Report - 129av.vip/vodplay/700193-1-1.html

Report Overview

Visited public
2025-03-20 08:27:49
Tags
URL
129av.vip/vodplay/700193-1-1.html
Finishing URL
129av.vip/vodplay/700193-1-1.html
IP / ASN
172.67.164.174
#13335 CLOUDFLARENET
Title
【父女乱伦】女儿刚放学回家衣服都没来得及脱就被父亲吃奶摸B爆艹【1080P】- 129AV

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
129av.vip	unknown	2024-11-09	2025-03-20	2025-03-20	9.4 kB	524 kB	172.67.164.174
img.lytuchuang57.com	unknown	2024-01-12	2024-02-15	2025-03-20	1.9 kB	0 B	0.0.0.0
img.hgimg01.com	unknown	2023-05-01	2023-05-17	2025-03-20	477 B	76 kB	208.69.102.171
img.lytuchuang56.com	unknown	2024-01-12	2024-01-12	2024-12-19	1.9 kB	0 B	0.0.0.0
uqetyzxa.com	unknown	2024-09-17	2024-09-18	2025-03-19	439 B	7.4 kB	64.112.78.42
qsc.vxcewh.cn	unknown	2024-06-17	2025-02-10	2025-03-16	475 B	602 B	134.175.212.157
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-03-19	430 B	367 kB	142.250.74.136
sbzytpimg1.com	unknown	2024-04-24	2024-07-25	2025-03-20	481 B	96 kB	173.249.235.41
feimian.slsltutu.com	unknown	2022-12-31	2023-05-23	2025-03-20	964 B	388 B	156.238.196.42
bf2.semaobf1.com	unknown	2022-02-20	2024-02-19	2024-02-25	904 B	0 B	0.0.0.0
img1.askcdn1.com	unknown	2023-07-22	2023-07-26	2025-03-14	886 B	338 kB	208.64.217.42
gbf.jhmghgf.cn	unknown	2024-03-27	2025-03-03	2025-03-15	887 B	278 kB	117.24.14.230
dcabg.mtpphb.cn	unknown	2024-06-17	2025-03-20	2025-03-20	1.0 kB	1.3 kB	106.55.219.198
assd.hkewhqoao.cn	unknown	2023-11-12	2025-02-08	2025-03-16	502 B	214 B	150.242.83.36
dcai.wqqdgj.cn	unknown	2025-03-07	2025-03-20	2025-03-20	412 B	17 kB	150.242.83.36
www.155pic.com	unknown	2022-08-05	2022-10-23	2025-03-20	452 B	9.6 kB	104.21.48.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-20	medium	lytuchuang57.com	Sinkholed
2025-03-20	medium	lytuchuang56.com	Sinkholed
2025-03-20	medium	lytuchuang56.com	Sinkholed
2025-03-20	medium	lytuchuang57.com	Sinkholed
2025-03-20	medium	lytuchuang56.com	Sinkholed
2025-03-20	medium	lytuchuang57.com	Sinkholed
2025-03-20	medium	lytuchuang57.com	Sinkholed
2025-03-20	medium	lytuchuang56.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (19)

	URL	From	Size	First Seen	Last Seen
	129av.vip/vodplay/700193-1-1.html	ScriptElement	143 B	2024-08-19	2025-04-02
Pretty URL 129av.vip/vodplay/700193-1-1.html IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 18:15 Last Seen2025-04-02 06:07 Times Seen4 Hash 7ebb359e759a28a3e99ab90ed67beb17 3aec03cd1a7fdc4d2dbf79edff17343fa784ebfc 881425f4ff8e42ee2c8f8adf314f0af40f5a3037940675d20a896b4205311c4b Loading...

	129av.vip/MDassets/js/layer.js	ScriptElement	22 kB	2023-04-05	2025-05-25
Pretty URL 129av.vip/MDassets/js/layer.js IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 06:05 Last Seen2025-05-25 02:30 Times Seen1961 Hash d0c975e34297f3e44e99c9d83555ffc1 7e465bd79e65428cf07e5991196cff512ce44a4b 691aad750624d84b17f2fbb73a4982860edd18837f3000c5b660ac82bf408e82 Loading...

	129av.vip/vodplay/700193-1-1.html	ScriptElement	480 B	2025-03-20	2025-03-20
Pretty URL 129av.vip/vodplay/700193-1-1.html IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-20 08:27 Last Seen2025-03-20 08:27 Times Seen1 Hash 710aa77345312b586bd5e101fa191283 23efc68c17a7292bd08c1011c59c35ef00f995e9 2e4b2f04199d873e112348eaa3559a419127fceceb6116c97ad863484c861b7a Loading...

	129av.vip/vodplay/700193-1-1.html	ScriptElement	253 B	2024-08-19	2025-05-24
Pretty URL 129av.vip/vodplay/700193-1-1.html IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-19 18:15 Last Seen2025-05-24 22:54 Times Seen20 Hash b9aa820125cd6e324a0017b7862ffde8 416e53acf0d96833417909c8d9833aadcfede34e 9b0f3204dc75fb26d38a0832dfc182103e7454f5fa231714f1ce9bdf2a2c9240 Loading...

	129av.vip/gg.js	ScriptElement	4.5 kB	2025-03-20	2025-04-02
Pretty URL 129av.vip/gg.js IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-20 07:16 Last Seen2025-04-02 06:07 Times Seen3 Hash 94696668d7e561769fb0f1e0b43c8f7c f47b2e08a3f8818080f822bafe62acd5c942795d 260a3bd5139213a5c0aa65d137e7db0ed0867ce9f3d51bc0da6ee8fe15471e61 Loading...

	129av.vip/vodplay/700193-1-1.html	Function	31 B	2023-04-13	2025-05-24
Pretty URL 129av.vip/vodplay/700193-1-1.html IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 01:26 Last Seen2025-05-24 14:29 Times Seen538 Hash 6fec23fbedccec20c673f35ed1fbe640 acaeb77fe0ad039f68deb3d4ad58b494e824d64d b22c44bbddb885e610f7e23f75bb71bd652b2df26a7d5af9ef6385bc67b3aefc Loading...

	129av.vip/static/js/player.js?t=a20250320	ScriptElement	10 kB	2023-03-07	2025-05-24
Pretty URL 129av.vip/static/js/player.js?t=a20250320 IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15 Last Seen2025-05-24 22:54 Times Seen176 Hash 80b15ba362c83a5ba2bd23043217f209 1aae0b3051ae26847ed452b8d05fcaf0104374e4 c3263e523ecbc44c7ca091551c4860c75cad83307b3afa01a3998251d161835d Loading...

	129av.vip/MDassets/js/system.js	ScriptElement	3.6 kB	2023-03-07	2025-05-24
Pretty URL 129av.vip/MDassets/js/system.js IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19 Last Seen2025-05-24 22:54 Times Seen48 Hash c5af66f100569af761abe4b72ce37a3c 1be49c95b01f716a300d14f67d1771e68211b23a 34febf77818ba7b9703beaad41f1201d2ef8cc3ee0717668443c2052dbce4129 Loading...

	129av.vip/static/js/jquery.js	ScriptElement	93 kB	2023-03-07	2025-05-25
Pretty URL 129av.vip/static/js/jquery.js IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-25 04:30 Times Seen14692 Hash 397754ba49e9e0cf4e7c190da78dda05 ae49e56999d82802727455f0ba83b63acd90a22b c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4 Loading...

	129av.vip/vodplay/700193-1-1.html	Eval	4.4 kB	2025-03-20	2025-05-24
Pretty URL 129av.vip/vodplay/700193-1-1.html IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2025-03-20 07:16 Last Seen2025-05-24 22:54 Times Seen63 Hash 641339e991d69afbb3e5f0b4254b32cf d51ca43fd0cf580bbf73f166ea132e8ad24475eb 63abea5e0c51fcb71825ad142f95e5fe1a7ae4f4fa26239108b49b806c1170aa Loading...

	dcai.wqqdgj.cn:8891/vj4/167001	ScriptElement	17 kB	2025-03-20	2025-03-20
Pretty URL dcai.wqqdgj.cn:8891/vj4/167001 IP 150.242.83.36 ASN #133775 Xiamen Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-20 08:27 Last Seen2025-03-20 08:27 Times Seen1 Hash 571cfd470a4c2db19c793b3e32005814 e431c69aed22aef63b153c3722f530e77771a938 94112140232e5eb78ac5013bd545d79466e438a13db360f7d883a7098afb92a6 Loading...

