www.noickjr.com Open in urlscan Pro
45.201.250.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://noickjr.com/
Effective URL:
http://www.noickjr.com/index.php
Submission: On October 19 via api (October 19th 2021, 8:40:58 pm UTC) from US — Scanned from DE

Summary HTTP 95 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 6 countries across 14 domains to perform 95 HTTP transactions. The main IP is 45.201.250.49, located in Johannesburg, South Africa and belongs to HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK. The main domain is www.noickjr.com.

This is the only time www.noickjr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	45.201.250.49 45.201.250.49	139646 (HKMTC-AS-...) (HKMTC-AS-AP HONG KONG Megalayer Technology Co.)
2	115.91.26.45 115.91.26.45	138195 (MOACKCOLT...) (MOACKCOLTD-AS-AP MOACK.Co.LTD)
1	120.52.95.243 120.52.95.243	133119 (UNICOM-CN...) (UNICOM-CN China Unicom IP network)
8	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
16	104.233.174.137 104.233.174.137	54600 (PEGTECHINC) (PEGTECHINC)
12	47.246.43.225 47.246.43.225	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
20	172.67.208.87 172.67.208.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.238.183.216 104.238.183.216	20473 (AS-CHOOPA) (AS-CHOOPA)
4	45.61.212.50 45.61.212.50	53587 (AZT) (AZT)
4 4	144.76.98.12 144.76.98.12	24940 (HETZNER-AS) (HETZNER-AS)
4	104.21.233.126 104.21.233.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	104.21.38.60 104.21.38.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	154.22.125.108 154.22.125.108	139646 (HKMTC-AS-...) (HKMTC-AS-AP HONG KONG Megalayer Technology Co.)
95	14

4 45.201.250.49 (Johannesburg, South Africa) 1 redirects

ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)

noickjr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.noickjr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 115.91.26.45 (Korea, Republic Of)

ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR)

agymkc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.52.95.243 (Shenzhen, China)

ASN133119 (UNICOM-CN China Unicom IP network, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.233.174.137 (San Jose, United States)

ASN54600 (PEGTECHINC, US)

pqaxfs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 47.246.43.225 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.67.208.87 (United States)

ASN13335 (CLOUDFLARENET, US)

x.heisicdn.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.238.183.216 (San Jose, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 104.238.183.216.vultr.com

3337822.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.61.212.50 (United States)

ASN53587 (AZT, US)

3332202.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.98.12 (Germany) 4 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.12.98.76.144.clients.your-server.de

kvemm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.233.126 (United States)

ASN13335 (CLOUDFLARENET, US)

kveww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

image.bitautoimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.38.60 (United States)

ASN13335 (CLOUDFLARENET, US)

x.kuguacdn.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 154.22.125.108 (United States)

ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK)

www.5qmtid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	heisicdn.xyz x.heisicdn.xyz	10 MB
16	pqaxfs.com pqaxfs.com	68 KB
12	staticfile.org cdn.staticfile.org	194 KB
10	5qmtid.com www.5qmtid.com	2 MB
8	3337822.com 3337822.com	5 MB
8	baidu.com hm.baidu.com	54 KB
4	bitautoimg.com image.bitautoimg.com	4 MB
4	kveww.com kveww.com	4 MB
4	kvemm.com 4 redirects kvemm.com	525 B
4	3332202.com 3332202.com	2 MB
4	noickjr.com 1 redirects noickjr.com www.noickjr.com	4 KB
2	kuguacdn.xyz x.kuguacdn.xyz	603 KB
2	51.la js.users.51.la ia.51.la	6 KB
2	agymkc.com agymkc.com	767 B
95	14

	Domain	Requested by
20	x.heisicdn.xyz	pqaxfs.com
16	pqaxfs.com	www.noickjr.com pqaxfs.com
12	cdn.staticfile.org	pqaxfs.com
10	www.5qmtid.com	pqaxfs.com
8	3337822.com	pqaxfs.com
8	hm.baidu.com	www.noickjr.com pqaxfs.com
4	image.bitautoimg.com	pqaxfs.com
4	kveww.com	pqaxfs.com
4	kvemm.com	4 redirects
4	3332202.com	pqaxfs.com
3	www.noickjr.com	www.noickjr.com
2	x.kuguacdn.xyz	pqaxfs.com
2	agymkc.com	www.noickjr.com
1	ia.51.la	www.noickjr.com
1	js.users.51.la	www.noickjr.com
1	noickjr.com	1 redirects
95	16

This site contains no links.

Subject Issuer	Validity	Valid
gvpvcb.com R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2020-08-27` - `2022-04-19`	2 years	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-01` - `2022-08-02`	a year	crt.sh
pqaxfs.com R3	`2021-10-16` - `2022-01-14`	3 months	crt.sh
*.staticfile.org GeoTrust CN RSA CA G1	`2020-08-04` - `2022-10-03`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-10-07` - `2022-10-06`	a year	crt.sh
3337822.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-16` - `2022-04-16`	a year	crt.sh
3332202.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-16` - `2022-04-16`	a year	crt.sh
*.yiche.com GlobalSign RSA OV SSL CA 2018	`2020-01-06` - `2022-03-26`	2 years	crt.sh
*.kuguacdn.xyz R3	`2021-10-07` - `2022-01-05`	3 months	crt.sh
pdzkfn.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://www.noickjr.com/index.php
Frame ID: D765F5F9A1F89B926E9F273319AF074F
Requests: 11 HTTP requests in this frame

Frame: https://pqaxfs.com:35981/
Frame ID: FC2D874CA07DC0A6A7AAFC4CE92A5514
Requests: 42 HTTP requests in this frame

Frame: https://pqaxfs.com:35981/
Frame ID: D6AE2B2CC4BC8BCE322C8C01A87DC832
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

周口绷勾商贸有限公司周口绷勾商贸有限公司

Page URL History Show full URLs

http://noickjr.com/ HTTP 301
http://www.noickjr.com/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

96 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

14
IPs

6
Countries

29613 kB
Transfer

30347 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://noickjr.com/ HTTP 301
http://www.noickjr.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://kvemm.com/290f7f2a2156ca602e7adcc758545a52.gif HTTP 301
https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

Request Chain 52

https://kvemm.com/290f7f2a2156ca602e7adcc758545a52.gif HTTP 301
https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

Request Chain 67

https://kvemm.com/290f7f2a2156ca602e7adcc758545a52.gif HTTP 301
https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

Request Chain 81

https://kvemm.com/290f7f2a2156ca602e7adcc758545a52.gif HTTP 301
https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
www.noickjr.com/
Redirect Chain

http://noickjr.com/
http://www.noickjr.com/index.php

2 KB
792 B

706ms
161ms

Document
text/html

45.201.250.49
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.noickjr.com/index.php
Protocol: HTTP/1.1
Server: 45.201.250.49 Johannesburg, South Africa, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: e69ffc8492116d7134da168e20a0c4a30205326ddb861297c201c1d0ffe84d67

Request headers

Host: www.noickjr.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 19 Oct 2021 20:40:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Tue, 19 Oct 2021 20:40:14 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.noickjr.com/index.php

GET
H/1.1 200
OK common.js Show response
www.noickjr.com/ 4 KB
2 KB 162ms
161ms Script
application/x-javascript 45.201.250.49
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.noickjr.com/common.js
Requested by: Host: www.noickjr.com
URL: http://www.noickjr.com/index.php
Protocol: HTTP/1.1
Server: 45.201.250.49 Johannesburg, South Africa, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 52ab5589d5e5b8fcde3c3fdd567dac3c05d0afa149eae8fc05f07a9d96e36efa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.noickjr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.noickjr.com/index.php
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 20:40:15 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.noickjr.com/ 630 B
786 B 163ms
163ms Script
application/x-javascript 45.201.250.49
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.noickjr.com/tj.js
Requested by: Host: www.noickjr.com
URL: http://www.noickjr.com/index.php
Protocol: HTTP/1.1
Server: 45.201.250.49 Johannesburg, South Africa, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: ad068ffb21505dc9e56a6bf0b774b6d590ebe42ac21e2a3821e6fa7e1a786e70

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.noickjr.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://www.noickjr.com/index.php
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 20:40:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 630
Content-Type: application/x-javascript

GET
H2 200 zise_common.php Show response
agymkc.com/ 65 B
384 B 677ms
223ms XHR
text/html 115.91.26.45
MOACKCOLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://agymkc.com:4568/zise_common.php?val=zisetv2&t=0.851918005321634?v=09913511639764727

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

115.91.26.45 , Korea, Republic Of, ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR),

Reverse DNS

Software

nginx /

Resource Hash

13e44a0303385bcb965f6904167f0a775dcd5702ac5533f81aed8d31dda8e802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: text/html;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H2 200 zise_common.php Show response
agymkc.com/ 65 B
383 B 676ms
224ms XHR
text/html 115.91.26.45
MOACKCOLTD-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://agymkc.com:4568/zise_common.php?val=zisetv2&t=0.2774295065827481?v=06654553490656883

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

115.91.26.45 , Korea, Republic Of, ASN138195 (MOACKCOLTD-AS-AP MOACK.Co.LTD, KR),

Reverse DNS

Software

nginx /

Resource Hash

13e44a0303385bcb965f6904167f0a775dcd5702ac5533f81aed8d31dda8e802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:18 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: text/html;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H/1.1 200
OK 21156481.js Show response
js.users.51.la/ 5 KB
6 KB 651ms
217ms Script
application/javascript 120.52.95.243
UNICOM-CN China U...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21156481.js
Requested by: Host: www.noickjr.com
URL: http://www.noickjr.com/tj.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 120.52.95.243 Shenzhen, China, ASN133119 (UNICOM-CN China Unicom IP network, CN),
Reverse DNS
Software: openresty /
Resource Hash: ddfce5434e1dbec22c71b883a5ac642908cc077fc85769fe2296a8d8823c8e7d

Request headers

Referer: http://www.noickjr.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

nginx-hit: 1
Date: Tue, 19 Oct 2021 20:40:18 GMT
via: CHN-HElangfang-AREACUCC1-CACHE5[3],CHN-HElangfang-AREACUCC1-CACHE7[0,TCP_HIT,2],CHN-SH-GLOBAL1-CACHE130[76],CHN-SH-GLOBAL1-CACHE6[73,TCP_MISS,75]
X-CCDN-CacheTTL: 86400
Age: 7352870
Content-Disposition: inline;filename=f.txt
Connection: keep-alive
request-id: 0000017AE404A8149056ABC0F9D6A1AF
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Length: 4898
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS7oxtweuvbP2Mgazi8SuNiK0cljbHC+
Last-Modified: Mon Jul 05 03:12:40 CST 2021
Server: openresty
ETag: "86b245dc8572e69097e0cd599a9ebf47"
Content-Type: application/javascript;charset=UTF-8
version-id: G001117A72EFDDC5FFFF905612C3B364
Accept-Ranges: bytes
x-hcs-proxy-type: 1

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 36 KB
13 KB 831ms
412ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?87efa7579eb12bcdbe7b05a8f9ea2f51

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

5f176ae04c50e357707383a3893d4a8c972213ac3834a7c8e09d384fed320932

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 20:40:18 GMT
Content-Encoding: gzip
Server: apache
Etag: 644f58f1a20ab722cdb1f48dbd927544
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 13009

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 36 KB
13 KB 893ms
482ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?749a867ae77418caf4ad7751cc318a62

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9afb0b63a15345a1144c2d7dd04e3fe9b608853a3ca699887cb45904900c9c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 20:40:19 GMT
Content-Encoding: gzip
Server: apache
Etag: c23e174bb37eac35cd54da448b7b8965
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 13011

