Submitted URL: http://saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOt...
Effective URL: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOt...
Submission Tags: falconsandbox
Submission: On May 26 via api from US — Scanned from DE

Summary

This website contacted 11 IPs in 2 countries across 21 domains to perform 67 HTTP transactions. The main IP is 172.252.172.138, located in United States and belongs to EGIHOSTING, US. The main domain is www.saztirulo.com.
This is the only time www.saztirulo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 172.252.172.138 18779 (EGIHOSTING)
12 144.168.64.158 22552 (ESITED)
8 103.235.46.191 55967 (BAIDU Bei...)
28 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 163.181.62.251 ()
1 103.170.15.94 ()
2 47.243.183.17 ()
1 154.23.245.118 ()
1 211.152.136.42 ()
67 11
Apex Domain
Subdomains
Transfer
28 comtucdncom.com
ddcdn.comtucdncom.com — Cisco Umbrella Rank: 267866
2 MB
8 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8357
46 KB
5 bmw727.top
bmw727.top
3 KB
5 njy13.top
1.njy13.top
35 KB
4 saztirulo.com
saztirulo.com
www.saztirulo.com
3 KB
2 marjorienice.com
marjorienice.com
1 KB
1 yznwyng.cn
mg.yznwyng.cn
11 KB
1 dspxxy.com
1653523295790.dspxxy.com
6 KB
1 pvhgws7.com
pvhgws7.com
141 KB
1 alicdn.com
cbu01.alicdn.com
97 KB
1 ns-zhy.com
g.ns-zhy.com
603 B
1 njy12.top
1.njy12.top
1 bmw786.com
bmw786.com
906 B
0 njy14.top Failed
2.njy14.top Failed
0 njy11.top Failed
1.njy11.top Failed
0 njy10.top Failed
1.njy10.top Failed
0 njy09.top Failed
1.njy09.top Failed
0 njy08.top Failed
1.njy08.top Failed
0 bba08.top Failed
1.bba08.top Failed
0 bba07.top Failed
1.bba07.top Failed
0 bba06.top Failed
1.bba06.top Failed
67 21
Domain Requested by
28 ddcdn.comtucdncom.com 1.njy13.top
8 hm.baidu.com www.saztirulo.com
1.njy13.top
5 bmw727.top 1.njy13.top
5 1.njy13.top bmw786.com
1.njy13.top
3 www.saztirulo.com www.saztirulo.com
2 marjorienice.com www.saztirulo.com
1 mg.yznwyng.cn www.saztirulo.com
1 1653523295790.dspxxy.com www.saztirulo.com
1 pvhgws7.com 1.njy13.top
1 cbu01.alicdn.com 1.njy13.top
1 g.ns-zhy.com 1.njy13.top
1 1.njy12.top bmw786.com
1 bmw786.com www.saztirulo.com
1 saztirulo.com 1 redirects
0 2.njy14.top Failed bmw786.com
0 1.njy11.top Failed bmw786.com
0 1.njy10.top Failed bmw786.com
0 1.njy09.top Failed bmw786.com
0 1.njy08.top Failed bmw786.com
0 1.bba08.top Failed bmw786.com
0 1.bba07.top Failed bmw786.com
0 1.bba06.top Failed bmw786.com
67 22

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-02-21 -
2022-08-02
5 months crt.sh
*.comtucdncom.com
E1
2022-05-03 -
2022-08-01
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-03-05 -
2023-03-04
a year crt.sh
*.alicdn.com
GlobalSign Organization Validation CA - SHA256 - G2
2021-07-03 -
2022-08-04
a year crt.sh
pvhgws7.com
Sectigo RSA Domain Validation Secure Server CA
2022-03-23 -
2023-03-23
a year crt.sh
marjorienice.com
Go Daddy Secure Certificate Authority - G2
2022-03-16 -
2023-03-16
a year crt.sh
*.dspxxy.com
Sectigo RSA Domain Validation Secure Server CA
2022-05-12 -
2023-05-12
a year crt.sh
mg.yznwyng.cn
TrustAsia RSA DV TLS CA G2
2022-05-10 -
2023-05-10
a year crt.sh

This page contains 2 frames:

Primary Page: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Frame ID: 89501B8E23C7E37E8B727E36E785B9D6
Requests: 7 HTTP requests in this frame

Frame: http://1.njy13.top/
Frame ID: 5217B1D6BCFDAB06C5F12B198F10C198
Requests: 60 HTTP requests in this frame

Screenshot

Page Title

眉山偈彰文化传播有限公司女人被狂躁到高潮视频免费,好姑娘视频在线观看,亚洲色www永久网站,一本大道久久东京热无码av眉山偈彰文化传播有限公司

Page URL History Show full URLs

  1. http://saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%... HTTP 301
    http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

67
Requests

64 %
HTTPS

20 %
IPv6

21
Domains

22
Subdomains

11
IPs

2
Countries

2111 kB
Transfer

2333 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B HTTP 301
    http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request file
www.saztirulo.com/rnd/
Redirect Chain
  • http://saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtX...
  • http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoR...
2 KB
761 B
Document
General
Full URL
http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Protocol
HTTP/1.1
Server
172.252.172.138 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
ac64ac08cd065091690178e2179810485cccbff8287c6cae2e3b52a7733f1e4c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 26 May 2022 00:01:43 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Thu, 26 May 2022 00:01:43 GMT
Location
http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Server
nginx
common.js
www.saztirulo.com/
1 KB
903 B
Script
General
Full URL
http://www.saztirulo.com/common.js
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Protocol
HTTP/1.1
Server
172.252.172.138 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
93336a31625829e4303d122dad6fde64b0a03262a60b159880e4a4baf6734862

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:44 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/x-javascript
tj.js
www.saztirulo.com/
522 B
678 B
Script
General
Full URL
http://www.saztirulo.com/tj.js
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Protocol
HTTP/1.1
Server
172.252.172.138 , United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
nginx /
Resource Hash
492793058246dc0c4236d5c081d2b54afc7bb83ae6a4e96f1337036efccf0da6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
522
Content-Type
application/x-javascript
/
bmw786.com/ Frame 5217
807 B
906 B
Document
General
Full URL
http://bmw786.com/
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f7177dcac01e43a65ae1743db1661f07f3f3dd9ec4aeddf0d6fc258f167b9368

Request headers

Referer
http://www.saztirulo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
612
Content-Type
text/html
Date
Thu, 26 May 2022 00:01:33 GMT
ETag
"ea369ee9186fd81:0"
Last-Modified
Tue, 24 May 2022 02:49:39 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-Powered-By
ASP.NET
hm.js
hm.baidu.com/
29 KB
11 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?cce3c0f54304572091a0414a5f6ae675
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
d11a71e07977b8c3906dacf500d3b5c3486d81936f36315df85a75109da4b499
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.saztirulo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:34 GMT
Content-Encoding
gzip
Server
apache
Etag
f437a3ea945d963ef3648edb69ef9d72
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11141
hm.js
hm.baidu.com/
29 KB
11 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?684ee816239dde294c62b31bcfa687af
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
e0bc045c9026e5ec939132c709ec8fca0eca6eb494069ba0dde03a558fd19663
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.saztirulo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:34 GMT
Content-Encoding
gzip
Server
apache
Etag
e8161163afbb566ea48456c549e94b14
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11141
0.583462502210536
1.bba06.top/ Frame 5217
0
0

