c-wzw-d.dothansecurity.com Open in urlscan Pro
66.187.193.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://c-wzw-d.dothansecurity.com/
Submission: On March 19 via api (March 19th 2024, 4:37:41 pm UTC) from US — Scanned from US

Summary HTTP 210 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 31 domains to perform 210 HTTP transactions. The main IP is 66.187.193.138, located in Montreal, Canada and belongs to HIVE-DATA-CENTER, CA. The main domain is c-wzw-d.dothansecurity.com.
TLS certificate: Issued by R3 on January 24th 2024. Valid for: 3 months.

This is the only time c-wzw-d.dothansecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 24	66.187.193.138 66.187.193.138	33185 (HIVE-DATA...) (HIVE-DATA-CENTER)
1	134.195.197.167 134.195.197.167	62563 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
12	2606:4700:303... 2606:4700:3038::6815:eb25	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3032::6815:4903	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	107.148.194.20 107.148.194.20	54600 (PEG-SV) (PEG-SV)
6	2606:4700:303... 2606:4700:3036::6815:30b3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	204.12.215.68 204.12.215.68	32097 (WII) (WII)
4	192.74.245.123 192.74.245.123	54600 (PEG-SV) (PEG-SV)
6	198.2.211.136 198.2.211.136	54600 (PEG-SV) (PEG-SV)
12	2606:4700:303... 2606:4700:3038::6815:eaeb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	198.2.204.100 198.2.204.100	54600 (PEG-SV) (PEG-SV)
8	198.2.195.83 198.2.195.83	54600 (PEG-SV) (PEG-SV)
4	192.74.232.140 192.74.232.140	54600 (PEG-SV) (PEG-SV)
12	2600:9000:220... 2600:9000:2209:de00:14:1855:3780:93a1	16509 (AMAZON-02) (AMAZON-02)
4	137.175.69.133 137.175.69.133	54600 (PEG-SV) (PEG-SV)
4	149.104.32.243 149.104.32.243	40065 (CNSERVERS) (CNSERVERS)
4	107.148.207.6 107.148.207.6	54600 (PEG-SV) (PEG-SV)
4	2606:4700:303... 2606:4700:3030::ac43:a687	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	192.74.238.48 192.74.238.48	54600 (PEG-SV) (PEG-SV)
4	204.12.215.70 204.12.215.70	32097 (WII) (WII)
4	198.2.192.67 198.2.192.67	54600 (PEG-SV) (PEG-SV)
4	2606:4700:303... 2606:4700:3030::6815:152b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	137.175.108.241 137.175.108.241	54600 (PEG-SV) (PEG-SV)
4	2606:4700:303... 2606:4700:3033::6815:d65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.4.127.78 142.4.127.78	54600 (PEG-SV) (PEG-SV)
8	47.253.28.51 47.253.28.51	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	2606:4700:303... 2606:4700:3038::6815:eabb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	66.187.192.172 66.187.192.172	33185 (HIVE-DATA...) (HIVE-DATA-CENTER)
1	52.58.78.16 52.58.78.16	16509 (AMAZON-02) (AMAZON-02)
12	46.253.6.155 46.253.6.155	216145 (SEVENDC) (SEVENDC)
210	31

24 66.187.193.138 (Montreal, Canada) 2 redirects

ASN33185 (HIVE-DATA-CENTER, CA)

c-wzw-d.dothansecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.195.197.167 (Vancouver, Canada)

ASN62563 (AS-GLOBALTELEHOST, CA)
PTR: 167-197-195-134.clients.gthost.com

x01-49z.discount-micro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3038::6815:eb25 (United States)

ASN13335 (CLOUDFLARENET, US)

img10.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img11.chkaja.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3032::6815:4903 (United States)

ASN13335 (CLOUDFLARENET, US)

tupain2.baitu4lliltvmwelqubyqm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.148.194.20 (United States)

ASN54600 (PEG-SV, US)

9831tc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3036::6815:30b3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.3400tupian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.12.215.68 (United States)

ASN32097 (WII, US)

pjkbv034cbdft6qwd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.74.245.123 (United States)

ASN54600 (PEG-SV, US)

1325tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.2.211.136 (United States)

ASN54600 (PEG-SV, US)

www.7859888tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3038::6815:eaeb (United States)

ASN13335 (CLOUDFLARENET, US)

z4a.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.2.204.100 (United States)

ASN54600 (PEG-SV, US)

c7575tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 198.2.195.83 (United States)

ASN54600 (PEG-SV, US)

5698tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.74.232.140 (United States)

ASN54600 (PEG-SV, US)

9323tp.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:2209:de00:14:1855:3780:93a1 (United States)

ASN16509 (AMAZON-02, US)

pppmmm.tututufafafa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 137.175.69.133 (United States)

ASN54600 (PEG-SV, US)

c8932888tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 149.104.32.243 (United States)

ASN40065 (CNSERVERS, US)

www.gggttt888.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.148.207.6 (United States)

ASN54600 (PEG-SV, US)

9216tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::ac43:a687 (United States)

ASN13335 (CLOUDFLARENET, US)

www.5959tupian.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.74.238.48 (United States)

ASN54600 (PEG-SV, US)

www.8122888tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 204.12.215.70 (United States)

ASN32097 (WII, US)

opjkb29vcbd44ftq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.2.192.67 (United States)

ASN54600 (PEG-SV, US)

6151tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:152b (United States)

ASN13335 (CLOUDFLARENET, US)

img.ooo-05.ltd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 137.175.108.241 (United States)

ASN54600 (PEG-SV, US)
PTR: disconcertingly.titlement.org

6399tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3033::6815:d65 (United States)

ASN13335 (CLOUDFLARENET, US)

v.tu05v46466.ltd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.4.127.78 (United States)

ASN54600 (PEG-SV, US)

www.9129666tp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 47.253.28.51 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

oss118.oss-accelerate.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eabb (United States)

ASN13335 (CLOUDFLARENET, US)

images.weserv.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 66.187.192.172 (Montreal, Canada)

ASN33185 (HIVE-DATA-CENTER, CA)
PTR: ip.172.192.187.66.hivedatacenter.com

ztwyqsgdh.dglietou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.78.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-78-16.eu-central-1.compute.amazonaws.com

www.80656.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 46.253.6.155 (Bulgaria)

ASN216145 (SEVENDC, BG)

s1x3d.mexicorecreation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	dglietou.com ztwyqsgdh.dglietou.com	128 KB
24	dothansecurity.com 2 redirects c-wzw-d.dothansecurity.com	632 KB
12	mexicorecreation.com s1x3d.mexicorecreation.com	10 KB
12	tututufafafa.com pppmmm.tututufafafa.com — Cisco Umbrella Rank: 589762	7 MB
12	z4a.net z4a.net — Cisco Umbrella Rank: 336425	2 MB
12	baitu4lliltvmwelqubyqm.com tupain2.baitu4lliltvmwelqubyqm.com	8 MB
12	chkaja.com img10.chkaja.com — Cisco Umbrella Rank: 462813 img11.chkaja.com — Cisco Umbrella Rank: 306934	6 MB
8	aliyuncs.com oss118.oss-accelerate.aliyuncs.com	654 KB
8	6399tp.com 6399tp.com	3 MB
8	5698tp.com 5698tp.com	1 MB
6	7859888tp.com www.7859888tp.com	1 MB
6	3400tupian.com www.3400tupian.com	2 MB
4	9129666tp.com www.9129666tp.com	1 MB
4	tu05v46466.ltd v.tu05v46466.ltd	990 KB
4	ooo-05.ltd img.ooo-05.ltd	2 MB
4	6151tp.com 6151tp.com	2 MB
4	opjkb29vcbd44ftq.com opjkb29vcbd44ftq.com	1 MB
4	8122888tp.com www.8122888tp.com	645 KB
4	5959tupian.com www.5959tupian.com	876 KB
4	9216tp.com 9216tp.com	902 KB
4	gggttt888.com www.gggttt888.com	1 MB
4	c8932888tp.com c8932888tp.com	988 KB
4	9323tp.cc 9323tp.cc — Cisco Umbrella Rank: 950534	593 KB
4	c7575tp.com c7575tp.com	604 KB
4	1325tp.com 1325tp.com — Cisco Umbrella Rank: 920687	624 KB
4	pjkbv034cbdft6qwd.com pjkbv034cbdft6qwd.com	895 KB
4	9831tc.com 9831tc.com — Cisco Umbrella Rank: 870131	1 MB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8299	12 KB
1	80656.com www.80656.com
1	weserv.nl images.weserv.nl — Cisco Umbrella Rank: 92383	130 KB
1	discount-micro.com x01-49z.discount-micro.com	4 KB
210	31

	Domain	Requested by
27	ztwyqsgdh.dglietou.com	c-wzw-d.dothansecurity.com ztwyqsgdh.dglietou.com
24	c-wzw-d.dothansecurity.com	2 redirects c-wzw-d.dothansecurity.com
12	s1x3d.mexicorecreation.com	c-wzw-d.dothansecurity.com
12	pppmmm.tututufafafa.com	c-wzw-d.dothansecurity.com
12	z4a.net	c-wzw-d.dothansecurity.com
12	tupain2.baitu4lliltvmwelqubyqm.com	c-wzw-d.dothansecurity.com
8	oss118.oss-accelerate.aliyuncs.com	c-wzw-d.dothansecurity.com
8	6399tp.com	c-wzw-d.dothansecurity.com
8	img11.chkaja.com	c-wzw-d.dothansecurity.com
8	5698tp.com	c-wzw-d.dothansecurity.com
6	www.7859888tp.com	c-wzw-d.dothansecurity.com
6	www.3400tupian.com	c-wzw-d.dothansecurity.com
4	www.9129666tp.com	c-wzw-d.dothansecurity.com
4	v.tu05v46466.ltd	c-wzw-d.dothansecurity.com
4	img.ooo-05.ltd	c-wzw-d.dothansecurity.com
4	6151tp.com	c-wzw-d.dothansecurity.com
4	opjkb29vcbd44ftq.com	c-wzw-d.dothansecurity.com
4	www.8122888tp.com	c-wzw-d.dothansecurity.com
4	www.5959tupian.com	c-wzw-d.dothansecurity.com
4	9216tp.com	c-wzw-d.dothansecurity.com
4	www.gggttt888.com	c-wzw-d.dothansecurity.com
4	c8932888tp.com	c-wzw-d.dothansecurity.com
4	9323tp.cc	c-wzw-d.dothansecurity.com
4	c7575tp.com	c-wzw-d.dothansecurity.com
4	1325tp.com	c-wzw-d.dothansecurity.com
4	pjkbv034cbdft6qwd.com	c-wzw-d.dothansecurity.com
4	9831tc.com	c-wzw-d.dothansecurity.com
4	img10.chkaja.com	c-wzw-d.dothansecurity.com
2	hm.baidu.com	c-wzw-d.dothansecurity.com
1	www.80656.com	c-wzw-d.dothansecurity.com
1	images.weserv.nl	c-wzw-d.dothansecurity.com
1	x01-49z.discount-micro.com	c-wzw-d.dothansecurity.com
210	32

This site contains links to these domains. Also see Links.

Domain
vo9xia.zai.castingwheels.com

Subject Issuer	Validity	Valid
150wzw.dothansecurity.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
x01-49z.discount-micro.com R3	`2024-01-23` - `2024-04-22`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
chkaja.com E1	`2024-03-04` - `2024-06-02`	3 months	crt.sh
baitu4lliltvmwelqubyqm.com GTS CA 1P5	`2024-03-03` - `2024-06-01`	3 months	crt.sh
9831tc.com R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
3400tupian.com E1	`2024-01-23` - `2024-04-22`	3 months	crt.sh
pjkbv034cbdft6qwd.com Certum Domain Validation CA SHA2	`2023-08-08` - `2024-09-06`	a year	crt.sh
1325tp.com R3	`2024-02-28` - `2024-05-28`	3 months	crt.sh
www.7859888tp.com R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
z4a.net GTS CA 1P5	`2024-02-25` - `2024-05-25`	3 months	crt.sh
c7575tp.com R3	`2024-02-10` - `2024-05-10`	3 months	crt.sh
5698tp.com R3	`2024-01-24` - `2024-04-23`	3 months	crt.sh
9323tp.cc R3	`2024-03-16` - `2024-06-14`	3 months	crt.sh
pppmmm.tututufafafa.com R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
c8932888tp.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
www.gggttt888.com R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh
9216tp.com R3	`2024-01-27` - `2024-04-26`	3 months	crt.sh
5959tupian.com GTS CA 1P5	`2024-01-23` - `2024-04-22`	3 months	crt.sh
www.8122888tp.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
6151tp.com R3	`2024-01-15` - `2024-04-14`	3 months	crt.sh
ooo-05.ltd E1	`2024-03-06` - `2024-06-04`	3 months	crt.sh
6399tp.com R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
tu05v46466.ltd E1	`2024-01-31` - `2024-04-30`	3 months	crt.sh
www.9129666tp.com R3	`2024-01-31` - `2024-04-30`	3 months	crt.sh
oss-us-east-1.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-11-24` - `2024-05-24`	6 months	crt.sh
weserv.nl GTS CA 1P5	`2024-02-12` - `2024-05-12`	3 months	crt.sh
ztwyqsgdh.dglietou.com R3	`2024-02-01` - `2024-05-01`	3 months	crt.sh
80656.com R3	`2024-02-10` - `2024-05-10`	3 months	crt.sh
s1x3d.mexicorecreation.com R3	`2024-02-16` - `2024-05-16`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://c-wzw-d.dothansecurity.com/
Frame ID: F6D888748C17B6F3103EB72B0EC88A19
Requests: 9 HTTP requests in this frame

Frame: https://c-wzw-d.dothansecurity.com/tb/
Frame ID: 02C4DEE5E3DD0F47F8E048588C88B47E
Requests: 3 HTTP requests in this frame

Frame: https://c-wzw-d.dothansecurity.com/yjjy/
Frame ID: 8981B39C8842A62610C25C08969F4DF0
Requests: 50 HTTP requests in this frame

Frame: https://ztwyqsgdh.dglietou.com/bm/dbk.html
Frame ID: 01198F89B63C1B7FDD8F17AC05FD5167
Requests: 9 HTTP requests in this frame

Frame: https://ztwyqsgdh.dglietou.com/ambm/55049.html
Frame ID: D4E9DEEF2403048F9E973F1053A1ECA8
Requests: 9 HTTP requests in this frame

Frame: https://ztwyqsgdh.dglietou.com/bm/55049.html
Frame ID: 50F6884D0E4A56686C03BD5CD3B485C5
Requests: 9 HTTP requests in this frame

Frame: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Frame ID: 75B34FB732B15A4A68D4487DA2FFA020
Requests: 71 HTTP requests in this frame

Frame: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Frame ID: 84013E89EF9CADD3C032D60DD0F1A176
Requests: 37 HTTP requests in this frame

Frame: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm
Frame ID: 650B0BACA6D7D137CCB00BDB74EE09D1
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【王.中.王】致力打造，火热全网！

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

210
Requests

89 %
HTTPS

29 %
IPv6

31
Domains

32
Subdomains

31
IPs

5
Countries

48250 kB
Transfer

48538 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vo9xia.zai.castingwheels.com:8443/0149dh/
Title: 下载APP

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://c-wzw-d.dothansecurity.com/tb HTTP 301
https://c-wzw-d.dothansecurity.com/tb/

Request Chain 6

https://c-wzw-d.dothansecurity.com/yjjy HTTP 301
https://c-wzw-d.dothansecurity.com/yjjy/

210 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
c-wzw-d.dothansecurity.com/ 14 KB
4 KB 151ms
34ms Document
text/html 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

5013ef0d9b7c056af6c1d372eb640f9c8ad6759b7630001a696ea824f184c7df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 19 Mar 2024 16:37:27 GMT
etag: W/"65df0d80-37c7"
last-modified: Wed, 28 Feb 2024 10:40:00 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 style.css
c-wzw-d.dothansecurity.com/skin/css/ 30 KB
8 KB 40ms
38ms Stylesheet
text/css 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/skin/css/style.css

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

e47f80a371083e7631cbef67e71d4ae94c83d06120eaa1c4009216781e3595cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 10 May 2022 10:53:08 GMT
server: nginx
etag: W/"627a4414-76b4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 20 Mar 2024 04:37:27 GMT

GET
H2 200 tb.js Show response
c-wzw-d.dothansecurity.com/tb/ 1 KB
910 B 40ms
39ms Script
application/javascript 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/tb/tb.js