GET
H/1.1 200 go1
ia.51.la/ 0
215 B 1236ms
308ms Image
text/plain 183.131.207.66
CHINATELECOM-ZHEJ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ia.51.la/go1?id=21156481&rt=1634676018966&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25BA%259A%25E6%25B4%25B2va%25E4%25B9%2585%25E4%25B9%2585%25E4%25B9%2585%25E5%2599%259C%25E5%2599%259C%25E5%2599%259C%25E4%25B9%2585%25E4%25B9%2585%252C%25E5%258D%2588%25E5%25A4%259C%25E9%259F%25A9%25E5%259B%25BD%25E7%2590%2586%25E4%25BC%25A6%25E5%2585%258D%25E8%25B4%25B9%25E6%2592%25AD%25E6%2594%25BE%252C%25E4%25BA%259A%25E6%25B4%25B2%25E5%258C%25BA%25E6%25AC%25A7%25E7%25BE%258E%25E5%258C%25BA&ing=1&ekc=&sid=1634676018966&tt=%25E5%2591%25A8%25E5%258F%25A3%25E7%25BB%25B7%25E5%258B%25BE%25E5%2595%2586%25E8%25B4%25B8%25E6%259C%2589%25E9%2599%2590%25E5%2585%25AC%25E5%258F%25B8&kw=%25E5%258D%2588%25E5%25A4%259C%25E9%259F%25A9%25E5%259B%25BD%25E7%2590%2586%25E4%25BC%25A6%25E5%2585%258D%25E8%25B4%25B9%25E6%2592%25AD%25E6%2594%25BE_50%25E7%2586%259F%25E5%25A6%2587%25E7%259A%2584%25E9%2595%25BF%25E5%25A5%25B6%25E5%25A4%25B4%25E6%25BB%25A1%25E8%25B6%25B3%25E4%25BA%2586%25E6%2588%2591_WWW.%25E8%2589%25B2_%25E5%25B0%258F%25E5%25B0%2591%25E5%2591%25A6%25E8%2590%259D%25E7%25B2%2589%25E5%259B%25BD%25E4%25BA%25A7&cu=http%253A%252F%252Fwww.noickjr.com%252Findex.php&pu=
Requested by: Host: www.noickjr.com
URL: http://www.noickjr.com/index.php
Protocol: HTTP/1.1
Server: 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 20:40:20 GMT
Server: CloudWAF
Connection: keep-alive
Content-Length: 0

GET
H2 200 / Show response
pqaxfs.com/ Frame FC2D 59 KB
10 KB 749ms
247ms Document
text/html 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/
Requested by: Host: www.noickjr.com
URL: http://www.noickjr.com/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 51253ef28e4bfe88aa9a218d303dca24ca1e3b56348ea57e21a562753e797282

Request headers

:method: GET
:authority: pqaxfs.com:35981
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.noickjr.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/

Response headers

server: nginx
date: Tue, 19 Oct 2021 20:43:39 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 19 Oct 2021 20:11:40 GMT
expires: Tue, 19 Oct 2021 21:43:39 GMT
cache-control: max-age=3600
x-proxy-cache: HIT
content-encoding: gzip

GET
H2 200 / Show response
pqaxfs.com/ Frame D6AE 59 KB
10 KB 997ms
496ms Document
text/html 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/
Requested by: Host: www.noickjr.com
URL: http://www.noickjr.com/index.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 51253ef28e4bfe88aa9a218d303dca24ca1e3b56348ea57e21a562753e797282

Request headers

:method: GET
:authority: pqaxfs.com:35981
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.noickjr.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/

Response headers

server: nginx
date: Tue, 19 Oct 2021 20:43:39 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 19 Oct 2021 20:11:40 GMT
expires: Tue, 19 Oct 2021 21:43:39 GMT
cache-control: max-age=3600
x-proxy-cache: HIT
content-encoding: gzip

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 291ms
291ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1112329577&si=87efa7579eb12bcdbe7b05a8f9ea2f51&v=1.2.87&lv=1&sn=36515&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.noickjr.com%2Findex.php&tt=%E5%91%A8%E5%8F%A3%E7%BB%B7%E5%8B%BE%E5%95%86%E8%B4%B8%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Oct 2021 20:40:19 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK jquery.min.js Show response
cdn.staticfile.org/jquery/1.12.4/ Frame FC2D 95 KB
34 KB 32ms
10ms Script
application/javascript 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery/1.12.4/jquery.min.js
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Qiniu-Zone: 0
X-Log: X-Log
Date: Tue, 19 Oct 2021 03:58:22 GMT
Via: cache25.l2sg2[0,0,304-0,H], cache33.l2sg2[0,0], cache10.de2[0,0,200-0,H], cache9.de2[2,0]
Vary: Accept-Encoding
X-Svr: IO
Age: 60117
X-Cache: HIT TCP_MEM_HIT dirn:10:301638807
Content-Transfer-Encoding: binary
X-Swift-CacheTime: 86393
Content-Disposition: inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 33987
X-M-Reqid: 0nwAAGBzwD-Yya0W
X-M-Log: QNM:jjh1513;QNM3:36/304
Last-Modified: Fri, 21 Oct 2016 08:51:50 GMT
Server: Tengine
Etag: "Flqdz772VaJmjni66-qo3G9B2Nq7.gz"
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634615902
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Qnm-Cache: Hit
EagleId: 2ff62b9d16346760199876849e
X-Reqid: -fsAAAC018OAUq8W
X-Swift-SaveTime: Tue, 19 Oct 2021 03:58:29 GMT

GET
H/1.1 200
OK swiper.min.js Show response
cdn.staticfile.org/Swiper/3.4.2/js/ Frame FC2D 94 KB
24 KB 30ms
8ms Script
application/javascript 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/Swiper/3.4.2/js/swiper.min.js
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Encoding: gzip
Age: 52627
X-Swift-CacheTime: 86395
Content-Disposition: inline; filename="swiper.min.js"; filename*=utf-8''swiper.min.js
X-Swift-SaveTime: Tue, 19 Oct 2021 06:03:17 GMT
X-M-Reqid: h1wAAOU6dEtm0K0W
X-M-Log: QNM:xs1170;QNM3:56/304
Etag: "FqsHQ6idUiQ4wXrn6vWUP9RZDuPQ.gz"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
X-Qiniu-Zone: 0
X-Qnm-Cache: Hit
EagleId: 2ff62ba116346760199843511e
Expires: Tue, 20 Oct 2020 11:14:15 GMT
X-Log: X-Log
Date: Tue, 19 Oct 2021 06:03:12 GMT
Via: cache8.l2sg2[0,0,304-0,H], cache26.l2sg2[0,0], cache7.de2[0,0,200-0,H], cache13.de2[1,0]
X-Svr: IO
X-Swift-Error: orig response 5xx error
X-Reqid: JlQAAACJaa1QWa8W
Connection: keep-alive
Content-Transfer-Encoding: binary
Content-Length: 23694
X-Cache: HIT TCP_MEM_HIT dirn:0:54526002
Last-Modified: Tue, 14 Mar 2017 08:30:25 GMT
Server: Tengine
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634623392
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK bootstrap.min.js Show response
cdn.staticfile.org/twitter-bootstrap/3.4.1/js/ Frame FC2D 39 KB
12 KB 38ms
16ms Script
application/javascript 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/twitter-bootstrap/3.4.1/js/bootstrap.min.js
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Encoding: gzip
Content-Md5: LzS2MP/jC6L/K5Hj88MioQ==
Age: 58876
X-Swift-CacheTime: 86399
Content-Disposition: inline; filename="bootstrap.min.js"; filename*=utf-8''bootstrap.min.js
X-Swift-SaveTime: Tue, 19 Oct 2021 04:19:04 GMT
X-M-Reqid: LhQAAA3pD7u4yq0W
X-M-Log: QNM:jjh1911;QNM3/304
Etag: "FrFv2CJr1r-wjlaPGx0KIdYCR877.gz"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
X-Qiniu-Zone: 0
X-Qnm-Cache: Hit
EagleId: 2ff62b9516346760199803506e
Expires: Wed, 23 Sep 2020 07:33:15 GMT
X-Log: X-Log
Date: Tue, 19 Oct 2021 04:19:02 GMT
Via: cache30.l2sg2[0,0,304-0,H], cache29.l2sg2[1,0], cache13.de2[0,0,200-0,H], cache1.de2[1,0]
X-Svr: IO
X-Reqid: 4bIAAAAqan-hU68W
Connection: keep-alive
Content-Transfer-Encoding: binary
Content-Length: 10926
X-Cache: HIT TCP_MEM_HIT dirn:10:321501288
Last-Modified: Mon, 18 Feb 2019 14:03:03 GMT
Server: Tengine
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634617143
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK jquery.lazyload.min.js Show response
cdn.staticfile.org/jquery.lazyload/1.9.1/ Frame FC2D 3 KB
2 KB 30ms
9ms Script
application/javascript 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery.lazyload/1.9.1/jquery.lazyload.min.js
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Qiniu-Zone: 0
X-Log: X-Log
Date: Tue, 19 Oct 2021 04:05:33 GMT
Via: cache34.l2sg2[0,0,304-0,H], cache23.l2sg2[1,0], cache3.de2[0,0,200-0,H], cache8.de2[1,0]
Vary: Accept-Encoding
X-Svr: IO
Age: 59686
X-Cache: HIT TCP_MEM_HIT dirn:11:70443511
Content-Transfer-Encoding: binary
X-Swift-CacheTime: 86396
Content-Disposition: inline; filename="jquery.lazyload.min.js"; filename*=utf-8''jquery.lazyload.min.js
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1308
X-M-Reqid: i10AAJFRgfr6ya0W
X-M-Log: QNM:xs469;QNM3:1/304
Last-Modified: Tue, 16 Feb 2016 04:24:38 GMT
Server: Tengine
Etag: "FjODGOkwSHsnkae89TrUYBYwzEHi.gz"
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634616333
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Qnm-Cache: Hit
EagleId: 2ff62b9c16346760199811599e
X-Reqid: UGwAAAD1APXkUq8W
X-Swift-SaveTime: Tue, 19 Oct 2021 04:05:37 GMT

GET
H/1.1 200
OK swiper.min.css
cdn.staticfile.org/Swiper/3.4.2/css/ Frame FC2D 17 KB
4 KB 29ms
10ms Stylesheet
text/css 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/Swiper/3.4.2/css/swiper.min.css
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Qiniu-Zone: 0
X-Log: X-Log
Date: Tue, 19 Oct 2021 04:48:41 GMT
Via: cache18.l2sg2[0,0,304-0,H], cache23.l2sg2[1,0], cache13.de2[0,0,200-0,H], cache2.de2[1,0]
Vary: Accept-Encoding
X-Svr: IO
Age: 57098
X-Cache: HIT TCP_MEM_HIT dirn:10:425795607
Content-Transfer-Encoding: binary
X-Swift-CacheTime: 86399
Content-Disposition: inline; filename="swiper.min.css"; filename*=utf-8''swiper.min.css
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2883
X-M-Reqid: FEwAADdbc1FWzK0W
X-M-Log: QNM:xs445;SRCPROXY:xs1756;SRC:1/304;SRCPROXY:1/304;QNM3:5/304
Last-Modified: Wed, 22 Mar 2017 02:04:03 GMT
Server: Tengine
Etag: "FhXQQXuqCKdBxq7hn9-_SBNjX5j4.gz"
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634618921
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Qnm-Cache: Validate,Hit
EagleId: 2ff62b9616346760199801783e
X-Reqid: rrUAAAB_xps_Va8W
X-Swift-SaveTime: Tue, 19 Oct 2021 04:48:42 GMT