0.9497528908790358
1.bba07.top/ Frame 5217
0
0

0.2775813496872124
1.bba08.top/ Frame 5217
0
0

0.5416784577677827
1.njy08.top/ Frame 5217
0
0

0.7790038635872125
1.njy09.top/ Frame 5217
0
0

0.2628457614014694
1.njy10.top/ Frame 5217
0
0

0.128458338222055
1.njy11.top/ Frame 5217
0
0

0.6257829384849674
1.njy12.top/ Frame 5217
0
0
Image
General
Full URL
http://1.njy12.top/0.6257829384849674
Requested by
Host: bmw786.com
URL: http://bmw786.com/
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bmw786.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

0.8358850875760746
1.njy13.top/ Frame 5217
0
0
Image
General
Full URL
http://1.njy13.top/0.8358850875760746
Requested by
Host: bmw786.com
URL: http://bmw786.com/
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://bmw786.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

0.9118111862982285
2.njy14.top/ Frame 5217
0
0

/
1.njy12.top/ Frame 5217
0
0

/
1.njy13.top/ Frame 5217
34 KB
13 KB
Document
General
Full URL
http://1.njy13.top/
Requested by
Host: bmw786.com
URL: http://bmw786.com/
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / PHP/7.0.33 ASP.NET
Resource Hash
ebbddd444772b7181372a19c6f15bf0b590d31bdcb2512d974ef3a8f0f1bce52

Request headers

Referer
http://bmw786.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
13036
Content-Type
text/html; charset=utf-8
Date
Thu, 26 May 2022 00:01:34 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.33 ASP.NET
ate.css
1.njy13.top/template/m1938pc/css/ Frame 5217
74 KB
5 KB
Stylesheet
General
Full URL
http://1.njy13.top/template/m1938pc/css/ate.css
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:34 GMT
Content-Encoding
gzip
Last-Modified
Sat, 22 May 2021 12:07:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"01827ff24fd71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4498
zui.css
1.njy13.top/template/m1938pc/css/ Frame 5217
84 KB
15 KB
Stylesheet
General
Full URL
http://1.njy13.top/template/m1938pc/css/zui.css
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
51909852330f33decdc406448a318fb23ba091c18cf49573a0c5ebace91bfa8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:34 GMT
Content-Encoding
gzip
Last-Modified
Sat, 22 May 2021 12:07:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"01827ff24fd71:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
15340
xx1.js
bmw727.top/ Frame 5217
1 KB
841 B
Script
General
Full URL
http://bmw727.top/xx1.js
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
553879161e33746d71ed906657e6487485024f3325f571dd973130bf95c04578

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 13:44:58 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"e5ebd64aab6ed81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
534
dh.js
bmw727.top/ Frame 5217
3 KB
903 B
Script
General
Full URL
http://bmw727.top/dh.js
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
5b5a28b73c30b26be38fcaf02f743e0333c1ee5ee2afa01786ed09f808b168fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 13:48:16 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"090c4c0ab6ed81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
597
xx2.js
bmw727.top/ Frame 5217
659 B
636 B
Script
General
Full URL
http://bmw727.top/xx2.js
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
43144aad9a2565f3cbc39aa968d016251eaf89f454f8df3aae2b2dae6c23206f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 22 May 2022 14:35:58 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"f0e65540e96dd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
329
4409bce4a52c6b6e668c4f640137f0de.jpg
ddcdn.comtucdncom.com/upload/vod/20210829-1/ Frame 5217
175 KB
176 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210829-1/4409bce4a52c6b6e668c4f640137f0de.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e3000a6224440b2150bfd3e4e288b6a76eddbce4643b92a95307ec0989d7fda

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
179286
last-modified
Wed, 16 Feb 2022 16:51:07 GMT
server
cloudflare
etag
"620d2b7b-2bc56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrEzszmPm%2Fnc5SxMzEVj%2FM42YLolxj%2B%2BwGug7VwpZmEcSzwx22m%2FdgDYLvlxpB56PlqQVvdALzu1Z1Y2xBD0%2F6OPn5lwJb2beqwEl%2Fet%2BpfoSNqR5nk72x7e1Kao%2BuOvk%2B8QgZtuOFvz84Jpj47TLeUGNFk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb58bb8e678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
4ab4b4098f7f4e30ee3caf1eb56658f2.jpg
ddcdn.comtucdncom.com/upload/vod/20210828-1/ Frame 5217
130 KB
131 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210828-1/4ab4b4098f7f4e30ee3caf1eb56658f2.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d1b0b306e15ae6a92feb1da72a3311d68e2212e66c2249f9b2b5bd3d5a60eea

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
133228
last-modified
Wed, 16 Feb 2022 16:51:11 GMT
server
cloudflare
etag
"620d2b7f-2086c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpv6XVMrrd%2Ftd%2FyjjX1Hccvhhch%2Fd6dXkIi0JRI1NVoswv9R2P18xeD6HEu9kRdR4mJTvuGmSmqSJTUBgX3X7%2FgB%2F1ea9jp%2FQrRbjEKnpriyJVZjlqtpTwHZ5Z6KJOJD1oFemk7GakIBgTsauLfODABUpxw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb58bb9e678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
13a823b0e3cfcc8c1f085756b867a643.jpg
ddcdn.comtucdncom.com/upload/vod/20210828-1/ Frame 5217
141 KB
141 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210828-1/13a823b0e3cfcc8c1f085756b867a643.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96c00d4bd536c6dc7896d169f5a78d46212626c9e4daa027f07deb4ad484b839

