urlscan.io logo urlscan.io
SecurityTrails logo

www.ercoyintu.com Open in urlscan Pro
172.252.172.140  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqn...
Effective URL: http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqn...
Submission Tags: falconsandbox
Submission: On August 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 13 domains to perform 66 HTTP transactions. The main IP is 172.252.172.140, located in United States and belongs to EGIHOSTING, US. The main domain is www.ercoyintu.com.
This is the only time www.ercoyintu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 172.252.172.140 18779 (EGIHOSTING)
1 12 23.225.35.220 40065 (CNSERVERS)
4 103.235.46.191 55967 (BAIDU Bei...)
18 2606:4700:10:... ()
3 2606:4700:303... ()
1 2a06:98c1:312... ()
66 7
4    172.252.172.140 (United States)

ASN18779 (EGIHOSTING, US)
ercoyintu.com
www.ercoyintu.com
12    23.225.35.220 (United States)

ASN40065 (CNSERVERS, US)
bmw7277.top
2.ygy52.top
4    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
18    2606:4700:10::6816:1d9d (None, )

ASN- ()
ddcdn.pic-726-baidu.com
3    2606:4700:3038::6815:ebae (None, )

ASN- ()
mei.netlbtu.com
1    2a06:98c1:3120::3 (None, )

ASN- ()
cdn.promotesearchs.com
Domain Requested by
18 ddcdn.pic-726-baidu.com 2.ygy52.top
11 2.ygy52.top www.ercoyintu.com
2.ygy52.top
4 hm.baidu.com www.ercoyintu.com
2.ygy52.top
3 mei.netlbtu.com 2.ygy52.top
3 www.ercoyintu.com www.ercoyintu.com
1 cdn.promotesearchs.com 2.ygy52.top
1 bmw7277.top 1 redirects
1 ercoyintu.com 1 redirects
0 jeniferace.com Failed www.ercoyintu.com
0 1661833341823.kaichenglift.com Failed www.ercoyintu.com
0 kg.vnvmif.cn Failed www.ercoyintu.com
0 yiliandh171.xyz Failed 2.ygy52.top
0 fadacaitp.com Failed 2.ygy52.top
0 ddcdn.comtucdncom.com Failed 2.ygy52.top
66 14

This site contains no links.

Subject Issuer Validity Valid
bmw727.com
R3		 2022-08-18 -
2022-11-16		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2022-07-05 -
2023-08-06		 a year crt.sh
*.pic-726-baidu.com
E1		 2022-08-03 -
2022-11-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-09 -
2023-04-09		 a year crt.sh
*.promotesearchs.com
E1		 2022-07-22 -
2022-10-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D
Frame ID: 20F8D8F9EEC80659B7669E5BFDA7BB17
Requests: 7 HTTP requests in this frame

Frame: https://2.ygy52.top/
Frame ID: 4A87E0A81FE45BC0C23F300DA16E084B
Requests: 60 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

仙桃秘驴装修公司国模吧,韩国三级伦在线观看久,欧美成人片一区二区三区,放荡人妻全记录1一19仙桃秘驴装修公司

Page URL History Show full URLs

  1. http://ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxr... HTTP 301
    http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

56 %
HTTPS

50 %
IPv6

13
Domains

14
Subdomains

7
IPs

2
Countries

2341 kB
Transfer

4350 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D HTTP 301
    http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://bmw7277.top/ HTTP 301
  • https://2.ygy52.top/

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request crzyline
www.ercoyintu.com/rnd/
Redirect Chain
  • http://ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpI...
  • http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF...
2 KB
727 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D
Protocol
HTTP/1.1
Server
172.252.172.140 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
37c1bbc3dc6775ce74ff1f60ae8f1ad035179364325a857421dc4242537e80af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 30 Aug 2022 04:22:21 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Tue, 30 Aug 2022 04:22:20 GMT
Location
http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D
Server
nginx
common.js
www.ercoyintu.com/ 		1 KB
870 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ercoyintu.com/common.js
Requested by
Host: www.ercoyintu.com
URL: http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D
Protocol
HTTP/1.1
Server
172.252.172.140 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
649de7036396083ee5a494477b406cd4679d76a421b02e3beed9ddb88935c705