	129av.vip/MDassets/js/swiper-4.2.2.min.js	ScriptElement	133 kB	2023-03-07	2025-05-24
Pretty URL 129av.vip/MDassets/js/swiper-4.2.2.min.js IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:19 Last Seen2025-05-24 22:54 Times Seen239 Hash e4ac13876fd025fc6dd6856e705d1e2a c0e778fe38bc97357c0b2c4b9c1ce439daa52596 1ddbfaeea8074f1a5f1ef55aae884c05cfdfccb36f3e83d79066d74d10e96eb2 Loading...

	129av.vip/static/js/home.js	ScriptElement	38 kB	2023-03-07	2025-05-24
Pretty URL 129av.vip/static/js/home.js IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-24 19:59 Times Seen1939 Hash 97e311d35a4aa0ba09575a8dc989660b 8166b5f8ba52aa57ab23321a8ddc8d0118f1e590 1a52c16e5a7fc905630d52185ca457108cb0a65a4567cf6157709c1c5eceb311 Loading...

	129av.vip/static/js/playerconfig.js?t=20250320	ScriptElement	2.6 kB	2025-03-20	2025-03-20
Pretty URL 129av.vip/static/js/playerconfig.js?t=20250320 IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-20 07:16 Last Seen2025-03-20 08:27 Times Seen2 Hash 5f16efb4ea967b2f3162a02a3a4b83e7 ad931100577c6a509254a8d2df473674995054a9 7e0285388cb676d62b5a41047bc0d45a7de9f8d62fddeb8ec7d8637aa72e5dcb Loading...

	www.googletagmanager.com/gtag/js?id=G-G30YRQ5F0S	ScriptElement	366 kB	2025-03-20	2025-03-20
Pretty URL www.googletagmanager.com/gtag/js?id=G-G30YRQ5F0S IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-20 08:27 Last Seen2025-03-20 08:27 Times Seen1 Hash 32c49cc9b47a254704a5afec29de3f55 abfd20163242c321cda5762705fc4435f1a53915 8b8cba4e72e9f9aa0eb98b1db3081ba494e830536799d2c8d5595d1fa8e0aeb4 Loading...

	129av.vip/vodplay/700193-1-1.html	Function	1.7 kB	2025-03-20	2025-04-02
Pretty URL 129av.vip/vodplay/700193-1-1.html IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by Function Embedded in HTML false Observations First Seen2025-03-20 07:16 Last Seen2025-04-02 06:07 Times Seen3 Hash bf5e773bf42aa8de0f9153cd580fc22e 3a0e8f61a98a7a80a3149bcc831d88966dc1e978 60024c09e3c0b930de43897db2a271354aeb336d3f1db443096004ca6933ba6a Loading...

	129av.vip/vodplay/700193-1-1.html	Eval	13 B	2023-03-07	2025-05-24
Pretty URL 129av.vip/vodplay/700193-1-1.html IP 172.67.164.174 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2023-03-07 01:15 Last Seen2025-05-24 22:54 Times Seen235 Hash a61459f8b7f3a9607823751249219933 275f5be45112cd8318904aa70d84872477e0ad0e 69b1e2c6a9a9096ae4ae4ad0ae35e0b447116936bee8c4238c0e30610d4b6607 Loading...

		Size	First Seen	Last Seen
	#1 Write - a9e24f3258fecac69fad37a6885b9589	713 B	2023-03-07 01:15	2025-05-24 22:54
Pretty Observations First Seen2023-03-07 01:15 Last Seen2025-05-24 22:54 Times Seen362 Hash a9e24f3258fecac69fad37a6885b9589 f1fb70fea99118dea4cc83a491dc738680d8023f 41b4ec87610c8dca9de8139ec6512242f006f3b75dd0c1cf11e8fafdd6a62865 Loading...

	#2 Write - 3ccd0f3c4d83957136675144dca6e5ea	42 B	2023-03-09 16:51	2025-04-08 05:11
Pretty Observations First Seen2023-03-09 16:51 Last Seen2025-04-08 05:11 Times Seen11 Hash 3ccd0f3c4d83957136675144dca6e5ea 5a80d2932926b27ea6605c3b45cb7142ab84ec69 6c19c58bb47bc7168ee1ff61beabc71bc4ad17cd0726f5585a16e90b1b01910d Loading...

HTTP Transactions (45)

URL IP Response Size

img1.askcdn1.com/20231023/lD1mQZfV/1.jpg

208.64.217.42

200 OK

18 kB

URL GET
img1.askcdn1.com/20231023/lD1mQZfV/1.jpg
IP
208.64.217.42:443
ASN
#6939 HURRICANE

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectaskzybfvideo.com
Fingerprint84:93:AB:DC:EC:49:2B:E3:EF:18:E3:8B:29:A1:C6:DC:42:19:0D:A6
ValiditySun, 18 Aug 2024 22:33:40 GMT - Wed, 17 Sep 2025 22:33:39 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 393x225, components 3
Size
18 kB (17901 bytes)
Hash
507fb719667f49f00abc7476af3b03ec
134071374bb76937d61a8c742fb4fd1c707022b4
d96dffee90dae3d26e8c469b3da570dab4e86086b8fa74f21f0bb8a5d5d44604

HTTP Headers

GET /20231023/lD1mQZfV/1.jpg HTTP/1.1
Host: img1.askcdn1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Mar 2025 08:27:27 GMT
Content-Type: image/jpeg
Content-Length: 17901
Connection: keep-alive
Last-Modified: Wed, 25 Oct 2023 04:44:32 GMT
ETag: "65389d30-45ed"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

gbf.jhmghgf.cn:26579/1122xinshipin/6.json

117.24.14.230

200 OK

274 kB

URL GET
gbf.jhmghgf.cn:26579/1122xinshipin/6.json
IP
117.24.14.230:26579
ASN
#133776 Quanzhou

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerLet's Encrypt
Subjectgbf.jhmghgf.cn
FingerprintBE:71:AA:A7:60:7F:3D:55:D3:73:ED:20:BD:DD:DE:BE:F8:35:B6:A6
ValidityMon, 03 Mar 2025 15:28:14 GMT - Sun, 01 Jun 2025 15:28:13 GMT

File type
ASCII text
Size
274 kB (273926 bytes)
Hash
5688cdd04ce197af21b5139804f21098
e8ca3729fb72ef24731dca8191ec8bfc1fcdf8e3
2cee02553c473fe6a69eed13679d509aa6cf8f8c4091d2143c8cc0d36e71a84e

HTTP Headers

GET /1122xinshipin/6.json HTTP/1.1
Host: gbf.jhmghgf.cn:26579
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://129av.vip
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Mar 2025 08:27:31 GMT
Content-Type: application/json
Content-Length: 273926
Last-Modified: Fri, 22 Nov 2024 08:19:51 GMT
Connection: keep-alive
ETag: "67403ea7-42e06"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,PUT,GET,DELETE
Access-Control-Allow-Headers: version, access-token, user-token, Accept, apiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

dcabg.mtpphb.cn:9896/c.php?s=JnpvbmVpZD0xNjcwMDEmc2l0ZWlkPSZ1aWQ9MTUzMDcmYWRzaWQ9NjA0MjY4NyZwbGFuaWQ9Mzg1MzMmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmxiYi4yMzd3d3cyMncudG9wJTJGa2FrYSUyRmptLmh0bWwmdnRpbWU9MjAyNS0wMy0yMCAxNjoyNzoyOSZpcD05MS45MC40Mi4xNTQ=;67a3126df9805fc184a3f37efefe0dd6;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs7TGludXggeDg2XzY0O2xsdm1waXBlOzs0ODsyNCZrPSZzZT0yJmY9MCZ1PWh0dHBzJTNBJTJGJTJGMTI5YXYudmlwJTJGdm9kcGxheSUyRjcwMDE5My0xLTEuaHRtbCZqPTAmcD01Jm09MiZyZXM9MTI4MHgxMDI0JnQ9JUUzJTgwJTkwJUU3JTg4JUI2JUU1JUE1JUIzJUU0JUI5JUIxJUU0JUJDJUE2JUUzJTgwJTkxJUU1JUE1JUIzJUU1JTg0JUJGJUU1JTg4JTlBJUU2JTk0JUJFJmw9ZW4tVVMmYz0xJmg9MTg4NA==