GET
H/1.1 200
OK bootstrap.min.css
cdn.staticfile.org/twitter-bootstrap/3.4.1/css/ Frame FC2D 119 KB
20 KB 35ms
15ms Stylesheet
text/css 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/twitter-bootstrap/3.4.1/css/bootstrap.min.css
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Encoding: gzip
Content-Md5: f4lTfq9ga/9J9cwafCTbyg==
Age: 60944
X-Swift-CacheTime: 86400
Content-Disposition: inline; filename="bootstrap.min.css"; filename*=utf-8''bootstrap.min.css
X-Swift-SaveTime: Tue, 19 Oct 2021 03:44:35 GMT
X-M-Reqid: pBsAAIqdwZjXyK0W
X-M-Log: QNM:xs473;QNM3:34/304
Etag: "FrCXL9zOgv1YPUwszD8uPfdAShnQ.gz"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
X-Qiniu-Zone: 0
X-Qnm-Cache: Hit
EagleId: 2ff62b9e16346760199812952e
Expires: Mon, 19 Oct 2020 21:46:26 GMT
X-Log: X-Log
Date: Tue, 19 Oct 2021 03:44:35 GMT
Via: cache31.l2sg2[0,0,304-0,H], cache12.l2sg2[0,0], cache10.de2[0,0,200-0,H], cache10.de2[1,0]
X-Svr: IO
X-Reqid: sa4AAAAQRgrAUa8W
Connection: keep-alive
Content-Transfer-Encoding: binary
Content-Length: 19704
X-Cache: HIT TCP_MEM_HIT dirn:10:312459679
Last-Modified: Mon, 18 Feb 2019 13:57:36 GMT
Server: Tengine
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634615075
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 common.css
pqaxfs.com/tpl/1/css/ Frame FC2D 7 KB
2 KB 248ms
247ms Stylesheet
text/css 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/tpl/1/css/common.css
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 03459a098d10a75c3ccb7db9a839cd0ce709ef95070ba2843eede2cbf1ae4bde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:39 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 11:27:17 GMT
server: nginx
etag: W/"1afe-5c8ce33892f40"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 19 Oct 2021 21:43:39 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 global.js Show response
pqaxfs.com/tpl/1/js/ Frame FC2D 188 B
343 B 402ms
401ms Script
application/javascript 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/tpl/1/js/global.js
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: f6b5cd0891c73ee5dd39846fea6ea7cbfa25817914e19055d293ba6c0f4cb7fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:40 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 20:10:20 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 19 Oct 2021 22:40:20 GMT
cache-control: max-age=7200
x-proxy-cache: HIT

GET
H2 200 style.css
pqaxfs.com/tpl/73/static/css/ Frame FC2D 22 KB
5 KB 249ms
249ms Stylesheet
text/css 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/tpl/73/static/css/style.css
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 95f99fb90dfbdb504cda9d6bedd11b8ce86e56a8fbd6103ce3f4178d55c9a64b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:39 GMT
content-encoding: gzip
last-modified: Mon, 16 Aug 2021 12:28:20 GMT
server: nginx
etag: W/"57c6-5c9ac561f4100"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 19 Oct 2021 21:43:39 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 528-960x480.gif
x.heisicdn.xyz/s_/tyc/ Frame FC2D 202 KB
203 KB 198ms
19ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/tyc/528-960x480.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a9218a6617f9ae64553a922384ae9b09dd7817fdd18b5be22c674fb9836e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1053079
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 206891
last-modified: Sat, 18 Sep 2021 11:25:49 GMT
server: cloudflare
etag: "6145ccbd-3282b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUdXN1Cf39pPhNip5EwOOBrvipbthh8HRzRBK1053RZMRBwRvTEnKxomcKVSVHaYOtGa%2FWUeutAyMJ6itGE0LujW6OLUkeI9TeOJDoFNuqNUCQRT2MCzja5FH4wL0tQ60w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd227acde4132-PRG
expires: Sat, 06 Nov 2021 16:08:55 GMT

GET
H2 200 338-960x480.gif
x.heisicdn.xyz/s_/xpj/ Frame FC2D 572 KB
573 KB 61ms
35ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/xpj/338-960x480.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2612f12b031b9160eb5006f51802eb3876cbf80b4e34059bda0a6a689a70d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 585681
last-modified: Sat, 18 Sep 2021 11:23:35 GMT
server: cloudflare
etag: "6145cc37-8efd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YxPlo9e9WI9bqk%2F4ch%2FIItTuzrd4n8QTIpGLk6b1GhT6XBEGWiWxSYcVPBpja%2BkDcqvGxMvku0p5HoeAtQQxA2kPsfvgqWwr9K8yNkdweDdrciG0BAt1RwZwRBo5DAh1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd227ace14132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H2 200 675-960x480.gif
x.heisicdn.xyz/s_/vns/ Frame FC2D 776 KB
777 KB 60ms
34ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/vns/675-960x480.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347a820ac8653964b25ba1f3aa9b52cf38d143530d209c3af9ef300877fa1c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 794415
last-modified: Sat, 18 Sep 2021 11:29:50 GMT
server: cloudflare
etag: "6145cdae-c1f2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OS0TJ3Eq5q%2FwczlVsB1ZCZ1Ig1V17kUOHaRLghwxXiTmCAJqA0RZD2Kp5AkmJg9FJi16IuS21sNAr4yVFrDstuATdSTFudJDd4FW9mbOoLEQpQOjcyqt2JwOZi5FyJPMeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd227ace24132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H/1.1 200
OK 81cfafef34ca4cd2b933be12a8c8a24e.gif
3337822.com/ Frame FC2D 775 KB
775 KB 676ms
163ms Image
image/gif 104.238.183.216
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3337822.com/81cfafef34ca4cd2b933be12a8c8a24e.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.238.183.216 San Jose, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.238.183.216.vultr.com
Software: nginx /
Resource Hash: 3a2458fa4654ec538e24de9aa84c5ef221e6643c37498fb2b1e206225452f1d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:19:58 GMT
Last-Modified: Fri, 15 Oct 2021 14:45:50 GMT
Server: nginx
ETag: "6169941e-c1a0d"
X-Cache: HIT from vultr-yd11_13-group02-0004
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 793101

GET
H/1.1 200
OK e0153bd8d632469da0a1d2beaac1ddc2.gif
3337822.com/ Frame FC2D 622 KB
622 KB 680ms
165ms Image
image/gif 104.238.183.216
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3337822.com/e0153bd8d632469da0a1d2beaac1ddc2.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.238.183.216 San Jose, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.238.183.216.vultr.com
Software: nginx /
Resource Hash: b6cedcfcb72c1b9a9fa85190d939dce650df9c47255ac2990848f741cb26ae29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 21:28:32 GMT
Last-Modified: Mon, 11 Oct 2021 13:53:35 GMT
Server: nginx
ETag: "616441df-9b86e"
X-Cache: HIT from vultr-yd11_13-group02-0004
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 637038

GET
H/1.1 200
OK 15bfee0007a14536a12c115aa82aaab9.gif
3332202.com/ Frame FC2D 513 KB
513 KB 737ms
153ms Image
image/gif 45.61.212.50
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3332202.com/15bfee0007a14536a12c115aa82aaab9.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.50 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: aaa64706620be9f7007ba35f2680842a90f9584dba43235d5bbe1bb7aa2f60bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 04:50:21 GMT
Last-Modified: Sat, 02 Oct 2021 14:30:51 GMT
Server: nginx
ETag: "61586d1b-803cc"
X-Cache: HIT from cloud-us1-cdnb-20
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 525260

GET
H2

200

290f7f2a2156ca602e7adcc758545a52.gif
kveww.com/ Frame FC2D
Redirect Chain

https://kvemm.com/290f7f2a2156ca602e7adcc758545a52.gif
https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

954 KB
955 KB

161ms
98ms

Image
image/gif

104.21.233.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.233.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dd64eb0c61d163b82ee54e18d5bd2e785f8f13144ea107dce354b46de5f69a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45418
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 976485
last-modified: Mon, 18 Oct 2021 08:21:35 GMT
server: cloudflare
etag: "616d2e8f-ee665"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrT%2B3yT33NwCmlEX%2BRGaaUbmUONf2PlAhbA43XQ5J%2Bn0xZI5GvydK%2BTtNOUKjGbEfW9O%2BOohCGQ7xJq%2FHAGre5OhDUR26hV1xsEo6Zcdfrc%2BltKmn0DOLzH5sg4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a0cd2289e6a4132-PRG
expires: Thu, 18 Nov 2021 08:03:22 GMT

Redirect headers

location: https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif
date: Tue, 19 Oct 2021 20:40:20 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H/1.1 200
OK f6b142db48a8401199b9784e8735d003.gif
image.bitautoimg.com/ask/2021/09/03/ Frame FC2D 1 MB
1 MB 32ms
7ms Image
image/gif 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bitautoimg.com/ask/2021/09/03/f6b142db48a8401199b9784e8735d003.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: Tengine /
Resource Hash: 8e4bfe132f8f8fc337c549048b29b454995c9f268258dfe5420cec4d1861cf76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 20:40:20 GMT
Age: 1
X-Cache: HIT from cache.51cdn.com
X-Via: 1.1 wdx12:2 (Cdn Cache Server V2.0), 1.1 PS-000-01FMj78:2 (Cdn Cache Server V2.0), 1.1 zhoudxin93:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:13 (Cdn Cache Server V2.0)
x-cos-request-id: NjEzMjQ1YzFfOWNiN2MyMDlfMTdlYzlfMTBkZTJjZg==
x-cos-version-id: MTg0NDUxMTMzODk5NDgyNTEwMTA
Connection: keep-alive
Content-Length: 1152362
x-cos-hash-crc64ecma: 12759959830281205062
Last-Modified: Fri, 03 Sep 2021 15:42:41 GMT
Server: Tengine
ETag: "3ec154965a3170ce773f865ec8e541d5"
X-Ws-Request-Id: 616f2d34_PSdgflkfFRA1dm92_17330-39834
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Expires: Sun, 16 Jan 2022 03:51:31 GMT

GET
H2 200 960x240-2.gif
x.kuguacdn.xyz/Xiii/ Frame FC2D 301 KB
302 KB 55ms
22ms Image
image/gif 104.21.38.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.kuguacdn.xyz/Xiii/960x240-2.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.38.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892ff6298dd3561149418c96e9526cd9b3cc940b9a3f276c8ace5d57261f6834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1060621
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 307782
last-modified: Mon, 20 Sep 2021 11:20:15 GMT
server: cloudflare
etag: "61486e6f-4b246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGKsbwfXLk25D%2Bt8y64Cca0xZciE5kRtmd3zHOOEq0lYJjLEm8%2FXmg15ZaO%2FmcWGIUjGmCG%2BlawfnXDIDurPVQ3qKxcdK7lzFTs72RhRszWcV%2F9AoiY9tIIQTpN5udNbeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd227b9e22798-PRG
expires: Sat, 06 Nov 2021 14:03:13 GMT

GET
H2 200 bl_hf.gif
www.5qmtid.com/2811/ Frame FC2D 183 KB
183 KB 505ms
160ms Image
image/gif 154.22.125.108
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5qmtid.com:13377/2811/bl_hf.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.22.125.108 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

cb144eedf9aa653881beba156ac0da2b19018bd44be91a671bd28f72ace20e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
last-modified: Sun, 26 Sep 2021 16:12:12 GMT
server: nginx
etag: "61509bdc-2da79"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 187001
expires: Thu, 18 Nov 2021 20:40:20 GMT

GET
H2 200 yage_hf.gif
www.5qmtid.com/2811/ Frame FC2D 200 KB
200 KB 724ms
479ms Image
image/gif 154.22.125.108
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5qmtid.com:13377/2811/yage_hf.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.22.125.108 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