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
143908
last-modified
Wed, 16 Feb 2022 16:51:10 GMT
server
cloudflare
etag
"620d2b7e-23224"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CbunofwUXHBDlQHwQ0eqHZdESfFuj53XA8cFjSWsm7eycb%2FeTO%2FyuxC8gHf4rS6SobTi8rv7ekqjZBjPpMTWxavQXJZNvPciy61XZH5rdnBkE6b5AbtFe%2Fu3QaZ15pz12aWJCz73dIYT9dd%2BK419DUVK34%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb58bbae678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
7c0c982d61003b584280d7a91bc71a6a.jpg
ddcdn.comtucdncom.com/upload/vod/20210828-1/ Frame 5217
101 KB
101 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210828-1/7c0c982d61003b584280d7a91bc71a6a.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dff907d3347ee9857327ca18771bae0ee11679575eee1505610442d976665f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10301
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
103237
last-modified
Wed, 16 Feb 2022 16:51:12 GMT
server
cloudflare
etag
"620d2b80-19345"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiLY0X%2FL3NIOjlNkSLCZ5Ch3fhh1JZ09nbrb7zrD0rJbI09I6%2FS%2BTCP7XixIe5PT5OrDV5wG5pZP%2BcrESl579ZPbdbj6UdnMvZgbC8BMwBmmgoBynvck9SFW9F7DfdtZe41W0FBxxnnpFuF3uH0NVfdft2I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb58bbbe678-LHR
expires
Fri, 24 Jun 2022 21:09:54 GMT
6ed42ca101249626126c5c6275518711.jpg
ddcdn.comtucdncom.com/upload/vod/20210828-1/ Frame 5217
116 KB
117 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210828-1/6ed42ca101249626126c5c6275518711.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88c596e9dd8792a974827dfafea302c0c14004e5a82e0f633da4c123cab10efe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10301
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
119264
last-modified
Wed, 16 Feb 2022 16:51:12 GMT
server
cloudflare
etag
"620d2b80-1d1e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUR%2F67Zt63lXkXd6b7UYLZzgi1PZiToGuzLe4e%2FqB403Jg%2B5GBUMgDq%2FXwk9WBd5klJeo1O5IRoGKZZ9bKJFUxRoYpV6FQn2vdPgN9zsSPZ0GS%2FpKqnHhWkjVa0YbPEn7lw1H2%2B1zDfOytlu2YICjSU6AiE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb58bbce678-LHR
expires
Fri, 24 Jun 2022 21:09:54 GMT
ba0b581d8fbe05e0f706ba4b5306d1a9.jpg
ddcdn.comtucdncom.com/upload/vod/20210828-1/ Frame 5217
119 KB
120 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210828-1/ba0b581d8fbe05e0f706ba4b5306d1a9.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df51a0ff71399ad6cf35639efe3941f58e59d6d54436528714ec691a23931919

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
122185
last-modified
Wed, 16 Feb 2022 16:51:13 GMT
server
cloudflare
etag
"620d2b81-1dd49"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NedJQ7eJ4wfNY6CPbnpWKw%2FjaDkCe3vrG%2FwE1TspMtNBWZDgmHDC6e%2BybtSE1FXOD63F7A5gUcmvz%2F%2Fd0NOwDu%2Fro9oI66mkIBWdakLPuU8QGu49z8Pbd5tMVF1x1YR6w8AZ%2FzKJNiC6ciepDO1rsbUTW3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb58bbfe678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
4481f9cb22bd3fedd0b1580adde9fc9a.jpg
ddcdn.comtucdncom.com/upload/vod/20210828-1/ Frame 5217
127 KB
128 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210828-1/4481f9cb22bd3fedd0b1580adde9fc9a.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8af388d155a1a408775cb2c608651ff17988cdd1c516ea8bdbdee3219f6952ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033090
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
130494
last-modified
Wed, 16 Feb 2022 16:51:11 GMT
server
cloudflare
etag
"620d2b7f-1fdbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyTqsmUPbQ1vhvezIjNTrWAwl5GtMY9cm6pA2sNUpl5xFRXXM7vy3DB%2FXiUFOAPq7pak6%2FokW7jwKc2jNN8Ukyhti4C45FuaTD%2FGy5U%2Bp7hrBOuEvoxu8H8rQ7VxJOvIrwSjgJbvmKoLfuwSsXWL4CCfpQs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c3ae678-LHR
expires
Mon, 13 Jun 2022 01:03:25 GMT
35a587814789715eb3bcce977351b478.jpg
ddcdn.comtucdncom.com/upload/vod/20210831-1/ Frame 5217
103 KB
103 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210831-1/35a587814789715eb3bcce977351b478.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca0b6e171987a158177cdd9159512ef71a8f7f5b2d7cef0520d73ae7a748d3bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:36 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
105280
last-modified
Wed, 16 Feb 2022 16:51:00 GMT
server
cloudflare
etag
"620d2b74-19b40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzNxn0pQdg5lLzGNtRpjOL6WNK2ACVTmEBGluYMsion9%2BD9Fp4rkljofv56gvSUCzu3WpZ1KKcSbYCJRt6RxZM3wM3NBm0k5oZhp19kXGbFis%2BQtx1vkzQG5dm3udfLdid7qr1FMR8nsP0tH%2FdYeAmr0oMM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c3be678-LHR
expires
Sat, 25 Jun 2022 00:01:35 GMT
f6d21b6b502e8fccc072690c1eb7eed0.jpg
ddcdn.comtucdncom.com/upload/vod/20210830-1/ Frame 5217
53 KB
53 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210830-1/f6d21b6b502e8fccc072690c1eb7eed0.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f3323ee43c1ba90884a87ef7e08ca364b7277a498ab7cdb596a783e2235281b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54294
last-modified
Wed, 16 Feb 2022 16:51:06 GMT
server
cloudflare
etag
"620d2b7a-d416"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a31gC5tXVSPIWMprwwcTihrZgvbWAnF68QIa42UNhIhxUDRXnXtaUTi9pcm21WX%2F%2FDwNDWOKsiPashCPSndOiK2pBl8jrrU4KmDMbvIj%2BWc5lz70F5nmo%2F8k8zxZJab5s2JBbJzf0SpxwQ0cHnG6TefyKqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c3ce678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
9ab29372e03ea7e6dd57f2a71233fd50.jpg
ddcdn.comtucdncom.com/upload/vod/20210830-1/ Frame 5217
77 KB
77 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210830-1/9ab29372e03ea7e6dd57f2a71233fd50.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf732d3ecb8ace0f5ed7ef76f95ddac1976c89a8a1d136890fa9e5ff2542adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:36 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78844
last-modified
Wed, 16 Feb 2022 16:51:05 GMT
server
cloudflare
etag
"620d2b79-133fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CK5bkNJAUR0ZQcdRsDBjziSEMk80mNstkJe0X08h5MIXu70I7%2F%2Bgk7TTXJVcXES%2B3AhSh7A5Xvu2RoYCSZrpaVK49nEnOKFqyoY1OZoCZXsqDIdA7rv%2FAkuLk69PN0RoI6yuN474NvbTyFE6UH77kOsigWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c3de678-LHR
expires
Sat, 25 Jun 2022 00:01:35 GMT
f2c976e23d87912474126b803fa5dd17.jpg
ddcdn.comtucdncom.com/upload/vod/20210830-1/ Frame 5217
116 KB
116 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210830-1/f2c976e23d87912474126b803fa5dd17.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27a2c92e398b2a9375a6188e40b471b3abaa40be5444f73b8258fe209ac7f679