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:21 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/x-javascript
tj.js
www.ercoyintu.com/ 		522 B
678 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.ercoyintu.com/tj.js
Requested by
Host: www.ercoyintu.com
URL: http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D
Protocol
HTTP/1.1
Server
172.252.172.140 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
492793058246dc0c4236d5c081d2b54afc7bb83ae6a4e96f1337036efccf0da6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:21 GMT
Server
nginx
Connection
keep-alive
Content-Length
522
Content-Type
application/x-javascript
/
2.ygy52.top/ Frame 4A87
Redirect Chain
  • https://bmw7277.top/
  • https://2.ygy52.top/
46 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2.ygy52.top/
Requested by
Host: www.ercoyintu.com
URL: http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.225.35.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / PHP/7.0.33 ASP.NET
Resource Hash
ae555247cf0c84db47307bb0a1bff34c38a58747d4aaa155d7029bd4ce7551c5

Request headers

Referer
http://www.ercoyintu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Content-Length
16085
Content-Type
text/html; charset=utf-8
Date
Tue, 30 Aug 2022 04:22:17 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.33 ASP.NET

Redirect headers

Content-Length
143
Content-Type
text/html; charset=UTF-8
Date
Tue, 30 Aug 2022 04:22:14 GMT
Location
https://2.ygy52.top/
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?cce3c0f54304572091a0414a5f6ae675
Requested by
Host: www.ercoyintu.com
URL: http://www.ercoyintu.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
5cf17384ea6bec909e47549787f62ababdd38f4866e16e630d3ac004a5b0ac31
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ercoyintu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:17 GMT
Content-Encoding
gzip
Server
apache
Etag
06c5e681fa5beac086c42ef5e0ce59c3
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11342
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?684ee816239dde294c62b31bcfa687af
Requested by
Host: www.ercoyintu.com
URL: http://www.ercoyintu.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
ebc07b41e4be47de15ddef1adec86658ab409a8f896c666ca952785417afc1fb
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ercoyintu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:17 GMT
Content-Encoding
gzip
Server
apache
Etag
86c7882739bd2765993537fba3ab0ed1
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11342
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1752234958&si=cce3c0f54304572091a0414a5f6ae675&v=1.2.97&lv=1&sn=62343&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.ercoyintu.com%2Frnd%2Fcrzyline%3Fcm%3D14202%26fb_did%26ssp_info%3Dd%252Fi5tPIy9VrPTQwGe%252B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%252FA5IN5tTKa%252B4wGQ9AyLMBLZUtsV9YKMovS2HI%252FSemYT9GnOiEFYxVbHO74uR%252FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%253D%26vpoh%3D%252B%252FpC9YEWTA6wbGbCMwET5g%253D%253D&tt=%E4%BB%99%E6%A1%83%E7%A7%98%E9%A9%B4%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
Requested by
Host: www.ercoyintu.com
URL: http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ercoyintu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Aug 2022 04:22:18 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1883437060&si=684ee816239dde294c62b31bcfa687af&v=1.2.97&lv=1&sn=62343&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.ercoyintu.com%2Frnd%2Fcrzyline%3Fcm%3D14202%26fb_did%26ssp_info%3Dd%252Fi5tPIy9VrPTQwGe%252B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%252FA5IN5tTKa%252B4wGQ9AyLMBLZUtsV9YKMovS2HI%252FSemYT9GnOiEFYxVbHO74uR%252FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%253D%26vpoh%3D%252B%252FpC9YEWTA6wbGbCMwET5g%253D%253D&tt=%E4%BB%99%E6%A1%83%E7%A7%98%E9%A9%B4%E8%A3%85%E4%BF%AE%E5%85%AC%E5%8F%B8
Requested by
Host: www.ercoyintu.com
URL: http://www.ercoyintu.com/rnd/crzyline?cm=14202&fb_did&ssp_info=d%2Fi5tPIy9VrPTQwGe%2B0TiGtpknZX7iFxxrltai1Qz03freGsj0Wsqnu%2FA5IN5tTKa%2B4wGQ9AyLMBLZUtsV9YKMovS2HI%2FSemYT9GnOiEFYxVbHO74uR%2FrhsLmF2VpId1yoKW0JKQSieoWhEDUMivk6bOjM5e9h0fYPzjHyBNnPk%3D&vpoh=%2B%2FpC9YEWTA6wbGbCMwET5g%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.ercoyintu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Aug 2022 04:22:18 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
jquery.min.js
2.ygy52.top/template/m1938pc/static/js/ Frame 4A87 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2.ygy52.top/template/m1938pc/static/js/jquery.min.js
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.225.35.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 11:04:58 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"029f209f57d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
33835
swiper.min.js
2.ygy52.top/template/m1938pc/static/js/ Frame 4A87 		94 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2.ygy52.top/template/m1938pc/static/js/swiper.min.js
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.225.35.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 11:04:59 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"80bfa7209f57d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
23554
bootstrap.min.js
2.ygy52.top/template/m1938pc/static/js/ Frame 4A87 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2.ygy52.top/template/m1938pc/static/js/bootstrap.min.js
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.225.35.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 11:05:03 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"8019a239f57d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
10939
jquery.lazyload.min.js
2.ygy52.top/template/m1938pc/static/js/ Frame 4A87 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2.ygy52.top/template/m1938pc/static/js/jquery.lazyload.min.js
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.225.35.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 11:05:02 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"08371229f57d71:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
1298
style.css
2.ygy52.top/template/m1938pc/static/css/ Frame 4A87 		34 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2.ygy52.top/template/m1938pc/static/css/style.css
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.225.35.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
524b95237ff243a0f3e3fc956644c474532d969c9dbded95d311b8222fab732b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:18 GMT
Content-Encoding
gzip
Last-Modified
Thu, 21 Apr 2022 11:11:38 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"091e7917055d81:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
10338
960.js
2.ygy52.top/template/m1938pc/ads/ Frame 4A87 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://2.ygy52.top/template/m1938pc/ads/960.js
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.225.35.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
9aff0e50756624800c983259d0ff3bdb70176f503f568b5e0a3c414a99cb6acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 10:11:29 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"a9dcaab48fbbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
750
dh.js
2.ygy52.top/template/m1938pc/ads/ Frame 4A87 		2 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2.ygy52.top/template/m1938pc/ads/dh.js
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.225.35.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f742cc84368ecd1ff556548ac43c5c227795904d0b647b7b25239f7faf2a8421