4df05a5d55354d23a4a1dd3ed76c77a911b2b193289f2af5b2c99132ad78af66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
last-modified: Mon, 30 Aug 2021 16:54:53 GMT
server: nginx
etag: "612d0d5d-31f96"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 204694
expires: Thu, 18 Nov 2021 20:40:20 GMT

GET
H2 200 bl_hf1.gif
www.5qmtid.com/2811/ Frame FC2D 240 KB
241 KB 723ms
478ms Image
image/gif 154.22.125.108
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5qmtid.com:13377/2811/bl_hf1.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.22.125.108 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

564f6af47e4a585e3a9f17b1f91c0fbcb9794cc87fec64e2f3445994660b4ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
last-modified: Sun, 26 Sep 2021 16:12:13 GMT
server: nginx
etag: "61509bdd-3c1c4"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 246212
expires: Thu, 18 Nov 2021 20:40:20 GMT

GET
H2 200 960x240-4.gif
x.heisicdn.xyz/Xiii/ Frame FC2D 134 KB
134 KB 40ms
38ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/Xiii/960x240-4.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cba518ce5224fa9ee65ae21958af785ab76c339dba2793f9017a806c904cf6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1053077
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 137113
last-modified: Mon, 20 Sep 2021 11:20:17 GMT
server: cloudflare
etag: "61486e71-21799"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4n0G14kf79ClYCGWcDm%2FTuyRRVYAoBt1%2BCf32DeYWKJ%2F5VbPDhwzo3puSpQMWvIru6uj%2BUPS3v8F4v47mOGpPaD2bpq77hHqig%2FAMjMhxdDtr8rGdCt3Z91fzByPh%2B4fvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2282d874132-PRG
expires: Sat, 06 Nov 2021 16:08:56 GMT

GET
H2 200 loading.svg
pqaxfs.com/tpl/72/static/images/ Frame FC2D 503 B
708 B 263ms
262ms Image
image/svg+xml 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pqaxfs.com:35981/tpl/72/static/images/loading.svg
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5824f3b35ec70256260ed3e5593ef13f4be295465dc942da9bf76cb89efc2db3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:40 GMT
last-modified: Mon, 09 Aug 2021 11:39:25 GMT
server: nginx
etag: "1f7-5c91ed64b1540"
content-type: image/svg+xml
expires: Tue, 19 Oct 2021 21:43:40 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 503
x-proxy-cache: HIT

GET
H2 200 528-960x80.gif
x.heisicdn.xyz/s_/tyc/ Frame FC2D 791 KB
793 KB 38ms
36ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/tyc/528-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8e36980fbc7fe003b91c83ab740d2fb978d216ea141d0a9c310df45e4957be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 810317
last-modified: Sat, 18 Sep 2021 11:25:47 GMT
server: cloudflare
etag: "6145ccbb-c5d4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhuplw6sOkU48w9X6IP7NNPqIeswDKFaNDU6RchZOLARaVIadI7kzZQuTXYOuT1pGzh1za6zL6ibyO77wBJS%2FfWN8ycZo%2B4P6PU4do8t6WGlNa6ZvJEPHnLfOqhFQcTbww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2282d8a4132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H2 200 338-960x80.gif
x.heisicdn.xyz/s_/xpj/ Frame FC2D 411 KB
412 KB 39ms
36ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/xpj/338-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76c2e6d22129a7a7c05ab8bfe8d2fa15b9ff070fb962288d801bc90506c384ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 421137
last-modified: Sat, 18 Sep 2021 11:23:32 GMT
server: cloudflare
etag: "6145cc34-66d11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPTCePv0wM3CIR1Quo%2BI1v4%2F17vLIyoqCSXopXTwccK45cYE5AtO%2FMVmJsI9U1HzhD7PfUCY%2BqAABZt8KiRLctNi5gRt7GBWhfirGKzTXkC90agnaepfkmXzCRH5XEyFqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2282d8b4132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H2 200 675-960x80.gif
x.heisicdn.xyz/s_/vns/ Frame FC2D 607 KB
608 KB 40ms
38ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/vns/675-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

210ec7fcd537b49a446476c27b1ac6127ba7727abe2cfa1b5e1396bf2215b2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 621279
last-modified: Sat, 18 Sep 2021 11:29:48 GMT
server: cloudflare
etag: "6145cdac-97adf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0qvZEA92p9xoknmkf5wtwHXD5rumdb8xdkPpg80YELI8skI%2F82yJUF9fbEo%2Feyo3jMaZeP1Taw5R5VDk4OMlro8sQtVhaNya1%2B2%2BMbnu5Quri6kREHXNBaUscpYqPP%2FTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2282d8c4132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H/1.1 200
OK jquery.min.js Show response
cdn.staticfile.org/jquery/1.12.4/ Frame D6AE 95 KB
34 KB 25ms
7ms Script
application/javascript 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery/1.12.4/jquery.min.js
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Qiniu-Zone: 0
X-Log: X-Log
Date: Tue, 19 Oct 2021 03:58:22 GMT
Via: cache25.l2sg2[0,0,304-0,H], cache33.l2sg2[0,0], cache10.de2[0,0,200-0,H], cache13.de2[1,0]
Vary: Accept-Encoding
X-Svr: IO
Age: 60118
X-Cache: HIT TCP_MEM_HIT dirn:10:301638807
Content-Transfer-Encoding: binary
X-Swift-CacheTime: 86393
Content-Disposition: inline; filename="jquery.min.js"; filename*=utf-8''jquery.min.js
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 33987
X-M-Reqid: 0nwAAGBzwD-Yya0W
X-M-Log: QNM:jjh1513;QNM3:36/304
Last-Modified: Fri, 21 Oct 2016 08:51:50 GMT
Server: Tengine
Etag: "Flqdz772VaJmjni66-qo3G9B2Nq7.gz"
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634615902
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Qnm-Cache: Hit
EagleId: 2ff62ba116346760200033555e
X-Reqid: -fsAAAC018OAUq8W
X-Swift-SaveTime: Tue, 19 Oct 2021 03:58:29 GMT

GET
H/1.1 200
OK swiper.min.js Show response
cdn.staticfile.org/Swiper/3.4.2/js/ Frame D6AE 94 KB
24 KB 27ms
8ms Script
application/javascript 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/Swiper/3.4.2/js/swiper.min.js
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Encoding: gzip
Age: 52628
X-Swift-CacheTime: 86395
Content-Disposition: inline; filename="swiper.min.js"; filename*=utf-8''swiper.min.js
X-Swift-SaveTime: Tue, 19 Oct 2021 06:03:17 GMT
X-M-Reqid: h1wAAOU6dEtm0K0W
X-M-Log: QNM:xs1170;QNM3:56/304
Etag: "FqsHQ6idUiQ4wXrn6vWUP9RZDuPQ.gz"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
X-Qiniu-Zone: 0
X-Qnm-Cache: Hit
EagleId: 2ff62b9d16346760200076872e
Expires: Tue, 20 Oct 2020 11:14:15 GMT
X-Log: X-Log
Date: Tue, 19 Oct 2021 06:03:12 GMT
Via: cache8.l2sg2[0,0,304-0,H], cache26.l2sg2[0,0], cache7.de2[0,0,200-0,H], cache9.de2[1,0]
X-Svr: IO
X-Swift-Error: orig response 5xx error
X-Reqid: JlQAAACJaa1QWa8W
Connection: keep-alive
Content-Transfer-Encoding: binary
Content-Length: 23694
X-Cache: HIT TCP_MEM_HIT dirn:0:54526002
Last-Modified: Tue, 14 Mar 2017 08:30:25 GMT
Server: Tengine
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634623392
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK bootstrap.min.js Show response
cdn.staticfile.org/twitter-bootstrap/3.4.1/js/ Frame D6AE 39 KB
12 KB 27ms
8ms Script
application/javascript 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/twitter-bootstrap/3.4.1/js/bootstrap.min.js
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Encoding: gzip
Content-Md5: LzS2MP/jC6L/K5Hj88MioQ==
Age: 58877
X-Swift-CacheTime: 86399
Content-Disposition: inline; filename="bootstrap.min.js"; filename*=utf-8''bootstrap.min.js
X-Swift-SaveTime: Tue, 19 Oct 2021 04:19:04 GMT
X-M-Reqid: LhQAAA3pD7u4yq0W
X-M-Log: QNM:jjh1911;QNM3/304
Etag: "FrFv2CJr1r-wjlaPGx0KIdYCR877.gz"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
X-Qiniu-Zone: 0
X-Qnm-Cache: Hit
EagleId: 2ff62b9516346760199983543e
Expires: Wed, 23 Sep 2020 07:33:15 GMT
X-Log: X-Log
Date: Tue, 19 Oct 2021 04:19:02 GMT
Via: cache30.l2sg2[0,0,304-0,H], cache29.l2sg2[1,0], cache13.de2[0,0,200-0,H], cache1.de2[1,0]
X-Svr: IO
X-Reqid: 4bIAAAAqan-hU68W
Connection: keep-alive
Content-Transfer-Encoding: binary
Content-Length: 10926
X-Cache: HIT TCP_MEM_HIT dirn:10:321501288
Last-Modified: Mon, 18 Feb 2019 14:03:03 GMT
Server: Tengine
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634617143
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H/1.1 200
OK jquery.lazyload.min.js Show response
cdn.staticfile.org/jquery.lazyload/1.9.1/ Frame D6AE 3 KB
2 KB 27ms
8ms Script
application/javascript 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery.lazyload/1.9.1/jquery.lazyload.min.js
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Qiniu-Zone: 0
X-Log: X-Log
Date: Tue, 19 Oct 2021 04:05:33 GMT
Via: cache34.l2sg2[0,0,304-0,H], cache23.l2sg2[1,0], cache3.de2[0,0,200-0,H], cache10.de2[1,0]
Vary: Accept-Encoding
X-Svr: IO
Age: 59687
X-Cache: HIT TCP_MEM_HIT dirn:11:70443511
Content-Transfer-Encoding: binary
X-Swift-CacheTime: 86396
Content-Disposition: inline; filename="jquery.lazyload.min.js"; filename*=utf-8''jquery.lazyload.min.js
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1308
X-M-Reqid: i10AAJFRgfr6ya0W
X-M-Log: QNM:xs469;QNM3:1/304
Last-Modified: Tue, 16 Feb 2016 04:24:38 GMT
Server: Tengine
Etag: "FjODGOkwSHsnkae89TrUYBYwzEHi.gz"
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634616333
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Qnm-Cache: Hit
EagleId: 2ff62b9e16346760200022993e
X-Reqid: UGwAAAD1APXkUq8W
X-Swift-SaveTime: Tue, 19 Oct 2021 04:05:37 GMT

GET
H/1.1 200
OK swiper.min.css
cdn.staticfile.org/Swiper/3.4.2/css/ Frame D6AE 17 KB
4 KB 16ms
7ms Stylesheet
text/css 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/Swiper/3.4.2/css/swiper.min.css
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Qiniu-Zone: 0
X-Log: X-Log
Date: Tue, 19 Oct 2021 04:48:41 GMT
Via: cache18.l2sg2[0,0,304-0,H], cache23.l2sg2[1,0], cache13.de2[0,0,200-0,H], cache8.de2[1,0]
Vary: Accept-Encoding
X-Svr: IO
Age: 57098
X-Cache: HIT TCP_MEM_HIT dirn:10:425795607
Content-Transfer-Encoding: binary
X-Swift-CacheTime: 86399
Content-Disposition: inline; filename="swiper.min.css"; filename*=utf-8''swiper.min.css
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2883
X-M-Reqid: FEwAADdbc1FWzK0W
X-M-Log: QNM:xs445;SRCPROXY:xs1756;SRC:1/304;SRCPROXY:1/304;QNM3:5/304
Last-Modified: Wed, 22 Mar 2017 02:04:03 GMT
Server: Tengine
Etag: "FhXQQXuqCKdBxq7hn9-_SBNjX5j4.gz"
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634618921
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Qnm-Cache: Validate,Hit
EagleId: 2ff62b9c16346760199921621e
X-Reqid: rrUAAAB_xps_Va8W
X-Swift-SaveTime: Tue, 19 Oct 2021 04:48:42 GMT