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

1936c27bacc5c82d91f4fd12748ba5ad3350a265e41abf44f62abe9449fd2e1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 26 Apr 2022 07:53:06 GMT
server: nginx
etag: W/"6267a4e2-47d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 20 Mar 2024 04:37:27 GMT

GET
H2 200 wenzhang.js Show response
c-wzw-d.dothansecurity.com/yjjy/ 2 KB
1 KB 41ms
40ms Script
application/javascript 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/wenzhang.js

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

5a6c65212536aee82be7df91227252bc9bd059d9e1b8e90151cc88b90a8a0588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 11 Aug 2023 10:54:56 GMT
server: nginx
etag: W/"64d61380-6e0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 20 Mar 2024 04:37:27 GMT

GET
H2 200 app.js Show response
x01-49z.discount-micro.com/ 8 KB
4 KB 456ms
87ms Script
application/javascript 134.195.197.167
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://x01-49z.discount-micro.com:2053/app.js

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

134.195.197.167 Vancouver, Canada, ASN62563 (AS-GLOBALTELEHOST, CA),

Reverse DNS

167-197-195-134.clients.gthost.com

Software

nginx /

Resource Hash

9ad7f8d84ca78884cc819bffdbdbd4f9d9c3c9add8a4a91e5e54a6aa6590bddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 01 Feb 2024 06:12:48 GMT
server: nginx
etag: W/"65bb3660-200c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 20 Mar 2024 04:37:28 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 3100ms
1211ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?c54f889ec1b4468ff1d440cfd3197b93

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

6205da6ab8cbe8c251a3b2e1101d96d325e8c8a4e6203a007e4165d4d6c2a593

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 4f915dc9335b4cb300d83eac3ddf4f20
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11261

GET
H2

200

/ Show response
c-wzw-d.dothansecurity.com/tb/ Frame 02C4
Redirect Chain

https://c-wzw-d.dothansecurity.com/tb
https://c-wzw-d.dothansecurity.com/tb/

2 KB
982 B

36ms
34ms

Document
text/html

66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/tb/

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/tb/tb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

c8e295acb49f7ad332ae74e2e2a16f2a19b1fb0655f9f5d5e5dfd53a50c278d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c-wzw-d.dothansecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 19 Mar 2024 16:37:27 GMT
etag: W/"659d411b-723"
last-modified: Tue, 09 Jan 2024 12:50:35 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Tue, 19 Mar 2024 16:37:27 GMT
location: https://c-wzw-d.dothansecurity.com/tb/
server: nginx
strict-transport-security: max-age=31536000

GET
H2

200

/ Show response
c-wzw-d.dothansecurity.com/yjjy/ Frame 8981
Redirect Chain

https://c-wzw-d.dothansecurity.com/yjjy
https://c-wzw-d.dothansecurity.com/yjjy/

109 KB
19 KB

38ms
38ms

Document
text/html

66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/wenzhang.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

0902bb979aae9dd920a1f0d917eb44ff316165a4ace7780eab01405c99541636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c-wzw-d.dothansecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 19 Mar 2024 16:37:27 GMT
etag: W/"65f9aeca-1b33d"
last-modified: Tue, 19 Mar 2024 15:27:06 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

Redirect headers

content-length: 162
content-type: text/html
date: Tue, 19 Mar 2024 16:37:27 GMT
location: https://c-wzw-d.dothansecurity.com/yjjy/
server: nginx
strict-transport-security: max-age=31536000

GET
H2 404 search.jpg
c-wzw-d.dothansecurity.com/skin/images/ 66 B
66 B 35ms
35ms Image
text/html 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c-wzw-d.dothansecurity.com/skin/images/search.jpg
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/skin/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),
Reverse DNS
Software: nginx /
Resource Hash: bed9a06fbcbbf5e774a76e51deb9e4b89d2bfe9717a78d6260bff5e79f385e1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/skin/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
server: nginx
etag: "650021bf-42"
content-length: 66
content-type: text/html

GET
H2 200 logo.png
c-wzw-d.dothansecurity.com/yjjy/images/ Frame 02C4 55 KB
55 KB 40ms
38ms Image
image/png 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/images/logo.png

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

8b2a8a5a398a412630ad4c50beb1f8b70e34b02b899be6df5a46442d350c33cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/tb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 16 Mar 2024 02:07:55 GMT
server: nginx
etag: "65f4fefb-daf4"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 56052
expires: Thu, 18 Apr 2024 16:37:27 GMT

GET
H2 200 4156bf228012c3da.png
img10.chkaja.com/files/20240109/ Frame 02C4 34 KB
35 KB 300ms
52ms Image
image/png 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240109/4156bf228012c3da.png

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/tb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a0d1567bdd9578d8f3fac1f3fb7f196d514440ca6eefd242725664b84e10d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95589
alt-svc: h3=":443"; ma=86400
content-length: 35244
last-modified: Tue, 09 Jan 2024 09:40:59 GMT
server: cloudflare
etag: "659d14ab-89ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KAZPDaR01cU7B8XPOJc3YD0q1NSnQnDOqazz%2B%2F8JgynG0ZYMchdg9d2ltHsLSr91qs%2FGrladfj%2BsX5xWiXsf5VotM2MxaVR3S9pmDC8NSOOCoAWDhDlomJZCb9QmyYmnMTFI8yOwVGz5GZp8GNPy"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee321fc654bc7-BUF
expires: Tue, 18 Mar 2025 14:04:18 GMT

GET
H2 200 sty1e.css
c-wzw-d.dothansecurity.com/yjjy/images/ Frame 8981 1 KB
979 B 69ms
67ms Stylesheet
text/css 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/images/sty1e.css

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

a96ea6b874a2db2631485778a5255467526104a52283563604353ff93458f46c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 16 Apr 2019 02:07:07 GMT
server: nginx
etag: W/"5cb538cb-5dd"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 20 Mar 2024 04:37:27 GMT

GET
H2 200 514c5d90740434a2.gif
img10.chkaja.com/files/20240125/ Frame 8981 16 KB
16 KB 291ms
50ms Image
image/gif 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240125/514c5d90740434a2.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d580aa056de9feef2e9d5633d1d10d93b78b3185db715865f4bbc2dd0d733fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307074
alt-svc: h3=":443"; ma=86400
content-length: 16323
last-modified: Thu, 25 Jan 2024 03:50:43 GMT
server: cloudflare
etag: "65b1da93-3fc3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vX%2Bb1HNSx%2BsKTMVXb7RR6b45cbGu4s6%2BrtpjE6OEghxiGhne9STP%2FXdUdIwGOS4buk3UUMY1bejgCNSUNRrWLCMximBx5fvrBkAoaVsh5Mca7Tbjr1iQsVrEqLjAcORLbrv8DBCZI6F36xqLPw%2F7"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee321fc664bc7-BUF
expires: Sun, 16 Mar 2025 03:19:33 GMT

GET
H2 200 03b5328e493b7c8b.png
img10.chkaja.com/files/20240125/ Frame 8981 111 KB
111 KB 301ms
61ms Image
image/png 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240125/03b5328e493b7c8b.png

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7a22354aeb342419133a53eab028575c7572dc21461430c719287aa017db547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97504
alt-svc: h3=":443"; ma=86400
content-length: 113649
last-modified: Thu, 25 Jan 2024 03:57:19 GMT
server: cloudflare
etag: "65b1dc1f-1bbf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ALKxpgALoN7py4%2BCeeSI6duZWDcWUw0vOjxIp2DrNvLz7DDaJBtjBWja0ezrufuFql1Zw7fbGUlrE1C%2FzKL6djExtRizk2uxCkAC%2F2kCyW3Y85igc4VbE0D3gm7a2yswgpQEsTP9NEQL8D5aD50j"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee321fc674bc7-BUF
expires: Tue, 18 Mar 2025 13:32:24 GMT

GET
H2 200 dh.gif
c-wzw-d.dothansecurity.com/yjjy/images/ Frame 8981 23 KB
24 KB 60ms
45ms Image
image/gif 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/images/dh.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

d752db0d613e4892a47370f2f88e48cbd06c4cea9cce40f068918c9e59841ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:02:11 GMT
server: nginx
etag: "65f98cd3-5d76"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 23926
expires: Thu, 18 Apr 2024 16:37:27 GMT

GET
H2 200 jc.png
c-wzw-d.dothansecurity.com/yjjy/images/ Frame 8981 14 KB
14 KB 62ms
48ms Image
image/png 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/images/jc.png

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

d1cdacfca4acb6ba851ec84e1bce56863166d935a784ed89a7c381046cd1417f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 08 Apr 2023 12:09:16 GMT
server: nginx
etag: "6431596c-3870"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14448
expires: Thu, 18 Apr 2024 16:37:27 GMT

GET
H2 200 amtu.jpg
c-wzw-d.dothansecurity.com/yjjy/images/ Frame 8981 36 KB
36 KB 63ms
49ms Image
image/jpeg 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/images/amtu.jpg

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

8927cc5b8726ffb42424a6e9fc660ce08bdf4d21e746ac2140235c5d2da7853b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 08 Apr 2022 15:54:17 GMT
server: nginx
etag: "62505aa9-90b4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 37044
expires: Thu, 18 Apr 2024 16:37:27 GMT

GET
H2 200 xgtu.jpg
c-wzw-d.dothansecurity.com/yjjy/images/ Frame 8981 35 KB
35 KB 64ms
50ms Image
image/jpeg 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/images/xgtu.jpg

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

343dd0e71768c9c47c3e0a3240a71ab809bbeec23696905ea5f49468ccfc430b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 08 Apr 2022 15:54:18 GMT
server: nginx
etag: "62505aaa-8b00"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 35584
expires: Thu, 18 Apr 2024 16:37:27 GMT

GET
H2 200 kjrq.jpg
c-wzw-d.dothansecurity.com/yjjy/images/ Frame 8981 128 KB
128 KB 64ms
50ms Image
image/jpeg 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/images/kjrq.jpg

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

eb27fef166ca206deef21cad940584e57c5ac192032032983b0fbaac8bbd10ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 18 Mar 2024 13:59:57 GMT
server: nginx
etag: "65f848dd-1ff30"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 130864
expires: Thu, 18 Apr 2024 16:37:27 GMT

GET
H2 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 8981 665 KB
666 KB 318ms
89ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 302955
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=od4NcJ5U36QGSGr8ySv2llbjngeMOWEHvXWcRduiwuVQyul%2B%2BbJc0bcJC0XQKSW7SWZ3neW9mHIZwWQZv14jD85rZ1L0If8PdpNxQ1Zwf9n87hNiKD9TxiUER%2F3K7%2FUOe9rGdic0Plbkienmvq0tSJDPksHqmf%2B2UJa2H1uMZvNL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee321f9716aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 04:06:19 GMT

GET
H2 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame 8981 810 KB
811 KB 319ms
90ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 302955
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T64Aw1K0Fuzl%2Bff65hjH6HMFXMtYN00oLzgGAgsatQLuJ6vtZfPWlwgaGfJda9h4hTyZQ17oxOHsOslyR0e6VLfCqFtk6Jsbs0WFuZ7Vj6%2BvaDkH5QraxrCc7EiSv0Aqh1M9381P5WXAUzkZw7mACEbphIg%2F4v09MXLNk64aLzra"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee321f9726aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H/1.1 200
OK 712x45.gif
9831tc.com/tp/ Frame 8981 223 KB
224 KB 1110ms
168ms Image
image/gif 107.148.194.20
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x45.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.20 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 869ffb7a3a3d291d2c8ef6aef734053a991b2afcf43d41604d134cbb1cb3bf66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
Via: s202311125925
Last-Modified: Sat, 09 Mar 2024 08:15:20 GMT
Server: openresty
ETag: "65ec1a98-37dfc"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 228860
Expires: Sat, 13 Apr 2024 07:30:46 GMT

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 8981 282 KB
283 KB 275ms
47ms Image
image/gif 2606:4700:3036::6815:30b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:30b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 257905
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THKvyyglJgqfvuQnJxySYU%2FwXZEH%2FxAYMDruGRXOod3ErJAL6rk12EpzekljuYMHGyYKZyCBbLlPpsOQIa94myzhLAUii%2B1qgpoSXzmNWPEbA5wAWKEygNWYAcKmdZbwvUXEa2apSpXUHKOsHrGeXpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee321ff456aee-BUF
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 8981 223 KB
224 KB 332ms
104ms Image
image/gif 204.12.215.68
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.12.215.68 , United States, ASN32097 (WII, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 05 Mar 2023 13:47:32 GMT
server: nginx
etag: "64049d74-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Thu, 18 Apr 2024 16:37:28 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 8981 156 KB
156 KB 1883ms
157ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 26ecc44ea9ce6c5b0b8095fe4bbb846c7a0603c68ab9bec243f1b7e522ab9ca1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: 192.74.245.115
Last-Modified: Fri, 08 Mar 2024 04:38:22 GMT
Server: openresty
ETag: "65ea963e-26ecf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159439
Expires: Tue, 09 Apr 2024 18:30:32 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame 8981 184 KB
184 KB 797ms
167ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
Via: 198.2.211.134
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:09 GMT

GET
H2 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame 8981 49 KB
49 KB 284ms
58ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 308449
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Sat, 16 Mar 2024 02:56:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TY2VoE1TXkZRh6CS0UrpSMTQQTW%2BbrCsvT930nx6x7aCKk4FcnRJVfl92LBHbB9n%2FTrlOCT3dlhW%2Fk6iCrburhaLaWfj859qw941hwUuQ42pVu9vD7Hure5Dzg7KfBQeJreEfGO1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee321feb74bc1-BUF
expires: Sun, 16 Mar 2025 02:56:37 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame 8981 151 KB
151 KB 972ms
521ms Image
image/gif 198.2.204.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.204.100 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311201087
Last-Modified: Fri, 15 Mar 2024 07:36:13 GMT
Server: openresty
ETag: "65f3fa6d-25aa2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154274
Expires: Thu, 18 Apr 2024 09:59:15 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame 8981 193 KB
193 KB 1175ms
720ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
Via: s202311127594
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Tue, 09 Apr 2024 18:31:16 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame 8981 148 KB
148 KB 2084ms
446ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202311041118
Last-Modified: Fri, 08 Mar 2024 04:43:09 GMT
Server: openresty
ETag: "65ea975d-24fca"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151498
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame 8981 177 KB
177 KB 1174ms
716ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
Via: s202311127594
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Tue, 09 Apr 2024 18:31:17 GMT

GET
H2 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame 8981 662 KB
663 KB 149ms
53ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 269295
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uw%2FsucWc6n8%2BweHkS2RDZFRc7u07sKMyqx0hW07MeJNVO3lN2%2BQvKf7acnX%2Fw9JjtkCH9nRabjOppSfqHHGpwPhsoSOGKpEIQ5pJqdE39CZ%2FZxiWutHzeHBpXU9VEyIPaQ45oK3PNZo2dPHWIX4szOhDwIcgEBpr%2BZRMCOMIqvG%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee321f96e6aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/mt2023/ Frame 8981 439 KB
440 KB 244ms
42ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 11:56:15 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 189673
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:17 GMT
server: nginx
etag: "65843a29-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: -ey42BNJgtDdmoxJSH1xXAtjrsiMa79zbbu44DHZ_Wg7mg5yBY_COQ==
expires: Tue, 16 Apr 2024 11:56:15 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/yh2023/ Frame 8981 515 KB
516 KB 243ms
40ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

429c8931b011306890c24ab196951b3e1108bb616233dd6fdb770f96de03c8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 15:38:51 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2163517
x-cache: Hit from cloudfront
content-length: 527165
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:59:02 GMT
server: nginx
etag: "65b0df66-80b3d"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: uxIjCHJ6TqW3BNCQAFk_7nw6jR1T9QYGxtP7N7aeBHCay9UIFgtuoA==
expires: Sun, 24 Mar 2024 15:38:51 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame 8981 247 KB
247 KB 754ms
303ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

40738d044722cf89c6ad117b82b29a4b17df7742054175d7662b881bbbe129fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Tue, 12 Mar 2024 10:12:59 GMT
Server: openresty
ETag: "65f02aab-3dacd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 252621
Expires: Thu, 11 Apr 2024 10:22:25 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/jnc2023/ Frame 8981 813 KB
814 KB 272ms
69ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0213d222cde6635318d13abab105a6684a6fb00c14831e5302dbedf68d8b2d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 09:05:47 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 1063901
x-cache: Hit from cloudfront
content-length: 832563
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:23:53 GMT
server: nginx
etag: "6502fb59-cb433"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: HarMucr_2ZuIFJ9OZGNTntQFpRMTFTcRS5pQRe61fdfRomccKlAXbg==
expires: Sat, 06 Apr 2024 09:05:47 GMT