106.55.219.198

200 OK

0 B

URL POST
dcabg.mtpphb.cn:9896/c.php?s=JnpvbmVpZD0xNjcwMDEmc2l0ZWlkPSZ1aWQ9MTUzMDcmYWRzaWQ9NjA0MjY4NyZwbGFuaWQ9Mzg1MzMmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmxiYi4yMzd3d3cyMncudG9wJTJGa2FrYSUyRmptLmh0bWwmdnRpbWU9MjAyNS0wMy0yMCAxNjoyNzoyOSZpcD05MS45MC40Mi4xNTQ=;67a3126df9805fc184a3f37efefe0dd6;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs7TGludXggeDg2XzY0O2xsdm1waXBlOzs0ODsyNCZrPSZzZT0yJmY9MCZ1PWh0dHBzJTNBJTJGJTJGMTI5YXYudmlwJTJGdm9kcGxheSUyRjcwMDE5My0xLTEuaHRtbCZqPTAmcD01Jm09MiZyZXM9MTI4MHgxMDI0JnQ9JUUzJTgwJTkwJUU3JTg4JUI2JUU1JUE1JUIzJUU0JUI5JUIxJUU0JUJDJUE2JUUzJTgwJTkxJUU1JUE1JUIzJUU1JTg0JUJGJUU1JTg4JTlBJUU2JTk0JUJFJmw9ZW4tVVMmYz0xJmg9MTg4NA==
IP
106.55.219.198:9896
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerUnizeto Technologies S.A.
Subject*.mtpphb.cn
Fingerprint9A:27:EF:14:7C:34:F0:18:56:C0:1A:29:AB:ED:D8:64:34:A5:1C:72
ValiditySat, 08 Feb 2025 14:19:10 GMT - Tue, 10 Mar 2026 14:19:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /c.php?s=JnpvbmVpZD0xNjcwMDEmc2l0ZWlkPSZ1aWQ9MTUzMDcmYWRzaWQ9NjA0MjY4NyZwbGFuaWQ9Mzg1MzMmcGxhbnR5cGU9Y3B2JnVybD1odHRwcyUzQSUyRiUyRmxiYi4yMzd3d3cyMncudG9wJTJGa2FrYSUyRmptLmh0bWwmdnRpbWU9MjAyNS0wMy0yMCAxNjoyNzoyOSZpcD05MS45MC40Mi4xNTQ=;67a3126df9805fc184a3f37efefe0dd6;&srccpv=yes&jm=1&b=0;0&g=0;0&p=cj0meD0xOzs7TGludXggeDg2XzY0O2xsdm1waXBlOzs0ODsyNCZrPSZzZT0yJmY9MCZ1PWh0dHBzJTNBJTJGJTJGMTI5YXYudmlwJTJGdm9kcGxheSUyRjcwMDE5My0xLTEuaHRtbCZqPTAmcD01Jm09MiZyZXM9MTI4MHgxMDI0JnQ9JUUzJTgwJTkwJUU3JTg4JUI2JUU1JUE1JUIzJUU0JUI5JUIxJUU0JUJDJUE2JUUzJTgwJTkxJUU1JUE1JUIzJUU1JTg0JUJGJUU1JTg4JTlBJUU2JTk0JUJFJmw9ZW4tVVMmYz0xJmg9MTg4NA== HTTP/1.1
Host: dcabg.mtpphb.cn:9896
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://129av.vip
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
date: Thu, 20 Mar 2025 08:27:33 GMT
content-type: text/html; charset=UTF-8
alt-svc: h3=":9896"; ma=2592000, h3-29=":9896"; ma=2592000, h3-27=":9896"; ma=2592000, h3-Q050=":9896"; ma=2592000, h3-Q046=":9896"; ma=2592000, h3-Q043=":9896"; ma=2592000, h3-Q039=":9896"; ma=2592000, quic=":9896"; ma=2592000; v="39,43,46"
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS
set-cookie: region=%E6%8C%AA%E5%A8%81%2F%2F%E5%85%B6%E5%AE%83; expires=Tue, 16-Sep-2025 08:27:33 GMT; Max-Age=15552000; path=/; domain=dcabg.mtpphb.cn:9896; secure; HttpOnly; SameSite=None
visitnum=1; expires=Thu, 27-Mar-2025 08:27:33 GMT; Max-Age=604800; path=/; domain=dcabg.mtpphb.cn:9896; secure; HttpOnly; SameSite=None
15307_38533=re; expires=Thu, 20-Mar-2025 13:27:33 GMT; Max-Age=18000; path=/; domain=dcabg.mtpphb.cn:9896; secure; HttpOnly; SameSite=None
do2click_38533=6042687%7C38533%7C15307%7C167001%7C; expires=Thu, 20-Mar-2025 11:27:33 GMT; Max-Age=10800; path=/; domain=dcabg.mtpphb.cn:9896; secure; HttpOnly; SameSite=None
doEffect_38533=6042687%7C38533%7C15307%7C167001%7C; expires=Thu, 27-Mar-2025 08:27:33 GMT; Max-Age=604800; path=/; domain=dcabg.mtpphb.cn:9896; secure; HttpOnly; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

129av.vip/static/js/home.js

172.67.164.174

200 OK

38 kB

URL GET
129av.vip/static/js/home.js
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type

Size
38 kB (38309 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /static/js/home.js HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:27 GMT
content-type: application/javascript
last-modified: Wed, 25 Dec 2024 20:12:39 GMT
vary: Accept-Encoding
etag: W/"676c6737-95a5"
expires: Thu, 20 Mar 2025 20:27:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mAQ4ZvKOayLJdOgu%2BwaUdapr3N%2FDmZxt043M5W9oWaR7lUjmXJ7JRnM%2BqMrs%2BTSjAAqQhLsMs7gCgcv5FBGictwv6ONk7FN8SMv48ghJpGsmUtqeJBgeUda4W%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4925bfafb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22565&min_rtt=20507&rtt_var=3711&sent=75&recv=24&lost=0&retrans=0&sent_bytes=60273&recv_bytes=5206&delivery_rate=867965&cwnd=48000&unsent_bytes=0&cid=7816413800b51258&ts=900&x=1", cfExtPri, cfHdrFlush;dur=0

129av.vip/MDassets/js/theme/default/layer.css?v=3.1.1

172.67.164.174

200 OK

14 kB

URL GET
129av.vip/MDassets/js/theme/default/layer.css?v=3.1.1
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
ASCII text, with very long lines (491), with CRLF line terminators
Size
14 kB (14507 bytes)
Hash
4a9ebafa9785f2bb60ff45ba1719786a
55a868c9a7f3c97e2c5e36e84823f1bbeda588d2
28b8cfd699ab02306d9dbfa840cb8cd300c1824485bbc059b4595a9f1cbce355

HTTP Headers

GET /MDassets/js/theme/default/layer.css?v=3.1.1 HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:27 GMT
content-type: text/css
last-modified: Wed, 25 Dec 2024 20:14:37 GMT
vary: Accept-Encoding
etag: W/"676c67ad-38ab"
expires: Thu, 20 Mar 2025 20:27:27 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ca44d8fhHpx1IueQV6eaeDY3kqYe4uv%2FhFJqnPUzGU72I3Wx9AdfsWCvVRmmIq0kmgI61LLTJtMUFS8b6E3ZbZTonUaeI2%2BOYlivoyfSBG2pFm%2BXLyqgYAWAN5Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4978cf2fb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21608&min_rtt=19970&rtt_var=1950&sent=213&recv=32&lost=0&retrans=0&sent_bytes=219587&recv_bytes=6045&delivery_rate=2678904&cwnd=85200&unsent_bytes=0&cid=7816413800b51258&ts=1558&x=1", cfExtPri, cfHdrFlush;dur=0

img.lytuchuang57.com/upload/vod/20220318-1/cf7090d25120a32121da536fa736dbbd.jpg

0.0.0.0

0 B

URL GET
img.lytuchuang57.com/upload/vod/20220318-1/cf7090d25120a32121da536fa736dbbd.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://129av.vip/vodplay/700193-1-1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20220318-1/cf7090d25120a32121da536fa736dbbd.jpg HTTP/1.1
Host: img.lytuchuang57.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

assd.hkewhqoao.cn:9896/effect.php?type=ecv&planid=38533&adsid=6042687&zoneid=167001&uid=15307&adtplid=19&plantype=cpv