GET
H/1.1 200
OK bootstrap.min.css
cdn.staticfile.org/twitter-bootstrap/3.4.1/css/ Frame D6AE 119 KB
20 KB 22ms
13ms Stylesheet
text/css 47.246.43.225
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/twitter-bootstrap/3.4.1/css/bootstrap.min.css
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.43.225 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Encoding: gzip
Content-Md5: f4lTfq9ga/9J9cwafCTbyg==
Age: 60944
X-Swift-CacheTime: 86400
Content-Disposition: inline; filename="bootstrap.min.css"; filename*=utf-8''bootstrap.min.css
X-Swift-SaveTime: Tue, 19 Oct 2021 03:44:35 GMT
X-M-Reqid: pBsAAIqdwZjXyK0W
X-M-Log: QNM:xs473;QNM3:34/304
Etag: "FrCXL9zOgv1YPUwszD8uPfdAShnQ.gz"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
X-Qiniu-Zone: 0
X-Qnm-Cache: Hit
EagleId: 2ff62b9616346760199911800e
Expires: Mon, 19 Oct 2020 21:46:26 GMT
X-Log: X-Log
Date: Tue, 19 Oct 2021 03:44:35 GMT
Via: cache31.l2sg2[0,0,304-0,H], cache12.l2sg2[0,0], cache10.de2[0,0,200-0,H], cache2.de2[1,0]
X-Svr: IO
X-Reqid: sa4AAAAQRgrAUa8W
Connection: keep-alive
Content-Transfer-Encoding: binary
Content-Length: 19704
X-Cache: HIT TCP_MEM_HIT dirn:10:312459679
Last-Modified: Mon, 18 Feb 2019 13:57:36 GMT
Server: Tengine
Access-Control-Max-Age: 2592000
Ali-Swift-Global-Savetime: 1634615075
Accept-Ranges: bytes
Timing-Allow-Origin: *

GET
H2 200 common.css
pqaxfs.com/tpl/1/css/ Frame D6AE 7 KB
2 KB 248ms
247ms Stylesheet
text/css 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/tpl/1/css/common.css
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 03459a098d10a75c3ccb7db9a839cd0ce709ef95070ba2843eede2cbf1ae4bde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:39 GMT
content-encoding: gzip
last-modified: Thu, 05 Aug 2021 11:27:17 GMT
server: nginx
etag: W/"1afe-5c8ce33892f40"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 19 Oct 2021 21:43:39 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 global.js Show response
pqaxfs.com/tpl/1/js/ Frame D6AE 188 B
343 B 403ms
402ms Script
application/javascript 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/tpl/1/js/global.js
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: f6b5cd0891c73ee5dd39846fea6ea7cbfa25817914e19055d293ba6c0f4cb7fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:40 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 20:10:20 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 19 Oct 2021 22:40:20 GMT
cache-control: max-age=7200
x-proxy-cache: HIT

GET
H2 200 style.css
pqaxfs.com/tpl/73/static/css/ Frame D6AE 22 KB
5 KB 249ms
248ms Stylesheet
text/css 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/tpl/73/static/css/style.css
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 95f99fb90dfbdb504cda9d6bedd11b8ce86e56a8fbd6103ce3f4178d55c9a64b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:39 GMT
content-encoding: gzip
last-modified: Mon, 16 Aug 2021 12:28:20 GMT
server: nginx
etag: W/"57c6-5c9ac561f4100"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 19 Oct 2021 21:43:39 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 528-960x480.gif
x.heisicdn.xyz/s_/tyc/ Frame D6AE 202 KB
203 KB 191ms
34ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/tyc/528-960x480.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a9218a6617f9ae64553a922384ae9b09dd7817fdd18b5be22c674fb9836e6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1053079
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 206891
last-modified: Sat, 18 Sep 2021 11:25:49 GMT
server: cloudflare
etag: "6145ccbd-3282b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LNRCMSnX38ZBH5KjhT4%2B6MarqmIQO11vwdYrAi713ttuBBW0Qr4He63mxpqCS5ebAjT%2FYb9oypt%2F4VFVp62%2FlpBwjIfj%2B6QQRUgfvUuQbZvJwOeAO5sU73xMqF5tbXfNWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd227ace04132-PRG
expires: Sat, 06 Nov 2021 16:08:55 GMT

GET
H2 200 338-960x480.gif
x.heisicdn.xyz/s_/xpj/ Frame D6AE 572 KB
573 KB 36ms
35ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/xpj/338-960x480.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2612f12b031b9160eb5006f51802eb3876cbf80b4e34059bda0a6a689a70d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 585681
last-modified: Sat, 18 Sep 2021 11:23:35 GMT
server: cloudflare
etag: "6145cc37-8efd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zy8TKmapLs%2BOsSdHUsNvOkpau9mzPNgjw3T2xMiTFh6oz%2Ba7uiAnIdCkpVJh1pM8s2RxFl7ohZ8P8HYKcfLh8WoVHTB5HJxfwA%2Fkc5mwOcP%2Bl%2FoMu7uZ3Tc%2BjoVBJJ26%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2283dca4132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H2 200 675-960x480.gif
x.heisicdn.xyz/s_/vns/ Frame D6AE 776 KB
777 KB 35ms
28ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/vns/675-960x480.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347a820ac8653964b25ba1f3aa9b52cf38d143530d209c3af9ef300877fa1c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 794415
last-modified: Sat, 18 Sep 2021 11:29:50 GMT
server: cloudflare
etag: "6145cdae-c1f2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z448Ly82J4at%2B6Q%2Funt1aREIbOW9AQJbPCC2gU2kp5aHoQaHvDIAukNTZtOJC1kOns4E3iyX%2BYCTLi4ohsXZ7z653kQjpmKYX4XaeyUMU3dNy51E%2BfL6h5lLUdfFZOKfWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2284de54132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H/1.1 200
OK 81cfafef34ca4cd2b933be12a8c8a24e.gif
3337822.com/ Frame D6AE 775 KB
775 KB 626ms
156ms Image
image/gif 104.238.183.216
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3337822.com/81cfafef34ca4cd2b933be12a8c8a24e.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.238.183.216 San Jose, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.238.183.216.vultr.com
Software: nginx /
Resource Hash: 3a2458fa4654ec538e24de9aa84c5ef221e6643c37498fb2b1e206225452f1d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:19:58 GMT
Last-Modified: Fri, 15 Oct 2021 14:45:50 GMT
Server: nginx
ETag: "6169941e-c1a0d"
X-Cache: HIT from vultr-yd11_13-group02-0004
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 793101

GET
H/1.1 200
OK e0153bd8d632469da0a1d2beaac1ddc2.gif
3337822.com/ Frame D6AE 622 KB
622 KB 628ms
157ms Image
image/gif 104.238.183.216
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3337822.com/e0153bd8d632469da0a1d2beaac1ddc2.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.238.183.216 San Jose, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.238.183.216.vultr.com
Software: nginx /
Resource Hash: b6cedcfcb72c1b9a9fa85190d939dce650df9c47255ac2990848f741cb26ae29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 21:28:32 GMT
Last-Modified: Mon, 11 Oct 2021 13:53:35 GMT
Server: nginx
ETag: "616441df-9b86e"
X-Cache: HIT from vultr-yd11_13-group02-0004
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 637038

GET
H/1.1 200
OK 15bfee0007a14536a12c115aa82aaab9.gif
3332202.com/ Frame D6AE 513 KB
513 KB 619ms
151ms Image
image/gif 45.61.212.50
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3332202.com/15bfee0007a14536a12c115aa82aaab9.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.50 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: aaa64706620be9f7007ba35f2680842a90f9584dba43235d5bbe1bb7aa2f60bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 04:50:21 GMT
Last-Modified: Sat, 02 Oct 2021 14:30:51 GMT
Server: nginx
ETag: "61586d1b-803cc"
X-Cache: HIT from cloud-us1-cdnb-20
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 525260

GET
H2

200

290f7f2a2156ca602e7adcc758545a52.gif
kveww.com/ Frame D6AE
Redirect Chain

https://kvemm.com/290f7f2a2156ca602e7adcc758545a52.gif
https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

954 KB
955 KB

121ms
99ms

Image
image/gif

104.21.233.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.233.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dd64eb0c61d163b82ee54e18d5bd2e785f8f13144ea107dce354b46de5f69a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45418
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 976485
last-modified: Mon, 18 Oct 2021 08:21:35 GMT
server: cloudflare
etag: "616d2e8f-ee665"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f24aHZNJXSpzfO459Kbumt3QgJoHCU7dts%2FC2nnY2YF7R%2FtTc43BRODm02kWEc%2B5PGYXWm%2BdVFPM9Z2E86SsumBTDuCul1mtoHlEfg62bqNYx4DbFcqSloOXSzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a0cd2289e6c4132-PRG
expires: Thu, 18 Nov 2021 08:03:22 GMT

Redirect headers

location: https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif
date: Tue, 19 Oct 2021 20:40:20 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H/1.1 200
OK f6b142db48a8401199b9784e8735d003.gif
image.bitautoimg.com/ask/2021/09/03/ Frame D6AE 1 MB
1 MB 68ms
33ms Image
image/gif 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bitautoimg.com/ask/2021/09/03/f6b142db48a8401199b9784e8735d003.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: Tengine /
Resource Hash: 8e4bfe132f8f8fc337c549048b29b454995c9f268258dfe5420cec4d1861cf76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 20:40:20 GMT
Age: 1
X-Cache: HIT from cache.51cdn.com
X-Via: 1.1 wdx12:2 (Cdn Cache Server V2.0), 1.1 PS-000-01FMj78:2 (Cdn Cache Server V2.0), 1.1 zhoudxin93:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:13 (Cdn Cache Server V2.0)
x-cos-request-id: NjEzMjQ1YzFfOWNiN2MyMDlfMTdlYzlfMTBkZTJjZg==
x-cos-version-id: MTg0NDUxMTMzODk5NDgyNTEwMTA
Connection: keep-alive
Content-Length: 1152362
x-cos-hash-crc64ecma: 12759959830281205062
Last-Modified: Fri, 03 Sep 2021 15:42:41 GMT
Server: Tengine
ETag: "3ec154965a3170ce773f865ec8e541d5"
X-Ws-Request-Id: 616f2d34_PSdgflkfFRA1dm92_20945-57546
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Expires: Sun, 16 Jan 2022 03:51:31 GMT

GET
H2 200 960x240-2.gif
x.kuguacdn.xyz/Xiii/ Frame D6AE 301 KB
301 KB 32ms
26ms Image
image/gif 104.21.38.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.kuguacdn.xyz/Xiii/960x240-2.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.38.60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892ff6298dd3561149418c96e9526cd9b3cc940b9a3f276c8ace5d57261f6834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1060621
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 307782
last-modified: Mon, 20 Sep 2021 11:20:15 GMT
server: cloudflare
etag: "61486e6f-4b246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcqQvoziNTjoLdDBmEL2h27m5JzA0JBN1XEl6LxrxnvEyLC3yD5SZEiD50FFatSCnG8%2Buml%2FzbjImkK2XvHZj5op%2BjHEOnPVTCa0R6ZS7wSrNNCf7QMxgUdRT0KZk2OHjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2284aca2798-PRG
expires: Sat, 06 Nov 2021 14:03:13 GMT