GET
H2 200 980-60.gif
z4a.net/images/2024/03/16/ Frame 8981 360 KB
361 KB 415ms
316ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2024/03/16/980-60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07100fd0de2bde9de57b7a033b4de6c2aa197e5503fd8ea33796eb20d8c824b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 368990
pragma: public
last-modified: Tue, 19 Mar 2024 16:37:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OZKZWdxnHnjRHAr7xBxbClhHxRxRYyUvQ6cjdRmsr5ibkaclFTYRmjEzY4pU4LZtbG2eTspjiOZ%2B%2Fi3VUdQipKtlALOBdri6TpTu0ewZkS1CfRvxJ7wt9sIKJ%2BBEaj6zgaTYgDop"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee321feb64bc1-BUF
expires: Wed, 19 Mar 2025 16:37:28 GMT

GET
H/1.1 200
OK 96.gif
www.gggttt888.com/ Frame 8981 266 KB
266 KB 2730ms
1100ms Image
image/gif 149.104.32.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gggttt888.com/96.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.104.32.243 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-One-Cache: HIT
Date: Tue, 19 Mar 2024 16:37:30 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 23 Feb 2024 07:15:45 GMT
Server: nginx/onex
ETag: "65d84621-426d8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272088
Expires: Sun, 14 Apr 2024 07:16:15 GMT

GET
H2 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame 8981 272 KB
272 KB 221ms
88ms Image
image/gif 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307060
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNeB1Cdi74HF9toN0khCWG05UqOenjWg2SapxdzbHnVCWC2f1UHYHVkr0GrQmjoRO1iChd8OLNfd6PiVK%2FSuPecP3G%2FGiVCepHBHMS5vxbNLRJUdNHCBdhwn8zPB4oujOjzhTdNnV0%2BMzVH1bk%2B2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee32228f94bcf-BUF
expires: Sun, 16 Mar 2025 03:19:48 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame 8981 225 KB
225 KB 2813ms
1177ms Image
image/gif 107.148.207.6
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.207.6 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: def98b66bace03c5106e848e6895fb5db5f87231183e957e07e463c7bbe2410f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202311043030
Last-Modified: Fri, 08 Mar 2024 05:24:49 GMT
Server: openresty
ETag: "65eaa121-38499"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230553
Expires: Tue, 16 Apr 2024 05:04:21 GMT

GET
H2 200 tm-59-960x80.gif
www.5959tupian.com/59/ Frame 8981 218 KB
219 KB 153ms
53ms Image
image/gif 2606:4700:3030::ac43:a687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5959tupian.com/59/tm-59-960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:a687 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199be700b406ff6fa732be020dbcfa5185ed15d3056b9d32cb25eb8b2f44b937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307072
alt-svc: h3=":443"; ma=86400
content-length: 223694
last-modified: Sun, 26 Nov 2023 06:38:53 GMT
server: cloudflare
etag: "6562e7fd-369ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lNEGCdXGTZzb4YJgm8llWD3nLOD%2ByxW%2BWKGKfDyTmJFdyIh9dcPqUQ5ZJ%2BF6Q2nJYp7gTExSfIb8TsiPSrRF2Jjipd1MTG3aAlq2gbYgtz%2B8VJEv%2FGFf11OWiv5esJWDK64o0Pc8KOtNSdxZWBmZLmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee321f8cd4bd3-BUF
expires: Tue, 26 Mar 2024 10:06:45 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame 8981 161 KB
161 KB 3470ms
1832ms Image
image/gif 192.74.238.48
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.238.48 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:31 GMT
Via: s202311202980
Last-Modified: Mon, 05 Feb 2024 10:00:55 GMT
Server: openresty
ETag: "65c0b1d7-283d6"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164822
Expires: Tue, 09 Apr 2024 18:32:12 GMT

GET
H2 200 0290.gif
opjkb29vcbd44ftq.com/ Frame 8981 371 KB
372 KB 302ms
97ms Image
image/gif 204.12.215.70
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opjkb29vcbd44ftq.com/0290.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.12.215.70 , United States, ASN32097 (WII, US),

Reverse DNS

Software

nginx /

Resource Hash

3b4498994b7903bc80914463089566c29a250b8be38736c02364581720d98253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 11 Feb 2023 00:30:15 GMT
server: nginx
etag: "63e6e197-5cd0d"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 380173
expires: Thu, 18 Apr 2024 16:37:28 GMT

GET
H/1.1 200
OK 712x45.gif
6151tp.com/ Frame 8981 394 KB
395 KB 971ms
199ms Image
image/gif 198.2.192.67
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6151tp.com/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.192.67 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

96f0d1646bfcb0a8309d8ecfb44f6584ddbc57ae0ee67ae1c8ab3766e01e55c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
Via: s202310302439
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 08 Mar 2024 05:27:12 GMT
Server: openresty
ETag: "65eaa1b0-62912"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 403730
Expires: Tue, 09 Apr 2024 18:30:51 GMT

GET
H2 200 75070.gif
img.ooo-05.ltd/facaile/ Frame 8981 555 KB
556 KB 152ms
46ms Image
image/gif 2606:4700:3030::6815:152b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-05.ltd/facaile/75070.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:152b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307062
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gl8R7sfzwZ1MAyzTRLjlGhOcL0PaoXiV%2FkjSb5cfn7w3PFq9nOw9IW24tBRaFqFd45G6IOCiXeelmSjNlt%2FsCuaABUdSpUYFtL6R9PH%2F1fdMjUbqrYlFo2DOm098OAdmCvDQ%2Fq84ms0jf7fe5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee321f9054bc3-BUF
expires: Fri, 05 Apr 2024 07:50:37 GMT

GET
H/1.1 200
OK 712x45-9.gif
6399tp.com/tp/ Frame 8981 424 KB
425 KB 592ms
119ms Image
image/gif 137.175.108.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-9.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.108.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: disconcertingly.titlement.org
Software: openresty /
Resource Hash: fb0a43bd93b8706690dda180207e83ff268ae480f9f85adec39d5e5b0b69f290

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
Via: s202401292217
Last-Modified: Fri, 02 Feb 2024 13:59:07 GMT
Server: openresty
ETag: "65bcf52b-6a179"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 434553
Expires: Tue, 09 Apr 2024 18:31:34 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame 8981 300 KB
301 KB 577ms
108ms Image
image/gif 137.175.108.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.108.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: disconcertingly.titlement.org
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
Via: s202401292217
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Tue, 09 Apr 2024 18:31:34 GMT

GET
H2 200 712x45.gif
v.tu05v46466.ltd/40/ Frame 8981 247 KB
248 KB 155ms
48ms Image
image/gif 2606:4700:3033::6815:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.tu05v46466.ltd/40/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2024 04:25:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10269
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=541LGWBwuafU%2F6%2Bnr3WW48JfrPsKIV3VGasI%2BUYwn2Gpt8His6TY0EvY%2BTY78WzBoldZ8JAkl2KGXlP4XJUjLO%2B6GETI%2Fhiy%2F%2FRATLGzvqQeowcrZ%2BBcXjqZ75OnshtP4pvpXBYbfZVgvrh4C%2Ft5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee321f8d04bd3-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 17 Apr 2024 04:25:40 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 8981 375 KB
376 KB 791ms
285ms Image
image/gif 142.4.127.78
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.127.78 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
Via: s202311058517
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H/1.1 200
OK e20212307abf2gg1234kj.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 8981 80 KB
81 KB 859ms
639ms Image
application/octet-stream 47.253.28.51
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss118.oss-accelerate.aliyuncs.com/231209/e20212307abf2gg1234kj.acc
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.28.51 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: c9da3c7b1fc4ce189893751e256192ae6f4ed32d0a16a9a6254a06d0be58d0a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
x-oss-request-id: 65F9BF48BB04C5283854D9F1
Content-MD5: m6/hWIDlvFKGwEtOAyuuKw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 81868
x-oss-object-type: Normal
Last-Modified: Sat, 09 Dec 2023 08:36:54 GMT
Server: AliyunOSS
ETag: "9BAFE15880E5BC5286C04B4E032BAE2B"
Content-Type: application/octet-stream
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3166039558527147683
x-oss-server-time: 1

GET
H/1.1 200
OK 999656bd7cb3cgg1233.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 8981 82 KB
83 KB 538ms
325ms Image
application/octet-stream 47.253.28.51
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss118.oss-accelerate.aliyuncs.com/231209/999656bd7cb3cgg1233.acc
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.28.51 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: c3c2772cd2b65562f1d527e0733f7418e4451f1bf29bc63cf22fe382e076fc93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
x-oss-request-id: 65F9BF4834D7B3E6A86BC3B3
Content-MD5: CQDQMH5ePlA+WwhC14SzvA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 84373
x-oss-object-type: Normal
Last-Modified: Sat, 09 Dec 2023 08:36:54 GMT
Server: AliyunOSS
ETag: "0900D0307E5E3E503E5B0842D784B3BC"
Content-Type: application/octet-stream
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8087804948608928365
x-oss-server-time: 2

GET
H2 200 kj.js Show response
c-wzw-d.dothansecurity.com/yjjy/ Frame 8981 5 KB
2 KB 63ms
50ms Script
application/javascript 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/kj.js

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

1d15304f542f853a7d1ae5b4ceb04935770e998ee3a4a088c71da76d94ec6f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sun, 03 Mar 2024 05:08:19 GMT
server: nginx
etag: W/"65e405c3-14cd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Wed, 20 Mar 2024 04:37:27 GMT

GET
H2 200 a70d03d388b860ff.gif
img11.chkaja.com/files/20240303/ Frame 8981 1 MB
1 MB 173ms
47ms Image
image/gif 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240303/a70d03d388b860ff.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0ed245e2c2d5d45af20516b14ca92673efe3e876318195245c906622ad904cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307060
alt-svc: h3=":443"; ma=86400
content-length: 1114508
last-modified: Sun, 03 Mar 2024 14:21:25 GMT
server: cloudflare
etag: "65e48765-11018c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L9DDLoHkn%2B%2Bk%2BF%2BfZhiWYQ9%2FRZ86ez%2FrTEKh7FfH9JURwpIFECRnpTLfzCe4Iv0qZw%2F18SBjOTzHQ%2BIHqURxfAjB7memaAtW4eZhc6kB9DjP%2Bed0o%2FJPBa8FDN%2BAz0oEsM2GAPSDEWFH%2BZ4zrkBW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee32228fb4bcf-BUF
expires: Sun, 16 Mar 2025 03:19:48 GMT

GET
H2 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame 8981 50 KB
50 KB 155ms
63ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81754
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Mon, 18 Mar 2024 17:54:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=daOMYJSRqZ%2F2fNeCtQRN7YZHrDEHQYkRiZvDOZRTVVEbkxkjjcxkXECPWM7KR1jrUIvkzrBfdUwMr6HRdsZ5SlwHOFGlMYVn12LIqE3mQjK5m4espjTkvlqLz5Q7hJn%2BMoyeiAeA"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee321feb84bc1-BUF
expires: Tue, 18 Mar 2025 17:54:54 GMT

GET
H2 200 11.gif
c-wzw-d.dothansecurity.com/yjjy/images/ Frame 8981 21 KB
21 KB 56ms
50ms Image
image/gif 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/images/11.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

37819646264a5a312285098c6f10efd89b050abc62f4faad27888fb001855fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 22 Jan 2024 14:14:52 GMT
server: nginx
etag: "65ae785c-54bc"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 21692
expires: Thu, 18 Apr 2024 16:37:27 GMT

GET
H2 200 22.gif
c-wzw-d.dothansecurity.com/yjjy/images/ Frame 8981 22 KB
22 KB 56ms
51ms Image
image/gif 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/images/22.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

c95eb8a826fb9a101d03b69f2cd6abd2dd58e3298771f9274eabfee620ee7002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 22 Jan 2024 14:14:55 GMT
server: nginx
etag: "65ae785f-585e"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22622
expires: Thu, 18 Apr 2024 16:37:27 GMT

GET
H2 200 sbx.jpg
c-wzw-d.dothansecurity.com/yjjy/images/ Frame 8981 241 KB
241 KB 56ms
51ms Image
image/jpeg 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/images/sbx.jpg

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

d3509663f6d9537c77a551a6872291e6812d388bdda0a39189e5d58f66144d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/yjjy/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 18 Mar 2024 08:31:03 GMT
server: nginx
etag: "65f7fbc7-3c351"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 246609
expires: Thu, 18 Apr 2024 16:37:27 GMT

GET
H2 200 /
images.weserv.nl/ Frame 8981 129 KB
130 KB 285ms
160ms Image
image/jpeg 2606:4700:3038::6815:eabb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://tk.xinchangcheng.net:4949/col/32/fhtjt.jpg

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eabb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc6cf1c5b5109ead8c74df5e6ff7e77edd43476fb0c04499e9fab7e110658b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-images-api: 5
date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status: MISS
x-upstream-response-length: 102788
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.jpg
alt-svc: h3=":443"; ma=86400
content-length: 132566
last-modified: Tue, 19 Mar 2024 14:18:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4e6yznRnbewBpPCG3rREOad%2BlFZ%2B5X3ef%2BZFMLD48dGxDiW2LJ3MRSAhikiICbqZHLrqtDzQysU%2BfXjTMKI3w5wUE5x0M8AJltn%2FSRGhCScKpiV1kOvYWahszZaS67aKMnudX7xcryrtfdd5DNBa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
link: <https://tk.xinchangcheng.net:4949/col/32/fhtjt.jpg>; rel="canonical"
cf-ray: 866ee32229104bd2-BUF
expires: Wed, 19 Mar 2025 14:18:56 GMT

GET
H2 200 dbk.html Show response
ztwyqsgdh.dglietou.com/bm/ Frame 0119 3 KB
1 KB 217ms
78ms Document
text/html 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/dbk.html

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/tb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

48af746bad6e3fc77ae53152ef8d8d6741a7142236c625cfdaf9c12129bb6049

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c-wzw-d.dothansecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Tue, 19 Mar 2024 16:37:28 GMT
etag: W/"65d168fe-b6e"
expires: Thu, 18 Apr 2024 16:37:28 GMT
last-modified: Sun, 18 Feb 2024 02:18:38 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 55049.html Show response
ztwyqsgdh.dglietou.com/ambm/ Frame D4E9 5 KB
2 KB 218ms
80ms Document
text/html 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/55049.html

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

e9d7f97bb60f32954c867446ed96bcf3ab6fb84b7fdb7043605514d67ceb9bf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c-wzw-d.dothansecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Tue, 19 Mar 2024 16:37:28 GMT
etag: W/"65f96175-13b8"
expires: Thu, 18 Apr 2024 16:37:28 GMT
last-modified: Tue, 19 Mar 2024 09:57:09 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 style.css
c-wzw-d.dothansecurity.com/yjjy/images/ Frame 8981 16 KB
4 KB 42ms
37ms Stylesheet
text/css 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/images/style.css

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/images/sty1e.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

dd11f7490b161e879c0d7bc102dd3a6f6c4957ac53e1d1cf409ab82678b0c723

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/yjjy/images/sty1e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 09 Feb 2023 02:45:38 GMT
server: nginx
etag: W/"63e45e52-416f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Wed, 20 Mar 2024 04:37:27 GMT

GET
H2 410 bg.gif
www.80656.com/tu/ Frame 8981 0
0 858ms
468ms Image
image/gif 52.58.78.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.80656.com/tu/bg.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/images/sty1e.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.58.78.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-78-16.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 200 55049.html Show response
ztwyqsgdh.dglietou.com/bm/ Frame 50F6 5 KB
2 KB 59ms
58ms Document
text/html 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/55049.html

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/kj.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

5e6e8822be6b98795e00c7c85413868de5978c284cdcf33e9c476e512a8ecbc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c-wzw-d.dothansecurity.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=2592000
content-encoding: gzip
content-type: text/html
date: Tue, 19 Mar 2024 16:37:28 GMT
etag: W/"65f96371-14b8"
expires: Thu, 18 Apr 2024 16:37:28 GMT
last-modified: Tue, 19 Mar 2024 10:05:37 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 7e6200fc2c83a2d7.png
img10.chkaja.com/files/20240131/ 30 KB
30 KB 52ms
50ms Image
image/png 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img10.chkaja.com/files/20240131/7e6200fc2c83a2d7.png

