 font-awesome.min.css
cdn.coding.xrzyun.top/css/moe-cdn.fly3949.com/ 31 KB
8 KB 204ms
203ms Stylesheet
text/css 150.109.19.98
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.coding.xrzyun.top/css/moe-cdn.fly3949.com/font-awesome.min.css
Requested by: Host: cdn.coding.xrzyun.top
URL: https://cdn.coding.xrzyun.top/css/moe-cdn.fly3949.com/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.19.98 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Coding Pages /
Resource Hash: 7e1bbd1b1610fd908aa7fcd48dc06d1681fc3e8d749f25d7c168ec36264eb66f

Request headers

Referer: https://cdn.coding.xrzyun.top/css/moe-cdn.fly3949.com/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:27 GMT
content-encoding: gzip
last-modified: Sun, 14 Mar 2021 02:25:41 GMT
server: Coding Pages
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 bg.jpg
cdn.coding.xrzyun.top/img/moe-cdn.fly3949.com/ 117 KB
117 KB 203ms
203ms Image
image/jpeg 150.109.19.98
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.coding.xrzyun.top/img/moe-cdn.fly3949.com/bg.jpg
Requested by: Host: cdn.coding.xrzyun.top
URL: https://cdn.coding.xrzyun.top/css/moe-cdn.fly3949.com/main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.109.19.98 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Coding Pages /
Resource Hash: a88457c89d917114fdbce596ee65e5e7770e152d6f77ed8556471bb372f45829

Request headers

Referer: https://cdn.coding.xrzyun.top/css/moe-cdn.fly3949.com/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 19 Mar 2021 12:51:27 GMT
last-modified: Sun, 14 Mar 2021 02:25:41 GMT
server: Coding Pages
accept-ranges: bytes
content-length: 119967
content-type: image/jpeg

GET
H2 200 fontawesome-webfont.woff2
cdn.bootcss.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 2420ms
486ms Font
application/octet-stream 139.170.156.233
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bootcss.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdn.coding.xrzyun.top
URL: https://cdn.coding.xrzyun.top/css/moe-cdn.fly3949.com/font-awesome.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.170.156.233 Xining, China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),

Reverse DNS

Software

NWS_TCloud_S1 /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://xrz-cloud-github-io.pages.dev
Referer: https://cdn.coding.xrzyun.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:29 GMT
x-content-type-options: nosniff
x-cache-lookup: Hit From Disktank3, Hit From Inner Cluster
x-nws-uuid-verify: f12a14104cdb382a44b58b8be11c4472
age: 1180639
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=15780000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
cf-request-id: 08e1f95a73000056ddfd170000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: NWS_TCloud_S1
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"max_age":604800,"report_to":"cf-nel"}
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=raG%2BI9gtLQl6XjimxGxOYFmbLoPGH8DPOaohzs07MY3wOduwaft0P1fjXVv9WCAOyJfm5W%2FDS7zoRSrYf2%2B5l9DDj8RsTXdLf7PEaX6fxf299ABZ5Q%3D%3D"}],"group":"cf-nel"}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000
x-daa-tunnel: hop_count=1
x-nws-log-uuid: 2e67fe76-dafc-4043-ae1d-eabb539058d7
accept-ranges: bytes
cf-ray: 631691a3e86b56dd-LAX
expires: Sun, 18 Apr 2021 12:51:29 GMT

GET
H2 200 api Show response
api.i-meto.com/meting/ 20 KB
6 KB 760ms
239ms Fetch
application/json 106.52.189.108
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.i-meto.com/meting/api?server=netease&type=playlist&id=863497303&r=0.3801913952995042
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/meting@2/dist/Meting.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 106.52.189.108 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: nginx / PHP/7.3.24
Resource Hash: a263d71bf7e466f22d34aa711db44e3cd7c13042c929b962ab0c095313172ca3

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:28 GMT
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.3.24
vary: Accept-Encoding, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
meting-request-time: 2021-03-19T12:50:46+00:00

GET
H2 200 posts Show response
www.fly3949.com/wp-json/wp/v2/ 72 KB
17 KB 1762ms
663ms XHR
application/json 106.52.172.211
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fly3949.com/wp-json/wp/v2/posts?per_page=10&page=1

Requested by

Host: cdn.coding.xrzyun.top
URL: https://cdn.coding.xrzyun.top/js/moe-cdn.fly3949.com/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

106.52.172.211 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),

Reverse DNS

Software

can-0x00/LFS-Nginx /

Resource Hash

acc87c6660e180234920434cd0cc307958ca4d2be0d9ce21ef793ced1a3b0ef9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:29 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
allow: GET
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
pragma: no-cache
link: <https://www.fly3949.com/wp-json/wp/v2/posts?per_page=10&page=2>; rel="next"
referrer-policy: no-referrer-when-downgrade
server: can-0x00/LFS-Nginx
x-wp-totalpages: 5
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://xrz-cloud-github-io.pages.dev
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: no-store, no-cache, must-revalidate
x-wp-total: 48
content-security-policy: default-src * data: blob: 'unsafe-eval' 'unsafe-inline'
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 get Show response
api.lwl12.com/hitokoto/main/ 0
0 1519ms
1399ms Script
text/html 2606:4700:3037::6815:1be7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.lwl12.com/hitokoto/main/get?encode=json&callback=echokoto&_=1616158287685
Requested by: Host: cdn.coding.xrzyun.top
URL: https://cdn.coding.xrzyun.top/js/moe-cdn.fly3949.com/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:1be7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2