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Aug 2022 10:42:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"1279dad1bad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
614
dh2.js
2.ygy52.top/template/m1938pc/ads/ Frame 4A87 		3 KB
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2.ygy52.top/template/m1938pc/ads/dh2.js
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.225.35.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
55530f839e6520b770e42a644d93cf5413c9775c7db0071fae3222a1afb4b81f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Aug 2022 10:41:09 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"80509c841bad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
348
961.js
2.ygy52.top/template/m1938pc/ads/ Frame 4A87 		2 KB
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2.ygy52.top/template/m1938pc/ads/961.js
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.225.35.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d4e07521dc8ab6dd07a9de3c77ba732b917ebe2387c0d12d15a6aa2b54f78808

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Aug 2022 10:41:43 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"1c3f62991bad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
548
wuma7906.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/wuma7906.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
240dc334648f3e56838290a3db8f8669110e37dd393ff5a94f1d9d202b03b681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
812917
cf-polished
qual=85, origFmt=jpeg, origSize=75094
content-disposition
inline; filename="wuma7906.webp"
content-length
58054
last-modified
Fri, 19 Aug 2022 13:46:13 GMT
server
cloudflare
etag
"62ff9425-12556"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 19 Sep 2022 18:33:44 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeafeba95b9e-FRA
cf-bgj
imgq:85,h2pri
wuma7907.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/wuma7907.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4209e708a997ee4519a64dd3431636cff27e77ff0b06bd708a3659b89191ccc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
812917
cf-polished
qual=85, origFmt=jpeg, origSize=91341
content-disposition
inline; filename="wuma7907.webp"
content-length
74552
last-modified
Fri, 19 Aug 2022 13:46:13 GMT
server
cloudflare
etag
"62ff9425-164cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 19 Sep 2022 18:33:44 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb00bc85b9e-FRA
cf-bgj
imgq:85,h2pri
youma25362.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/youma25362.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
1b97bf609cd453ea11e27b0124b3126de37f51f2acad760aa1af60e640654e62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
812917
cf-polished
qual=85, origFmt=jpeg, origSize=91677
content-disposition
inline; filename="youma25362.webp"
content-length
58788
last-modified
Fri, 19 Aug 2022 13:46:14 GMT
server
cloudflare
etag
"62ff9426-1661d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 19 Sep 2022 18:33:44 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb03be35b9e-FRA
cf-bgj
imgq:85,h2pri
youma25365.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/youma25365.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
789d43e6edc3fcb77b6c5d7009a8efb651ef9552261dbf4b2a04e13dbd082c3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
812917
cf-polished
qual=85, origFmt=jpeg, origSize=202524
content-disposition
inline; filename="youma25365.webp"
content-length
148558
last-modified
Fri, 19 Aug 2022 13:46:14 GMT
server
cloudflare
etag
"62ff9426-3171c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 19 Sep 2022 18:33:44 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb04bf85b9e-FRA
cf-bgj
imgq:85,h2pri
youma25366.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		163 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/youma25366.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8c0a70695bd87b91739f31c0fc189923bff682cfa76bdeb2b54d0acb42d6f7cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
812918
cf-polished
qual=85, origFmt=jpeg, origSize=221869
content-disposition
inline; filename="youma25366.webp"
content-length
166466
last-modified
Fri, 19 Aug 2022 13:46:14 GMT
server
cloudflare
etag
"62ff9426-362ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 19 Sep 2022 18:33:43 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb06c0e5b9e-FRA
cf-bgj
imgq:85,h2pri
zwzm24700.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		145 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/zwzm24700.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8113cb648df80c3e36839023542ffa354ef43e4b085ffc9a1a01cf9048c2c2d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
458419
cf-polished
qual=85, origFmt=jpeg, origSize=198948
content-disposition
inline; filename="zwzm24700.webp"
content-length
148164
last-modified
Fri, 19 Aug 2022 13:46:14 GMT
server
cloudflare
etag
"62ff9426-30924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 23 Sep 2022 21:02:02 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb09c2b5b9e-FRA
cf-bgj
imgq:85,h2pri
zwzm24702.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		122 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/zwzm24702.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7b5a21e638b25175b729794acb02fa779c3e7d6194389a7d89954c1274f08d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
812918
cf-polished
qual=85, origFmt=jpeg, origSize=174203
content-disposition
inline; filename="zwzm24702.webp"
content-length
125242
last-modified
Fri, 19 Aug 2022 13:46:14 GMT
server
cloudflare
etag
"62ff9426-2a87b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 19 Sep 2022 18:33:43 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb0bc3b5b9e-FRA
cf-bgj
imgq:85,h2pri
zwzm24708.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/zwzm24708.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8ca6db3df13a39ed6a0e04f7f3f2c9bbedd142803ad506769788b5bd9a353775

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
462252
cf-polished
qual=85, origFmt=jpeg, origSize=180797
content-disposition
inline; filename="zwzm24708.webp"
content-length
134536
last-modified
Fri, 19 Aug 2022 13:46:07 GMT
server
cloudflare
etag
"62ff941f-2c23d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 23 Sep 2022 19:58:09 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb0dc535b9e-FRA
cf-bgj
imgq:85,h2pri
zwzm24709.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/zwzm24709.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
330b0ade33471ae6b3b20e4f9e0fe35fc9e7cce8b62a2c2c31d4e669f15a6f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
812919
cf-polished
qual=85, origFmt=jpeg, origSize=169874
content-disposition
inline; filename="zwzm24709.webp"
content-length
123398
last-modified
Fri, 19 Aug 2022 13:46:07 GMT
server
cloudflare
etag
"62ff941f-29792"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 19 Sep 2022 18:33:42 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb0fc6b5b9e-FRA
cf-bgj
imgq:85,h2pri
zwzm24710.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/zwzm24710.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c526dd36125162a0aa6ac7d33d6ea2ee21d675a002fe460569358c0a82150e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
812918
cf-polished
qual=85, origFmt=jpeg, origSize=173380
content-disposition
inline; filename="zwzm24710.webp"
content-length
123880
last-modified
Fri, 19 Aug 2022 13:46:07 GMT
server
cloudflare
etag
"62ff941f-2a544"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Mon, 19 Sep 2022 18:33:43 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb11c795b9e-FRA
cf-bgj
imgq:85,h2pri
wuma7900.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/wuma7900.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
042e2230988ac6d1d4a155c27a281e2b2c7598cf409baaca0848658b573e29e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
727112
cf-polished
qual=85, origFmt=jpeg, origSize=122872
content-disposition
inline; filename="wuma7900.webp"
content-length
92212
last-modified
Fri, 19 Aug 2022 13:46:12 GMT
server
cloudflare
etag
"62ff9424-1dff8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 20 Sep 2022 18:23:49 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb13ca25b9e-FRA
cf-bgj
imgq:85,h2pri
wuma7901.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/wuma7901.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c06b032a88dee3be39302cc0a8bb145c87fd021f39c35347f04809da6bcfd440