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7900
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
118443
last-modified
Wed, 16 Feb 2022 16:51:06 GMT
server
cloudflare
etag
"620d2b7a-1ceab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjUViYrvSmMkDRJh%2Ba4eGVn%2FqaDoGRMwN9Xf1YpChlT3l%2FCFsXlw11Wa4vxUx%2BAPrQk4YViHAhbMkNPSSZn73w%2BYqkTz4bB2fv1y4G1mB3bbBSXi%2Fs1bSodjHa29fnopo%2Bwrf%2Ba7m30aRKHAe1x4BQjBgr8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c3ee678-LHR
expires
Fri, 24 Jun 2022 21:49:55 GMT
6c84d2207b45ef20f40b391823f31feb.jpg
ddcdn.comtucdncom.com/upload/vod/20210829-1/ Frame 5217
111 KB
112 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210829-1/6c84d2207b45ef20f40b391823f31feb.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84ace96d6fc45b7e9678aa0f084601af7a13fba2e421f4ee704d890d21173f4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
113935
last-modified
Wed, 16 Feb 2022 16:51:08 GMT
server
cloudflare
etag
"620d2b7c-1bd0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCXUksZDrRV%2BSzNaSgPDXcIZElGjwM6g9dRCLwOQ50f3ezocephruNuZ5SgbDaG4%2FtSwjW2EiSiDtw%2F1bvx9AHD9nPVEm9wazD10Azmb3o0nRWXxvd%2ByarHKsERt3ueG3yLdvFz73s3I49pL%2FEV59CVLk%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb64c47e678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
15829961381.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-01/ Frame 5217
6 KB
6 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-01/15829961381.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45576bf5a84e3bcada8f0f38cf8358306ad098a070b2e3c99930ed17e1a115d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5685
last-modified
Sat, 29 Feb 2020 17:09:03 GMT
server
cloudflare
etag
"5e5a9aaf-1635"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mdRbjbvLoHkeKzku9%2FyJ%2FaEl%2FlE%2FIBMLcWlWxBKpHJAPwZxzEfwDQX6LZbrcuyJqV8RaoaNx5kFUYoJM7x6hlO2TqADeI64EWs%2Fclui7DfpH9Q6rHGGp14JIY%2BuCO4L7UHRlXxL%2FpQoelguY38zCR2vM%2Fe8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb64c48e678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
158299619111.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-01/ Frame 5217
6 KB
6 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-01/158299619111.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76234f87dd088eaa799e52d2da178cb439f77b9cee74047bc2960dd531372185

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6031
last-modified
Sat, 29 Feb 2020 17:09:55 GMT
server
cloudflare
etag
"5e5a9ae3-178f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYwHOqfMxsbTebBJG%2Byq4XSu6nz5zj2ZsDD0WFAxWVD0avhcYdhMHkWMhCrLzPvfi36CuWjmHCP%2BxpeUecj0HoTf9hb0nsDYDbN%2F8fmwo8DDt5iT%2FJuUajxEkbiUzQJKVpSI8Xexz6OGescMRd1MX8ELEo0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb64c49e678-LHR
expires
Sat, 25 Jun 2022 00:01:35 GMT
15829961758.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-01/ Frame 5217
7 KB
8 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-01/15829961758.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9ce97e08e30bb13f5b43910cd89482cd03fe973b2fd96706b39ac651b5ec4c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
17729
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7217
last-modified
Sat, 29 Feb 2020 17:09:40 GMT
server
cloudflare
etag
"5e5a9ad4-1c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y8r0jE8lnocNHuTt86BXvlOE9%2FmvqYxoDQZQfhJIDHewMXkIkHK4eCug2EqDY%2BZAryX%2Bs3ARt9SKIhAoweVvg%2FACMDTaf3bH9Vk6sGq7FVuapbR4%2BiI5I3Lvfn1BSqifvj1CfAjl4cf7dbvjZe2704Dry1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb64c4ae678-LHR
expires
Fri, 24 Jun 2022 19:06:06 GMT
15829977957.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-01/ Frame 5217
7 KB
7 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-01/15829977957.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3244528ba8b7b39e8bdc2f4b39125427ca5976326a0b236a4a381f8e5cbafd1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10926
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7022
last-modified
Sat, 29 Feb 2020 17:36:37 GMT
server
cloudflare
etag
"5e5aa125-1b6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUpBVxQ4U4tFITDlDFZMtaVaDaRMlLL%2BDWBpSy5Cyf%2BZm6O%2FI0ITiiE%2Ba%2FQ9HTWOEFwAVGFavPJ2ZGApLijnYDh2r5KjpO3qiecGS4p4Aa6Pi5dMtaHS3UJa%2FGtH2E4qog22%2BVuf2SoMF%2Bzo6GXPaCo%2Fw6M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb64c4ce678-LHR
expires
Fri, 24 Jun 2022 20:59:29 GMT
15836210892.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-08/ Frame 5217
7 KB
8 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-08/15836210892.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cc83f80e0d18f042ae9a32423b15208c0fe9c06934e99b1990be2d2cd8743a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1157165
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7404
last-modified
Sat, 07 Mar 2020 22:44:49 GMT
server
cloudflare
etag
"5e6423e1-1cec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29T8RVLR3uDcBpwpqF%2FW3DR5e%2FrNQXJnuRbOInMLqnRZK9xqh0GlNyoTemGZ1Hs6ibakWnDA3X%2B5CMDAeBFSdzRr4nOeirPZH8%2Bxpq5zMZ1nURlMkMxY82gkN6hK2tLQtZQWRzzGuDDZ2ZFOeVI6HyIe%2BB0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb64c4de678-LHR
expires
Sat, 11 Jun 2022 14:35:30 GMT
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=728008199&si=684ee816239dde294c62b31bcfa687af&v=1.2.93&lv=1&sn=9709&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.saztirulo.com%2Frnd%2Ffile%3Fbatm%3Dl5oDtRFnfAy7BQ6Ll8oRjw%253D%253D%26ssp_info%3DPbWPU8l5l9GSTiADqUwCkTY%252F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%252FhlfMF5dPf%252BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%252Bzh7y66cX%252B6fu6eRQI1Za6dYfpb9yrWpTBJIib%252Bo7lx%252FqQdH2vgM8iHMJqA9YmRzfG1B&tt=%E7%9C%89%E5%B1%B1%E5%81%88%E5%BD%B0%E6%96%87%E5%8C%96%E4%BC%A0%E6%92%AD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.saztirulo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 May 2022 00:01:35 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1816736468&si=cce3c0f54304572091a0414a5f6ae675&v=1.2.93&lv=1&sn=9710&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.saztirulo.com%2Frnd%2Ffile%3Fbatm%3Dl5oDtRFnfAy7BQ6Ll8oRjw%253D%253D%26ssp_info%3DPbWPU8l5l9GSTiADqUwCkTY%252F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%252FhlfMF5dPf%252BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%252Bzh7y66cX%252B6fu6eRQI1Za6dYfpb9yrWpTBJIib%252Bo7lx%252FqQdH2vgM8iHMJqA9YmRzfG1B&tt=%E7%9C%89%E5%B1%B1%E5%81%88%E5%BD%B0%E6%96%87%E5%8C%96%E4%BC%A0%E6%92%AD%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.saztirulo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 May 2022 00:01:35 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
15836211045.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-08/ Frame 5217
10 KB
11 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-08/15836211045.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1240556446fde0c013e8d49f2c7cca7e97c174187066ac351d59e20b650ee835