200

7903289581284343.jpg
p3.music.126.net/UCTawHjiBkKCHEWz_UqqAw==/
Redirect Chain

https://api.i-meto.com/meting/api?server=netease&type=pic&id=7903289581284343&auth=3eb5d0c0217d5f8e4cfbd9f93111925d02daf239
https://p3.music.126.net/UCTawHjiBkKCHEWz_UqqAw==/7903289581284343.jpg?param=90y90

9 KB
10 KB

561ms
301ms

Image
image/jpg

2a01:53c0:ff0a::43
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p3.music.126.net/UCTawHjiBkKCHEWz_UqqAw==/7903289581284343.jpg?param=90y90
Requested by: Host: xrz-cloud-github-io.pages.dev
URL: https://xrz-cloud-github-io.pages.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a01:53c0:ff0a::43 , United States, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: nginx /
Resource Hash: 61623f6608c32013a40049deaef1346d2e338c57fc8f48c64c788d5bc24ab728

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:29 GMT
cdn-ip: 163.171.129.58
x-nos-request-id: 5fb37e3f0a820000000060549e516336
content-md5: 906d2ae6a790113f7578b79e32335b4c
cdn-user-ip: 2a01:4f8:121:131a::2
x-nos-storage-class: STANDARD
content-length: 9583
last-modified: Thu, 05 Nov 2015 18:00:13 Asia/Shanghai
server: nginx
cdn-source: chinanetcenter
x-nos-requesttype: imageView
x-ws-request-id: 60549e51_PSygldLON2ni58_46440-25281
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpg
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-via: 1.1 PS-CZX-01bnS57:0 (Cdn Cache Server V2.0), 1.1 PS-WNZ-01yUE34:5 (Cdn Cache Server V2.0), 1.1 PSygldLON2ni58:8 (Cdn Cache Server V2.0)

Redirect headers

date: Fri, 19 Mar 2021 12:51:29 GMT
server: nginx
access-control-allow-origin: *
x-powered-by: PHP/7.3.24
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://p3.music.126.net/UCTawHjiBkKCHEWz_UqqAw==/7903289581284343.jpg?param=90y90
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad4ed07b55e55ea8152ac8bcae7d6c795498b6676d005ec7ce8512daaac5b196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Mar 2021 12:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6481
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 19 Mar 2021 12:51:30 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 3043 12 KB
5 KB 35ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://xrz-cloud-github-io.pages.dev/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://xrz-cloud-github-io.pages.dev/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 19 Mar 2021 12:20:58 GMT
expires: Sat, 19 Mar 2022 12:20:58 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1832
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3043 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:03:59 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 10051
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:03:59 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
111 B 41ms
41ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=3667345807288590&bg=!qKulq-_NAAbUo7L91KM7ACkAdvg8Ws7bjcLay7Y-Hlfk2_-MOXneEDeQUal-mD911K_-y1Or4QHmtwIAAABKUgAAAAhoAQcKAV0yPEqDtZTmzKc58vmUn-Hlyim3RuGedVHe1po2mh5i4AOpAImtvY2zu-TgG2_9ulE5e-ZWMNISiRmFpC5XcL-duDjVp958iNdFjVToybTXWKGwUmuVfd6mmvM0AoYqvpDhBYXGuwq-81VvYueaDcrFHp2LVCkZQMAEYqeHOb3BqefGpCKMAM0giiRRlcOb5hLrQqBgd5UkelPYtwwp-th_czzPiwRGWirCzZrcW9TT3ECYsg7hv62JFBHMJLQqZ35YQuo7jekkP9ig4OTYOHIV8gMa0OFCmatma3RbCpHH59NRE99mC_uBfOzGWy7iLFLkRsPX2jplsm4rkFeUmeKWHgQ7EIvzNQQbLopkZrrSjmqaFNFEJtcaEZltgbgRTUGcJRFitdV5Jk4sNWQoVQiJaPTn5j2fn262tANJvxeot-Dmqyq-kI7IJOMUvE6oFX38mtoU4DPzQKUI9xTgmQHqzruIXQsRnbRBLW4xfKcOXiMDDrTm979eJqAXKsdhBOqZzLQ1DCy-MZxIqhc_xiMeD8SDncvOEsOHlmXD8HFpV8IP0nUUpqoZSX5GmoqKlh-CemLs51DMT1L5DNBQZp4g7uu3A6TkoK634kr86HqtWX3kTUbP4ahjalJIolGqNJY4WcmR1zLvr8x5uAytVHuW5xXLWFpxfPxJIqa6J3MWOCBT1hc_gUUca1_eUoDFqzBYhzuxsvGchlG4dU-pGcuCIX_4-pl-NWS6pKOL7QC55ORJW2_540D09EY9TDBDAat-9nvFYxlH6A38ObdLBujzeM-7hqI-Eiv-h0x1iU9SxGA4Lj8Ml05LDlyRSeB4PjOh6tbyleKJjBmF9yMFoshPnoY0jeYj261OqZIp8W416Zqiz6q33kad_EhUH1Ek5MRSks_n0OP_TZDAvdo4h-VSJR1sqtKf2E4NYSmYibUwGgrkj1bzJKObWZmeBQzpmimfoz72Zxgy7q30sEVkbtMcdCLB7O_fWf00oh8MUQCY28w_CUsprG55m0AnN1XU1AxL9IdijJOawLGjdIYnVIiNohn9AKa73hhNPDFbPgvLekPjg4Vp3RbOs8kQ06s25y4-UphjiJ9mPO1esWwv8uz-flC8v6BhI3d5VA