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
727112
cf-polished
qual=85, origFmt=jpeg, origSize=107779
content-disposition
inline; filename="wuma7901.webp"
content-length
76918
last-modified
Fri, 19 Aug 2022 13:46:13 GMT
server
cloudflare
etag
"62ff9425-1a503"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 20 Sep 2022 18:23:49 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb16cdb5b9e-FRA
cf-bgj
imgq:85,h2pri
wuma7902.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/wuma7902.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
12c14131c6c3ee87b54eb8d102c38e9d1c9c4d92f88fa349fb212eeeb31f0260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
460259
cf-polished
qual=85, origFmt=jpeg, origSize=109708
content-disposition
inline; filename="wuma7902.webp"
content-length
79238
last-modified
Fri, 19 Aug 2022 13:46:13 GMT
server
cloudflare
etag
"62ff9425-1ac8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Fri, 23 Sep 2022 20:31:22 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb19cf55b9e-FRA
cf-bgj
imgq:85,h2pri
wuma7905.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/wuma7905.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6bf89250b1c4e4baf39403b24c9b13a19cee6f786a7868c3d116194fe48ceeb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
727526
cf-polished
qual=85, origFmt=jpeg, origSize=69361
content-disposition
inline; filename="wuma7905.webp"
content-length
52992
last-modified
Fri, 19 Aug 2022 13:46:13 GMT
server
cloudflare
etag
"62ff9425-10ef1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 20 Sep 2022 18:16:55 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb1ad005b9e-FRA
cf-bgj
imgq:85,h2pri
wuma7894.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/wuma7894.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3104ed292f98f77eb50cffa28acd1afaf4667242934ed370fb715f9d89029bb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
723905
cf-polished
qual=85, origFmt=jpeg, origSize=75772
content-disposition
inline; filename="wuma7894.webp"
content-length
59246
last-modified
Fri, 19 Aug 2022 13:46:12 GMT
server
cloudflare
etag
"62ff9424-127fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 20 Sep 2022 19:17:16 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb1ad025b9e-FRA
cf-bgj
imgq:85,h2pri
wuma7897.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/wuma7897.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3483c1087a0c62e381a00d69757b49a73222fc93fe6112cbf495a3c8ab6e2140