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab2cd080a261ee4c75d7677666efcbd3496ab2e3d3595122ff3b98dc9e51cdd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 257905
alt-svc: h3=":443"; ma=86400
content-length: 30346
last-modified: Wed, 31 Jan 2024 07:58:56 GMT
server: cloudflare
etag: "65b9fdc0-768a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AD5jGzJOLEs8xPUTD%2FXoT1wa915Nj3peChJHxfdKFjNxeAgISvRayZNdUxDhquvvKSA26v3BGswFHws0CUdx1PLFP%2FE%2Bft%2FG%2FCz3Wu%2FehrmaPqnZhql%2Bi7uZi4cpiaah4VOJtKj2y%2ButiPZxfhoz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee323ed234bc7-BUF
expires: Sun, 16 Mar 2025 16:59:02 GMT

GET
H2 200 bc.htm Show response
c-wzw-d.dothansecurity.com/yjjy/ Frame 75B3 10 KB
3 KB 40ms
38ms Document
text/html 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

91c58fa56de5ce256262d5b91730f86a96ba866e8bfbe675cd88121f4ed745ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c-wzw-d.dothansecurity.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 19 Mar 2024 16:37:28 GMT
etag: W/"65f7a8c5-28b8"
last-modified: Mon, 18 Mar 2024 02:36:53 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 0119 87 KB
34 KB 64ms
54ms Script
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/dbk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ztwyqsgdh.dglietou.com/bm/dbk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 06 May 2022 05:13:48 GMT
server: nginx
etag: W/"6274ae8c-15d9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 18 Apr 2024 16:37:28 GMT

GET
H2 200 bm.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 0119 13 KB
5 KB 112ms
104ms Script
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bm.js

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/dbk.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

df830b41abb521d2ed1af5a0e1d5c72d12723f8847ff46b99f4f79807d245c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ztwyqsgdh.dglietou.com/bm/dbk.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 11:25:26 GMT
server: nginx
etag: W/"65cca326-3240"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 18 Apr 2024 16:37:28 GMT

GET
H2 200 jquery.min.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame D4E9 87 KB
34 KB 119ms
114ms Script
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/55049.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ztwyqsgdh.dglietou.com/ambm/55049.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 05 May 2022 06:09:40 GMT
server: nginx
etag: W/"62736a24-15d9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 18 Apr 2024 16:37:28 GMT

GET
H2 200 bm.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame D4E9 13 KB
5 KB 126ms
121ms Script
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bm.js

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/55049.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

9b5907b62383388f889a511131ec954d2c798fa6a132601fbf67b9bf1e1c8bd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ztwyqsgdh.dglietou.com/ambm/55049.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 10 Feb 2024 05:57:15 GMT
server: nginx
etag: W/"65c7103b-3242"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 18 Apr 2024 16:37:28 GMT

GET
H2 200 bc.htm Show response
c-wzw-d.dothansecurity.com/yjjy/ Frame 8401 10 KB
3 KB 48ms
23ms Document
text/html 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

91c58fa56de5ce256262d5b91730f86a96ba866e8bfbe675cd88121f4ed745ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c-wzw-d.dothansecurity.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 19 Mar 2024 16:37:28 GMT
etag: W/"65f7a8c5-28b8"
last-modified: Mon, 18 Mar 2024 02:36:53 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 50F6 87 KB
34 KB 46ms
45ms Script
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/55049.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ztwyqsgdh.dglietou.com/bm/55049.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 06 May 2022 05:13:48 GMT
server: nginx
etag: W/"6274ae8c-15d9d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 18 Apr 2024 16:37:28 GMT

GET
H2 200 bm.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 50F6 13 KB
5 KB 53ms
53ms Script
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bm.js

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/55049.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

df830b41abb521d2ed1af5a0e1d5c72d12723f8847ff46b99f4f79807d245c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ztwyqsgdh.dglietou.com/bm/55049.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 11:25:26 GMT
server: nginx
etag: W/"65cca326-3240"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 18 Apr 2024 16:37:28 GMT

GET
H/1.1 200
OK 712x90.gif
9831tc.com/tp/ Frame 75B3 390 KB
391 KB 331ms
163ms Image
image/gif 107.148.194.20
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x90.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.20 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b552615f18515ad01914f7967d26a8b9b578bcce732f66a2823e9afe65e6146d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:28 GMT
Via: s202311125925
Last-Modified: Sat, 09 Mar 2024 08:15:28 GMT
Server: openresty
ETag: "65ec1aa0-618ba"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 399546
Expires: Fri, 12 Apr 2024 07:23:12 GMT

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 75B3 282 KB
283 KB 44ms
43ms Image
image/gif 2606:4700:3036::6815:30b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:30b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:28 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 257906
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L0ON6%2FeA34mxfcGkeiboyrwxMEay%2BGE1KR5GiaMoThDA9o1LlvfCI%2Fio21RQJfHibMfNER%2F2uCy3deCfg63nGJ2ZEAdRUrVkWdi3%2F%2Biyy564uNXo6DYQ6aXLYCCGzIZ%2BR8vzE1uZK3fjYatYeLcUhug%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee326e90f6aee-BUF
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame 75B3 184 KB
184 KB 87ms
87ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: 198.2.211.134
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:09 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/jnc2023/ Frame 75B3 813 KB
814 KB 120ms
0ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0213d222cde6635318d13abab105a6684a6fb00c14831e5302dbedf68d8b2d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 09:05:47 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 1063902
x-cache: Hit from cloudfront
content-length: 832563
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:23:53 GMT
server: nginx
etag: "6502fb59-cb433"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: xo3jlLb8jBX6FxFbnRWFeVZHTlAefuln61KSh05DDaYelOCITV81lw==
expires: Sat, 06 Apr 2024 09:05:47 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/yh2023/ Frame 75B3 515 KB
516 KB 488ms
367ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

429c8931b011306890c24ab196951b3e1108bb616233dd6fdb770f96de03c8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 15:38:51 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2163518
x-cache: Hit from cloudfront
content-length: 527165
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:59:02 GMT
server: nginx
etag: "65b0df66-80b3d"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: -NBrctkNTw3zpNVBqc4d7uMNnH4bh0qVIKgpBUKamMPGxwz91gUrgA==
expires: Sun, 24 Mar 2024 15:38:51 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame 75B3 225 KB
225 KB 1366ms
416ms Image
image/gif 107.148.207.6
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.207.6 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: def98b66bace03c5106e848e6895fb5db5f87231183e957e07e463c7bbe2410f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202311043030
Last-Modified: Fri, 08 Mar 2024 05:24:49 GMT
Server: openresty
ETag: "65eaa121-38499"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230553
Expires: Tue, 16 Apr 2024 05:04:21 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 75B3 223 KB
224 KB 170ms
46ms Image
image/gif 204.12.215.68
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.12.215.68 , United States, ASN32097 (WII, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 05 Mar 2023 13:47:32 GMT
server: nginx
etag: "64049d74-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Thu, 18 Apr 2024 16:37:29 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 75B3 156 KB
156 KB 519ms
176ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 26ecc44ea9ce6c5b0b8095fe4bbb846c7a0603c68ab9bec243f1b7e522ab9ca1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: 192.74.245.115
Last-Modified: Fri, 08 Mar 2024 04:38:22 GMT
Server: openresty
ETag: "65ea963e-26ecf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159439
Expires: Tue, 09 Apr 2024 18:30:32 GMT

GET
H2 200 0290.gif
opjkb29vcbd44ftq.com/ Frame 75B3 371 KB
372 KB 1259ms
1135ms Image
image/gif 204.12.215.70
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opjkb29vcbd44ftq.com/0290.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.12.215.70 , United States, ASN32097 (WII, US),

Reverse DNS

Software

nginx /

Resource Hash

3b4498994b7903bc80914463089566c29a250b8be38736c02364581720d98253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 11 Feb 2023 00:30:15 GMT
server: nginx
etag: "63e6e197-5cd0d"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 380173
expires: Thu, 18 Apr 2024 16:37:29 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame 75B3 151 KB
151 KB 232ms
110ms Image
image/gif 198.2.204.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.204.100 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311201087
Last-Modified: Fri, 15 Mar 2024 07:36:13 GMT
Server: openresty
ETag: "65f3fa6d-25aa2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154274
Expires: Thu, 18 Apr 2024 09:59:15 GMT

GET
H/1.1 200
OK 712x45-9.gif
6399tp.com/tp/ Frame 75B3 424 KB
425 KB 268ms
195ms Image
image/gif 137.175.108.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-9.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.108.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: disconcertingly.titlement.org
Software: openresty /
Resource Hash: fb0a43bd93b8706690dda180207e83ff268ae480f9f85adec39d5e5b0b69f290

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202401292217
Last-Modified: Fri, 02 Feb 2024 13:59:07 GMT
Server: openresty
ETag: "65bcf52b-6a179"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 434553
Expires: Tue, 09 Apr 2024 18:31:34 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame 75B3 300 KB
301 KB 157ms
82ms Image
image/gif 137.175.108.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.108.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: disconcertingly.titlement.org
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202401292217
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Tue, 09 Apr 2024 18:31:34 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame 75B3 193 KB
193 KB 488ms
365ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202311127594
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Tue, 09 Apr 2024 18:31:16 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame 75B3 247 KB
247 KB 207ms
105ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

40738d044722cf89c6ad117b82b29a4b17df7742054175d7662b881bbbe129fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Tue, 12 Mar 2024 10:12:59 GMT
Server: openresty
ETag: "65f02aab-3dacd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 252621
Expires: Thu, 11 Apr 2024 10:22:25 GMT

GET
H2 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame 75B3 49 KB
49 KB 170ms
48ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 308451
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Sat, 16 Mar 2024 02:56:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ij38ArvqGmL%2Fr81mSNtUu7JswkInhbzl30gBW2aYq4GkOyuRyqZmkzCN2AXRyvxCX3dv%2FfVBN8PlW2CqqJiVxj4%2Bwvrt0LYwD%2BtmdzJ8f91Jdgvd0tbk5lfKQr%2Fe6MTT9mLxhCMI"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329e9f54bc1-BUF
expires: Sun, 16 Mar 2025 02:56:37 GMT

GET
H3 200 a70d03d388b860ff.gif
img11.chkaja.com/files/20240303/ Frame 75B3 1 MB
1 MB 147ms
44ms Image
image/gif 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240303/a70d03d388b860ff.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0ed245e2c2d5d45af20516b14ca92673efe3e876318195245c906622ad904cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307061
alt-svc: h3=":443"; ma=86400
content-length: 1114508
last-modified: Sun, 03 Mar 2024 14:21:25 GMT
server: cloudflare
etag: "65e48765-11018c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qYNIMmaEmrXSZ4xUNRKYEQ09uKtgkLwgWq9S6RoIe5XnHiwHAOwFoL%2FxxFm77K9neUx%2BQ8SGui1s8x0MmMdsjAKjor%2FV9%2Fo22cVTfXysN6vsfJbcxJ0Zm6YeDRRisoYs8byKIHdukx7FP8NagbHO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329d8ad4bd5-BUF
priority: u=3,i
expires: Sun, 16 Mar 2025 03:19:48 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 75B3 375 KB
376 KB 217ms
113ms Image
image/gif 142.4.127.78
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.127.78 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202311058517
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame 75B3 148 KB
148 KB 1742ms
1473ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202311041118
Last-Modified: Fri, 08 Mar 2024 04:43:09 GMT
Server: openresty
ETag: "65ea975d-24fca"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151498
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H2 200 712x45.gif
v.tu05v46466.ltd/40/ Frame 75B3 247 KB
247 KB 180ms
62ms Image
image/gif 2606:4700:3033::6815:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.tu05v46466.ltd/40/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2024 04:25:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10270
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jLmND%2BHrxwewQ%2BawamUYMMHA4hhi6OeZI025C%2BVO2ie0GRqFNXn62hAz7OmlpXz%2FzPZ0%2FD4oOXUIVXqaVK9jraKGJ7W01ph15ufPSaO2iVdgzZDwibBLVscsE5%2Borjm7zw%2BFI3iO7BHgwD9WSb6R"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ebe14bd3-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 17 Apr 2024 04:25:40 GMT

GET
H/1.1 200
OK 96.gif
www.gggttt888.com/ Frame 75B3 266 KB
266 KB 742ms
222ms Image
image/gif 149.104.32.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gggttt888.com/96.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.104.32.243 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-One-Cache: HIT
Date: Tue, 19 Mar 2024 16:37:29 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 23 Feb 2024 07:15:45 GMT
Server: nginx/onex
ETag: "65d84621-426d8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272088
Expires: Sun, 14 Apr 2024 07:16:15 GMT

GET
H2 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame 75B3 662 KB
663 KB 150ms
34ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 269297
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JfmqeJQKt4nQ4XsKhDM5yVBwfvK6Z06ItdkRB40HCfoqp5VS%2F8Ut%2FAAs26hGgnW%2FBVzr3NJsYMigplq22jwdmuQVmECIDpMcKyXiEfS5xtR5DF3JKLdjci47Zo%2Bw6B5MdXKTZQ%2F6v9e83GtYs7nIEGYiLEbOsqSrXyXPPz1JtlrZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ecab6aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H2 200 tm-59-960x80.gif
www.5959tupian.com/59/ Frame 75B3 218 KB
219 KB 1261ms
1145ms Image
image/gif 2606:4700:3030::ac43:a687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5959tupian.com/59/tm-59-960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:a687 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199be700b406ff6fa732be020dbcfa5185ed15d3056b9d32cb25eb8b2f44b937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307073
alt-svc: h3=":443"; ma=86400
content-length: 223694
last-modified: Sun, 26 Nov 2023 06:38:53 GMT
server: cloudflare
etag: "6562e7fd-369ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CwNVn6JjFer15kqy2yJEHpK22j72SZCBXj5sQHDirN1%2B%2Fv8SWarul8gPFBJ0bwjCafmqWtvQnKtziTqzje0rx9OYSBeA3Rkan2jhSpGlCAP5y1Kpn4S%2BDR261dgeQNJz9vxDFUgmj9ascWyyqC%2FX5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee329ebe24bd3-BUF
expires: Tue, 26 Mar 2024 10:06:45 GMT

GET
H2 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 75B3 665 KB
666 KB 142ms
38ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 302956
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5SotuG4lYb1OBMlv5jnKwU7L68lc8CnlcgTWHiU%2Fv3Y%2BeF05eU1dq5i06noGGHbw3%2BdjAolUXMiPOBCgov3k%2B9QKdGLTceMk8DlCPwLXLqFXQHA%2FC0hhQyL%2BjMttYltchxaRl%2FkwSf30Qx3v%2BHYrwtNAIri7DIRocAfgmNrmRlIj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ecac6aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 04:06:19 GMT

GET
H2 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame 75B3 810 KB
811 KB 142ms
40ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 302956
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80n9lYZpwP%2Blc4vOG7VuEY3KJZB4fUfWYIpVSeOe%2FZ3JgA%2BRpQ%2BmJM7QLZZoCWcReYqMelXxOvkbV9AqcJ2S1zx%2BLcMewpJ3%2FqqWiQ02ZN93xSzubYzY9y%2FJSEVVXK7jyYU8L1S2zQ3f%2Bb1sm%2FMyLQ03p%2BMASGlXS8W%2BvSZHsq0C"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ecad6aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame 75B3 161 KB
161 KB 1220ms
117ms Image
image/gif 192.74.238.48
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.238.48 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202311202980
Last-Modified: Mon, 05 Feb 2024 10:00:55 GMT
Server: openresty
ETag: "65c0b1d7-283d6"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164822
Expires: Tue, 09 Apr 2024 18:32:12 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/mt2023/ Frame 75B3 439 KB
440 KB 736ms
635ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 11:56:15 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 189674
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:17 GMT
server: nginx
etag: "65843a29-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: FsOtI8rtyGm06ysSk2WYjaA5C7pZ43ZtjElkTVnOtrYpSpzS-sd6jg==
expires: Tue, 16 Apr 2024 11:56:15 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame 75B3 177 KB
177 KB 706ms
180ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202311127594
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Tue, 09 Apr 2024 18:31:17 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame 75B3 272 KB
272 KB 184ms
101ms Image
image/gif 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307061
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6cvq6l6i5eDRqmKYQZHr012RIEcndovz4rHNi9HzpUbL2FZpOlwTP3bgAzRJftcLNlYMD0iu9OOSeraA%2BB%2Bl70NJ1ei12iF122B4N3nlqi7lduo8ajYKqK5FYSW4M5re1zuBCw5sawrvYwPkZ7KS"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329d8ae4bd5-BUF
priority: u=3,i
expires: Sun, 16 Mar 2025 03:19:48 GMT