GET
H2 200 bl_hf.gif
www.5qmtid.com/2811/ Frame D6AE 183 KB
183 KB 705ms
479ms Image
image/gif 154.22.125.108
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5qmtid.com:13377/2811/bl_hf.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.22.125.108 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

cb144eedf9aa653881beba156ac0da2b19018bd44be91a671bd28f72ace20e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
last-modified: Sun, 26 Sep 2021 16:12:12 GMT
server: nginx
etag: "61509bdc-2da79"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 187001
expires: Thu, 18 Nov 2021 20:40:20 GMT

GET
H2 200 yage_hf.gif
www.5qmtid.com/2811/ Frame D6AE 200 KB
200 KB 705ms
478ms Image
image/gif 154.22.125.108
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5qmtid.com:13377/2811/yage_hf.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.22.125.108 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

4df05a5d55354d23a4a1dd3ed76c77a911b2b193289f2af5b2c99132ad78af66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
last-modified: Mon, 30 Aug 2021 16:54:53 GMT
server: nginx
etag: "612d0d5d-31f96"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 204694
expires: Thu, 18 Nov 2021 20:40:20 GMT

GET
H2 200 bl_hf1.gif
www.5qmtid.com/2811/ Frame D6AE 240 KB
241 KB 704ms
478ms Image
image/gif 154.22.125.108
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5qmtid.com:13377/2811/bl_hf1.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.22.125.108 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

564f6af47e4a585e3a9f17b1f91c0fbcb9794cc87fec64e2f3445994660b4ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
last-modified: Sun, 26 Sep 2021 16:12:13 GMT
server: nginx
etag: "61509bdd-3c1c4"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 246212
expires: Thu, 18 Nov 2021 20:40:20 GMT

GET
H2 200 960x240-4.gif
x.heisicdn.xyz/Xiii/ Frame D6AE 134 KB
134 KB 32ms
27ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/Xiii/960x240-4.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cba518ce5224fa9ee65ae21958af785ab76c339dba2793f9017a806c904cf6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1053077
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 137113
last-modified: Mon, 20 Sep 2021 11:20:17 GMT
server: cloudflare
etag: "61486e71-21799"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryqi0qURISPdB1%2B7On1qhKwZPByJ4lhphOQumPsy1KcwMB25AC7OsMOxgs0fs93zUCUZ3oqBYbEjI0YdvOHUbNbS7wTZikRI3Xn4v9I6oQ67Pa3ZKcJ%2FuVsx6kWo1zurTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2284df34132-PRG
expires: Sat, 06 Nov 2021 16:08:56 GMT

GET
H2 200 loading.svg
pqaxfs.com/tpl/72/static/images/ Frame D6AE 503 B
708 B 262ms
257ms Image
image/svg+xml 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pqaxfs.com:35981/tpl/72/static/images/loading.svg
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5824f3b35ec70256260ed3e5593ef13f4be295465dc942da9bf76cb89efc2db3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:40 GMT
last-modified: Mon, 09 Aug 2021 11:39:25 GMT
server: nginx
etag: "1f7-5c91ed64b1540"
content-type: image/svg+xml
expires: Tue, 19 Oct 2021 21:43:40 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 503
x-proxy-cache: HIT

GET
H2 200 528-960x80.gif
x.heisicdn.xyz/s_/tyc/ Frame D6AE 791 KB
792 KB 38ms
33ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/tyc/528-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8e36980fbc7fe003b91c83ab740d2fb978d216ea141d0a9c310df45e4957be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 810317
last-modified: Sat, 18 Sep 2021 11:25:47 GMT
server: cloudflare
etag: "6145ccbb-c5d4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SupxStEc9C00XbksOmwgWqKzep5N8z8WHHhtoI6jKevRlIwbjGWq5pHrzAjMXFqJbaGgmypQlVuxABnsKDYrnZLaVd7SpYDXNVaO4NmF3ClTb3%2FEPfaBXiZxbj7T124j%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2284df54132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H2 200 338-960x80.gif
x.heisicdn.xyz/s_/xpj/ Frame D6AE 411 KB
412 KB 37ms
32ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/xpj/338-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76c2e6d22129a7a7c05ab8bfe8d2fa15b9ff070fb962288d801bc90506c384ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 421137
last-modified: Sat, 18 Sep 2021 11:23:32 GMT
server: cloudflare
etag: "6145cc34-66d11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BDWyn6yVL7Rcg5na256t1waW5qwPgFtVRKGYTEZUYu%2BQVrPrfUyinGrNMIyYz%2FUEYxe2mDJhQSx72YkLVMStBtMUENwafKOLmARlFy78rMyPRh5MqfjPF1IFKv4UV0Nrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2284df64132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H2 200 675-960x80.gif
x.heisicdn.xyz/s_/vns/ Frame D6AE 607 KB
608 KB 38ms
33ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/vns/675-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

210ec7fcd537b49a446476c27b1ac6127ba7727abe2cfa1b5e1396bf2215b2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 621279
last-modified: Sat, 18 Sep 2021 11:29:48 GMT
server: cloudflare
etag: "6145cdac-97adf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DfqRrWw8xM49969RzOqtFZr7Mw0%2B8jja3kY1sbYu0g8YCJRfAXH8uXYchbNu3E6RQHKKSYXuILZvvZQM7g8%2BdYteNIp4EMGl1XBb1RjBzGh0a%2BIofDonY2Ss2CpG9xnNlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2284df74132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 298ms
298ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1787469193&si=749a867ae77418caf4ad7751cc318a62&v=1.2.87&lv=1&sn=36515&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.noickjr.com%2Findex.php&tt=%E5%91%A8%E5%8F%A3%E7%BB%B7%E5%8B%BE%E5%95%86%E8%B4%B8%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.noickjr.com
URL: http://www.noickjr.com/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.noickjr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Oct 2021 20:40:20 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK 81cfafef34ca4cd2b933be12a8c8a24e.gif
3337822.com/ Frame FC2D 775 KB
775 KB 630ms
155ms Image
image/gif 104.238.183.216
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3337822.com/81cfafef34ca4cd2b933be12a8c8a24e.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.238.183.216 San Jose, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.238.183.216.vultr.com
Software: nginx /
Resource Hash: 3a2458fa4654ec538e24de9aa84c5ef221e6643c37498fb2b1e206225452f1d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:19:58 GMT
Last-Modified: Fri, 15 Oct 2021 14:45:50 GMT
Server: nginx
ETag: "6169941e-c1a0d"
X-Cache: HIT from vultr-yd11_13-group02-0004
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 793101

GET
H/1.1 200
OK e0153bd8d632469da0a1d2beaac1ddc2.gif
3337822.com/ Frame FC2D 622 KB
622 KB 1535ms
157ms Image
image/gif 104.238.183.216
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3337822.com/e0153bd8d632469da0a1d2beaac1ddc2.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.238.183.216 San Jose, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.238.183.216.vultr.com
Software: nginx /
Resource Hash: b6cedcfcb72c1b9a9fa85190d939dce650df9c47255ac2990848f741cb26ae29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 21:28:32 GMT
Last-Modified: Mon, 11 Oct 2021 13:53:35 GMT
Server: nginx
ETag: "616441df-9b86e"
X-Cache: HIT from vultr-yd11_13-group02-0004
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 637038

GET
H/1.1 200
OK 15bfee0007a14536a12c115aa82aaab9.gif
3332202.com/ Frame FC2D 513 KB
513 KB 696ms
147ms Image
image/gif 45.61.212.50
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3332202.com/15bfee0007a14536a12c115aa82aaab9.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.50 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: aaa64706620be9f7007ba35f2680842a90f9584dba43235d5bbe1bb7aa2f60bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 04:50:21 GMT
Last-Modified: Sat, 02 Oct 2021 14:30:51 GMT
Server: nginx
ETag: "61586d1b-803cc"
X-Cache: HIT from cloud-us1-cdnb-20
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 525260

GET
H3

200

290f7f2a2156ca602e7adcc758545a52.gif
kveww.com/ Frame FC2D
Redirect Chain

https://kvemm.com/290f7f2a2156ca602e7adcc758545a52.gif
https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

954 KB
955 KB

46ms
24ms

Image
image/gif

104.21.233.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.233.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dd64eb0c61d163b82ee54e18d5bd2e785f8f13144ea107dce354b46de5f69a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45418
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 976485
last-modified: Mon, 18 Oct 2021 08:21:35 GMT
server: cloudflare
etag: "616d2e8f-ee665"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PGMI2U%2BNSt2GRdCm1yzZw%2Fmj7dhMTx7OjEYEaeQDuUOCc0YmlwuvceLOGr24BPEYf5DvzdITP9cR9PZ2XSFWsyIwCszpwraQNiRKl0kY9NEOPAg3Ji2NzOJ8n4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a0cd22a4e8d4137-PRG
expires: Thu, 18 Nov 2021 08:03:22 GMT

Redirect headers

location: https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif
date: Tue, 19 Oct 2021 20:40:20 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H/1.1 200
OK f6b142db48a8401199b9784e8735d003.gif
image.bitautoimg.com/ask/2021/09/03/ Frame FC2D 1 MB
1 MB 8ms
7ms Image
image/gif 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bitautoimg.com/ask/2021/09/03/f6b142db48a8401199b9784e8735d003.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: Tengine /
Resource Hash: 8e4bfe132f8f8fc337c549048b29b454995c9f268258dfe5420cec4d1861cf76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 20:40:21 GMT
Age: 1
X-Cache: HIT from cache.51cdn.com
X-Via: 1.1 wdx12:2 (Cdn Cache Server V2.0), 1.1 PS-000-01FMj78:2 (Cdn Cache Server V2.0), 1.1 zhoudxin93:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:13 (Cdn Cache Server V2.0)
x-cos-request-id: NjEzMjQ1YzFfOWNiN2MyMDlfMTdlYzlfMTBkZTJjZg==
x-cos-version-id: MTg0NDUxMTMzODk5NDgyNTEwMTA
Connection: keep-alive
Content-Length: 1152362
x-cos-hash-crc64ecma: 12759959830281205062
Last-Modified: Fri, 03 Sep 2021 15:42:41 GMT
Server: Tengine
ETag: "3ec154965a3170ce773f865ec8e541d5"
X-Ws-Request-Id: 616f2d35_PSdgflkfFRA1dm92_20945-57586
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Expires: Sun, 16 Jan 2022 03:51:31 GMT

GET
H2 200 loading.svg
pqaxfs.com/tpl/72/static/images/ Frame FC2D 503 B
708 B 262ms
262ms Image
image/svg+xml 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pqaxfs.com:35981/tpl/72/static/images/loading.svg
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5824f3b35ec70256260ed3e5593ef13f4be295465dc942da9bf76cb89efc2db3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:40 GMT
last-modified: Mon, 09 Aug 2021 11:39:25 GMT
server: nginx
etag: "1f7-5c91ed64b1540"
content-type: image/svg+xml
expires: Tue, 19 Oct 2021 21:43:40 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 503
x-proxy-cache: HIT

GET
H2 200 bl_hf.gif
www.5qmtid.com/2811/ Frame FC2D 183 KB
183 KB 185ms
184ms Image
image/gif 154.22.125.108
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5qmtid.com:13377/2811/bl_hf.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.22.125.108 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

cb144eedf9aa653881beba156ac0da2b19018bd44be91a671bd28f72ace20e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
last-modified: Sun, 26 Sep 2021 16:12:12 GMT
server: nginx
etag: "61509bdc-2da79"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 187001
expires: Thu, 18 Nov 2021 20:40:20 GMT