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
723874
cf-polished
qual=85, origFmt=jpeg, origSize=91949
content-disposition
inline; filename="wuma7897.webp"
content-length
58682
last-modified
Fri, 19 Aug 2022 13:46:12 GMT
server
cloudflare
etag
"62ff9424-1672d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 20 Sep 2022 19:17:47 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb1ad035b9e-FRA
cf-bgj
imgq:85,h2pri
wuma7899.jpg
ddcdn.pic-726-baidu.com/images/2022/08/19/ Frame 4A87 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/images/2022/08/19/wuma7899.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
40738589c9bb917c727f0da2e8db4750ad5d519e80f5e32a41288c4085e057e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
727112
cf-polished
qual=85, origFmt=jpeg, origSize=97438
content-disposition
inline; filename="wuma7899.webp"
content-length
64408
last-modified
Fri, 19 Aug 2022 13:46:12 GMT
server
cloudflare
etag
"62ff9424-17c9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 20 Sep 2022 18:23:49 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb1ad045b9e-FRA
cf-bgj
imgq:85,h2pri
15550281365.jpg
ddcdn.pic-726-baidu.com/upload/vod/2019-04-12/ Frame 4A87 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ddcdn.pic-726-baidu.com/upload/vod/2019-04-12/15550281365.jpg
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1d9d -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d072fc80133a904eb01675f077a1f9c00c39402a9f1ad95ed3f7ab39540929f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
age
534324
cf-polished
qual=85, origFmt=jpeg, origSize=10702
content-disposition
inline; filename="15550281365.webp"
content-length
9650
last-modified
Fri, 12 Apr 2019 00:15:36 GMT
server
cloudflare
etag
"5cafd8a8-29ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Thu, 22 Sep 2022 23:56:57 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb1ad075b9e-FRA
cf-bgj
imgq:85,h2pri
962.js
2.ygy52.top/template/m1938pc/ads/ Frame 4A87 		2 KB
849 B 		Script
General
Check archive.org
Download Go to
Full URL
https://2.ygy52.top/template/m1938pc/ads/962.js
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
23.225.35.220 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
03108448135d1609c6333a2ab677a056d865a6f2b07ec5ff112f952d5fd16ca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date
Tue, 30 Aug 2022 04:22:19 GMT
Content-Encoding
gzip
Last-Modified
Sat, 27 Aug 2022 10:41:58 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"211f0a11bad81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
544
15829961381.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-01/ Frame 4A87 		0
0
158299619111.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-01/ Frame 4A87 		0
0
15829961758.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-01/ Frame 4A87 		0
0
15829977957.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-01/ Frame 4A87 		0
0
15836210892.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-08/ Frame 4A87 		0
0
15836211045.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-08/ Frame 4A87 		0
0
158362110612.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-08/ Frame 4A87 		0
0
15836211058.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-08/ Frame 4A87 		0
0
158362110615.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-08/ Frame 4A87 		0
0
158371095510.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-09/ Frame 4A87 		0
0
15075575.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame 4A87 		0
0
15052852.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame 4A87 		412 KB
413 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mei.netlbtu.com/upload/art/gif/gfdt/15052852.gif
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
de4b9eaeac52ed270c76a2fc6a5f29b8a3a4035d761de4ad1083129282b718e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7134