GET
H2 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame 75B3 50 KB
50 KB 277ms
181ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81755
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Mon, 18 Mar 2024 17:54:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8g%2FX7rZB0x89PjJ%2BoZCmdgjaWuOwxQFjdrhi8fQ8VItHOKFbmAD3JOSKxdTOOwq7zY7wD2ASdRhH4Nrgcl3nYY6NbwwGbJIDaEopG3DYW%2Bmv7%2Bb38jbsWkMKUT4iAcPQe7Sh6iO8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329e9f84bc1-BUF
expires: Tue, 18 Mar 2025 17:54:54 GMT

GET
H/1.1 200
OK 712x45.gif
6151tp.com/ Frame 75B3 394 KB
395 KB 562ms
302ms Image
image/gif 198.2.192.67
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6151tp.com/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.192.67 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

96f0d1646bfcb0a8309d8ecfb44f6584ddbc57ae0ee67ae1c8ab3766e01e55c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202310302439
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 08 Mar 2024 05:27:12 GMT
Server: openresty
ETag: "65eaa1b0-62912"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 403730
Expires: Tue, 09 Apr 2024 18:30:51 GMT

GET
H/1.1 200
OK e20212307abf2gg1234kj.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 75B3 80 KB
81 KB 853ms
338ms Image
application/octet-stream 47.253.28.51
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss118.oss-accelerate.aliyuncs.com/231209/e20212307abf2gg1234kj.acc
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.28.51 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: c9da3c7b1fc4ce189893751e256192ae6f4ed32d0a16a9a6254a06d0be58d0a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
x-oss-request-id: 65F9BF4AA152385D994CD971
Content-MD5: m6/hWIDlvFKGwEtOAyuuKw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 81868
x-oss-object-type: Normal
Last-Modified: Sat, 09 Dec 2023 08:36:54 GMT
Server: AliyunOSS
ETag: "9BAFE15880E5BC5286C04B4E032BAE2B"
Content-Type: application/octet-stream
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3166039558527147683
x-oss-server-time: 1

GET
H/1.1 200
OK 999656bd7cb3cgg1233.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 75B3 82 KB
83 KB 928ms
329ms Image
application/octet-stream 47.253.28.51
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss118.oss-accelerate.aliyuncs.com/231209/999656bd7cb3cgg1233.acc
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.28.51 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: c3c2772cd2b65562f1d527e0733f7418e4451f1bf29bc63cf22fe382e076fc93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
x-oss-request-id: 65F9BF4ADCC23BEDF5480D90
Content-MD5: CQDQMH5ePlA+WwhC14SzvA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 84373
x-oss-object-type: Normal
Last-Modified: Sat, 09 Dec 2023 08:36:54 GMT
Server: AliyunOSS
ETag: "0900D0307E5E3E503E5B0842D784B3BC"
Content-Type: application/octet-stream
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8087804948608928365
x-oss-server-time: 2

GET
H2 200 75070.gif
img.ooo-05.ltd/facaile/ Frame 75B3 555 KB
556 KB 135ms
41ms Image
image/gif 2606:4700:3030::6815:152b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-05.ltd/facaile/75070.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:152b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307063
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDXlnY6I7Zw8fioT7WHBSrKXr7WvFPjPpXgZ%2F9EeVHjiZFTVuk8P2JHv6s9ZvozX9XHRlaSc%2BFtOBgNFtoM73kyUM77600gX6hcnE0%2B4CiUrQB7ZLw%2F%2Fqhy6FT8UyO9kH5j13Lsl4957VMHKAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee329eb8c4bc3-BUF
expires: Fri, 05 Apr 2024 07:50:37 GMT

GET
H2 200 980-60.gif
z4a.net/images/2024/03/16/ Frame 75B3 360 KB
361 KB 286ms
195ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2024/03/16/980-60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07100fd0de2bde9de57b7a033b4de6c2aa197e5503fd8ea33796eb20d8c824b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 368990
pragma: public
last-modified: Tue, 19 Mar 2024 16:37:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=549papBncMYbolO6g5QJwJbRDCAUKI%2Fp4mriYUtpgNIeMEZ4YvhGkEYkT%2FSI7caSPOL4Ys9EbKvcRAPT4oVXwVjOdOoq2to4GlTTttZVLQCAEpXxSvTXd2p361T2je9P8zFQL8I5"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329e9f94bc1-BUF
expires: Wed, 19 Mar 2025 16:37:28 GMT

GET
H2 200 sx.htm Show response
c-wzw-d.dothansecurity.com/yjjy/ Frame 650B 24 KB
6 KB 74ms
53ms Document
text/html 66.187.193.138
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.193.138 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

Software

nginx /

Resource Hash

4cdf356ad9f1f5001648aeb99e27f0f78109625b2bf83910e387822c1c024186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://c-wzw-d.dothansecurity.com/yjjy/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 19 Mar 2024 16:37:29 GMT
etag: W/"65c72067-5ed3"
last-modified: Sat, 10 Feb 2024 07:06:15 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H/1.1 200
OK 712x90.gif
9831tc.com/tp/ Frame 8401 390 KB
391 KB 118ms
85ms Image
image/gif 107.148.194.20
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x90.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.20 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b552615f18515ad01914f7967d26a8b9b578bcce732f66a2823e9afe65e6146d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202311125925
Last-Modified: Sat, 09 Mar 2024 08:15:28 GMT
Server: openresty
ETag: "65ec1aa0-618ba"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 399546
Expires: Fri, 12 Apr 2024 07:23:12 GMT

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 8401 282 KB
283 KB 44ms
44ms Image
image/gif 2606:4700:3036::6815:30b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:30b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 257907
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwM3Xy%2Bs%2FCZ%2FvweyCDKWp9xaRZX3GI5TB5Ckh9hk%2FmJ%2BOgd%2BwvzbjV4w7vm%2FiYKt85%2BikWhrEKILhv9FtRrb2zcLxoLzx4znYXnrJRD%2FhX%2FoAm6ekoqFo%2BfzvDAuNnr7C38ejYid8p9PzQCGqr7pd78%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee328e9e16aee-BUF
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame 8401 184 KB
184 KB 184ms
103ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: 198.2.211.134
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:09 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/jnc2023/ Frame 8401 813 KB
814 KB 539ms
456ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0213d222cde6635318d13abab105a6684a6fb00c14831e5302dbedf68d8b2d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 09:05:47 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 1063902
x-cache: Hit from cloudfront
content-length: 832563
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:23:53 GMT
server: nginx
etag: "6502fb59-cb433"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: aNURpad8xNJKp59YyekauE0DMUvF9JQ2f5mzoBYyrDeJN-oeVM8Olg==
expires: Sat, 06 Apr 2024 09:05:47 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/yh2023/ Frame 8401 515 KB
516 KB 714ms
631ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

429c8931b011306890c24ab196951b3e1108bb616233dd6fdb770f96de03c8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 15:38:51 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2163518
x-cache: Hit from cloudfront
content-length: 527165
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:59:02 GMT
server: nginx
etag: "65b0df66-80b3d"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: Yl6zzMxUX6n9P1AEiUYioSvhar2212BrbvFiqrKQeRGfItlyGwif-g==
expires: Sun, 24 Mar 2024 15:38:51 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame 8401 225 KB
225 KB 1578ms
264ms Image
image/gif 107.148.207.6
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.207.6 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: def98b66bace03c5106e848e6895fb5db5f87231183e957e07e463c7bbe2410f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202311043030
Last-Modified: Fri, 08 Mar 2024 05:24:49 GMT
Server: openresty
ETag: "65eaa121-38499"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230553
Expires: Tue, 16 Apr 2024 05:04:21 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 8401 223 KB
224 KB 1575ms
1491ms Image
image/gif 204.12.215.68
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.12.215.68 , United States, ASN32097 (WII, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 05 Mar 2023 13:47:32 GMT
server: nginx
etag: "64049d74-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Thu, 18 Apr 2024 16:37:29 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 8401 156 KB
156 KB 455ms
159ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 26ecc44ea9ce6c5b0b8095fe4bbb846c7a0603c68ab9bec243f1b7e522ab9ca1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: 192.74.245.115
Last-Modified: Fri, 08 Mar 2024 04:38:22 GMT
Server: openresty
ETag: "65ea963e-26ecf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159439
Expires: Tue, 09 Apr 2024 18:30:32 GMT

GET
H2 200 0290.gif
opjkb29vcbd44ftq.com/ Frame 8401 371 KB
372 KB 1213ms
1135ms Image
image/gif 204.12.215.70
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opjkb29vcbd44ftq.com/0290.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.12.215.70 , United States, ASN32097 (WII, US),

Reverse DNS

Software

nginx /

Resource Hash

3b4498994b7903bc80914463089566c29a250b8be38736c02364581720d98253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 11 Feb 2023 00:30:15 GMT
server: nginx
etag: "63e6e197-5cd0d"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 380173
expires: Thu, 18 Apr 2024 16:37:29 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame 8401 151 KB
151 KB 640ms
466ms Image
image/gif 198.2.204.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.204.100 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311201087
Last-Modified: Fri, 15 Mar 2024 07:36:13 GMT
Server: openresty
ETag: "65f3fa6d-25aa2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154274
Expires: Thu, 18 Apr 2024 09:59:15 GMT

GET
H/1.1 200
OK 712x45-9.gif
6399tp.com/tp/ Frame 8401 424 KB
425 KB 631ms
444ms Image
image/gif 137.175.108.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-9.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.108.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: disconcertingly.titlement.org
Software: openresty /
Resource Hash: fb0a43bd93b8706690dda180207e83ff268ae480f9f85adec39d5e5b0b69f290

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202401292217
Last-Modified: Fri, 02 Feb 2024 13:59:07 GMT
Server: openresty
ETag: "65bcf52b-6a179"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 434553
Expires: Tue, 09 Apr 2024 18:31:34 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame 8401 300 KB
301 KB 1059ms
728ms Image
image/gif 137.175.108.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.108.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: disconcertingly.titlement.org
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202401292217
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Tue, 09 Apr 2024 18:31:34 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame 8401 193 KB
193 KB 642ms
93ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202311127594
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Tue, 09 Apr 2024 18:31:16 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame 8401 247 KB
247 KB 725ms
529ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

40738d044722cf89c6ad117b82b29a4b17df7742054175d7662b881bbbe129fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Tue, 12 Mar 2024 10:12:59 GMT
Server: openresty
ETag: "65f02aab-3dacd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 252621
Expires: Thu, 11 Apr 2024 10:22:25 GMT

GET
H2 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame 8401 49 KB
49 KB 385ms
320ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 308451
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Sat, 16 Mar 2024 02:56:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRGd7F4dH6XjBzJQPiEWMT28WY10%2Fw3u%2FQ8%2F5FpQPwPOxy7WJ09GlkP4a8%2FvG8ANISk7pU0nnQn6fEJAd6mOpclIXbJ6dJPX3wEZS8Gxuo%2BCb6zBPDR43g7tc1na6Gj99dNZ8hO6"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329e9fb4bc1-BUF
expires: Sun, 16 Mar 2025 02:56:37 GMT

GET
H3 200 a70d03d388b860ff.gif
img11.chkaja.com/files/20240303/ Frame 8401 1 MB
1 MB 155ms
103ms Image
image/gif 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240303/a70d03d388b860ff.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0ed245e2c2d5d45af20516b14ca92673efe3e876318195245c906622ad904cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307061
alt-svc: h3=":443"; ma=86400
content-length: 1114508
last-modified: Sun, 03 Mar 2024 14:21:25 GMT
server: cloudflare
etag: "65e48765-11018c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ahzYWFdMF123DySazMdK6shkQWX02T9GoJUa2VcMpqyYElL0Qwq%2BHIv8bm1k6zaAXcAYFF4ZmWDc3%2FLRPbiTKMTlZAu0IKXP6eVgnRDlf9LZYswbIVlRMSlkdzjjvoUWhOadvot4WjmBFrMirMPH"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329d8af4bd5-BUF
priority: u=3,i
expires: Sun, 16 Mar 2025 03:19:48 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 8401 375 KB
376 KB 613ms
438ms Image
image/gif 142.4.127.78
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.127.78 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202311058517
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame 8401 148 KB
148 KB 811ms
301ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202311041118
Last-Modified: Fri, 08 Mar 2024 04:43:09 GMT
Server: openresty
ETag: "65ea975d-24fca"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151498
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H2 200 712x45.gif
v.tu05v46466.ltd/40/ Frame 8401 247 KB
247 KB 266ms
203ms Image
image/gif 2606:4700:3033::6815:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.tu05v46466.ltd/40/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2024 04:25:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10270
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wti%2FbybuzztuDwx7FAYcjy0%2FPRGXqisV04tbJh7FXboKSk41Nyr1%2FmtFwnAVTUqLqLCYFXuzkP9TrXURY%2FMOxgKLwrhLNqSNw7KD1UKNdKysqqWV7srDdGjkBAoQ58CAMCDIiMfRCTDI5SWfXpKL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ebe64bd3-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 17 Apr 2024 04:25:40 GMT

GET
H/1.1 200
OK 96.gif
www.gggttt888.com/ Frame 8401 266 KB
266 KB 1542ms
285ms Image
image/gif 149.104.32.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gggttt888.com/96.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.104.32.243 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-One-Cache: HIT
Date: Tue, 19 Mar 2024 16:37:30 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 23 Feb 2024 07:15:45 GMT
Server: nginx/onex
ETag: "65d84621-426d8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272088
Expires: Sun, 14 Apr 2024 07:16:15 GMT

GET
H2 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame 8401 662 KB
663 KB 162ms
102ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 269297
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dt7k8kVZc2q6%2FhrElQxocBMet%2Fbm4fcmyFe1rTiYHfTK70VHiiPsPJx7KsInc6tQCaOP%2B35Qca%2FG6qbTKjHk6Ju1qUTn%2B8MXtlEFi5aNtO1Nz7hTQtTRwxiiyBtxE6TMIDtL%2FUQApAJnjMfYcW4%2Blg6l3GXCesV0yEYbjmrlirTP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ecae6aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H2 200 tm-59-960x80.gif
www.5959tupian.com/59/ Frame 8401 218 KB
219 KB 103ms
44ms Image
image/gif 2606:4700:3030::ac43:a687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5959tupian.com/59/tm-59-960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:a687 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199be700b406ff6fa732be020dbcfa5185ed15d3056b9d32cb25eb8b2f44b937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307073
alt-svc: h3=":443"; ma=86400
content-length: 223694
last-modified: Sun, 26 Nov 2023 06:38:53 GMT
server: cloudflare
etag: "6562e7fd-369ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSVkbenWdTDEn8E9glx%2FzXCmjbTpS1qKkpE06vHrf2IKR9iKW%2FMhT91jYfk0yWe1Hz50ulfoHNfMACTDJoS6YiziEaqyY0F1OEqjoj3Kptx98uwy71rhB4LlkRPdH9yV7s8E%2BXPRcJz5l5kGeawUQFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee329ebe34bd3-BUF
expires: Tue, 26 Mar 2024 10:06:45 GMT

GET
H2 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 8401 665 KB
666 KB 97ms
39ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 302956
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9DqbWYSwdbrzPmn45vOuAOfIfbUMl5jIyUMMRDilJp87%2BnqhoolFR%2F1hRgjvb50YD%2BMPL67khfgD4bxEqtdQcqAhr3B62UzgJzkw3BRsqbta5o1juuZ0j2cilt%2BpLf2qTF7PJiYsHyqV%2B%2F0Gy7jETK3GJhAPfGGxuRa%2FIP3ITflF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ecaf6aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 04:06:19 GMT

GET
H2 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame 8401 810 KB
811 KB 97ms
40ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 302956
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cLwFIAday7Z4c%2FScGXNBy%2BT7d37%2FoIBJKyYGoSeUPookEvE6OfxBnjVL2NP3wkqIiEkvXgAu%2BLb5aT%2F136%2FoG9zMrvWXSQbTvPg8vwZS2Z7nEfE8EZUXmx2ipAmqvy1YXHVtQOUgzMJifHv7vVngjYe6thN0GWwVDAZPkHoV1Qkl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ecb06aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame 8401 161 KB
161 KB 688ms
178ms Image
image/gif 192.74.238.48
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.238.48 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202311202980
Last-Modified: Mon, 05 Feb 2024 10:00:55 GMT
Server: openresty
ETag: "65c0b1d7-283d6"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164822
Expires: Tue, 09 Apr 2024 18:32:12 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/mt2023/ Frame 8401 439 KB
440 KB 691ms
636ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 11:56:15 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 189674
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:17 GMT
server: nginx
etag: "65843a29-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: RsUoTRSqBy_tzi8m-ri0_HhvYkukBy2Ma9ZA5PBkFZevKAioT5h3Ng==
expires: Tue, 16 Apr 2024 11:56:15 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame 8401 177 KB
177 KB 1394ms
1305ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202311127594
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Tue, 09 Apr 2024 18:31:17 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame 8401 272 KB
272 KB 146ms
103ms Image
image/gif 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307061
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IjIK7MSrcEsW6MWgAVkXFK2H4JiCRTtWrD8iAGR3ggwmhQT3NHrA45vdPzRw3vPg7SjYA8PuMHrbJ3pqtJAw22rkRPtgZvMdXK%2FnX5sHtERmot3iGLIZ5hnFn%2FtX0neuBwjS6QjLdAkIeC1UFSur"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329d8b04bd5-BUF
priority: u=3,i
expires: Sun, 16 Mar 2025 03:19:48 GMT