GET
H3 200 528-960x80.gif
x.heisicdn.xyz/s_/tyc/ Frame FC2D 791 KB
792 KB 24ms
23ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/tyc/528-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8e36980fbc7fe003b91c83ab740d2fb978d216ea141d0a9c310df45e4957be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059152
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 810317
last-modified: Sat, 18 Sep 2021 11:25:47 GMT
server: cloudflare
etag: "6145ccbb-c5d4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gl2Jz0JKFcka2Hh4EDaaGfp5FQ3T4OFsbmADovrhcpPNrYWnB1arfFCCL3kfHIzsrxD%2BAddkdTRVfFZT9s7R7MWphgIBEZCdBGIRUFtF9pUQ3YmnZS4S%2BAVlFd%2FCbL99OA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd22c89e927c0-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H3 200 338-960x80.gif
x.heisicdn.xyz/s_/xpj/ Frame FC2D 411 KB
412 KB 40ms
38ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/xpj/338-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76c2e6d22129a7a7c05ab8bfe8d2fa15b9ff070fb962288d801bc90506c384ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059152
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 421137
last-modified: Sat, 18 Sep 2021 11:23:32 GMT
server: cloudflare
etag: "6145cc34-66d11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jf5BcTXEn04FCrF01CtRCCEZ%2BD83t1RyTiaWCibUq3EbhhfNRw627YS45%2BxTcM9mTiVSSZy%2FPuWNhABS4qwFW1H37rVC%2F7zqXSG%2F3b4QjYIHBFfMd51PDX%2FAkIygbMOI%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd22c89ef27c0-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H2 200 bl_hf1.gif
www.5qmtid.com/2811/ Frame FC2D 240 KB
241 KB 185ms
184ms Image
image/gif 154.22.125.108
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5qmtid.com:13377/2811/bl_hf1.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.22.125.108 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

564f6af47e4a585e3a9f17b1f91c0fbcb9794cc87fec64e2f3445994660b4ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
last-modified: Sun, 26 Sep 2021 16:12:13 GMT
server: nginx
etag: "61509bdd-3c1c4"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 246212
expires: Thu, 18 Nov 2021 20:40:20 GMT

GET
H3 200 675-960x80.gif
x.heisicdn.xyz/s_/vns/ Frame FC2D 607 KB
607 KB 143ms
142ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/vns/675-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

210ec7fcd537b49a446476c27b1ac6127ba7727abe2cfa1b5e1396bf2215b2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059152
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 621279
last-modified: Sat, 18 Sep 2021 11:29:48 GMT
server: cloudflare
etag: "6145cdac-97adf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egG0ZkQTHaaUowSe0u4WDNx9bQpy2Miay7QEtTRXP4LCE3LGIy5rMEK8cpWtlBqclawy7Py8qAvP3k0dReLdS1tJtdHRmfP2s3XSR5OhnvWVkF2FebjuNb86pBlbxnoIUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd22c89f227c0-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H2 200 voltaire.woff
pqaxfs.com/tpl/73/static/fonts/ Frame FC2D 12 KB
12 KB 261ms
261ms Font
application/font-woff 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/tpl/73/static/fonts/voltaire.woff
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/tpl/73/static/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 60103feb887fb33c9039f446339a21c8f3fb839ea050de3d4c12066f81151707

Request headers

Referer: https://pqaxfs.com:35981/tpl/73/static/css/style.css
Origin: https://pqaxfs.com:35981
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:40 GMT
last-modified: Mon, 09 Aug 2021 12:15:46 GMT
server: nginx
etag: "2ff0-5c91f584a8080"
content-type: application/font-woff
expires: Tue, 19 Oct 2021 21:43:40 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 12272
x-proxy-cache: HIT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame FC2D 36 KB
13 KB 291ms
290ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f4cac1adea4aea6e0c31f57155a62c7b

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

3eda8d478aaa75f3b94a11fe6add248d04f92bc65c063c380d806af29faa1409

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 20:40:20 GMT
Content-Encoding: gzip
Server: apache
Etag: b715a28cd0b006bf6a71779b282fb35c
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 13009

GET
H2 200 iconfont.woff2
pqaxfs.com/tpl/73/static/fonts/ Frame FC2D 2 KB
2 KB 252ms
250ms Font
application/octet-stream 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/tpl/73/static/fonts/iconfont.woff2?t=1627070171505
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/tpl/73/static/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c8bebdb58fc2d263e8413b39175e76cca82311c4b9a2303e7f9d9c76443a701

Request headers

Referer: https://pqaxfs.com:35981/tpl/73/static/css/style.css
Origin: https://pqaxfs.com:35981
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:40 GMT
last-modified: Mon, 09 Aug 2021 11:45:13 GMT
server: nginx
etag: "93c-5c91eeb092440"
cache-control: max-age=3600
x-proxy-cache: HIT
accept-ranges: bytes
content-length: 2364
expires: Tue, 19 Oct 2021 21:43:40 GMT

GET
H/1.1 200
OK 81cfafef34ca4cd2b933be12a8c8a24e.gif
3337822.com/ Frame D6AE 775 KB
775 KB 666ms
166ms Image
image/gif 104.238.183.216
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3337822.com/81cfafef34ca4cd2b933be12a8c8a24e.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.238.183.216 San Jose, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.238.183.216.vultr.com
Software: nginx /
Resource Hash: 3a2458fa4654ec538e24de9aa84c5ef221e6643c37498fb2b1e206225452f1d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 15:19:58 GMT
Last-Modified: Fri, 15 Oct 2021 14:45:50 GMT
Server: nginx
ETag: "6169941e-c1a0d"
X-Cache: HIT from vultr-yd11_13-group02-0004
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 793101

GET
H/1.1 200
OK e0153bd8d632469da0a1d2beaac1ddc2.gif
3337822.com/ Frame D6AE 622 KB
622 KB 1599ms
163ms Image
image/gif 104.238.183.216
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3337822.com/e0153bd8d632469da0a1d2beaac1ddc2.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.238.183.216 San Jose, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 104.238.183.216.vultr.com
Software: nginx /
Resource Hash: b6cedcfcb72c1b9a9fa85190d939dce650df9c47255ac2990848f741cb26ae29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 18 Oct 2021 21:28:32 GMT
Last-Modified: Mon, 11 Oct 2021 13:53:35 GMT
Server: nginx
ETag: "616441df-9b86e"
X-Cache: HIT from vultr-yd11_13-group02-0004
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 637038

GET
H/1.1 200
OK 15bfee0007a14536a12c115aa82aaab9.gif
3332202.com/ Frame D6AE 513 KB
513 KB 886ms
151ms Image
image/gif 45.61.212.50
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3332202.com/15bfee0007a14536a12c115aa82aaab9.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.50 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: aaa64706620be9f7007ba35f2680842a90f9584dba43235d5bbe1bb7aa2f60bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 15 Oct 2021 04:50:21 GMT
Last-Modified: Sat, 02 Oct 2021 14:30:51 GMT
Server: nginx
ETag: "61586d1b-803cc"
X-Cache: HIT from cloud-us1-cdnb-20
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 525260

GET
H2

200

290f7f2a2156ca602e7adcc758545a52.gif
kveww.com/ Frame D6AE
Redirect Chain

https://kvemm.com/290f7f2a2156ca602e7adcc758545a52.gif
https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

954 KB
955 KB

62ms
40ms

Image
image/gif

104.21.233.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.233.126 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0dd64eb0c61d163b82ee54e18d5bd2e785f8f13144ea107dce354b46de5f69a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45418
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 976485
last-modified: Mon, 18 Oct 2021 08:21:35 GMT
server: cloudflare
etag: "616d2e8f-ee665"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oEubI9bxI8FRc8tFkPKBJwmvO6Ja%2Bo3ey5iG8SZEMGgu3yqCYAQOsKYvNwoVkOhV715oDgdjQfBXdutrCDulQ1EVR3%2FeiiEn5R5B4TRyuR3F%2FkjlqI9lT4btH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6a0cd2289e6b4132-PRG
expires: Thu, 18 Nov 2021 08:03:22 GMT

Redirect headers

location: https://kveww.com/290f7f2a2156ca602e7adcc758545a52.gif
date: Tue, 19 Oct 2021 20:40:20 GMT
server: nginx
content-length: 162
strict-transport-security: max-age=31536000
content-type: text/html

GET
H/1.1 200
OK f6b142db48a8401199b9784e8735d003.gif
image.bitautoimg.com/ask/2021/09/03/ Frame D6AE 1 MB
1 MB 8ms
7ms Image
image/gif 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.bitautoimg.com/ask/2021/09/03/f6b142db48a8401199b9784e8735d003.gif
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: Tengine /
Resource Hash: 8e4bfe132f8f8fc337c549048b29b454995c9f268258dfe5420cec4d1861cf76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 20:40:20 GMT
Age: 1
X-Cache: HIT from cache.51cdn.com
X-Via: 1.1 wdx12:2 (Cdn Cache Server V2.0), 1.1 PS-000-01FMj78:2 (Cdn Cache Server V2.0), 1.1 zhoudxin93:9 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:13 (Cdn Cache Server V2.0)
x-cos-request-id: NjEzMjQ1YzFfOWNiN2MyMDlfMTdlYzlfMTBkZTJjZg==
x-cos-version-id: MTg0NDUxMTMzODk5NDgyNTEwMTA
Connection: keep-alive
Content-Length: 1152362
x-cos-hash-crc64ecma: 12759959830281205062
Last-Modified: Fri, 03 Sep 2021 15:42:41 GMT
Server: Tengine
ETag: "3ec154965a3170ce773f865ec8e541d5"
X-Ws-Request-Id: 616f2d34_PSdgflkfFRA1dm92_20945-57559
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=7776000
Accept-Ranges: bytes
Expires: Sun, 16 Jan 2022 03:51:31 GMT

GET
H2 200 loading.svg
pqaxfs.com/tpl/72/static/images/ Frame D6AE 503 B
708 B 259ms
257ms Image
image/svg+xml 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pqaxfs.com:35981/tpl/72/static/images/loading.svg
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5824f3b35ec70256260ed3e5593ef13f4be295465dc942da9bf76cb89efc2db3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:40 GMT
last-modified: Mon, 09 Aug 2021 11:39:25 GMT
server: nginx
etag: "1f7-5c91ed64b1540"
content-type: image/svg+xml
expires: Tue, 19 Oct 2021 21:43:40 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 503
x-proxy-cache: HIT

GET
H2 200 bl_hf.gif
www.5qmtid.com/2811/ Frame D6AE 183 KB
183 KB 473ms
473ms Image
image/gif 154.22.125.108
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5qmtid.com:13377/2811/bl_hf.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.22.125.108 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

cb144eedf9aa653881beba156ac0da2b19018bd44be91a671bd28f72ace20e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
last-modified: Sun, 26 Sep 2021 16:12:12 GMT
server: nginx
etag: "61509bdc-2da79"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 187001
expires: Thu, 18 Nov 2021 20:40:20 GMT