150.242.83.36

200 OK

0 B

URL POST
assd.hkewhqoao.cn:9896/effect.php?type=ecv&planid=38533&adsid=6042687&zoneid=167001&uid=15307&adtplid=19&plantype=cpv
IP
150.242.83.36:9896
ASN
#133775 Xiamen

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerTrustAsia Technologies, Inc.
Subject*.hkewhqoao.cn
Fingerprint4C:45:01:26:80:94:F0:80:C3:BF:5E:55:08:34:BE:8E:93:01:C7:36
ValidityTue, 24 Dec 2024 00:00:00 GMT - Mon, 24 Mar 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /effect.php?type=ecv&planid=38533&adsid=6042687&zoneid=167001&uid=15307&adtplid=19&plantype=cpv HTTP/1.1
Host: assd.hkewhqoao.cn:9896
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://129av.vip
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/1.1 200 OK
Server: openresty
Date: Thu, 20 Mar 2025 08:27:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

129av.vip/MDassets/js/layer.js

172.67.164.174

200 OK

22 kB

URL GET
129av.vip/MDassets/js/layer.js
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type

Size
22 kB (22116 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MDassets/js/layer.js HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: application/javascript
last-modified: Wed, 25 Dec 2024 20:14:34 GMT
vary: Accept-Encoding
etag: W/"676c67aa-5664"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhKbX19Gl7GPJKjx37QxOZn5PuNLf2rXJ1Dg7LiaQcSz31xc1s3RECiLbYb0SzNdxtfXPacaQfPPhAYzIiKUWWQ9FPLqxMwP99lzvrVOpIXJ%2BoyTBIgdF7DT23s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4925bf9fb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22782&min_rtt=20507&rtt_var=9315&sent=28&recv=20&lost=0&retrans=0&sent_bytes=9663&recv_bytes=5026&delivery_rate=31306&cwnd=12000&unsent_bytes=0&cid=7816413800b51258&ts=703&x=1", cfExtPri, cfHdrFlush;dur=0

129av.vip/MDassets/js/system.js

172.67.164.174

200 OK

3.6 kB

URL GET
129av.vip/MDassets/js/system.js
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (3835), with no line terminators
Size
3.6 kB (3565 bytes)
Hash
ea9710d24d7abfa38b0d46e547852edf
92acb4508adaf515a94f2cd70b496cc0ec746679
68baaefc15e77e547cd48348776536f18f95740733fc0b0def861a2984fac5e8

HTTP Headers

GET /MDassets/js/system.js HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: application/javascript
last-modified: Wed, 25 Dec 2024 20:14:36 GMT
vary: Accept-Encoding
etag: W/"676c67ac-ded"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hxaxvItmSUzD3QzJmjZp0Vfwkv0SPVRMY3DZPlBdnmzk5KbD8CaZVkxc1N68MvMHtqjRmtd0GKNBPQUhl8jh%2FycLAolNAx6Mdqjz1BW6pvhNnp4a7I%2F4Hg4DTIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4929c64fb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22935&min_rtt=20507&rtt_var=5469&sent=73&recv=22&lost=0&retrans=0&sent_bytes=58320&recv_bytes=5114&delivery_rate=933048&cwnd=48000&unsent_bytes=0&cid=7816413800b51258&ts=762&x=1", cfExtPri, cfHdrFlush;dur=0

img.lytuchuang56.com/upload/vod/20230120-1/2096e08b84b1422fb810400b899567a1.jpg

0.0.0.0

0 B

URL GET
img.lytuchuang56.com/upload/vod/20230120-1/2096e08b84b1422fb810400b899567a1.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://129av.vip/vodplay/700193-1-1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20230120-1/2096e08b84b1422fb810400b899567a1.jpg HTTP/1.1
Host: img.lytuchuang56.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

uqetyzxa.com/20221002/sAG3hfno/1.jpg

64.112.78.42

200 OK

7.1 kB

URL GET
uqetyzxa.com/20221002/sAG3hfno/1.jpg
IP
64.112.78.42:443
ASN
#6939 HURRICANE

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectuqetyzxa.com
FingerprintE5:84:49:26:19:34:0F:60:FB:7B:C7:34:7C:74:DB:73:FF:1D:9B:FB
ValidityWed, 18 Sep 2024 00:27:40 GMT - Sat, 18 Oct 2025 00:27:39 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1708x2277, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 240x320, components 3
Size
7.1 kB (7050 bytes)
Hash
8a050741b67aea332c6dd6c938619335
e9f0db15144f7a421fa8997faf6531629c0492be
476e2a414d077d1a301db4dcc0fab936885348a00d99c50c6f912291658834ed

HTTP Headers

GET /20221002/sAG3hfno/1.jpg HTTP/1.1
Host: uqetyzxa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Mar 2025 08:27:27 GMT
Content-Type: image/jpeg
Content-Length: 7050
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 19:57:55 GMT
ETag: "6339ed43-1b8a"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes

img.lytuchuang56.com/upload/vod/20230511-1/65d4b6f7f67f576a950fb301da471ba8.jpg

0.0.0.0

0 B

URL GET
img.lytuchuang56.com/upload/vod/20230511-1/65d4b6f7f67f576a950fb301da471ba8.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://129av.vip/vodplay/700193-1-1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20230511-1/65d4b6f7f67f576a950fb301da471ba8.jpg HTTP/1.1
Host: img.lytuchuang56.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

dcai.wqqdgj.cn:8891/vj4/167001

150.242.83.36

200 OK

17 kB

URL GET
dcai.wqqdgj.cn:8891/vj4/167001
IP
150.242.83.36:8891
ASN
#133775 Xiamen

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerLet's Encrypt
Subject*.wqqdgj.cn
Fingerprint8C:19:6F:56:96:45:70:84:1B:19:B9:49:45:5C:8D:87:8F:A1:62:7D
ValidityWed, 19 Mar 2025 05:43:25 GMT - Tue, 17 Jun 2025 05:43:24 GMT

File type
JavaScript source, ASCII text, with very long lines (911)
Size
17 kB (16737 bytes)
Hash
571cfd470a4c2db19c793b3e32005814
e431c69aed22aef63b153c3722f530e77771a938
94112140232e5eb78ac5013bd545d79466e438a13db360f7d883a7098afb92a6

HTTP Headers

GET /vj4/167001 HTTP/1.1
Host: dcai.wqqdgj.cn:8891
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: openresty
Date: Thu, 20 Mar 2025 08:27:29 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":8891"; ma=2592000, h3-29=":8891"; ma=2592000, h3-27=":8891"; ma=2592000, h3-Q050=":8891"; ma=2592000, h3-Q046=":8891"; ma=2592000, h3-Q043=":8891"; ma=2592000, h3-Q039=":8891"; ma=2592000, quic=":8891"; ma=2592000; v="39,43,46"
Vary: Accept-Encoding
Cache-Control: no-cache
Pragma: no-cache
Expires: 0
Content-Encoding: gzip

129av.vip/static/js/jquery.js

172.67.164.174

200 OK

93 kB

URL GET
129av.vip/static/js/jquery.js
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
JavaScript source, ASCII text, with very long lines (32089)
Size
93 kB (92629 bytes)
Hash
397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

HTTP Headers

GET /static/js/jquery.js HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:27 GMT
content-type: application/javascript
last-modified: Wed, 25 Dec 2024 20:12:42 GMT
vary: Accept-Encoding
etag: W/"676c673a-169d5"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOspc%2B1GGIPgnQbQpjOpMbaupqVXFmA7Y%2F0M8ybGRpI%2BgP9FUoqLPYxneDEp9lbI7pMXDppridCSF1Sop9SEIJeX6ik0PGnsewmCcR%2B6oyyzF9%2BwOifXzEhc6O0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4925bf4fb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22308&min_rtt=20506&rtt_var=3298&sent=85&recv=25&lost=0&retrans=0&sent_bytes=71683&recv_bytes=5251&delivery_rate=556396&cwnd=48000&unsent_bytes=0&cid=7816413800b51258&ts=925&x=1", cfExtPri, cfHdrFlush;dur=0

sbzytpimg1.com:3519/upload/vod/20240610-1/0fc09455660114204a162d58851ab8d4.jpg

173.249.235.41

200 OK

95 kB

URL GET
sbzytpimg1.com:3519/upload/vod/20240610-1/0fc09455660114204a162d58851ab8d4.jpg
IP
173.249.235.41:3519
ASN
#11878 TZULO