GET
H2 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame 8401 50 KB
50 KB 181ms
127ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81755
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Mon, 18 Mar 2024 17:54:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YCV1m3jg%2BwHNJTM%2Bw2Kr9fcMHJefj3JhXV704I%2FlWY9pBjkb0FCxDipmudrwbnkIf1RNvaRQXBuejkjjmN%2BL25SJmV3HZR%2BOrXIJutbyvG3z%2FFoCYwIiPYukJGgsG9EfL8hTtxqK"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329e9fc4bc1-BUF
expires: Tue, 18 Mar 2025 17:54:54 GMT

GET
H/1.1 200
OK 712x45.gif
6151tp.com/ Frame 8401 394 KB
395 KB 842ms
827ms Image
image/gif 198.2.192.67
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6151tp.com/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.192.67 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

96f0d1646bfcb0a8309d8ecfb44f6584ddbc57ae0ee67ae1c8ab3766e01e55c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202310302439
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 08 Mar 2024 05:27:12 GMT
Server: openresty
ETag: "65eaa1b0-62912"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 403730
Expires: Tue, 09 Apr 2024 18:30:51 GMT

GET
H/1.1 200
OK e20212307abf2gg1234kj.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 8401 80 KB
81 KB 870ms
314ms Image
application/octet-stream 47.253.28.51
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss118.oss-accelerate.aliyuncs.com/231209/e20212307abf2gg1234kj.acc
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.28.51 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: c9da3c7b1fc4ce189893751e256192ae6f4ed32d0a16a9a6254a06d0be58d0a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
x-oss-request-id: 65F9BF49A152385D994CD898
Content-MD5: m6/hWIDlvFKGwEtOAyuuKw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 81868
x-oss-object-type: Normal
Last-Modified: Sat, 09 Dec 2023 08:36:54 GMT
Server: AliyunOSS
ETag: "9BAFE15880E5BC5286C04B4E032BAE2B"
Content-Type: application/octet-stream
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3166039558527147683
x-oss-server-time: 2

GET
H/1.1 200
OK 999656bd7cb3cgg1233.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 8401 82 KB
83 KB 1147ms
335ms Image
application/octet-stream 47.253.28.51
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss118.oss-accelerate.aliyuncs.com/231209/999656bd7cb3cgg1233.acc
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.28.51 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: c3c2772cd2b65562f1d527e0733f7418e4451f1bf29bc63cf22fe382e076fc93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
x-oss-request-id: 65F9BF4ABB04C5283854DED0
Content-MD5: CQDQMH5ePlA+WwhC14SzvA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 84373
x-oss-object-type: Normal
Last-Modified: Sat, 09 Dec 2023 08:36:54 GMT
Server: AliyunOSS
ETag: "0900D0307E5E3E503E5B0842D784B3BC"
Content-Type: application/octet-stream
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8087804948608928365
x-oss-server-time: 1

GET
H2 200 75070.gif
img.ooo-05.ltd/facaile/ Frame 8401 555 KB
556 KB 176ms
123ms Image
image/gif 2606:4700:3030::6815:152b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-05.ltd/facaile/75070.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:152b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307063
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=edjMq3HZwzs51%2FpAsOYyTWVYZrmz9mWXG8MGri8y93cni1JlxpqpjDdQnSRll0P5UF95KswXckZS0mQoO1WDOEX6M3daMjfsw76wDmg%2Fg5fvRY264U%2Fndh5l9WWutMePAnjJcJ6SO7zJXSIslw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee329eb8d4bc3-BUF
expires: Fri, 05 Apr 2024 07:50:37 GMT

GET
H2 200 980-60.gif
z4a.net/images/2024/03/16/ Frame 8401 360 KB
361 KB 248ms
195ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2024/03/16/980-60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07100fd0de2bde9de57b7a033b4de6c2aa197e5503fd8ea33796eb20d8c824b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 368990
pragma: public
last-modified: Tue, 19 Mar 2024 16:37:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwlQdPQcI7nTnZIiSBwTepBOuL5lhxh5ju9Zc%2B1q32QCXhoMRnthdMnDqSLFWqwxFNs7Cro%2FRW8KReUirX8LSbN%2F8h1pNwRQbTJyX00fdMyKU5uMadcPWTyuqbD5WVm5L1OnjO4B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329e9fd4bc1-BUF
expires: Wed, 19 Mar 2025 16:37:28 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame 75B3 184 KB
184 KB 547ms
437ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: 198.2.211.134
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:09 GMT

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 75B3 282 KB
283 KB 126ms
35ms Image
image/gif 2606:4700:3036::6815:30b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:30b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 257907
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b3T62IX9gV0L56AoDQOYkVvjD29WZWGmVRoMhKy%2BDVvin1IoTGG114wkmd5u7H3cK4Mj5pVydnyWUkbxX4FIAL1NKwjxtXg16WAJ5LyLsc2YugV5gje9wWnHn9By%2Fq3GyFGdPJBl9t2xApq0pytw%2B7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee329ea386aee-BUF
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame 8401 184 KB
184 KB 781ms
272ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: 198.2.211.134
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:09 GMT

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 8401 282 KB
283 KB 157ms
104ms Image
image/gif 2606:4700:3036::6815:30b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:30b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 257907
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UADUI%2F%2FSigVkO0qXPORHwiIc82B3GT99eiiP2S41usZESJS22hC%2Fim6z9jX%2FbtJrYfim8DBf3G4fqbzAclWsqWu7N3%2BrGRRz%2FCgKKDLR04ANsiQE%2F0VQ%2BmgQXYvuPGGctTiYJCQ4dOhDiUGtRXC47IU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee329ea3b6aee-BUF
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H/1.1 200
OK 960x60.gif
9216tp.com/7780/ Frame 75B3 225 KB
225 KB 1086ms
383ms Image
image/gif 107.148.207.6
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9216tp.com/7780/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.207.6 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: def98b66bace03c5106e848e6895fb5db5f87231183e957e07e463c7bbe2410f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202311043030
Last-Modified: Fri, 08 Mar 2024 05:24:49 GMT
Server: openresty
ETag: "65eaa121-38499"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 230553
Expires: Tue, 16 Apr 2024 05:04:21 GMT

GET
H/1.1 200
OK 712x45.gif
c7575tp.com/tp/ Frame 75B3 151 KB
151 KB 101ms
97ms Image
image/gif 198.2.204.100
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c7575tp.com/tp/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.204.100 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311201087
Last-Modified: Fri, 15 Mar 2024 07:36:13 GMT
Server: openresty
ETag: "65f3fa6d-25aa2"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 154274
Expires: Thu, 18 Apr 2024 09:59:15 GMT

GET
H/1.1 200
OK 8yustaoza.gif
5698tp.com/tp/ Frame 75B3 193 KB
193 KB 417ms
416ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/8yustaoza.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202311127594
Last-Modified: Fri, 23 Feb 2024 04:19:19 GMT
Server: openresty
ETag: "65d81cc7-30460"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 197728
Expires: Tue, 09 Apr 2024 18:31:16 GMT

GET
H/1.1 200
OK 750-50.gif
www.7859888tp.com/ Frame 75B3 184 KB
184 KB 1083ms
432ms Image
image/gif 198.2.211.136
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.7859888tp.com/750-50.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.211.136 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: 198.2.211.134
Last-Modified: Mon, 05 Feb 2024 06:59:03 GMT
Server: openresty
ETag: "65c08737-2de40"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 187968
Expires: Tue, 09 Apr 2024 18:31:09 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/mt2023/ Frame 75B3 439 KB
440 KB 666ms
636ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/mt2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 17 Mar 2024 11:56:15 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 189674
x-cache: Hit from cloudfront
content-length: 449235
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 21 Dec 2023 13:14:17 GMT
server: nginx
etag: "65843a29-6dad3"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: SkpJJZ1ih9KITsQW9tY-EldYsTwPtIJMo1PNJNlCRedrQxeBiwDmPg==
expires: Tue, 16 Apr 2024 11:56:15 GMT

GET
H/1.1 200
OK 712x90.gif
9831tc.com/tp/ Frame 75B3 390 KB
391 KB 93ms
92ms Image
image/gif 107.148.194.20
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9831tc.com/tp/712x90.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.194.20 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b552615f18515ad01914f7967d26a8b9b578bcce732f66a2823e9afe65e6146d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202311125925
Last-Modified: Sat, 09 Mar 2024 08:15:28 GMT
Server: openresty
ETag: "65ec1aa0-618ba"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 399546
Expires: Fri, 12 Apr 2024 07:23:12 GMT

GET
H2 200 tm-34-960x80.gif
www.3400tupian.com/34/ Frame 75B3 282 KB
283 KB 133ms
105ms Image
image/gif 2606:4700:3036::6815:30b3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.3400tupian.com/34/tm-34-960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:30b3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 257907
alt-svc: h3=":443"; ma=86400
content-length: 289258
last-modified: Wed, 31 Jan 2024 16:12:40 GMT
server: cloudflare
etag: "65ba7178-469ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ae%2F%2F%2FXjHnK5d7cu8pCOYceSD2a3aOzzbYY60qwB8Sle1xzD83HV1%2BnIeqiCCFaV9OUHa4uOhPLymSx7cIx3fdwauvgvTBZoGw1V%2B6hkVC04B5I1XOzWbgDE776E68Knn%2B42sqwRFV7RJDVHIhkVJ84s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee329ea3c6aee-BUF
expires: Wed, 10 Apr 2024 16:18:33 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/jnc2023/ Frame 75B3 813 KB
814 KB 665ms
637ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/jnc2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0213d222cde6635318d13abab105a6684a6fb00c14831e5302dbedf68d8b2d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 09:05:47 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 1063902
x-cache: Hit from cloudfront
content-length: 832563
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Sep 2023 12:23:53 GMT
server: nginx
etag: "6502fb59-cb433"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: -zzkUw0cVFs7AjlVCSXk97FdsH1EeO_Ov82Vlms6XHGTWtVp8_FktA==
expires: Sat, 06 Apr 2024 09:05:47 GMT

GET
H2 200 pm.gif
pppmmm.tututufafafa.com/yh2023/ Frame 75B3 515 KB
516 KB 663ms
638ms Image
image/gif 2600:9000:2209:de00:14:1855:3780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pppmmm.tututufafafa.com/yh2023/pm.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2209:de00:14:1855:3780:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

429c8931b011306890c24ab196951b3e1108bb616233dd6fdb770f96de03c8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 15:38:51 GMT
via: 1.1 c22d4946ef5faea12b8d3942ceb9259a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2163518
x-cache: Hit from cloudfront
content-length: 527165
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 24 Jan 2024 09:59:02 GMT
server: nginx
etag: "65b0df66-80b3d"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: XbO0QCJO3SISbdQAG06lHFq5BRB4HSPkAP4YmN2VYXcn0zlQz-dGxw==
expires: Sun, 24 Mar 2024 15:38:51 GMT

GET
H2 200 0343.gif
pjkbv034cbdft6qwd.com/ Frame 75B3 223 KB
224 KB 1971ms
1944ms Image
image/gif 204.12.215.68
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pjkbv034cbdft6qwd.com/0343.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.12.215.68 , United States, ASN32097 (WII, US),

Reverse DNS

Software

nginx /

Resource Hash

0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 05 Mar 2023 13:47:32 GMT
server: nginx
etag: "64049d74-37dac"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 228780
expires: Thu, 18 Apr 2024 16:37:29 GMT

GET
H/1.1 200
OK 960x60.gif
1325tp.com/tp/ Frame 75B3 156 KB
156 KB 108ms
101ms Image
image/gif 192.74.245.123
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1325tp.com/tp/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.245.123 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 26ecc44ea9ce6c5b0b8095fe4bbb846c7a0603c68ab9bec243f1b7e522ab9ca1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: 192.74.245.115
Last-Modified: Fri, 08 Mar 2024 04:38:22 GMT
Server: openresty
ETag: "65ea963e-26ecf"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 159439
Expires: Tue, 09 Apr 2024 18:30:32 GMT

GET
H2 200 0290.gif
opjkb29vcbd44ftq.com/ Frame 75B3 371 KB
372 KB 1156ms
1127ms Image
image/gif 204.12.215.70
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opjkb29vcbd44ftq.com/0290.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

204.12.215.70 , United States, ASN32097 (WII, US),

Reverse DNS

Software

nginx /

Resource Hash

3b4498994b7903bc80914463089566c29a250b8be38736c02364581720d98253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 11 Feb 2023 00:30:15 GMT
server: nginx
etag: "63e6e197-5cd0d"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 380173
expires: Thu, 18 Apr 2024 16:37:29 GMT

GET
H/1.1 200
OK 712x45-9.gif
6399tp.com/tp/ Frame 75B3 424 KB
425 KB 107ms
93ms Image
image/gif 137.175.108.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-9.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.108.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: disconcertingly.titlement.org
Software: openresty /
Resource Hash: fb0a43bd93b8706690dda180207e83ff268ae480f9f85adec39d5e5b0b69f290

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202401292217
Last-Modified: Fri, 02 Feb 2024 13:59:07 GMT
Server: openresty
ETag: "65bcf52b-6a179"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 434553
Expires: Tue, 09 Apr 2024 18:31:34 GMT

GET
H/1.1 200
OK 712x45-6.gif
6399tp.com/tp/ Frame 75B3 300 KB
301 KB 234ms
220ms Image
image/gif 137.175.108.241
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6399tp.com/tp/712x45-6.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.175.108.241 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: disconcertingly.titlement.org
Software: openresty /
Resource Hash: 079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202401292217
Last-Modified: Fri, 02 Feb 2024 13:59:35 GMT
Server: openresty
ETag: "65bcf547-4b1be"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 307646
Expires: Tue, 09 Apr 2024 18:31:34 GMT

GET
H/1.1 200
OK bht60.gif
c8932888tp.com/tp/ Frame 75B3 247 KB
247 KB 278ms
277ms Image
image/gif 137.175.69.133
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c8932888tp.com/tp/bht60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

137.175.69.133 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

40738d044722cf89c6ad117b82b29a4b17df7742054175d7662b881bbbe129fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Strict-Transport-Security: max-age=31536000
Via: s202311265259
Last-Modified: Tue, 12 Mar 2024 10:12:59 GMT
Server: openresty
ETag: "65f02aab-3dacd"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 252621
Expires: Thu, 11 Apr 2024 10:22:25 GMT

GET
H2 200 8433960x80.gif
z4a.net/images/2023/08/20/ Frame 75B3 49 KB
49 KB 210ms
189ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/08/20/8433960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 308451
alt-svc: h3=":443"; ma=86400
content-length: 49924
pragma: public
last-modified: Sat, 16 Mar 2024 02:56:38 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EZ7ao%2FvrcjRcq%2FmoPOxmZpVA0ee0BDszK244pSs26l323PRK9iSMgsiTh0w2X2R%2BbgIuTawXSkgYX2nG3SENL0ulIIcO0U5f2kiAhep7EFEGMIlVaV0pJwI%2BEjjHc4acuihHtyzP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329e9ff4bc1-BUF
expires: Sun, 16 Mar 2025 02:56:37 GMT

GET
H3 200 a70d03d388b860ff.gif
img11.chkaja.com/files/20240303/ Frame 75B3 1 MB
1 MB 113ms
98ms Image
image/gif 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240303/a70d03d388b860ff.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0ed245e2c2d5d45af20516b14ca92673efe3e876318195245c906622ad904cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307061
alt-svc: h3=":443"; ma=86400
content-length: 1114508
last-modified: Sun, 03 Mar 2024 14:21:25 GMT
server: cloudflare
etag: "65e48765-11018c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u2DQ%2F7hqCITaNnha6cLYg7vInB6aPmO0Er%2BK60Z3GfD2WYJ%2FONu3H6%2BSrrGKTVSDwNqUk2NjaG9u2tLcdGlik1lBcLk8yHpv2DRkjvVzMQh8%2BIdvmjneHbLEOv6fbG2eF9x5Ls1vhfdPnCaZRXpc"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329e8b44bd5-BUF
priority: u=3,i
expires: Sun, 16 Mar 2025 03:19:48 GMT