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10559
last-modified
Sat, 07 Mar 2020 22:45:04 GMT
server
cloudflare
etag
"5e6423f0-293f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSYy54za6JtYZUAZXPeJBGyLGTgm%2BO0j1Up%2BzY8r0Y8GHQ9vB8DFHdiihJJf5v1IZOQCAj6O0TUYJCkvbFQ0X%2FTCOzYidcgjQA6plLlvYnM3YuC10lI2Ca7O1I0b0CwdwUhRTCpGQefK8wsoxEYk%2FpkZtio%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb61c1ce678-LHR
expires
Sat, 25 Jun 2022 00:01:35 GMT
158362110612.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-08/ Frame 5217
6 KB
7 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-08/158362110612.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
553acf602c78e1d3615a113b1e14498365a6440a4ce8252ba143c762788510e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6155
last-modified
Sat, 07 Mar 2020 22:45:06 GMT
server
cloudflare
etag
"5e6423f2-180b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rR3%2FQY0vkfokybg2hHBRC5JiUGCOViXfNPEjcqHIUmY1xhO2SEhAG6G9XYMcmsG7dub5g0jNGuUHVMZvUhh8lFrCJ8lpRWSCZ5gjCi6EQVCB05PIvXT5RdRL5x4Ig1%2BBwmJKnFsjpBBrEoy1%2BycgTthvtZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb62c26e678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
15836211058.jpg
ddcdn.comtucdncom.com/upload/vod/2020-03-08/ Frame 5217
8 KB
9 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/2020-03-08/15836211058.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
331e33c71b7edd766df98402c7c5a6753f606297930218a1ad098c9f90b6d31e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8582
last-modified
Sat, 07 Mar 2020 22:45:05 GMT
server
cloudflare
etag
"5e6423f1-2186"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5MZbxVn1P0VfG9Padb%2Bsrk8TS9oX4bppZRylYpQM5%2BdVbdihIoT5pH91B56RSsg%2BrIMpfcX2AgsxYEF6lF7EhkoPyXm5KCTsxVAvrM91TlDRPd2GyFJ4BrAoIn%2Ba6K2kJgnAk8S%2Fs8zEEwXRclLsm6DfOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c2de678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
2f9f2731213aa5cbe7d349323e417f28.jpg
ddcdn.comtucdncom.com/upload/vod/20210913-1/ Frame 5217
18 KB
18 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210913-1/2f9f2731213aa5cbe7d349323e417f28.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5bbcd2e8d66d57c7ef993b72d4fa6a1cbe8bd71bb007367dd9084de0870f107

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17959
last-modified
Wed, 16 Feb 2022 16:50:17 GMT
server
cloudflare
etag
"620d2b49-4627"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54XibejoJmaQJw1qZ0SU%2B0VkpkNoTBdwCbs22on7AUT8Oot1jj%2FWu8oTDnop5EZ00JCyU1CMJSmBV4qYpEMm1fz771MgTS8iUaILXPiuq0vdHTTug2MSPbF1h7WPKQdPoY1JNdiMhDox8ybyZ1lqbxxMoEs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c2ee678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
e3e33107bb78ad8bc12ed0c1cfd22cdc.jpg
ddcdn.comtucdncom.com/upload/vod/20210913-1/ Frame 5217
45 KB
46 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210913-1/e3e33107bb78ad8bc12ed0c1cfd22cdc.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f910e6e445068d7088b22b872da502158c26c1fde5098f9d076d5002a36e119

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46366
last-modified
Wed, 16 Feb 2022 16:50:19 GMT
server
cloudflare
etag
"620d2b4b-b51e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8GnTjULRnFYljkCzSozbvULfJMKwiBiXsO97lELZM4T9A%2Bm0zuGdP20rbL2ltky2QV1IUPAz9y0gybB8G6ztZbB5Vl6m%2FqHrIgRNWATRr9jYozBYXXn5dz7j0tL7WxxuUG%2FLRuc9Pdx1VWoNS%2FeizwD2rdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c2fe678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
6216a5ec642de34cb34a599088c79919.jpg
ddcdn.comtucdncom.com/upload/vod/20210913-1/ Frame 5217
21 KB
22 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210913-1/6216a5ec642de34cb34a599088c79919.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e1124f75ddba9a380e9b36ae4e65d1e0abe9b873044c00685aaf12ebe7f40f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1122988
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21995
last-modified
Wed, 16 Feb 2022 16:50:17 GMT
server
cloudflare
etag
"620d2b49-55eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0mGjxCNh4wRTH7AJccTZ50MeYHr%2BgVO%2BtkrxiO4vEiZ8qNXJZux3NC9mdg3zVBwWh9oLd5sr8KsIFfw%2FaSJR2cTsmUL9jzMj2tqP4OkL0laVUouYnz5BQS8YFLsV54G5nglXkhvqpPrzTbMVdTIJfmHbzc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c31e678-LHR
expires
Sun, 12 Jun 2022 00:05:07 GMT
428b04d4155a8b97c26068f3904af957.jpg
ddcdn.comtucdncom.com/upload/vod/20210913-1/ Frame 5217
18 KB
19 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210913-1/428b04d4155a8b97c26068f3904af957.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a85a9d51aa1bc90204653903713c3c336b3eb5914bec0f7d2ede8f2e01b52595

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18633
last-modified
Wed, 16 Feb 2022 16:50:17 GMT
server
cloudflare
etag
"620d2b49-48c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rKTCS0cehyYCQVPMFtI9tVN%2FQP4Yy4dzWEV0nOjupJ1zLMDcdFRvL9HKQDasv7S19viY0nJFEZU%2F%2BUEOIomsZbRltpKQk213lMSYCzbkfuJc2dUHBH6NGWekoboyk9P%2BziXCAX6STyFo2toNxrbVGC4veUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c32e678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
cd1909454a394a98c1f76c87b734f724.jpg
ddcdn.comtucdncom.com/upload/vod/20210913-1/ Frame 5217
17 KB
18 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210913-1/cd1909454a394a98c1f76c87b734f724.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1ac7b2e4ee583e738bca9c011668f2db1e6b0a622a0ad28131558abdf8f52b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17361
last-modified
Wed, 16 Feb 2022 16:50:19 GMT
server
cloudflare
etag
"620d2b4b-43d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GRfrLJGLxqZaHWe6nxA8VzAdeqkoGBkCNAuNdpSaot4dc6CnEaFEvZaiZAcxupvsrefwovTH5pGW6EYNIOrk4Yrib7KKhz%2FHR7d9oTbZbiQSsxhhqka%2FMMSWgyl8YtQkFcDJ6kjCqDHlhJl1iV%2BdoYKmYA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c34e678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
ad3d8f3acbaf349e0140ed9cd5a49d8c.jpg
ddcdn.comtucdncom.com/upload/vod/20210912-1/ Frame 5217
55 KB
56 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210912-1/ad3d8f3acbaf349e0140ed9cd5a49d8c.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e07d4af2d7857e851fae273af1cb9802933402fe878d4e380c0151c8a4b1842

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56648
last-modified
Wed, 16 Feb 2022 16:50:22 GMT
server
cloudflare
etag
"620d2b4e-dd48"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tg3GYGSK%2FHhYL0h1rybCZI6JEu88JGNkPK9sUwbodI4JV90Bq7xAaNiUoyPKAfrGbaynSgJrSBZsASQi0%2BYkHOIG9A2UBj3cuDyo6mjUeAXeERQ1BHi1eG%2FeyxFXZYMMIv%2B4x%2B%2F0OMTyngZPQxoy%2BA41qAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c35e678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
a2c60dc0d22b698217f0390f3401afc0.jpg
ddcdn.comtucdncom.com/upload/vod/20210912-1/ Frame 5217
79 KB
79 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210912-1/a2c60dc0d22b698217f0390f3401afc0.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab5fe96f2028c153f8e8d70f433b367bf60145fb73f7417b2dbb7f1101e72fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1009514
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80552
last-modified
Wed, 16 Feb 2022 16:50:21 GMT
server
cloudflare
etag
"620d2b4d-13aa8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cb0NfsNFdRnIgpEtuUbDg1et1iIX%2Bu79AtIWHdJg8iKzasTASb8CbRQzrmAD36bhbDaWYzE%2FYt9ZUKU3fETU9jewgR3iLrx0HZciL29OuxHC5CYr5ORlA33rrFjVhzTzx6ls8gFGgKl0pbzGI07guRdbRMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c37e678-LHR
expires
Mon, 13 Jun 2022 07:36:21 GMT
cab15270f76f37d8f33911bef692b68c.jpg
ddcdn.comtucdncom.com/upload/vod/20210912-1/ Frame 5217
75 KB
76 KB
Image
General
Full URL
https://ddcdn.comtucdncom.com/upload/vod/20210912-1/cab15270f76f37d8f33911bef692b68c.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:eb10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb179a728d6f004b2aed08efb085923cf629aef11f38ad4a7eb16c261a086b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:36 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77123
last-modified
Wed, 16 Feb 2022 16:50:22 GMT
server
cloudflare
etag
"620d2b4e-12d43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xw6qTyHPMqvwJHcBZBuAo1HRd%2ByQv3HSOSHdsoXFuvXYbf4lRGt9UxpWyfk4bIBas7Q%2FiP0bHUwuzsXA%2FxnBXuBdl7kuZTVB%2BIGZ9WdUaTfOe8MBuruYT9mkMWfy3vpOpIhNljWUjqJS3XzgWo5LqSCtJJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
71123cb63c39e678-LHR
expires
Sat, 25 Jun 2022 00:01:35 GMT
xx4.js
bmw727.top/ Frame 5217
0
258 B
Script
General
Full URL
http://bmw727.top/xx4.js
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:35 GMT
Last-Modified
Sun, 22 May 2022 14:32:05 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"465a82b5e86dd81:0"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
0
xx3.js
bmw727.top/ Frame 5217
651 B
634 B
Script
General
Full URL
http://bmw727.top/xx3.js
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d68f0bf2a92fc805be8c75aed3dc72697a7b0eca91eaf9cfedd7efa682789e00

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:35 GMT
Content-Encoding
gzip
Last-Modified
Sun, 22 May 2022 14:35:50 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"68e9da3be96dd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
327
e22428ccf9.php
g.ns-zhy.com/ Frame 5217
0
603 B
Script
General
Full URL
https://g.ns-zhy.com/e22428ccf9.php?a=164
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:a4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/5.6.40
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2FYYcNah4giOvk2pQsbEM6s9lNNdMliP%2BlveqGQDKlLv3kiqpQ4qMBHNYke31MBYKMy7%2BRHOTzK0%2F6Mc2q8xJmqqdQjKw07L5HlTlcXlC%2F6%2FljDPtDdYe2ASQ1NrNW5Jbb2IAw3NNa3pGFs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
71123cb65d9491e7-FRA
22902815568_1738432517.jpg
cbu01.alicdn.com/img/ibank/2020/865/518/ Frame 5217
96 KB
97 KB
Image
General
Full URL
https://cbu01.alicdn.com/img/ibank/2020/865/518/22902815568_1738432517.jpg
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.62.251 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
4d47bba01041ef53fd4ee75b4c13e5730fe106b233a7a1b4e8e9f12fc7527f88

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 21 Oct 2021 10:16:38 GMT
via
cache23.l2ot7[0,0,200-0,H], cache10.l2ot7[1,0], cache10.l2ot7[1,0], cache4.br3[0,0,200-0,H], cache5.br3[1,0]
age
18711900
request-time
0.109
x-cache
HIT TCP_MEM_HIT dirn:13:614135831
x-swift-cachetime
29475303
x-swift-savetime
Sun, 14 Nov 2021 06:41:35 GMT
content-length
98277
last-modified
Thu, 24 Dec 2020 19:19:13 GMT
server
Tengine
ali-swift-global-savetime
1634811398
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
picasso-ret-code
SUCCESS
timing-allow-origin
*
eagleid
a3b53e9916535232980986692e
expires
Fri, 21 Oct 2022 10:16:38 GMT
eec90ca7c60f4200abfc102e44259bf8.gif
pvhgws7.com/ Frame 5217
140 KB
141 KB
Image
General
Full URL
https://pvhgws7.com/eec90ca7c60f4200abfc102e44259bf8.gif
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.170.15.94 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c735a7a647ce99e8178cf156f66699b123756d51bc71a0532130e5acf2cf57f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Mon, 23 May 2022 13:51:36 GMT
Last-Modified
Mon, 23 May 2022 13:41:31 GMT
Server
nginx
ETag
"628b8f0b-2316d"
X-Cache
HIT from yd11_13-cdn-g01-la2-24
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
143725
video-play.png
1.njy13.top/template/m1938pc/images/ Frame 5217
2 KB
2 KB
Image
General
Full URL
http://1.njy13.top/template/m1938pc/images/video-play.png
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/template/m1938pc/css/zui.css
Protocol
HTTP/1.1
Server
144.168.64.158 , United States, ASN22552 (ESITED, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/template/m1938pc/css/zui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:36 GMT
Last-Modified
Sat, 22 May 2021 12:07:22 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"0f91c534fd71:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1567
hm.js
hm.baidu.com/ Frame 5217
29 KB
11 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?120457abf1f2df070dc8a4e9d00a8fed
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
021fd5d0dc529e0e2284f4f4028fb54cc9df986e8819b109a7c16f17cbfbe787
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:37 GMT
Content-Encoding
gzip
Server
apache
Etag
be9188bce17077673014646fb96f1916
Strict-Transport-Security
max-age=172800
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11140
xofld
marjorienice.com/jypdchxnfv/xofld1vjs0deujac8fguu/1399/ Frame 5217
39 B
708 B
Script
General
Full URL
https://marjorienice.com/jypdchxnfv/xofld1vjs0deujac8fguu/1399/xofld
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.183.17 -, , ASN (),
Reverse DNS
Software
nginx/1.2.4 / PHP/5.2.14p1
Resource Hash
ba55a8d3866b0f5d4e5c85526551f2ba958c571b6662ec05d97819dddd8d6633

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
PHP/5.2.14p1
Transfer-Encoding
chunked
P3P
CP=CAO PSA OUR
Connection
keep-alive
Pramga
no-cache
Last-Modified
Thu, 26 May 2022 00:01:40 GMT
Server
nginx/1.2.4
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
text/html;charset=UTF8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Content-Range, Content-Disposition, Content-Description
wap_1254_1100_1653523295790
1653523295790.dspxxy.com/ Frame 5217
11 KB
6 KB
Script
General
Full URL
https://1653523295790.dspxxy.com:4011/wap_1254_1100_1653523295790
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.23.245.118 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
bdf48fb1458cce40c67afcacbafa2f3ef7028d4f1e24db8d8a34be1581a7969e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000, max-age=31536000, no-cache

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 00:01:35 GMT
content-encoding
gzip
last-modified
Wed, 25 May 2022 14:41:09 GMT
server
nginx
etag
W/"628e4005-2c43"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000, max-age=31536000, no-cache
expires
Thu, 26 May 2022 12:01:38 GMT
5815
mg.yznwyng.cn/sc/ Frame 5217
11 KB
11 KB
Script
General
Full URL
https://mg.yznwyng.cn/sc/5815?n=avLepHtI
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.152.136.42 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 / PHP/5.6.31
Resource Hash
1b4960af6c6f5f5f15ba1dd2b57a949fbf5b7ac8d61ee1ffe68f1176528c79ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
max-age=1800
Date
Thu, 26 May 2022 00:01:38 GMT
X-Cache-Lookup
Cache Miss
Server
nginx/1.18.0
X-Powered-By
PHP/5.6.31
Transfer-Encoding
chunked
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
X-NWS-LOG-UUID
5462449604494537670
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript; charset=utf-8
bzxfs
marjorienice.com/orvgbksub/bzxfs1vhv0lsefsk4axil/1399/ Frame 5217
39 B
708 B
Script
General
Full URL
https://marjorienice.com/orvgbksub/bzxfs1vhv0lsefsk4axil/1399/bzxfs
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
47.243.183.17 -, , ASN (),
Reverse DNS
Software
nginx/1.2.4 / PHP/5.2.14p1
Resource Hash
ba55a8d3866b0f5d4e5c85526551f2ba958c571b6662ec05d97819dddd8d6633

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:40 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
PHP/5.2.14p1
Transfer-Encoding
chunked
P3P
CP=CAO PSA OUR
Connection
keep-alive
Pramga
no-cache
Last-Modified
Thu, 26 May 2022 00:01:40 GMT
Server
nginx/1.2.4
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
text/html;charset=UTF8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Content-Range, Content-Disposition, Content-Description
hm.gif
hm.baidu.com/ Frame 5217
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=593204216&si=120457abf1f2df070dc8a4e9d00a8fed&su=http%3A%2F%2Fbmw786.com%2F&v=1.2.93&lv=1&sn=9712&r=0&ww=1600&ct=!!&u=http%3A%2F%2F1.njy13.top%2F&tt=%E6%97%A5%E6%9C%AC%E7%86%9F%E5%A6%87%E6%97%A0%E7%A0%81%E4%BA%9A%E6%B4%B2%E6%88%90a%E4%BA%BA%E7%89%87%20%E6%97%A5%E6%9C%AC%E6%8C%89%E6%91%A9%E9%AB%98%E6%BD%AEa%E7%BA%A7%E4%B8%AD%E6%96%87%E7%89%87%20%E4%BA%9A%E6%B4%B2%E6%88%90av%E4%BA%BA%E7%89%87%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%97%A0%E7%A0%81%20%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95%E4%B9%B1%E7%A0%81%E4%BA%9A%E6%B4%B2%E6%97%A0%E7%BA%BF%E7%A0%81%E4%B8%89%E5%8C%BA%20%E4%BA%9A%E6%B4%B2%E4%B9%85%E4%B9%85%E5%A4%A9%E5%A0%82%E6%97%A0%E7%A0%81%E5%9B%BD%E4%BA%A7%E4%B9%85
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 May 2022 00:01:37 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.js
hm.baidu.com/ Frame 5217
29 KB
11 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?c0a3e3990d2e934f34f0a250f940041b
Requested by
Host: www.saztirulo.com
URL: http://www.saztirulo.com/rnd/file?batm=l5oDtRFnfAy7BQ6Ll8oRjw%3D%3D&ssp_info=PbWPU8l5l9GSTiADqUwCkTY%2F3xd76cJ6qf0yLZQrOtrgT6cDUq8S2kvvhVD9TJKHb1B9pKWC%2FhlfMF5dPf%2BDbYRJoS3fCYRFLJFNR5IiGqD0vdXxoRUBtXlHj1M8E0m7J0%2Bzh7y66cX%2B6fu6eRQI1Za6dYfpb9yrWpTBJIib%2Bo7lx%2FqQdH2vgM8iHMJqA9YmRzfG1B
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
44dcfa81cb2e51dd4fe54658173792b2b534960c73945a52bdefb8b7c9ea2d2b
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Thu, 26 May 2022 00:01:38 GMT
Content-Encoding
gzip
Server
apache
Etag
955026fe331f7c13689a642232e0c74e
Strict-Transport-Security
max-age=172800
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11140
hm.gif
hm.baidu.com/ Frame 5217
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=253803847&si=c0a3e3990d2e934f34f0a250f940041b&su=http%3A%2F%2Fbmw786.com%2F&v=1.2.93&lv=1&sn=9713&r=0&ww=1600&ct=!!&u=http%3A%2F%2F1.njy13.top%2F&tt=%E6%97%A5%E6%9C%AC%E7%86%9F%E5%A6%87%E6%97%A0%E7%A0%81%E4%BA%9A%E6%B4%B2%E6%88%90a%E4%BA%BA%E7%89%87%20%E6%97%A5%E6%9C%AC%E6%8C%89%E6%91%A9%E9%AB%98%E6%BD%AEa%E7%BA%A7%E4%B8%AD%E6%96%87%E7%89%87%20%E4%BA%9A%E6%B4%B2%E6%88%90av%E4%BA%BA%E7%89%87%E5%9C%A8%E7%BA%BF%E8%A7%82%E7%9C%8B%E6%97%A0%E7%A0%81%20%E4%B8%AD%E6%96%87%E5%AD%97%E5%B9%95%E4%B9%B1%E7%A0%81%E4%BA%9A%E6%B4%B2%E6%97%A0%E7%BA%BF%E7%A0%81%E4%B8%89%E5%8C%BA%20%E4%BA%9A%E6%B4%B2%E4%B9%85%E4%B9%85%E5%A4%A9%E5%A0%82%E6%97%A0%E7%A0%81%E5%9B%BD%E4%BA%A7%E4%B9%85
Requested by
Host: 1.njy13.top
URL: http://1.njy13.top/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://1.njy13.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 26 May 2022 00:01:39 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
1.bba06.top
URL
http://1.bba06.top/0.583462502210536
Domain
1.bba07.top
URL
http://1.bba07.top/0.9497528908790358
Domain
1.bba08.top
URL
http://1.bba08.top/0.2775813496872124
Domain
1.njy08.top
URL
http://1.njy08.top/0.5416784577677827
Domain
1.njy09.top
URL
http://1.njy09.top/0.7790038635872125
Domain
1.njy10.top
URL
http://1.njy10.top/0.2628457614014694
Domain
1.njy11.top
URL
http://1.njy11.top/0.128458338222055
Domain
2.njy14.top
URL
http://2.njy14.top/0.9118111862982285
Domain
1.njy12.top
URL
http://1.njy12.top/

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation string| titlestr function| setFrame object| _hmt boolean| _bdhm_loaded_684ee816239dde294c62b31bcfa687af object| mini_tangram_log_clak9f boolean| _bdhm_loaded_cce3c0f54304572091a0414a5f6ae675 object| mini_tangram_log_ni4oq3

5 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 5A7509216F9EB1C5
.www.saztirulo.com/ Name: Hm_lvt_684ee816239dde294c62b31bcfa687af
Value: 1653523294
.www.saztirulo.com/ Name: Hm_lpvt_684ee816239dde294c62b31bcfa687af
Value: 1653523294
.www.saztirulo.com/ Name: Hm_lvt_cce3c0f54304572091a0414a5f6ae675
Value: 1653523295
.www.saztirulo.com/ Name: Hm_lpvt_cce3c0f54304572091a0414a5f6ae675
Value: 1653523295

2 Console Messages

Source Level URL
Text
network error URL: http://1.njy12.top/0.6257829384849674
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://1.njy13.top/0.8358850875760746
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bba06.top
1.bba07.top
1.bba08.top
1.njy08.top
1.njy09.top
1.njy10.top
1.njy11.top
1.njy12.top
1.njy13.top
1653523295790.dspxxy.com
2.njy14.top
bmw727.top
bmw786.com
cbu01.alicdn.com
ddcdn.comtucdncom.com
g.ns-zhy.com
hm.baidu.com
marjorienice.com
mg.yznwyng.cn
pvhgws7.com
saztirulo.com
www.saztirulo.com
1.bba06.top
1.bba07.top
1.bba08.top
1.njy08.top
1.njy09.top
1.njy10.top
1.njy11.top
1.njy12.top
2.njy14.top
103.170.15.94
103.235.46.191
144.168.64.158
154.23.245.118
163.181.62.251
172.252.172.138
211.152.136.42
2606:4700:3035::ac43:a4a7
2606:4700:3038::6815:eb10
47.243.183.17
021fd5d0dc529e0e2284f4f4028fb54cc9df986e8819b109a7c16f17cbfbe787
0e3000a6224440b2150bfd3e4e288b6a76eddbce4643b92a95307ec0989d7fda
1240556446fde0c013e8d49f2c7cca7e97c174187066ac351d59e20b650ee835
1b4960af6c6f5f5f15ba1dd2b57a949fbf5b7ac8d61ee1ffe68f1176528c79ce
1e07d4af2d7857e851fae273af1cb9802933402fe878d4e380c0151c8a4b1842
1f3323ee43c1ba90884a87ef7e08ca364b7277a498ab7cdb596a783e2235281b
27a2c92e398b2a9375a6188e40b471b3abaa40be5444f73b8258fe209ac7f679
2ab5fe96f2028c153f8e8d70f433b367bf60145fb73f7417b2dbb7f1101e72fc
3244528ba8b7b39e8bdc2f4b39125427ca5976326a0b236a4a381f8e5cbafd1a
331e33c71b7edd766df98402c7c5a6753f606297930218a1ad098c9f90b6d31e
3e1124f75ddba9a380e9b36ae4e65d1e0abe9b873044c00685aaf12ebe7f40f1
43144aad9a2565f3cbc39aa968d016251eaf89f454f8df3aae2b2dae6c23206f
44dcfa81cb2e51dd4fe54658173792b2b534960c73945a52bdefb8b7c9ea2d2b
45576bf5a84e3bcada8f0f38cf8358306ad098a070b2e3c99930ed17e1a115d2
492793058246dc0c4236d5c081d2b54afc7bb83ae6a4e96f1337036efccf0da6
4d47bba01041ef53fd4ee75b4c13e5730fe106b233a7a1b4e8e9f12fc7527f88
4eb179a728d6f004b2aed08efb085923cf629aef11f38ad4a7eb16c261a086b0
51909852330f33decdc406448a318fb23ba091c18cf49573a0c5ebace91bfa8c
553879161e33746d71ed906657e6487485024f3325f571dd973130bf95c04578
553acf602c78e1d3615a113b1e14498365a6440a4ce8252ba143c762788510e7
5b5a28b73c30b26be38fcaf02f743e0333c1ee5ee2afa01786ed09f808b168fe
5dff907d3347ee9857327ca18771bae0ee11679575eee1505610442d976665f0
6f910e6e445068d7088b22b872da502158c26c1fde5098f9d076d5002a36e119
76234f87dd088eaa799e52d2da178cb439f77b9cee74047bc2960dd531372185
7d1b0b306e15ae6a92feb1da72a3311d68e2212e66c2249f9b2b5bd3d5a60eea
84ace96d6fc45b7e9678aa0f084601af7a13fba2e421f4ee704d890d21173f4e
88c596e9dd8792a974827dfafea302c0c14004e5a82e0f633da4c123cab10efe
8af388d155a1a408775cb2c608651ff17988cdd1c516ea8bdbdee3219f6952ce
8cc83f80e0d18f042ae9a32423b15208c0fe9c06934e99b1990be2d2cd8743a5
93336a31625829e4303d122dad6fde64b0a03262a60b159880e4a4baf6734862
96c00d4bd536c6dc7896d169f5a78d46212626c9e4daa027f07deb4ad484b839
a85a9d51aa1bc90204653903713c3c336b3eb5914bec0f7d2ede8f2e01b52595
ac64ac08cd065091690178e2179810485cccbff8287c6cae2e3b52a7733f1e4c
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
ba55a8d3866b0f5d4e5c85526551f2ba958c571b6662ec05d97819dddd8d6633
bdf48fb1458cce40c67afcacbafa2f3ef7028d4f1e24db8d8a34be1581a7969e
c735a7a647ce99e8178cf156f66699b123756d51bc71a0532130e5acf2cf57f5
ca0b6e171987a158177cdd9159512ef71a8f7f5b2d7cef0520d73ae7a748d3bc
caf732d3ecb8ace0f5ed7ef76f95ddac1976c89a8a1d136890fa9e5ff2542adb
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11a71e07977b8c3906dacf500d3b5c3486d81936f36315df85a75109da4b499
d5bbcd2e8d66d57c7ef993b72d4fa6a1cbe8bd71bb007367dd9084de0870f107
d68f0bf2a92fc805be8c75aed3dc72697a7b0eca91eaf9cfedd7efa682789e00
df51a0ff71399ad6cf35639efe3941f58e59d6d54436528714ec691a23931919
e0bc045c9026e5ec939132c709ec8fca0eca6eb494069ba0dde03a558fd19663
e1ac7b2e4ee583e738bca9c011668f2db1e6b0a622a0ad28131558abdf8f52b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebbddd444772b7181372a19c6f15bf0b590d31bdcb2512d974ef3a8f0f1bce52
f7177dcac01e43a65ae1743db1661f07f3f3dd9ec4aeddf0d6fc258f167b9368
f9ce97e08e30bb13f5b43910cd89482cd03fe973b2fd96706b39ac651b5ec4c2