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://xrz-cloud-github-io.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Mar 2021 12:51:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.jsdelivr.net/npm/aplayer/dist/APlayer.min.js(Line 1) Message: %c APlayer v1.10.1 af84efb %c http://aplayer.js.org color: #fadfa3; background: #030307; padding:5px 0; background: #fadfa3; padding:5px 0;
console-api	log	URL: https://cdn.jsdelivr.net/npm/meting@2/dist/Meting.min.js(Line 1) Message: %c MetingJS v2.0.1 %c https://github.com/metowolf/MetingJS color: #fadfa3; background: #030307; padding:5px 0; background: #fadfa3; padding:5px 0;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.i-meto.com
api.lwl12.com
cdn.bootcss.com
cdn.coding.xrzyun.top
cdn.jsdelivr.net
googleads.g.doubleclick.net
images.weserv.nl
p3.music.126.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.fly3949.com
www.googletagservices.com
xrz-cloud-github-io.pages.dev
106.52.172.211
106.52.189.108
139.170.156.233
150.109.19.98
172.217.23.98
2606:4700:3032::6815:4f5f
2606:4700:3035::ac43:d2f2
2606:4700:3037::6815:1be7
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a01:53c0:ff0a::43
2a04:4e42:3::621
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
49b8e764dd20872f1f7559ea1e305bcc779eef0c87c50d3ac0505f645a5e6ff7
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
61623f6608c32013a40049deaef1346d2e338c57fc8f48c64c788d5bc24ab728
68a6857cfed61cf59a9a1f657f732790bc3c93ec1c2eadfbb52b9748f98d98ec
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
7e1bbd1b1610fd908aa7fcd48dc06d1681fc3e8d749f25d7c168ec36264eb66f
8b114d361cd5523e7c73e34de39d053678b34cd977cae11a0fdd38eb5b670435
8fc4641722f045f08b57edbec9f1d0d4912abbef49ed2263994adf66dac7ec84
94e50ffa5f6a2db31368260a2cd74beac05917ef0966b1715e65eb55bcd2823d
a263d71bf7e466f22d34aa711db44e3cd7c13042c929b962ab0c095313172ca3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a88457c89d917114fdbce596ee65e5e7770e152d6f77ed8556471bb372f45829
acc87c6660e180234920434cd0cc307958ca4d2be0d9ce21ef793ced1a3b0ef9
ad4ed07b55e55ea8152ac8bcae7d6c795498b6676d005ec7ce8512daaac5b196
baa4101a70dc9912af84ac1ce559b85d3d46436a15eadd54d0d47637db55f814
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
cc515c676daf3068a7455cbde297275f96c2fb38e573ca7621f285ffbc193534
ce5d4d5ea38f2226de93217e65798e2a21f0a01fee65806bb3322fe87c137efb
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a38554f06dbdb62e79e919b0b62c85d86d837b58c72375e7261ebabc6a512
e6f081c2b2ebe270a20cfce2b58dab8265e99cfe3639f64afa96c944a596d5c0
e98ec22436a5b6878d824f997ed8020fd8cb8261afe31294a3c9d0d07800c15a
f77c5210124824f78ab58b2e217b59d3715f010e38fb4795d4fbdf9937e77a79

xrz-cloud-github-io.pages.dev Open in urlscan Pro 2606:4700:3035::ac43:d2f2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

72 %IPv6

15 Domains

16 Subdomains

18 IPs

4 Countries

639 kBTransfer

1155 kBSize

0 Cookies

2 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

xrz-cloud-github-io.pages.dev Open in urlscan Pro
2606:4700:3035::ac43:d2f2 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

72 %
IPv6

15
Domains

16
Subdomains

18
IPs

4
Countries

639 kB
Transfer

1155 kB
Size

0
Cookies

31 HTTP transactions
0 data transactions