GET
H/1.1 200
OK pm50.gif
www.9129666tp.com/ Frame 75B3 375 KB
376 KB 98ms
86ms Image
image/gif 142.4.127.78
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9129666tp.com/pm50.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 142.4.127.78 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:30 GMT
Via: s202311058517
Last-Modified: Tue, 13 Feb 2024 11:03:26 GMT
Server: openresty
ETag: "65cb4c7e-5ddf0"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 384496
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H/1.1 200
OK 960x60.gif
9323tp.cc/tp/ Frame 75B3 148 KB
148 KB 135ms
93ms Image
image/gif 192.74.232.140
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323tp.cc/tp/960x60.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.232.140 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:31 GMT
Via: s202311041118
Last-Modified: Fri, 08 Mar 2024 04:43:09 GMT
Server: openresty
ETag: "65ea975d-24fca"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 151498
Expires: Tue, 09 Apr 2024 18:31:07 GMT

GET
H2 200 712x45.gif
v.tu05v46466.ltd/40/ Frame 75B3 247 KB
247 KB 224ms
204ms Image
image/gif 2606:4700:3033::6815:d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://v.tu05v46466.ltd/40/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Mon, 18 Mar 2024 04:25:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 10270
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xk0aqsXsntFplNZZyzp%2FOzd6oLaZoPjuItELgc1pUhbcRssZNxvPQrFdvKnFqk5WChRthh9Ao%2Fa1V2qpKiTyWqEvdt5fQIxJK4s9niOuGMfE4zqlRNb0O2uuUDxNdgK%2FuafYXUCrqdjoQ%2B%2FqKwIV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ebe74bd3-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 17 Apr 2024 04:25:40 GMT

GET
H/1.1 200
OK 96.gif
www.gggttt888.com/ Frame 75B3 266 KB
266 KB 227ms
129ms Image
image/gif 149.104.32.243
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gggttt888.com/96.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

149.104.32.243 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx/onex /

Resource Hash

7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

X-One-Cache: HIT
Date: Tue, 19 Mar 2024 16:37:31 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 23 Feb 2024 07:15:45 GMT
Server: nginx/onex
ETag: "65d84621-426d8"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 272088
Expires: Sun, 14 Apr 2024 07:16:15 GMT

GET
H2 200 80.ys.x6.gif
tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/ Frame 75B3 662 KB
663 KB 130ms
110ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/2023/6966/80.ys.x6.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Fri, 01 Dec 2023 13:41:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 269297
etag: "6569e283-a5894"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fz%2BczLl5bCPtgXHrKiOn06zW38cfJ412kTpDS831uyd50Xz%2Bycc3TH9eQPyYnVg7z3R1elFSKnC0ubzmvwBQfb878kEJ5xA7jYhUqg6nkManfobOxvdjXaDvI1xnaeGMN4o%2B6pTQ2FTclpIqK39PyKR%2B6rhE8uNtcbtZfp8nMT2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ecb16aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H2 200 tm-59-960x80.gif
www.5959tupian.com/59/ Frame 75B3 218 KB
219 KB 1165ms
1146ms Image
image/gif 2606:4700:3030::ac43:a687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5959tupian.com/59/tm-59-960x80.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:a687 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

199be700b406ff6fa732be020dbcfa5185ed15d3056b9d32cb25eb8b2f44b937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307073
alt-svc: h3=":443"; ma=86400
content-length: 223694
last-modified: Sun, 26 Nov 2023 06:38:53 GMT
server: cloudflare
etag: "6562e7fd-369ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hgRNlifeRGR56XMYRr0MvX0qvTk4Mjeu6uhobcclFa32Ej42pLEpPeBSEecZrSlWopjCuxxEwScZlZSmR80Jsi8NQ0rn5wHYTX1IInnK6ZHh0VWYQ5V%2FW3wK%2FWIhz07TnNJP6lfkVs8kLX2BJEhY1ig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee329ebe44bd3-BUF
expires: Tue, 26 Mar 2024 10:06:45 GMT

GET
H2 200 960.60ls.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/ Frame 75B3 665 KB
666 KB 60ms
41ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/0167/960.60ls.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Sat, 17 Feb 2024 10:51:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 302956
etag: "65d08fa1-a6478"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AXpYHQBdvEpyJVib3lcpbrB9EQqnwRF%2FfNUsPObsPUqReikUeXjsj9oO6pDPDbezm8s7tV7sinWTVHwmXOEJmkxChPrP74flB7xHFZ%2FX5uNOQ0YOU1FXLf%2FItcjneMx8qMXrMiwgGY80ULn%2FUjpuLzLlzjQFWO4xJJ74bwRDXqAr"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ecb36aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 19 Mar 2024 04:06:19 GMT

GET
H2 200 960.60.gif
tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/ Frame 75B3 810 KB
811 KB 122ms
103ms Image
image/gif 2606:4700:3032::6815:4903
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tupain2.baitu4lliltvmwelqubyqm.com/20231/6446/960.60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4903 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
last-modified: Thu, 28 Dec 2023 12:33:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 302956
etag: "658d6b0d-ca80e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u4rRrPdPjr%2BeZO1xSap8pFIMKQEbXFlwBquUm%2B45uWfKZNvm%2BSEZqrJtANCAdyuXZtdW5dwyQl5fRJy5A8AEpxtIWwHsowUIFpxrXhmldzG1Xjo6nBb%2FDMaqXcahdEaDI0fI%2FxFLFDipaicWAZqJXIDVJYkehRXzdLujAJBOiEEj"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
cf-ray: 866ee329ecb56aed-BUF
alt-svc: h3=":443"; ma=86400
expires: Wed, 10 Apr 2024 17:26:31 GMT

GET
H/1.1 200
OK 7bw50-1.gif
www.8122888tp.com/ Frame 75B3 161 KB
161 KB 787ms
276ms Image
image/gif 192.74.238.48
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.8122888tp.com/7bw50-1.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 192.74.238.48 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202311202980
Last-Modified: Mon, 05 Feb 2024 10:00:55 GMT
Server: openresty
ETag: "65c0b1d7-283d6"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164822
Expires: Tue, 09 Apr 2024 18:32:12 GMT

GET
H/1.1 200
OK 960x601.gif
5698tp.com/tp/ Frame 75B3 177 KB
177 KB 543ms
443ms Image
image/gif 198.2.195.83
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5698tp.com/tp/960x601.gif
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 198.2.195.83 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software: openresty /
Resource Hash: 6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202311127594
Last-Modified: Sun, 04 Feb 2024 04:09:30 GMT
Server: openresty
ETag: "65bf0dfa-2c448"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 181320
Expires: Tue, 09 Apr 2024 18:31:17 GMT

GET
H3 200 169b2cf6275dc94f.gif
img11.chkaja.com/files/20240210/ Frame 75B3 272 KB
272 KB 111ms
98ms Image
image/gif 2606:4700:3038::6815:eb25
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img11.chkaja.com/files/20240210/169b2cf6275dc94f.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eb25 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307061
alt-svc: h3=":443"; ma=86400
content-length: 278346
last-modified: Fri, 09 Feb 2024 22:53:35 GMT
server: cloudflare
etag: "65c6acef-43f4a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KyDvU9dJHx2XueKCvewuGkE18Ub1fMs2yPJCdtNwj%2FuMVCcZP8EldTXlCfFFJYPk1enK3nypDTBLq3aG%2BrMOMxml0H5M55DCLT2hAQO5tNBnr2Bgj2zhzklxKSXu6GkBAi%2FDPJyM5iFWpjZ%2FDmGT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329e8b54bd5-BUF
priority: u=3,i
expires: Sun, 16 Mar 2025 03:19:48 GMT

GET
H2 200 948VIP.gif
z4a.net/images/2023/09/11/ Frame 75B3 50 KB
50 KB 336ms
311ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2023/09/11/948VIP.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81755
alt-svc: h3=":443"; ma=86400
content-length: 50743
pragma: public
last-modified: Mon, 18 Mar 2024 17:54:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ZMWI%2BO%2FC2OwRoZrXFW78qPbWOSgAQCHUwsIDIxMWpA9PheVTClp4WVV%2BYm3OBt3e71BogNsI0OA6jPxR%2F95P8ps3vTUD%2F0xmUwiO%2BHkWvKBDUABZEZPESw1kqZVbTyJ2O8UXtEP"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329fa014bc1-BUF
expires: Tue, 18 Mar 2025 17:54:54 GMT

GET
H/1.1 200
OK 712x45.gif
6151tp.com/ Frame 75B3 394 KB
395 KB 228ms
225ms Image
image/gif 198.2.192.67
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6151tp.com/712x45.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

198.2.192.67 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

openresty /

Resource Hash

96f0d1646bfcb0a8309d8ecfb44f6584ddbc57ae0ee67ae1c8ab3766e01e55c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
Via: s202310302439
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Fri, 08 Mar 2024 05:27:12 GMT
Server: openresty
ETag: "65eaa1b0-62912"
Content-Type: image/gif
CDN-Cache: HIT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 403730
Expires: Tue, 09 Apr 2024 18:30:51 GMT

GET
H/1.1 200
OK e20212307abf2gg1234kj.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 75B3 80 KB
81 KB 313ms
310ms Image
application/octet-stream 47.253.28.51
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss118.oss-accelerate.aliyuncs.com/231209/e20212307abf2gg1234kj.acc
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.28.51 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: c9da3c7b1fc4ce189893751e256192ae6f4ed32d0a16a9a6254a06d0be58d0a8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
x-oss-request-id: 65F9BF49DCC23BEDF5480B44
Content-MD5: m6/hWIDlvFKGwEtOAyuuKw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 81868
x-oss-object-type: Normal
Last-Modified: Sat, 09 Dec 2023 08:36:54 GMT
Server: AliyunOSS
ETag: "9BAFE15880E5BC5286C04B4E032BAE2B"
Content-Type: application/octet-stream
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3166039558527147683
x-oss-server-time: 2

GET
H/1.1 200
OK 999656bd7cb3cgg1233.acc
oss118.oss-accelerate.aliyuncs.com/231209/ Frame 75B3 82 KB
83 KB 415ms
412ms Image
application/octet-stream 47.253.28.51
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss118.oss-accelerate.aliyuncs.com/231209/999656bd7cb3cgg1233.acc
Requested by: Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.253.28.51 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: c3c2772cd2b65562f1d527e0733f7418e4451f1bf29bc63cf22fe382e076fc93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Tue, 19 Mar 2024 16:37:29 GMT
x-oss-request-id: 65F9BF49DCC23BEDF5480B81
Content-MD5: CQDQMH5ePlA+WwhC14SzvA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 84373
x-oss-object-type: Normal
Last-Modified: Sat, 09 Dec 2023 08:36:54 GMT
Server: AliyunOSS
ETag: "0900D0307E5E3E503E5B0842D784B3BC"
Content-Type: application/octet-stream
x-oss-ec: 0048-00000113
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8087804948608928365
x-oss-server-time: 2

GET
H2 200 75070.gif
img.ooo-05.ltd/facaile/ Frame 75B3 555 KB
556 KB 129ms
113ms Image
image/gif 2606:4700:3030::6815:152b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.ooo-05.ltd/facaile/75070.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:152b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 307063
alt-svc: h3=":443"; ma=86400
content-length: 568016
last-modified: Wed, 06 Mar 2024 07:50:29 GMT
server: cloudflare
etag: "65e82045-8aad0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bQyqldShuoES4PL0pBkZKmC15bvcNcWuZD607u8t%2B25VND1aLCyPmALcP6X4tHbw9j5221XVspIPHpPbLJDXJwhjmhQZp8lLqzL9k6kyWPtk4UfYt%2BHqNNiB9JCYgzhhF3hajpgDJV86iJ%2F3cA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 866ee329eb8e4bc3-BUF
expires: Fri, 05 Apr 2024 07:50:37 GMT

GET
H2 200 980-60.gif
z4a.net/images/2024/03/16/ Frame 75B3 360 KB
361 KB 335ms
312ms Image
image/gif 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://z4a.net/images/2024/03/16/980-60.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/bc.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07100fd0de2bde9de57b7a033b4de6c2aa197e5503fd8ea33796eb20d8c824b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400
content-length: 368990
pragma: public
last-modified: Tue, 19 Mar 2024 16:37:28 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1SMQ%2BxQAYZSHkfE0WImgHj4KV11LH%2FD6eTVZGAAcUQCog6dBUD81oJoJl5y0romDtRRBzbmgjMBye1S2QumoJVLkScSU%2BETpOaXa91vHG7rbk%2FKXAQNwUZ21H18T4a4XcUmMtW%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 866ee329fa024bc1-BUF
expires: Wed, 19 Mar 2025 16:37:28 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 0119 76 B
289 B 37ms
34ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249171

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/dbk.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:29 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame D4E9 76 B
289 B 119ms
118ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1710866249250

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

0fbe35dff9b0a5ffd091e763ca4bbffe5be01ba77272891c8f102d20e9f902d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:32:07 GMT
server: nginx
etag: "65f993d7-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:29 GMT

GET
H2 200 long.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 843 B
1 KB 1816ms
147ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/long.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

379b79374fd85419732e9048da588738ef21b50c15673af1160e98cf44a6fd66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:56 GMT
server: nginx
etag: "626cff00-34b"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 843
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 tu.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 583 B
788 B 1812ms
145ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/tu.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

0fada6383084eea37080722a0b38e8bbb5c22b5e96c5c1a30e7132d501bebbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:01 GMT
server: nginx
etag: "626cff05-247"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 583
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 hu.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 729 B
934 B 1921ms
269ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/hu.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

a34f9448e801cbb09648b7f84b23ed4c99f350d45b388f02eb94619405d06dd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:54 GMT
server: nginx
etag: "626cfefe-2d9"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 729
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 niu.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 572 B
777 B 1807ms
156ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/niu.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

7aba29366a261480736a289f19748f4c063cb9b1d23440b4ac77f6d797ea070f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:58 GMT
server: nginx
etag: "626cff02-23c"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 572
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 shu.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 526 B
731 B 1797ms
146ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/shu.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

7258ca0727e3213dcc632719b008ae0a03845e123214a881be9cf7d6ba0fa125

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:00 GMT
server: nginx
etag: "626cff04-20e"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 526
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 zhu.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 586 B
791 B 1808ms
158ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/zhu.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

3021fb252ad35d85b4528031714d988ae09b0b3eb118ccf2426c56f0ba4f84ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:03 GMT
server: nginx
etag: "626cff07-24a"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 586
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 gou.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 603 B
809 B 1677ms
132ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/gou.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

5754a557446c93493bac7a65f4b3ec1e9bce67e2da63ffa61a32b174a9cc6671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:52 GMT
server: nginx
etag: "626cfefc-25b"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 603
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 ji.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 753 B
958 B 1824ms
282ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/ji.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

daf6d005b90cef0c3554059480c79555bcb6ec6968ee5392889fdd15dc6eb7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:55 GMT
server: nginx
etag: "626cfeff-2f1"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 753
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 hou.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 777 B
982 B 1678ms
134ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/hou.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

c131eeb45d5ef0c50bbd376d618ac73fc3eb31d9fa0a21398a474748091d48e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:53 GMT
server: nginx
etag: "626cfefd-309"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 777
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 yang.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 641 B
846 B 1806ms
262ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/yang.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

3dd447444516a3a7bb51016f53b9d5e51f5e2630382cd45e7cd7aa4f7d73210e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:19:02 GMT
server: nginx
etag: "626cff06-281"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 641
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 ma.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 600 B
805 B 1700ms
157ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/ma.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

c3e192e3723193ba163c47df28401d03a95b20a26cebc13cad1025f23dc9b0b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:57 GMT
server: nginx
etag: "626cff01-258"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 600
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 she.gif
s1x3d.mexicorecreation.com/tp/ Frame 650B 572 B
777 B 1809ms
266ms Image
image/gif 46.253.6.155
SEVENDC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1x3d.mexicorecreation.com/tp/she.gif

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/yjjy/sx.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.253.6.155 , Bulgaria, ASN216145 (SEVENDC, BG),