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT

File type
PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Size
95 kB (95106 bytes)
Hash
775146e1bef7e919448d718b66d8f760
b7f1596c98f15507b31fed83afce34efba97d3c3
161d4dbed321454a4ca010c9da74570beffe8bfaf79e11cab65cab6fdcd3f7fa

HTTP Headers

GET /upload/vod/20240610-1/0fc09455660114204a162d58851ab8d4.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 20 Mar 2025 08:27:27 GMT
content-type: image/jpeg
content-length: 95106
last-modified: Mon, 10 Jun 2024 04:24:31 GMT
vary: Accept-Encoding
etag: "66667fff-17382"
expires: Tue, 01 Apr 2025 12:35:12 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

www.155pic.com/upload/vod/2022/09/3ekz3gdka51.jpg

104.21.48.1

200 OK

8.6 kB

URL GET
www.155pic.com/upload/vod/2022/09/3ekz3gdka51.jpg
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject155pic.com
Fingerprint97:F4:41:9E:B5:89:07:CC:2A:C5:22:06:31:AF:B5:F4:21:41:91:01
ValidityMon, 24 Feb 2025 22:06:37 GMT - Sun, 25 May 2025 23:05:09 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 37x24, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3
Size
8.6 kB (8625 bytes)
Hash
df769b13c783485d69f3161a348f0687
5e50e04801140ef72d0b8dea60d2883f82840824
a461a9567d500b43db967eafb122e8bfc08f5977698819037f2483cd1e5461ed

HTTP Headers

GET /upload/vod/2022/09/3ekz3gdka51.jpg HTTP/1.1
Host: www.155pic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: image/jpeg
cache-control: max-age=31536000
cf-bgj: h2pri
etag: W/"66dfee04-21b1"
expires: Sat, 19 Apr 2025 02:47:13 GMT
last-modified: Tue, 10 Sep 2024 06:58:12 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 20235
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4lqq7aq1FviuNQ7kN0fs%2BVXGRGvsLLHLCY4Ab%2FJiehTAT2xzu3jd7Mt2yGVdzXy0RZG%2BeRA3g2WgsjHB0o5gidvcJ7UoqO3ynk1JAyhiZRvBtT5ihX04IM9tXJH9JGq8YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4930833f5e7-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=25157&min_rtt=25060&rtt_var=5384&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3270&recv_bytes=1191&delivery_rate=173288&cwnd=191&unsent_bytes=0&cid=c4071d9e58c45efd&ts=57&x=0"
X-Firefox-Spdy: h2

129av.vip/vodplay/700193-1-1.html

172.67.164.174

200 OK

25 kB

URL User Request GET
129av.vip/vodplay/700193-1-1.html
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type

Size
25 kB (25427 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /vodplay/700193-1-1.html HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=650%2B7nm0Bm%2BeHosab8ipL5Q6NMcfn4SpdQIspO8sqCLu5m0orseJztcPexglFkNZ7SQ8TPBGkJ1g9ezPVNBq8T8WkUzmW%2FrE9DHaJ74yLeQGpEVMzuipGSd9GQI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d48d8ce0f5b5-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=24584&min_rtt=19474&rtt_var=12479&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3191&recv_bytes=1138&delivery_rate=222700&cwnd=182&unsent_bytes=0&cid=42415e7bc4713d0f&ts=546&x=0"
X-Firefox-Spdy: h2

129av.vip/MDassets/js/swiper-4.2.2.min.js

172.67.164.174

200 OK

133 kB

URL GET
129av.vip/MDassets/js/swiper-4.2.2.min.js
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65279)
Size
133 kB (133050 bytes)
Hash
e4ac13876fd025fc6dd6856e705d1e2a
c0e778fe38bc97357c0b2c4b9c1ce439daa52596
1ddbfaeea8074f1a5f1ef55aae884c05cfdfccb36f3e83d79066d74d10e96eb2

HTTP Headers

GET /MDassets/js/swiper-4.2.2.min.js HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:27 GMT
content-type: application/javascript
last-modified: Wed, 25 Dec 2024 20:14:35 GMT
vary: Accept-Encoding
etag: W/"676c67ab-207ba"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KLMq%2B%2FkrGz0%2BnqTFBRMK4nIkCGbQSodX9JljfBQpLZ1PNkvK0EeKzk%2FZf1QTmB5EQB8mSPhQ3rhFkrUA%2FahXsLsUy2%2BTsUHcBWI%2Bh9d6c059m5Fidskbl2t0CMg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4924becfb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22308&min_rtt=20506&rtt_var=3298&sent=117&recv=25&lost=0&retrans=0&sent_bytes=110024&recv_bytes=5251&delivery_rate=556396&cwnd=48000&unsent_bytes=0&cid=7816413800b51258&ts=942&x=1", cfExtPri, cfHdrFlush;dur=0

129av.vip/static/player/.js

172.67.164.174

404 Not Found

2.1 kB

URL GET
129av.vip/static/player/.js
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2217), with no line terminators
Size
2.1 kB (2129 bytes)
Hash
e736a002a7166f058bab69a960fcde7b
a969d9d3393f6314ce42fba1b4524f214f403bd6
0d1937f3225ce3c9d8c4b71bb3e81f43d54113dcbd2e66e27594bed6e25187d5

HTTP Headers

GET /static/player/.js HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 20 Mar 2025 08:27:27 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbSwoKHC8%2BzLZbla3T2CCbVvzRuLsh1%2FI51UCPzGDYyOS%2FuYAmGuc0G6rqLCNibdsP0g721NoRwasZndkdg8V9wCNTFC6L8xxrgG1fn8BrzDSMGPS9%2F9cQrGUlw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4980dd1fb7f-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21403&min_rtt=19970&rtt_var=1871&sent=217&recv=33&lost=0&retrans=0&sent_bytes=223720&recv_bytes=6090&delivery_rate=8225&cwnd=85200&unsent_bytes=0&cid=7816413800b51258&ts=1615&x=1", cfExtPri, cfHdrFlush;dur=0

img1.askcdn1.com/20231006/hbEDFfLr/1.jpg

208.64.217.42

200 OK

319 kB

URL GET
img1.askcdn1.com/20231006/hbEDFfLr/1.jpg
IP
208.64.217.42:443
ASN
#6939 HURRICANE

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectaskzybfvideo.com
Fingerprint84:93:AB:DC:EC:49:2B:E3:EF:18:E3:8B:29:A1:C6:DC:42:19:0D:A6
ValiditySun, 18 Aug 2024 22:33:40 GMT - Wed, 17 Sep 2025 22:33:39 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=14, height=2880, bps=182, compression=none, PhotometricInterpretation=CMYK, orientation=upper-left, width=4113], baseline, precision 8, 800x538, components 3
Size
319 kB (319175 bytes)
Hash
6c0b61059833556a5ef88eeac20f10d0
b6224b857018946b50d6585ca308c07b57860db1
ece7689494438876d4a0eb4d6f937b94da7b8df8d29220c6557dae087e2d8f51

HTTP Headers

GET /20231006/hbEDFfLr/1.jpg HTTP/1.1
Host: img1.askcdn1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Mar 2025 08:27:27 GMT
Content-Type: image/jpeg
Content-Length: 319175
Connection: keep-alive
Last-Modified: Fri, 06 Oct 2023 23:50:34 GMT
ETag: "65209d4a-4dec7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: EXPIRED
Accept-Ranges: bytes

img.hgimg01.com/upload/vod/20240128-1/567d70f043f1d5f07207688d507c5d2d.jpg

208.69.102.171

200 OK

75 kB

URL GET
img.hgimg01.com/upload/vod/20240128-1/567d70f043f1d5f07207688d507c5d2d.jpg
IP
208.69.102.171:443
ASN
#0

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerUnizeto Technologies S.A.
Subjectimg.hgimg01.com
FingerprintDD:EC:3C:8B:06:9D:88:A7:AB:58:4C:24:A2:7E:C9:92:18:1C:B0:72
ValidityWed, 01 May 2024 09:35:10 GMT - Sat, 31 May 2025 09:35:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 946x525, components 3
Size
75 kB (75363 bytes)
Hash
9c7fad87bd27bda42086abc1577f64d9
9cd2233202eb918f2dc8e32f1d181c12e4f7553e
037851b1da8f81305fe2b33c2d54c32f40ef7a0a8d6489e40c55ba4f28760e16