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
421890
last-modified
Thu, 21 Nov 2019 09:24:09 GMT
server
cloudflare
etag
"33e5f6e4da0d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgNjGwpVFNC7if%2F%2F1y0ucsB4QqKB2rdwzlirq1jidrfMK1nhbO8yEvQnyO%2F0%2B18ofLLUVR4jzvp05BmRJJONrfswULo2pOI0YHPINdCb4f%2Ba5sC8PdbsXRdLsw%2FMAvsc17W7z5T91yt6dqecnmg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb1f9b20696-LHR
13585424.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame 4A87 		639 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mei.netlbtu.com/upload/art/gif/gfdt/13585424.gif
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6577
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2042690
last-modified
Thu, 21 Nov 2019 09:24:15 GMT
server
cloudflare
etag
"38ccc4714da0d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFUtFxo%2BZxVd%2BPbw3%2FDPS%2B6W7Oe692BOZsn5P%2FpMVWmCcOr2GaTZ4R0YpU1heWMOTb7Dvi0m9m31OVuRdRDGA7OU74YOt2Lhd37QHzPjUvj3mqLr%2Bp88EGdldoqpvV8l8%2B%2F8hiINW8LgxZd1sV0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb1f9b40696-LHR
12501761.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame 4A87 		1 MB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mei.netlbtu.com/upload/art/gif/gfdt/12501761.gif
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ebae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6372
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1625614
last-modified
Thu, 21 Nov 2019 09:24:21 GMT
server
cloudflare
etag
"5c175d754da0d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1zHn7%2FUVjEjUNlbuEcvHzDYk2wWhGAhSq3zI4tlhv4oUIeyxvT7FG3YGD4S5vC8AkXjbGUiE9q4LWru3DYIDcRT3%2FaDRF9VpQc6tfSTuVpuIyn%2F%2FAI3bITEm%2FTFVDVshbEo%2FA3GqCRn8i378cE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
742abeb1f9b50696-LHR
12485665.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame 4A87 		0
0
tumblr_n7j7vlj77F1tscvzso1_500.gif
mei.netlbtu.com/upload/art/gif/gfdt/ Frame 4A87 		0
0
68-960-120.gif
fadacaitp.com/ Frame 4A87 		0
0
90-960-120.gif
fadacaitp.com/ Frame 4A87 		0
0
background_960x60.gif
cdn.promotesearchs.com/promote/images/ Frame 4A87 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.promotesearchs.com/promote/images/background_960x60.gif
Requested by
Host: 2.ygy52.top
URL: https://2.ygy52.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6d7af7f225553c1be4861245b469c7fbe4ef8d46c314089e51129665f7071b9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2.ygy52.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 04:22:21 GMT
access-control-allow-methods
GET, POST, OPTIONS,PUT,DELETE,OPTION
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
642875
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
182068
last-modified
Wed, 08 Jun 2022 11:12:21 GMT
server
cloudflare
etag
"62a08415-2c734"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCINg2DSWIAcQkHi%2By7c7rrok0FwOOn5bvlW9pgqpfqHWyd5Tcy8ozsz9SQNSzWKlv7xVFueN1yKW1Y3I34ONhl7maKjhQ%2BmW%2F18GWOsEKO2y5vCVPZhvlK3KIcIVnHDHy817YRjFi4JfWr0TBez%2ByuHn1uw"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
742abeb26935bbbf-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Referer,Accept-Encoding,Accept-Language,Access-Control-Request-Headers,Access-Control-Request-Method,Connection,Host,Origin,Sec-Fetch-Mode
expires
Wed, 21 Sep 2022 17:47:46 GMT
tttt.gif
yiliandh171.xyz/tupian/ Frame 4A87 		0
0
hm.js
hm.baidu.com/ Frame 4A87 		0
0
hm.js
hm.baidu.com/ Frame 4A87 		0
0
hm.js
hm.baidu.com/ Frame 4A87 		0
0
hm.js
hm.baidu.com/ Frame 4A87 		0
0
hm.js
hm.baidu.com/ Frame 4A87 		0
0
hm.js
hm.baidu.com/ Frame 4A87 		0
0
hm.js
hm.baidu.com/ Frame 4A87 		0
0
1331
kg.vnvmif.cn/sc/ Frame 4A87 		0
0
wap_1907_2045_1661833341823
1661833341823.kaichenglift.com/ Frame 4A87 		0
0
seffw
jeniferace.com/xmwhkxug/seffw1xlo0tdwvma8vgzj/1399/ Frame 4A87 		0
0
truncated
/ Frame 4A87 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e