Reverse DNS

Software

nginx /

Resource Hash

b3c1487a4dc0bb8f182ae99cdbc7ae6d50e78fc4ae12aad752704f47cf482eae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 30 Apr 2022 09:18:59 GMT
server: nginx
etag: "626cff03-23c"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 572
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 50F6 76 B
289 B 37ms
32ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249449

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:29 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:29 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 327ms
326ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1383309838&si=c54f889ec1b4468ff1d440cfd3197b93&v=1.3.0&lv=1&sn=9541&r=0&ww=1600&u=https%3A%2F%2Fc-wzw-d.dothansecurity.com%2F&tt=%E3%80%90%E7%8E%8B.%E4%B8%AD.%E7%8E%8B%E3%80%91%E8%87%B4%E5%8A%9B%E6%89%93%E9%80%A0%EF%BC%8C%E7%81%AB%E7%83%AD%E5%85%A8%E7%BD%91%EF%BC%81

Requested by

Host: c-wzw-d.dothansecurity.com
URL: https://c-wzw-d.dothansecurity.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://c-wzw-d.dothansecurity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Mar 2024 16:37:31 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 0119 76 B
289 B 40ms
38ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249172

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/dbk.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame D4E9 76 B
289 B 34ms
32ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1710866249251

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

0fbe35dff9b0a5ffd091e763ca4bbffe5be01ba77272891c8f102d20e9f902d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:32:07 GMT
server: nginx
etag: "65f993d7-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 50F6 76 B
289 B 33ms
32ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249450

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:31 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:31 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 0119 76 B
290 B 40ms
39ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249173

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/dbk.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:33 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:33 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame D4E9 76 B
290 B 37ms
36ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1710866249252

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

0fbe35dff9b0a5ffd091e763ca4bbffe5be01ba77272891c8f102d20e9f902d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:33 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:32:07 GMT
server: nginx
etag: "65f993d7-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:33 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 50F6 76 B
290 B 33ms
32ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249451

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:33 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:33 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 0119 76 B
290 B 33ms
33ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249174

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/dbk.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:35 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:35 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame D4E9 76 B
290 B 34ms
32ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1710866249253

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

0fbe35dff9b0a5ffd091e763ca4bbffe5be01ba77272891c8f102d20e9f902d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:35 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:32:07 GMT
server: nginx
etag: "65f993d7-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:35 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 50F6 76 B
290 B 33ms
32ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249452

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:36 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:36 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 0119 76 B
290 B 35ms
34ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249175

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/dbk.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:37 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:37 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame D4E9 76 B
290 B 35ms
34ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1710866249254

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

0fbe35dff9b0a5ffd091e763ca4bbffe5be01ba77272891c8f102d20e9f902d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:37 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:32:07 GMT
server: nginx
etag: "65f993d7-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:37 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 50F6 76 B
290 B 34ms
33ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249453

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:38 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:38 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 0119 76 B
290 B 34ms
33ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249176

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/dbk.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:39 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:39 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/ambm/ Frame D4E9 76 B
290 B 34ms
33ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/ambm/bmjg.js?_=1710866249255

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/ambm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

0fbe35dff9b0a5ffd091e763ca4bbffe5be01ba77272891c8f102d20e9f902d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/ambm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:39 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:32:07 GMT
server: nginx
etag: "65f993d7-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:39 GMT

GET
H2 200 bmjg.js Show response
ztwyqsgdh.dglietou.com/bm/ Frame 50F6 76 B
289 B 49ms
43ms XHR
application/javascript 66.187.192.172
HIVE-DATA-CENTER

General

Check archive.org

Show headers Download Go to

Full URL

https://ztwyqsgdh.dglietou.com/bm/bmjg.js?_=1710866249454

Requested by

Host: ztwyqsgdh.dglietou.com
URL: https://ztwyqsgdh.dglietou.com/bm/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

66.187.192.172 Montreal, Canada, ASN33185 (HIVE-DATA-CENTER, CA),

Reverse DNS

ip.172.192.187.66.hivedatacenter.com

Software

nginx /

Resource Hash

f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ztwyqsgdh.dglietou.com/bm/55049.html
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 16:37:40 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 19 Mar 2024 13:34:45 GMT
server: nginx
etag: "65f99475-4c"
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 76
expires: Thu, 18 Apr 2024 16:37:40 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-21 04:50:26	Name: HMACCOUNT_BFESS Value: 6BA797415BC9C1B0
.c-wzw-d.dothansecurity.com/	1970-01-21 04:00:02	Name: Hm_lvt_c54f889ec1b4468ff1d440cfd3197b93 Value: 1710866251
.c-wzw-d.dothansecurity.com/	1969-12-31 23:59:59	Name: Hm_lpvt_c54f889ec1b4468ff1d440cfd3197b93 Value: 1710866251

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c-wzw-d.dothansecurity.com/skin/images/search.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://c-wzw-d.dothansecurity.com/yjjy/ Message: Mixed Content: The page at 'https://c-wzw-d.dothansecurity.com/yjjy/' was loaded over HTTPS, but requested an insecure element 'http://images.weserv.nl/?url=https://tk.xinchangcheng.net:4949/col/32/fhtjt.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://c-wzw-d.dothansecurity.com/yjjy/ Message: Mixed Content: The page at 'https://c-wzw-d.dothansecurity.com/yjjy/' was loaded over HTTPS, but requested an insecure element 'http://www.80656.com/tu/bg.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://c-wzw-d.dothansecurity.com/yjjy/(Line 2165) Message: Mixed Content: The page at 'https://c-wzw-d.dothansecurity.com/yjjy/' was loaded over HTTPS, but requested an insecure element 'http://images.weserv.nl/?url=https://tk.xinchangcheng.net:4949/col/32/fhtjt.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.80656.com/tu/bg.gif Message: Failed to load resource: the server responded with a status of 410 ()
other	warning	URL: https://c-wzw-d.dothansecurity.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://c-wzw-d.dothansecurity.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1325tp.com
5698tp.com
6151tp.com
6399tp.com
9216tp.com
9323tp.cc
9831tc.com
c-wzw-d.dothansecurity.com
c7575tp.com
c8932888tp.com
hm.baidu.com
images.weserv.nl
img.ooo-05.ltd
img10.chkaja.com
img11.chkaja.com
opjkb29vcbd44ftq.com
oss118.oss-accelerate.aliyuncs.com
pjkbv034cbdft6qwd.com
pppmmm.tututufafafa.com
s1x3d.mexicorecreation.com
tupain2.baitu4lliltvmwelqubyqm.com
v.tu05v46466.ltd
www.3400tupian.com
www.5959tupian.com
www.7859888tp.com
www.80656.com
www.8122888tp.com
www.9129666tp.com
www.gggttt888.com
x01-49z.discount-micro.com
z4a.net
ztwyqsgdh.dglietou.com
103.235.46.191
107.148.194.20
107.148.207.6
134.195.197.167
137.175.108.241
137.175.69.133
142.4.127.78
149.104.32.243
192.74.232.140
192.74.238.48
192.74.245.123
198.2.192.67
198.2.195.83
198.2.204.100
198.2.211.136
204.12.215.68
204.12.215.70
2600:9000:2209:de00:14:1855:3780:93a1
2606:4700:3030::6815:152b
2606:4700:3030::ac43:a687
2606:4700:3032::6815:4903
2606:4700:3033::6815:d65
2606:4700:3036::6815:30b3
2606:4700:3038::6815:eabb
2606:4700:3038::6815:eaeb
2606:4700:3038::6815:eb25
46.253.6.155
47.253.28.51
52.58.78.16
66.187.192.172
66.187.193.138
0213d222cde6635318d13abab105a6684a6fb00c14831e5302dbedf68d8b2d0e
0414a80b05b71cf0d7ac2e0d83b57bb02a1e88fc2dd63beb72b194878704c095
07100fd0de2bde9de57b7a033b4de6c2aa197e5503fd8ea33796eb20d8c824b9
079d211ad9caaaa5a53bea043fbc2a2db6340a50cfc9bfe0eee3116ffa6ee26f
0902bb979aae9dd920a1f0d917eb44ff316165a4ace7780eab01405c99541636
0bcfc94c2ede03e576ebba1306a3c23f46d89a1422d410f34c0851c2d7e55c74
0fada6383084eea37080722a0b38e8bbb5c22b5e96c5c1a30e7132d501bebbfe
0fbe35dff9b0a5ffd091e763ca4bbffe5be01ba77272891c8f102d20e9f902d0
1936c27bacc5c82d91f4fd12748ba5ad3350a265e41abf44f62abe9449fd2e1e
199be700b406ff6fa732be020dbcfa5185ed15d3056b9d32cb25eb8b2f44b937
1beca3d695d9231e14126a38de08873f4a026f7e179e8252dc5a5fd6aeb237df
1d15304f542f853a7d1ae5b4ceb04935770e998ee3a4a088c71da76d94ec6f19
26ecc44ea9ce6c5b0b8095fe4bbb846c7a0603c68ab9bec243f1b7e522ab9ca1
3021fb252ad35d85b4528031714d988ae09b0b3eb118ccf2426c56f0ba4f84ca
343dd0e71768c9c47c3e0a3240a71ab809bbeec23696905ea5f49468ccfc430b
37819646264a5a312285098c6f10efd89b050abc62f4faad27888fb001855fc4
379b79374fd85419732e9048da588738ef21b50c15673af1160e98cf44a6fd66
3b4498994b7903bc80914463089566c29a250b8be38736c02364581720d98253
3dd447444516a3a7bb51016f53b9d5e51f5e2630382cd45e7cd7aa4f7d73210e
40738d044722cf89c6ad117b82b29a4b17df7742054175d7662b881bbbe129fd
429c8931b011306890c24ab196951b3e1108bb616233dd6fdb770f96de03c8e5
48af746bad6e3fc77ae53152ef8d8d6741a7142236c625cfdaf9c12129bb6049
4cdf356ad9f1f5001648aeb99e27f0f78109625b2bf83910e387822c1c024186
5013ef0d9b7c056af6c1d372eb640f9c8ad6759b7630001a696ea824f184c7df
5754a557446c93493bac7a65f4b3ec1e9bce67e2da63ffa61a32b174a9cc6671
5a6c65212536aee82be7df91227252bc9bd059d9e1b8e90151cc88b90a8a0588
5e6e8822be6b98795e00c7c85413868de5978c284cdcf33e9c476e512a8ecbc6
5ed6d0b514f5f2bec8b09e93acc382c9441b97c589cbc377d6d154a01bda2e7e
6205da6ab8cbe8c251a3b2e1101d96d325e8c8a4e6203a007e4165d4d6c2a593
66867a876cde66038d0500eafc464413c283181b82b87170525f6464c36f733e
6b3888b62bb9fec188b16b9e848759a41be1a5990bb291212164cb90d5e69d11
7258ca0727e3213dcc632719b008ae0a03845e123214a881be9cf7d6ba0fa125
7aba29366a261480736a289f19748f4c063cb9b1d23440b4ac77f6d797ea070f
7e6a8c633bcc65aff1d931ecae80b99d3a3e4323387a96c13ec959c6fcfe791a
7f20f879aa61a695f2ead08efc741e3749e4866926f11ce930505b1d9f4d6b34
869ffb7a3a3d291d2c8ef6aef734053a991b2afcf43d41604d134cbb1cb3bf66
8927cc5b8726ffb42424a6e9fc660ce08bdf4d21e746ac2140235c5d2da7853b
8b2a8a5a398a412630ad4c50beb1f8b70e34b02b899be6df5a46442d350c33cc
91c58fa56de5ce256262d5b91730f86a96ba866e8bfbe675cd88121f4ed745ca
96f0d1646bfcb0a8309d8ecfb44f6584ddbc57ae0ee67ae1c8ab3766e01e55c9
9a0d1567bdd9578d8f3fac1f3fb7f196d514440ca6eefd242725664b84e10d2a
9ad7f8d84ca78884cc819bffdbdbd4f9d9c3c9add8a4a91e5e54a6aa6590bddb
9b5907b62383388f889a511131ec954d2c798fa6a132601fbf67b9bf1e1c8bd9
a34f9448e801cbb09648b7f84b23ed4c99f350d45b388f02eb94619405d06dd9
a4b1c6a9def047cc18b06894241751835ad630b01b7931a67a49f6696851b7ef
a96ea6b874a2db2631485778a5255467526104a52283563604353ff93458f46c
ab2cd080a261ee4c75d7677666efcbd3496ab2e3d3595122ff3b98dc9e51cdd5
ac9a4eeb2c0b2c695ba470cb1c69063229c8eb709eabf9f803598115f84a7b5a
aeb12ddd33057f62b5b58d203d40947ddc711feefa77c62e0998ecb5b61b69bc
b0ed245e2c2d5d45af20516b14ca92673efe3e876318195245c906622ad904cc
b2e575c0297e925d70828fd3e7fb4076425f42b69edb9900701ef12ef8a04bd8
b3c1487a4dc0bb8f182ae99cdbc7ae6d50e78fc4ae12aad752704f47cf482eae
b552615f18515ad01914f7967d26a8b9b578bcce732f66a2823e9afe65e6146d
b588e9c9f108620537f721758c3192a3a861d85d5d7d2a574f6d0ebb8261672d
b60a18359352a1acccb280766487d6eb0da6488f88c20e09ff03dce0507ff409
bed9a06fbcbbf5e774a76e51deb9e4b89d2bfe9717a78d6260bff5e79f385e1c
c131eeb45d5ef0c50bbd376d618ac73fc3eb31d9fa0a21398a474748091d48e1
c3c2772cd2b65562f1d527e0733f7418e4451f1bf29bc63cf22fe382e076fc93
c3e192e3723193ba163c47df28401d03a95b20a26cebc13cad1025f23dc9b0b5
c8e295acb49f7ad332ae74e2e2a16f2a19b1fb0655f9f5d5e5dfd53a50c278d6
c95eb8a826fb9a101d03b69f2cd6abd2dd58e3298771f9274eabfee620ee7002
c9da3c7b1fc4ce189893751e256192ae6f4ed32d0a16a9a6254a06d0be58d0a8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1cdacfca4acb6ba851ec84e1bce56863166d935a784ed89a7c381046cd1417f
d3509663f6d9537c77a551a6872291e6812d388bdda0a39189e5d58f66144d2d
d580aa056de9feef2e9d5633d1d10d93b78b3185db715865f4bbc2dd0d733fa6
d695c6744571dc2c4c2a8cd2ad067d18546a8816d47a28e5be5df69cee198fe5
d752db0d613e4892a47370f2f88e48cbd06c4cea9cce40f068918c9e59841ff1
d77777cb3956a4f6e1d6dfd22325d273daea4bcde85687bf7cb7cd232b591558
d7a22354aeb342419133a53eab028575c7572dc21461430c719287aa017db547
daf6d005b90cef0c3554059480c79555bcb6ec6968ee5392889fdd15dc6eb7a2
dbe463b9b632bd68f5d20629b7a01f74e4e3facdc4946b070c158deb3f2725fd
dc275b7fde01a28c190c792ec1d1e3fe80972043854c0a4d231e23a6069f2583
dd11f7490b161e879c0d7bc102dd3a6f6c4957ac53e1d1cf409ab82678b0c723
def98b66bace03c5106e848e6895fb5db5f87231183e957e07e463c7bbe2410f
df830b41abb521d2ed1af5a0e1d5c72d12723f8847ff46b99f4f79807d245c3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f80a371083e7631cbef67e71d4ae94c83d06120eaa1c4009216781e3595cd
e9d7f97bb60f32954c867446ed96bcf3ab6fb84b7fdb7043605514d67ceb9bf8
eb27fef166ca206deef21cad940584e57c5ac192032032983b0fbaac8bbd10ee
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f996e2b2ae9414958e1b1430481a1e2cf6ce32182f0d8125fa51f5e653539561
faf27767c356d5a59f750e010a65f3b8716c677c20a7ba623f1681ecc52b7a62
fb0a43bd93b8706690dda180207e83ff268ae480f9f85adec39d5e5b0b69f290
fc6cf1c5b5109ead8c74df5e6ff7e77edd43476fb0c04499e9fab7e110658b0e

c-wzw-d.dothansecurity.com Open in urlscan Pro 66.187.193.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

210 Requests

89 %HTTPS

29 %IPv6

31 Domains

32 Subdomains

31 IPs

5 Countries

48250 kBTransfer

48538 kBSize

3 Cookies

1 Outgoing links

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

c-wzw-d.dothansecurity.com Open in urlscan Pro
66.187.193.138 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

89 %
HTTPS

29 %
IPv6

31
Domains

32
Subdomains

31
IPs

5
Countries

48250 kB
Transfer

48538 kB
Size

3
Cookies

210 HTTP transactions
0 data transactions