HTTP Headers

GET /upload/vod/20240128-1/567d70f043f1d5f07207688d507c5d2d.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 20 Mar 2025 08:27:27 GMT
content-type: image/jpeg
content-length: 75363
last-modified: Sun, 28 Jan 2024 13:32:10 GMT
etag: "65b6575a-12663"
expires: Mon, 07 Apr 2025 20:25:39 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

feimian.slsltutu.com/upload/vod/20230525-1/8a95e99b6c619cdd7364daae12476e0d.jpg

156.238.196.42

404 Not Found

0 B

URL GET
feimian.slsltutu.com/upload/vod/20230525-1/8a95e99b6c619cdd7364daae12476e0d.jpg
IP
156.238.196.42:443
ASN
#50183 CenturyNetworks Ltd

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerLet's Encrypt
Subjectpic.lbtp88.com
Fingerprint0D:76:72:54:60:54:8C:41:1F:A6:5E:36:BF:72:AD:14:A2:C6:3D:F1
ValidityWed, 01 Jan 2025 15:52:48 GMT - Tue, 01 Apr 2025 15:52:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /upload/vod/20230525-1/8a95e99b6c619cdd7364daae12476e0d.jpg HTTP/1.1
Host: feimian.slsltutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html
date: Thu, 20 Mar 2025 08:24:28 GMT
etag: "66bb42e4-3"
server: openresty
x-cache: BYPASS, Status: 404
content-length: 3
X-Firefox-Spdy: h2

129av.vip/static/js/playerconfig.js?t=20250320

172.67.164.174

200 OK

2.6 kB

URL GET
129av.vip/static/js/playerconfig.js?t=20250320
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
Unicode text, UTF-8 text, with very long lines (3174), with no line terminators
Size
2.6 kB (2565 bytes)
Hash
0b194cdc148499a7bbf93becdd821068
3fb63ccf3502e120c96bc8fc1a04a9bce35b84df
9916a1bdef360db80e587ad42bb54d3a74074f4c68488e94e7045647aea6e428

HTTP Headers

GET /static/js/playerconfig.js?t=20250320 HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: application/javascript
last-modified: Wed, 25 Dec 2024 20:12:45 GMT
vary: Accept-Encoding
etag: W/"676c673d-a05"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rnXLFKwgf2ZEtCU0Y1ZBUkEf%2Fhy0nQ1A7VTAFiN2nK17XKmzabmzUjhwOgV32%2FjOlMrM6VLw4DMLtc%2F3pKnA9p6ZTFSK6oB2qGZN4l4TaJ%2BnSeyETxyRP4kohcs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4925c00fb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22782&min_rtt=20507&rtt_var=9315&sent=34&recv=20&lost=0&retrans=0&sent_bytes=16392&recv_bytes=5026&delivery_rate=31306&cwnd=12000&unsent_bytes=0&cid=7816413800b51258&ts=728&x=1", cfExtPri, cfHdrFlush;dur=0

129av.vip/static/js/player.js?t=a20250320

172.67.164.174

200 OK

10 kB

URL GET
129av.vip/static/js/player.js?t=a20250320
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
ASCII text, with very long lines (7521), with CRLF line terminators
Size
10 kB (10311 bytes)
Hash
80b15ba362c83a5ba2bd23043217f209
1aae0b3051ae26847ed452b8d05fcaf0104374e4
c3263e523ecbc44c7ca091551c4860c75cad83307b3afa01a3998251d161835d

HTTP Headers

GET /static/js/player.js?t=a20250320 HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: application/javascript
server: cloudflare
last-modified: Wed, 25 Dec 2024 20:12:45 GMT
vary: Accept-Encoding
etag: W/"676c673d-2847"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
cf-ray: 9233d4925c01fb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

129av.vip/MDassets/css/swiper-4.2.2.min.css

172.67.164.174

200 OK

14 kB

URL GET
129av.vip/MDassets/css/swiper-4.2.2.min.css
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
ASCII text, with very long lines (13323)
Size
14 kB (13580 bytes)
Hash
c50096cb460cb338b99499b296cc690f
6f28e60b717cc7e864d1ca13967602d680cfbe67
7baacd50934f772081460b1222aa7876a57573b4aebf463661a2f8b882445f31

HTTP Headers

GET /MDassets/css/swiper-4.2.2.min.css HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: text/css
last-modified: Wed, 25 Dec 2024 20:14:49 GMT
vary: Accept-Encoding
etag: W/"676c67b9-350c"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mgc74Zdxs0Oo64Ba5CdM4CVTqRz03xqEkEqJM8GlsPW3DOPsfa0kjzM71WFIVxAc%2F%2B09nuIyGtPMFmo3%2FqQ84q7lvCtW409xvIZw7lRsLtfBHsMm3TL8ENfZIk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4924be0fb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22782&min_rtt=20507&rtt_var=9315&sent=23&recv=20&lost=0&retrans=0&sent_bytes=4392&recv_bytes=5026&delivery_rate=31306&cwnd=12000&unsent_bytes=0&cid=7816413800b51258&ts=703&x=1", cfExtPri, cfHdrFlush;dur=0

bf2.semaobf1.com/video/0651fd8d47ab54fc/index.jpg

0.0.0.0

0 B

URL GET
bf2.semaobf1.com/video/0651fd8d47ab54fc/index.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://129av.vip/vodplay/700193-1-1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /video/0651fd8d47ab54fc/index.jpg HTTP/1.1
Host: bf2.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

feimian.slsltutu.com/upload/vod/20230525-1/8a95e99b6c619cdd7364daae12476e0d.jpg

156.238.196.42

404 Not Found

0 B

URL GET
feimian.slsltutu.com/upload/vod/20230525-1/8a95e99b6c619cdd7364daae12476e0d.jpg
IP
156.238.196.42:443
ASN
#50183 CenturyNetworks Ltd

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerLet's Encrypt
Subjectpic.lbtp88.com
Fingerprint0D:76:72:54:60:54:8C:41:1F:A6:5E:36:BF:72:AD:14:A2:C6:3D:F1
ValidityWed, 01 Jan 2025 15:52:48 GMT - Tue, 01 Apr 2025 15:52:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /upload/vod/20230525-1/8a95e99b6c619cdd7364daae12476e0d.jpg HTTP/1.1
Host: feimian.slsltutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-type: text/html
date: Thu, 20 Mar 2025 08:24:29 GMT
etag: "66bb42e4-3"
server: openresty
x-cache: BYPASS, Status: 404
content-length: 3
X-Firefox-Spdy: h2

img.lytuchuang57.com/upload/vod/20220316-1/babbb70760ad75c1aa186d6186abf9cf.jpg

0.0.0.0

0 B

URL GET
img.lytuchuang57.com/upload/vod/20220316-1/babbb70760ad75c1aa186d6186abf9cf.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://129av.vip/vodplay/700193-1-1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20220316-1/babbb70760ad75c1aa186d6186abf9cf.jpg HTTP/1.1
Host: img.lytuchuang57.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

img.lytuchuang56.com/upload/vod/20230511-1/65d4b6f7f67f576a950fb301da471ba8.jpg

0.0.0.0

0 B

URL GET
img.lytuchuang56.com/upload/vod/20230511-1/65d4b6f7f67f576a950fb301da471ba8.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://129av.vip/vodplay/700193-1-1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20230511-1/65d4b6f7f67f576a950fb301da471ba8.jpg HTTP/1.1
Host: img.lytuchuang56.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

129av.vip/MDassets/images/logo.png

172.67.164.174

200 OK

4.1 kB

URL GET
129av.vip/MDassets/images/logo.png
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
PNG image data, 269 x 77, 8-bit/color RGBA, non-interlaced
Size
4.1 kB (4127 bytes)
Hash
fe4dfc1f48e4ada9217dcc31a4ab0eca
041eaef0833b8db0a38908d6cd7cbc4eed8ddf40
c560ffc352ef78865580ed6c222a28735504d17777db6ac908d49ce49405ab43