Request headers

Referer
Origin
https://2.ygy52.top
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ddcdn.comtucdncom.com
URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-01/15829961381.jpg
Domain
ddcdn.comtucdncom.com
URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-01/158299619111.jpg
Domain
ddcdn.comtucdncom.com
URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-01/15829961758.jpg
Domain
ddcdn.comtucdncom.com
URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-01/15829977957.jpg
Domain
ddcdn.comtucdncom.com
URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-08/15836210892.jpg
Domain
ddcdn.comtucdncom.com
URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-08/15836211045.jpg
Domain
ddcdn.comtucdncom.com
URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-08/158362110612.jpg
Domain
ddcdn.comtucdncom.com
URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-08/15836211058.jpg
Domain
ddcdn.comtucdncom.com
URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-08/158362110615.jpg
Domain
ddcdn.comtucdncom.com
URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-09/158371095510.jpg
Domain
mei.netlbtu.com
URL
https://mei.netlbtu.com/upload/art/gif/gfdt/15075575.gif
Domain
mei.netlbtu.com
URL
https://mei.netlbtu.com/upload/art/gif/gfdt/12485665.gif
Domain
mei.netlbtu.com
URL
https://mei.netlbtu.com/upload/art/gif/gfdt/tumblr_n7j7vlj77F1tscvzso1_500.gif
Domain
fadacaitp.com
URL
https://fadacaitp.com/68-960-120.gif
Domain
fadacaitp.com
URL
https://fadacaitp.com/90-960-120.gif
Domain
yiliandh171.xyz
URL
https://yiliandh171.xyz/tupian/tttt.gif
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?120457abf1f2df070dc8a4e9d00a8fed
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?e8ae451718695b89b249ad647cafeb99
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?e2e2a70a99a6c43d36b831a994fe7006
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?deecbf81f3e1a323be7f7d795707e58e
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?f9b83fe3ab936d3e91e3fee34184c34b
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?d464f174e876e48a5fad45bf567b2906
Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.js?27a4232b1ca1d46cc0735bc9c573ed1d
Domain
kg.vnvmif.cn
URL
https://kg.vnvmif.cn/sc/1331?n=wipxlany
Domain
1661833341823.kaichenglift.com
URL
https://1661833341823.kaichenglift.com:4030/wap_1907_2045_1661833341823
Domain
jeniferace.com
URL
https://jeniferace.com/xmwhkxug/seffw1xlo0tdwvma8vgzj/1399/seffw

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| titlestr function| setFrame object| _hmt boolean| _bdhm_loaded_cce3c0f54304572091a0414a5f6ae675 object| mini_tangram_log_7diam2 boolean| _bdhm_loaded_684ee816239dde294c62b31bcfa687af object| mini_tangram_log_ppsj1o

5 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 2ABDF4642922E13C
.www.ercoyintu.com/ Name: Hm_lvt_cce3c0f54304572091a0414a5f6ae675
Value: 1661833338
.www.ercoyintu.com/ Name: Hm_lpvt_cce3c0f54304572091a0414a5f6ae675
Value: 1661833338
.www.ercoyintu.com/ Name: Hm_lvt_684ee816239dde294c62b31bcfa687af
Value: 1661833338
.www.ercoyintu.com/ Name: Hm_lpvt_684ee816239dde294c62b31bcfa687af
Value: 1661833338