GET
H2 200 528-960x80.gif
x.heisicdn.xyz/s_/tyc/ Frame D6AE 791 KB
793 KB 29ms
27ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/tyc/528-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8e36980fbc7fe003b91c83ab740d2fb978d216ea141d0a9c310df45e4957be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 810317
last-modified: Sat, 18 Sep 2021 11:25:47 GMT
server: cloudflare
etag: "6145ccbb-c5d4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SuxqyhulMsq3%2BENcGLRndg2HmZatHIKJ7K8ROhNAiqhj789DXXdmvLUzJSkLrmrDKMsPnfGGQhoIuX52ZTBdpd6GYLHgDAumf7vBg%2B52VniIiYK3b8YR49etafuABb%2FUw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2284df94132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H2 200 338-960x80.gif
x.heisicdn.xyz/s_/xpj/ Frame D6AE 411 KB
412 KB 34ms
33ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/xpj/338-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76c2e6d22129a7a7c05ab8bfe8d2fa15b9ff070fb962288d801bc90506c384ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 421137
last-modified: Sat, 18 Sep 2021 11:23:32 GMT
server: cloudflare
etag: "6145cc34-66d11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SunFSAVtopfxO8F8fS%2BeAM9JzIbdcafbuZQiinWSrNx4PtWTZM0zdx2j2vReu2W6my3u%2BC%2FzHd96xpLbFlnv%2B4du2trjyBUReqXpq1dY5J9yK0UmcnMAg5PGgsZ6IOLKsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2284dfa4132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H2 200 bl_hf1.gif
www.5qmtid.com/2811/ Frame D6AE 240 KB
241 KB 473ms
473ms Image
image/gif 154.22.125.108
HKMTC-AS-AP HONG ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.5qmtid.com:13377/2811/bl_hf1.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.22.125.108 , United States, ASN139646 (HKMTC-AS-AP HONG KONG Megalayer Technology Co.,Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

564f6af47e4a585e3a9f17b1f91c0fbcb9794cc87fec64e2f3445994660b4ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
last-modified: Sun, 26 Sep 2021 16:12:13 GMT
server: nginx
etag: "61509bdd-3c1c4"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 246212
expires: Thu, 18 Nov 2021 20:40:20 GMT

GET
H2 200 675-960x80.gif
x.heisicdn.xyz/s_/vns/ Frame D6AE 607 KB
608 KB 39ms
38ms Image
image/gif 172.67.208.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.heisicdn.xyz/s_/vns/675-960x80.gif

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.87 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

210ec7fcd537b49a446476c27b1ac6127ba7727abe2cfa1b5e1396bf2215b2fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:40:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1059151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 621279
last-modified: Sat, 18 Sep 2021 11:29:48 GMT
server: cloudflare
etag: "6145cdac-97adf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPebPicPNUejIUFEWX4Nx%2FMcLgnhcm3X8HLvS46u8e6jceta0wmv85Amr%2BMk68WV%2Be%2Bq4cjdOHZWobv0SLzzFSD9ufOWMMwgzGYmcPGIc4qPu12lpAjI08laf1%2FGdrX%2FIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6a0cd2285e044132-PRG
expires: Sat, 06 Nov 2021 14:27:43 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame D6AE 36 KB
13 KB 296ms
295ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?f4cac1adea4aea6e0c31f57155a62c7b

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

3eda8d478aaa75f3b94a11fe6add248d04f92bc65c063c380d806af29faa1409

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 19 Oct 2021 20:40:21 GMT
Content-Encoding: gzip
Server: apache
Etag: b715a28cd0b006bf6a71779b282fb35c
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 13009

GET
H2 200 voltaire.woff
pqaxfs.com/tpl/73/static/fonts/ Frame D6AE 12 KB
12 KB 260ms
259ms Font
application/font-woff 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/tpl/73/static/fonts/voltaire.woff
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/tpl/73/static/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 60103feb887fb33c9039f446339a21c8f3fb839ea050de3d4c12066f81151707

Request headers

Referer: https://pqaxfs.com:35981/tpl/73/static/css/style.css
Origin: https://pqaxfs.com:35981
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:40 GMT
last-modified: Mon, 09 Aug 2021 12:15:46 GMT
server: nginx
etag: "2ff0-5c91f584a8080"
content-type: application/font-woff
expires: Tue, 19 Oct 2021 21:43:40 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 12272
x-proxy-cache: HIT

GET
H2 200 iconfont.woff2
pqaxfs.com/tpl/73/static/fonts/ Frame D6AE 2 KB
2 KB 382ms
381ms Font
application/octet-stream 104.233.174.137
PEGTECHINC

General

Check archive.org

Show headers Download Go to

Full URL: https://pqaxfs.com:35981/tpl/73/static/fonts/iconfont.woff2?t=1627070171505
Requested by: Host: pqaxfs.com
URL: https://pqaxfs.com:35981/tpl/73/static/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.233.174.137 San Jose, United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c8bebdb58fc2d263e8413b39175e76cca82311c4b9a2303e7f9d9c76443a701

Request headers

Referer: https://pqaxfs.com:35981/tpl/73/static/css/style.css
Origin: https://pqaxfs.com:35981
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 20:43:40 GMT
last-modified: Mon, 09 Aug 2021 11:45:13 GMT
server: nginx
etag: "93c-5c91eeb092440"
cache-control: max-age=3600
x-proxy-cache: HIT
accept-ranges: bytes
content-length: 2364
expires: Tue, 19 Oct 2021 21:43:40 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame FC2D 43 B
299 B 291ms
290ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2022241195&si=f4cac1adea4aea6e0c31f57155a62c7b&su=http%3A%2F%2Fwww.noickjr.com%2F&v=1.2.87&lv=1&sn=36516&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fpqaxfs.com%3A35981%2F&tt=%E9%BB%91%E4%B8%9DSE%E7%9F%AD%E8%A7%86%E9%A2%91%2C%E9%BB%91%E4%B8%9DSE%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%2C%E9%BB%91%E4%B8%9DSE%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Oct 2021 20:40:21 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame D6AE 43 B
299 B 291ms
291ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&lt=1634676021&rnd=1352897492&si=f4cac1adea4aea6e0c31f57155a62c7b&su=http%3A%2F%2Fwww.noickjr.com%2F&v=1.2.87&lv=2&sn=36516&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fpqaxfs.com%3A35981%2F&tt=%E9%BB%91%E4%B8%9DSE%E7%9F%AD%E8%A7%86%E9%A2%91%2C%E9%BB%91%E4%B8%9DSE%E8%A7%86%E9%A2%91%E5%88%86%E4%BA%AB%2C%E9%BB%91%E4%B8%9DSE%E5%85%8D%E8%B4%B9%E8%A7%86%E9%A2%91

Requested by

Host: pqaxfs.com
URL: https://pqaxfs.com:35981/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pqaxfs.com:35981/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Oct 2021 20:40:21 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.noickjr.com/	1969-12-31 23:59:59	Name: __tins__21156481 Value: %7B%22sid%22%3A%201634676018966%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201634677818966%7D
www.noickjr.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
www.noickjr.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 1
www.noickjr.com/	1970-01-19 22:04:36	Name: Cookies_KL Value: 1
.www.noickjr.com/	1970-01-20 06:50:12	Name: Hm_lvt_87efa7579eb12bcdbe7b05a8f9ea2f51 Value: 1634676020
.www.noickjr.com/	1969-12-31 23:59:59	Name: Hm_lpvt_87efa7579eb12bcdbe7b05a8f9ea2f51 Value: 1634676020
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 3F92FC1D33ADF357
.www.noickjr.com/	1970-01-20 06:50:12	Name: Hm_lvt_749a867ae77418caf4ad7751cc318a62 Value: 1634676020
.www.noickjr.com/	1969-12-31 23:59:59	Name: Hm_lpvt_749a867ae77418caf4ad7751cc318a62 Value: 1634676020

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.noickjr.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21156481.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.noickjr.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21156481.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3332202.com
3337822.com
agymkc.com
cdn.staticfile.org
hm.baidu.com
ia.51.la
image.bitautoimg.com
js.users.51.la
kvemm.com
kveww.com
noickjr.com
pqaxfs.com
www.5qmtid.com
www.noickjr.com
x.heisicdn.xyz
x.kuguacdn.xyz
103.235.46.191
104.21.233.126
104.21.38.60
104.233.174.137
104.238.183.216
115.91.26.45
120.52.95.243
144.76.98.12
154.22.125.108
163.171.128.148
172.67.208.87
183.131.207.66
45.201.250.49
45.61.212.50
47.246.43.225
03459a098d10a75c3ccb7db9a839cd0ce709ef95070ba2843eede2cbf1ae4bde
0dd64eb0c61d163b82ee54e18d5bd2e785f8f13144ea107dce354b46de5f69a2
13e44a0303385bcb965f6904167f0a775dcd5702ac5533f81aed8d31dda8e802
210ec7fcd537b49a446476c27b1ac6127ba7727abe2cfa1b5e1396bf2215b2fb
347a820ac8653964b25ba1f3aa9b52cf38d143530d209c3af9ef300877fa1c87
3a2458fa4654ec538e24de9aa84c5ef221e6643c37498fb2b1e206225452f1d9
3eda8d478aaa75f3b94a11fe6add248d04f92bc65c063c380d806af29faa1409
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
4df05a5d55354d23a4a1dd3ed76c77a911b2b193289f2af5b2c99132ad78af66
51253ef28e4bfe88aa9a218d303dca24ca1e3b56348ea57e21a562753e797282
52ab5589d5e5b8fcde3c3fdd567dac3c05d0afa149eae8fc05f07a9d96e36efa
564f6af47e4a585e3a9f17b1f91c0fbcb9794cc87fec64e2f3445994660b4ef6
5824f3b35ec70256260ed3e5593ef13f4be295465dc942da9bf76cb89efc2db3
5f176ae04c50e357707383a3893d4a8c972213ac3834a7c8e09d384fed320932
60103feb887fb33c9039f446339a21c8f3fb839ea050de3d4c12066f81151707
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6cba518ce5224fa9ee65ae21958af785ab76c339dba2793f9017a806c904cf6f
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
76c2e6d22129a7a7c05ab8bfe8d2fa15b9ff070fb962288d801bc90506c384ce
892ff6298dd3561149418c96e9526cd9b3cc940b9a3f276c8ace5d57261f6834
8c8bebdb58fc2d263e8413b39175e76cca82311c4b9a2303e7f9d9c76443a701
8e4bfe132f8f8fc337c549048b29b454995c9f268258dfe5420cec4d1861cf76
95f99fb90dfbdb504cda9d6bedd11b8ce86e56a8fbd6103ce3f4178d55c9a64b
9afb0b63a15345a1144c2d7dd04e3fe9b608853a3ca699887cb45904900c9c10
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a9a9218a6617f9ae64553a922384ae9b09dd7817fdd18b5be22c674fb9836e6b
aaa64706620be9f7007ba35f2680842a90f9584dba43235d5bbe1bb7aa2f60bf
ad068ffb21505dc9e56a6bf0b774b6d590ebe42ac21e2a3821e6fa7e1a786e70
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
b2612f12b031b9160eb5006f51802eb3876cbf80b4e34059bda0a6a689a70d26
b6cedcfcb72c1b9a9fa85190d939dce650df9c47255ac2990848f741cb26ae29
b8e36980fbc7fe003b91c83ab740d2fb978d216ea141d0a9c310df45e4957be6
cb144eedf9aa653881beba156ac0da2b19018bd44be91a671bd28f72ace20e9e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
ddfce5434e1dbec22c71b883a5ac642908cc077fc85769fe2296a8d8823c8e7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69ffc8492116d7134da168e20a0c4a30205326ddb861297c201c1d0ffe84d67
f6b5cd0891c73ee5dd39846fea6ea7cbfa25817914e19055d293ba6c0f4cb7fc

www.noickjr.com Open in urlscan Pro 45.201.250.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

96 %HTTPS

0 %IPv6

14 Domains

16 Subdomains

14 IPs

6 Countries

29613 kBTransfer

30347 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.noickjr.com Open in urlscan Pro
45.201.250.49 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

96 %
HTTPS

0 %
IPv6

14
Domains

16
Subdomains

14
IPs

6
Countries

29613 kB
Transfer

30347 kB
Size

9
Cookies

95 HTTP transactions
0 data transactions