HTTP Headers

GET /MDassets/images/logo.png HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: image/png
content-length: 4127
server: cloudflare
last-modified: Wed, 25 Dec 2024 20:14:44 GMT
etag: "676c67b4-101f"
expires: Sat, 19 Apr 2025 08:27:26 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-cache-status: MISS
priority: u=4,i=?0
cf-ray: 9233d4925bfefb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

img.lytuchuang57.com/upload/vod/20220316-1/babbb70760ad75c1aa186d6186abf9cf.jpg

0.0.0.0

0 B

URL GET
img.lytuchuang57.com/upload/vod/20220316-1/babbb70760ad75c1aa186d6186abf9cf.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://129av.vip/vodplay/700193-1-1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20220316-1/babbb70760ad75c1aa186d6186abf9cf.jpg HTTP/1.1
Host: img.lytuchuang57.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

bf2.semaobf1.com/video/0651fd8d47ab54fc/index.jpg

0.0.0.0

0 B

URL GET
bf2.semaobf1.com/video/0651fd8d47ab54fc/index.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://129av.vip/vodplay/700193-1-1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /video/0651fd8d47ab54fc/index.jpg HTTP/1.1
Host: bf2.semaobf1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

129av.vip/MDassets/css/main.min.css

172.67.164.174

200 OK

26 kB

URL GET
129av.vip/MDassets/css/main.min.css
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type

Size
26 kB (26165 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MDassets/css/main.min.css HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: text/css
last-modified: Wed, 25 Dec 2024 20:14:48 GMT
vary: Accept-Encoding
etag: W/"676c67b8-6635"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B6uXgqC2uq92iQOZy7BcYgy6bevhiamCeqFvp4UldOKo9pg3S5d14EJwTfgWtCrahuhQXZpKWsTJFKMLMK4lj2tnJca0R5Z6BNox5NKlv0VAwgWTQG572QcOkqc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4924be3fb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22933&min_rtt=20507&rtt_var=7288&sent=56&recv=21&lost=0&retrans=0&sent_bytes=40392&recv_bytes=5070&delivery_rate=17928&cwnd=24000&unsent_bytes=0&cid=7816413800b51258&ts=751&x=1", cfExtPri, cfHdrFlush;dur=3

129av.vip/MDassets/css/ytuser.css

172.67.164.174

200 OK

814 B

URL GET
129av.vip/MDassets/css/ytuser.css
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
ASCII text, with very long lines (824), with no line terminators
Size
814 B (814 bytes)
Hash
cccb9b88da3024b14d249b29a2df43e0
712fa8bf1787b20c7b42c5e788e11879e5e43a9b
87db0d4c9dbfc22daf947e8a6201e08b811abe464f7100eb842f131461535844

HTTP Headers

GET /MDassets/css/ytuser.css HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: text/css
last-modified: Wed, 25 Dec 2024 20:14:49 GMT
etag: W/"676c67b9-32e"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gRUmwU4lMKAje9ByITPAFZY6ahZrJsVqeu%2B1hc8exBxyDCDyu3s6t9gwyQAXqnXBHtWgJDE1Vgp1q1awEoX43MlH8MOsMkyBThe6Ckd40vg043Ld6iX4zChuhf0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9233d4924be7fb7f-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22782&min_rtt=20507&rtt_var=9315&sent=34&recv=20&lost=0&retrans=0&sent_bytes=16392&recv_bytes=5026&delivery_rate=31306&cwnd=12000&unsent_bytes=0&cid=7816413800b51258&ts=707&x=1", cfExtPri, cfHdrFlush;dur=21

129av.vip/favicon.ico

172.67.164.174

200 OK

1.7 kB

URL GET
129av.vip/favicon.ico
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 32x32, components 3
Size
1.7 kB (1693 bytes)
Hash
7e8be161c18b010ab059108e7392146e
9056439c61e663ff77e2e64a79e579b24a8c4361
07b2b5f1f5648bb72a35f10a722261e060c20c1c875137e76391305841b3d927

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Cookie: _ga_G30YRQ5F0S=GS1.1.1742459247.1.0.1742459247.0.0.0; _ga=GA1.1.477322898.1742459248; _ga_RTN9B9T9SW=GS1.1.1742459247.1.0.1742459247.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:28 GMT
content-type: image/x-icon
last-modified: Tue, 09 Nov 2021 15:34:40 GMT
etag: W/"618a9510-69d"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: REVALIDATED
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q6UbfhmLfVGEk68IMW7t4Sz75ibi%2BYN3uu4ny%2F%2BTxH7T2BV4AOz7dsLeYK4xjfP25SQCEYzL138x%2B9GarHQvofx9N%2BLYCkWxecH%2FRM1xBNTjFZXpv75Z%2FW2Vnr0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9233d49e5904fb7f-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21128&min_rtt=19970&rtt_var=1179&sent=223&recv=38&lost=0&retrans=0&sent_bytes=226091&recv_bytes=7068&delivery_rate=1337&cwnd=85200&unsent_bytes=0&cid=7816413800b51258&ts=2637&x=1", cfExtPri, cfHdrFlush;dur=0

gbf.jhmghgf.cn:26579/mnrt/kmrr1.json

117.24.14.230

200 OK

3.0 kB

URL GET
gbf.jhmghgf.cn:26579/mnrt/kmrr1.json
IP
117.24.14.230:26579
ASN
#133776 Quanzhou

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerLet's Encrypt
Subjectgbf.jhmghgf.cn
FingerprintBE:71:AA:A7:60:7F:3D:55:D3:73:ED:20:BD:DD:DE:BE:F8:35:B6:A6
ValidityMon, 03 Mar 2025 15:28:14 GMT - Sun, 01 Jun 2025 15:28:13 GMT

File type
ASCII text, with very long lines (2977), with no line terminators
Size
3.0 kB (2977 bytes)
Hash
6cdce77255b40bbeef021e2371c0921d
8df852e5fe7b4ef1b3df8170ecfd99ec37670b0a
a9ea6994184a694ea7e1b4f670632ed25bd6c2fbe87e13e6320143c011a1092a

HTTP Headers

GET /mnrt/kmrr1.json HTTP/1.1
Host: gbf.jhmghgf.cn:26579
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://129av.vip
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 20 Mar 2025 08:27:31 GMT
Content-Type: application/json
Content-Length: 2977
Last-Modified: Mon, 07 Aug 2023 06:20:41 GMT
Connection: keep-alive
ETag: "64d08d39-ba1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,PUT,GET,DELETE
Access-Control-Allow-Headers: version, access-token, user-token, Accept, apiAuth, User-Agent, Keep-Alive, Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

img.lytuchuang57.com/upload/vod/20220318-1/cf7090d25120a32121da536fa736dbbd.jpg

0.0.0.0

0 B

URL GET
img.lytuchuang57.com/upload/vod/20220318-1/cf7090d25120a32121da536fa736dbbd.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://129av.vip/vodplay/700193-1-1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20220318-1/cf7090d25120a32121da536fa736dbbd.jpg HTTP/1.1
Host: img.lytuchuang57.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

129av.vip/gg.js

172.67.164.174

200 OK

4.5 kB

URL GET
129av.vip/gg.js
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
JavaScript source, ASCII text, with very long lines (4812), with no line terminators
Size
4.5 kB (4455 bytes)
Hash
4c8e1fd1d5421174a8ba31c36a7067af
0af42ecace0286021f80cf6eab9bed49e9d12963
6cc17090b13951e983329cc68a37b4fb4ebc78c014b9c377e36840c749c3f207

HTTP Headers

GET /gg.js HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: application/javascript
last-modified: Wed, 19 Mar 2025 09:04:19 GMT
vary: Accept-Encoding
etag: W/"67da8893-1167"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7mt9KVhV%2BT36DH3%2BrVn9Ov1FTMspBgtO1Tq9y7XXOq6Wi2skYGyrmrfEHs8JQtToj9dkvuJBhgw%2FovszH8KO%2FFd3pxvf22WALyy8DFN5bzpkQ7YVuurZAeuDV6A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4929c62fb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22933&min_rtt=20507&rtt_var=7288&sent=56&recv=21&lost=0&retrans=0&sent_bytes=40392&recv_bytes=5070&delivery_rate=17928&cwnd=24000&unsent_bytes=0&cid=7816413800b51258&ts=754&x=1", cfExtPri, cfHdrFlush;dur=0

qsc.vxcewh.cn:7891/stats/15307/167001?ukey=04e566c6b79a6be0b269ec8f75480e1e&host=129av.vip