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1661833341823.kaichenglift.com
2.ygy52.top
bmw7277.top
cdn.promotesearchs.com
ddcdn.comtucdncom.com
ddcdn.pic-726-baidu.com
ercoyintu.com
fadacaitp.com
hm.baidu.com
jeniferace.com
kg.vnvmif.cn
mei.netlbtu.com
www.ercoyintu.com
yiliandh171.xyz
1661833341823.kaichenglift.com
ddcdn.comtucdncom.com
fadacaitp.com
hm.baidu.com
jeniferace.com
kg.vnvmif.cn
mei.netlbtu.com
yiliandh171.xyz
103.235.46.191
172.252.172.140
23.225.35.220
2606:4700:10::6816:1d9d
2606:4700:3038::6815:ebae
2a06:98c1:3120::3
03108448135d1609c6333a2ab677a056d865a6f2b07ec5ff112f952d5fd16ca6
042e2230988ac6d1d4a155c27a281e2b2c7598cf409baaca0848658b573e29e6
12c14131c6c3ee87b54eb8d102c38e9d1c9c4d92f88fa349fb212eeeb31f0260
1b97bf609cd453ea11e27b0124b3126de37f51f2acad760aa1af60e640654e62
240dc334648f3e56838290a3db8f8669110e37dd393ff5a94f1d9d202b03b681
3104ed292f98f77eb50cffa28acd1afaf4667242934ed370fb715f9d89029bb6
330b0ade33471ae6b3b20e4f9e0fe35fc9e7cce8b62a2c2c31d4e669f15a6f4b
3483c1087a0c62e381a00d69757b49a73222fc93fe6112cbf495a3c8ab6e2140
37c1bbc3dc6775ce74ff1f60ae8f1ad035179364325a857421dc4242537e80af
40738589c9bb917c727f0da2e8db4750ad5d519e80f5e32a41288c4085e057e5
4209e708a997ee4519a64dd3431636cff27e77ff0b06bd708a3659b89191ccc1
492793058246dc0c4236d5c081d2b54afc7bb83ae6a4e96f1337036efccf0da6
4a10219bee747aadeeda78f166d787adf32583f361f88d44b472f6f3da798083
524b95237ff243a0f3e3fc956644c474532d969c9dbded95d311b8222fab732b
55530f839e6520b770e42a644d93cf5413c9775c7db0071fae3222a1afb4b81f
5cf17384ea6bec909e47549787f62ababdd38f4866e16e630d3ac004a5b0ac31
649de7036396083ee5a494477b406cd4679d76a421b02e3beed9ddb88935c705
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6bf89250b1c4e4baf39403b24c9b13a19cee6f786a7868c3d116194fe48ceeb7
6d7af7f225553c1be4861245b469c7fbe4ef8d46c314089e51129665f7071b9b
789d43e6edc3fcb77b6c5d7009a8efb651ef9552261dbf4b2a04e13dbd082c3f
7b5a21e638b25175b729794acb02fa779c3e7d6194389a7d89954c1274f08d6e
8113cb648df80c3e36839023542ffa354ef43e4b085ffc9a1a01cf9048c2c2d6
8c0a70695bd87b91739f31c0fc189923bff682cfa76bdeb2b54d0acb42d6f7cf
8ca6db3df13a39ed6a0e04f7f3f2c9bbedd142803ad506769788b5bd9a353775
9aff0e50756624800c983259d0ff3bdb70176f503f568b5e0a3c414a99cb6acf
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
ad79ce7e34d1a788809bb853031133de2ae45f3c19ac4955dae46c7490188c2e
ae555247cf0c84db47307bb0a1bff34c38a58747d4aaa155d7029bd4ce7551c5
c06b032a88dee3be39302cc0a8bb145c87fd021f39c35347f04809da6bcfd440
c526dd36125162a0aa6ac7d33d6ea2ee21d675a002fe460569358c0a82150e51
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d072fc80133a904eb01675f077a1f9c00c39402a9f1ad95ed3f7ab39540929f8
d4e07521dc8ab6dd07a9de3c77ba732b917ebe2387c0d12d15a6aa2b54f78808
de4b9eaeac52ed270c76a2fc6a5f29b8a3a4035d761de4ad1083129282b718e5
ebc07b41e4be47de15ddef1adec86658ab409a8f896c666ca952785417afc1fb
f42a279f4552574aba15f36748a6bc636bc50e34db969a9b361f9f1ed455615e
f742cc84368ecd1ff556548ac43c5c227795904d0b647b7b25239f7faf2a8421