134.175.212.157

200 OK

0 B

URL POST
qsc.vxcewh.cn:7891/stats/15307/167001?ukey=04e566c6b79a6be0b269ec8f75480e1e&host=129av.vip
IP
134.175.212.157:7891
ASN
#45090 Shenzhen Tencent Computer Systems Company Limited

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectqsc.vxcewh.cn
FingerprintA8:BE:06:4E:5A:09:CF:EF:77:FF:41:4A:9D:98:9B:41:12:62:8F:17
ValiditySat, 08 Feb 2025 00:00:00 GMT - Thu, 08 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /stats/15307/167001?ukey=04e566c6b79a6be0b269ec8f75480e1e&host=129av.vip HTTP/1.1
Host: qsc.vxcewh.cn:7891
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://129av.vip
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
date: Thu, 20 Mar 2025 08:27:29 GMT
content-length: 0
alt-svc: h3=":7891"; ma=2592000, h3-29=":7891"; ma=2592000, h3-27=":7891"; ma=2592000, h3-Q050=":7891"; ma=2592000, h3-Q046=":7891"; ma=2592000, h3-Q043=":7891"; ma=2592000, h3-Q039=":7891"; ma=2592000, quic=":7891"; ma=2592000; v="39,43,46"
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
pragma: no-cache
set-cookie: ukey=04e566c6b79a6be0b269ec8f75480e1e; Path=/; Domain=qsc.vxcewh.cn; Max-Age=5184000; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

129av.vip/index.php/ajax/hits?mid=1&id=700193&type=update

172.67.164.174

200 OK

89 B

URL GET
129av.vip/index.php/ajax/hits?mid=1&id=700193&type=update
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
89 B (89 bytes)
Hash
fa0ea3a104fa0023ada05fb39ead836e
b91976655ca85506048f754e2ae39028df82f795
eb2dbe520f6310e6726676ca1cabbd15f9669601466e05b4e7b443cbec67bb10

HTTP Headers

GET /index.php/ajax/hits?mid=1&id=700193&type=update HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Cookie: _ga_G30YRQ5F0S=GS1.1.1742459247.1.0.1742459247.0.0.0; _ga=GA1.1.477322898.1742459248; _ga_RTN9B9T9SW=GS1.1.1742459247.1.0.1742459247.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:28 GMT
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JUvK3Ggom8cwWDHO53sZlDrTTf5%2Bt6G5DgMVnVC%2B0H8l2l6Rs%2FrWxm7YN0h3fj%2BYMROxwL8DqPGXcGxjenatDieFXDuod%2FlbS5elUF8Za9fnhoCCfJhPHDREeUU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d49bdcdafb7f-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21196&min_rtt=19970&rtt_var=1391&sent=222&recv=37&lost=0&retrans=0&sent_bytes=225361&recv_bytes=7022&delivery_rate=78635&cwnd=85200&unsent_bytes=0&cid=7816413800b51258&ts=2262&x=1", cfExtPri, cfHdrFlush;dur=0

129av.vip/MDassets/css/main.css

172.67.164.174

200 OK

31 kB

URL GET
129av.vip/MDassets/css/main.css
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type

Size
31 kB (31148 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /MDassets/css/main.css HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: text/css
last-modified: Wed, 25 Dec 2024 20:14:47 GMT
vary: Accept-Encoding
etag: W/"676c67b7-79ac"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LrU9g1Txb3h71%2FZL%2B7Dme0lCwM%2FvzOoxvgIn3ryiin%2FjfeOzNFjDIEZp%2BnFTuAKTd0Bg0SZ%2BTu%2FUxxfdO7bWIhcNCpQvdOJuykbTvC8nxbkrwWHyF%2BTiF6tvXSc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4924be6fb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22782&min_rtt=20507&rtt_var=9315&sent=34&recv=20&lost=0&retrans=0&sent_bytes=16392&recv_bytes=5026&delivery_rate=31306&cwnd=12000&unsent_bytes=0&cid=7816413800b51258&ts=716&x=1", cfExtPri, cfHdrFlush;dur=12

img.lytuchuang56.com/upload/vod/20230120-1/2096e08b84b1422fb810400b899567a1.jpg

0.0.0.0

0 B

URL GET
img.lytuchuang56.com/upload/vod/20230120-1/2096e08b84b1422fb810400b899567a1.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://129av.vip/vodplay/700193-1-1.html

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20230120-1/2096e08b84b1422fb810400b899567a1.jpg HTTP/1.1
Host: img.lytuchuang56.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

129av.vip/tubiao.png

172.67.164.174

200 OK

66 kB

URL GET
129av.vip/tubiao.png
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
PNG image data, 170 x 173, 8-bit/color RGB, non-interlaced
Size
66 kB (66508 bytes)
Hash
9f24b07ac4180400c3200251790c6853
03405d5eb2a2de92e242ab1ab7610a9a461b5b54
9cbc677a9ccfa2a19eaad5bdaa82378f0cf7896715fa0062291adce8c8acc46e

HTTP Headers

GET /tubiao.png HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:27 GMT
content-type: image/png
content-length: 66508
server: cloudflare
last-modified: Wed, 14 Feb 2024 18:10:42 GMT
etag: "65cd0222-103cc"
expires: Sat, 19 Apr 2025 08:27:26 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
cf-cache-status: MISS
priority: u=4,i=?0
accept-ranges: bytes
cf-ray: 9233d4925c03fb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

129av.vip/MDassets/css/iconfont.css

172.67.164.174

200 OK

12 kB

URL GET
129av.vip/MDassets/css/iconfont.css
IP
172.67.164.174:443
ASN
#13335 CLOUDFLARENET

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject129av.vip
Fingerprint4A:C4:0F:B6:8A:AD:93:BC:36:80:C8:E4:5B:F3:E9:42:93:C6:92:C5
ValidityFri, 07 Mar 2025 08:25:19 GMT - Thu, 05 Jun 2025 09:22:54 GMT

File type
ASCII text, with very long lines (9932)
Size
12 kB (12237 bytes)
Hash
08b524dd4f3c843efc244e3a9716d8f0
746d13bce883810b01b448764f478308d300703d
50f90901498f28775631f88cf6669ab3bb19a4f3b56a4f2a8cfcea809dc11c0c

HTTP Headers

GET /MDassets/css/iconfont.css HTTP/1.1
Host: 129av.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/vodplay/700193-1-1.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 20 Mar 2025 08:27:26 GMT
content-type: text/css
last-modified: Wed, 25 Dec 2024 20:14:46 GMT
vary: Accept-Encoding
etag: W/"676c67b6-2fcd"
expires: Thu, 20 Mar 2025 20:27:26 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
cf-cache-status: MISS
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PhY4oGDGCfGBhbRoeLBdGktDk0ffaavMcE9lmS5NO6gkT0wJgHi6r1t47JUACe3mT19oVDgMjI8Qj2zqAG7tEO5q2K%2FfoCZzsgr%2F%2FSZOecS4cKdJ1rS0mxFs8ec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9233d4924bdffb7f-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=22782&min_rtt=20507&rtt_var=9315&sent=34&recv=20&lost=0&retrans=0&sent_bytes=16392&recv_bytes=5026&delivery_rate=31306&cwnd=12000&unsent_bytes=0&cid=7816413800b51258&ts=722&x=1", cfExtPri, cfHdrFlush;dur=6

www.googletagmanager.com/gtag/js?id=G-G30YRQ5F0S

142.250.74.136

200 OK

366 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-G30YRQ5F0S
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://129av.vip/vodplay/700193-1-1.html
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint16:BA:A3:B5:22:51:BB:87:46:7F:17:3F:9D:14:B3:35:F0:FE:B1:8D
ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT

File type
JavaScript source, ASCII text, with very long lines (6055)
Size
366 kB (366274 bytes)
Hash
32c49cc9b47a254704a5afec29de3f55
abfd20163242c321cda5762705fc4435f1a53915
8b8cba4e72e9f9aa0eb98b1db3081ba494e830536799d2c8d5595d1fa8e0aeb4

HTTP Headers

GET /gtag/js?id=G-G30YRQ5F0S HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://129av.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 20 Mar 2025 08:27:26 GMT
expires: Thu, 20 Mar 2025 08:27:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 121463
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (19)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML