6mqcu.ut-sm.com Open in urlscan Pro
104.219.214.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ngs617.lrqmyn7xhkvz8l65het4.top/
Effective URL:
https://6mqcu.ut-sm.com/
Submission: On January 03 via api (January 3rd 2025, 9:01:57 am UTC) from US — Scanned from DE

Summary HTTP 70 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 70 HTTP transactions. The main IP is 104.219.214.13, located in United States and belongs to PEG-LA, US. The main domain is 6mqcu.ut-sm.com.
TLS certificate: Issued by R10 on December 24th 2024. Valid for: 3 months.

This is the only time 6mqcu.ut-sm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2400:52e0:1e0... 2400:52e0:1e00::1081:1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	104.219.214.13 104.219.214.13	398823 (PEG-LA) (PEG-LA)
8	107.148.199.132 107.148.199.132	54600 (PEG-SV) (PEG-SV)
3	107.148.21.154 107.148.21.154	398823 (PEG-LA) (PEG-LA)
1	2404:2280:1bf... 2404:2280:1bf:0:3::7ea	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
32	198.41.216.3 198.41.216.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	47.129.177.99 47.129.177.99	16509 (AMAZON-02) (AMAZON-02)
4	14.215.183.79 14.215.183.79	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
15	36.150.215.134 36.150.215.134	56046 (CMNET-JIA...) (CMNET-JIANGSU-AP China Mobile communications corporation)
1	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a38f	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	163.171.132.119 163.171.132.119	54994 (ML-1432-5...) (ML-1432-54994)
1	47.236.72.183 47.236.72.183	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
70	12

1 2400:52e0:1e00::1081:1 (Germany) 1 redirects

ASN60068 (CDN77 Datacamp Limited, GB)

ngs617.lrqmyn7xhkvz8l65het4.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.219.214.13 (United States)

ASN398823 (PEG-LA, US)

6mqcu.ut-sm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 107.148.199.132 (United States)

ASN54600 (PEG-SV, US)
PTR: 107.148.199.132.news2.beatsphone.com

assets.readmepublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.readmepublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.148.21.154 (United States)

ASN398823 (PEG-LA, US)

console.readmepublic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:2280:1bf:0:3::7ea (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

registry.npmmirror.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 198.41.216.3 (None, )

ASN13335 (CLOUDFLARENET, US)

vimg.larkstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.129.177.99 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-47-129-177-99.ap-southeast-1.compute.amazonaws.com

d.dkfgytty.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 14.215.183.79 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 36.150.215.134 (China)

ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN)

bfs.consoleiis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:1b::1724:a38f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

dimg04.tripcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.171.132.119 (Frankfurt am Main, Germany)

ASN54994 (ML-1432-54994, CA)

img12.360buyimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.236.72.183 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

pv.dakawm.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	larkstatic.com vimg.larkstatic.com	3 MB
15	consoleiis.com bfs.consoleiis.com	2 MB
11	readmepublic.com assets.readmepublic.com console.readmepublic.com static.readmepublic.com	100 KB
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 12020	24 KB
1	dakawm.cc pv.dakawm.cc	184 B
1	360buyimg.com img12.360buyimg.com — Cisco Umbrella Rank: 102081	70 KB
1	tripcdn.com dimg04.tripcdn.com — Cisco Umbrella Rank: 70544	1 KB
1	dkfgytty.xyz d.dkfgytty.xyz	17 KB
1	npmmirror.com registry.npmmirror.com — Cisco Umbrella Rank: 317543	8 KB
1	ut-sm.com 6mqcu.ut-sm.com	13 KB
1	lrqmyn7xhkvz8l65het4.top 1 redirects ngs617.lrqmyn7xhkvz8l65het4.top	641 B
70	11

	Domain	Requested by
32	vimg.larkstatic.com	6mqcu.ut-sm.com
15	bfs.consoleiis.com	6mqcu.ut-sm.com
6	static.readmepublic.com	6mqcu.ut-sm.com assets.readmepublic.com
4	hm.baidu.com	6mqcu.ut-sm.com d.dkfgytty.xyz
3	console.readmepublic.com	6mqcu.ut-sm.com
2	assets.readmepublic.com	6mqcu.ut-sm.com assets.readmepublic.com
1	pv.dakawm.cc	d.dkfgytty.xyz
1	img12.360buyimg.com	6mqcu.ut-sm.com
1	dimg04.tripcdn.com	6mqcu.ut-sm.com
1	d.dkfgytty.xyz	console.readmepublic.com d.dkfgytty.xyz
1	registry.npmmirror.com	6mqcu.ut-sm.com
1	6mqcu.ut-sm.com
1	ngs617.lrqmyn7xhkvz8l65het4.top	1 redirects
70	13

This site contains links to these domains. Also see Links.

Domain
laow5.cc
laow6.cc
2266vip.beidete.com

Subject Issuer	Validity	Valid
*.xsjwd.com R10	`2024-12-24` - `2025-03-24`	3 months	crt.sh
*.readmepublic.com R11	`2025-01-02` - `2025-04-02`	3 months	crt.sh
*.npmmirror.com Encryption Everywhere DV TLS CA - G1	`2024-08-23` - `2025-08-23`	a year	crt.sh
vimg.larkstatic.com WE1	`2024-11-30` - `2025-02-28`	3 months	crt.sh
v.vbchder.xyz Certum Domain Validation CA SHA2	`2024-05-08` - `2025-06-07`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
*.consoleiis.com R11	`2025-01-02` - `2025-04-02`	3 months	crt.sh
Trip.com DigiCert TLS RSA SHA256 2020 CA1	`2024-10-17` - `2025-10-17`	a year	crt.sh
*.jd.com GlobalSign RSA OV SSL CA 2018	`2024-11-14` - `2025-12-15`	a year	crt.sh
pv.dakawm.cc Certum Domain Validation CA SHA2	`2024-11-30` - `2025-12-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://6mqcu.ut-sm.com/
Frame ID: 3F478B2DFDCB5776CADEF310B0352657
Requests: 73 HTTP requests in this frame

Frame: https://d.dkfgytty.xyz/ty/sv?gp=3676k2rC6sELkf8DB4UyC3iOuGbjbxMGiR38IypqDbuG50Q3cDxmlHcpShAAi8JLn0PiEt+HLSU40hm7QjCoGOgIfM2zDJfh+vr3gHkq7Cr+uNL8XhQWshDwdf34LsmfqFAD/uBPvpgSpUw4XBzFcybneSN/6ObQOeo1+0BVvp7EvvK6iG9GKcvk0JI&u_fv=0&u_url=&r_url=aHR0cHMlM0ElMkYlMkY2bXFjdS51dC1zbS5jb20lMkY=&u_sw=1600&u_sh=1200&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=de-DE&enjc=11&u_bw=1600&u_bh=2716&iv=rzhxi.1735894906&u_utz=1&yd=ZGNjPXllcyZkY2w9MTAwJSZjcG49MjgmZ3ZkPUludGVsIEluYy4mZ3JyPUludGVsIElyaXMgT3BlbkdMIEVuZ2luZSZjdD0xJmRpaXQ9JmRpdD0mY21uPQ==
Frame ID: 2B13EF0BF0EFC47CDF667433F064ABB9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

主页 - 老王视频

Page URL History Show full URLs

http://ngs617.lrqmyn7xhkvz8l65het4.top/ HTTP 307
https://ngs617.lrqmyn7xhkvz8l65het4.top/ HTTP 302
https://6mqcu.ut-sm.com/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Page Statistics

70
Requests

97 %
HTTPS

25 %
IPv6

11
Domains

13
Subdomains

12
IPs

5
Countries

5432 kB
Transfer

6403 kB
Size

9
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://laow5.cc/
Title: laow5.cc

Search URL Search Domain Scan URL

URL: https://laow6.cc/
Title: 注意⚠️近期封锁/劫持严重，请点击打开并收藏地址找回页

Search URL Search Domain Scan URL

URL: https://2266vip.beidete.com/m.html?shareName=dkvip&proxyAccount=&rma=gwRNnP0mSWymZJS0G0pZjSigmPSj5wOWIZpWGScn2lSdLwkCN09lWbWYw5RcZND50PEjZlnb0ZJWw9TZaWZBP0VQmdnc5jgG9XGJuyZ549Wm

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ngs617.lrqmyn7xhkvz8l65het4.top/ HTTP 307
https://ngs617.lrqmyn7xhkvz8l65het4.top/ HTTP 302
https://6mqcu.ut-sm.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

70 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
6mqcu.ut-sm.com/
Redirect Chain

http://ngs617.lrqmyn7xhkvz8l65het4.top/
https://ngs617.lrqmyn7xhkvz8l65het4.top/
https://6mqcu.ut-sm.com/

60 KB
13 KB

1500ms
176ms

Document
text/html

104.219.214.13
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.219.214.13 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: gunicorn /
Resource Hash: f410505b0981e30d6f3f60ab62e6e2472fceb50b5fa9c9e4656e58154c432fad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 03 Jan 2025 06:32:08 GMT
etag: "1735886008"
last-modified: Fri, 03 Jan 2025 06:33:28 GMT
server: gunicorn
vary: Accept-Encoding
x-cache: HIT, server, disk

Redirect headers

cache-control: public, max-age=0
cdn-cache: BYPASS
cdn-cachedat: 01/03/2025 09:01:40
cdn-edgestorageid: 1081
cdn-proxyver: 1.06
cdn-pullzone: 2254501
cdn-requestcountrycode: DE
cdn-requestid: 8ce01f9dd5947c30d68c02b8b7486935
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-requesttime: 2
cdn-status: 302
cdn-uid: cbd9fd8c-eee7-4c8f-9f50-22750561079f
content-length: 233
content-type: text/html; charset=utf-8
date: Fri, 03 Jan 2025 09:01:40 GMT
link: None
location: https://6mqcu.ut-sm.com
server: BunnyCDN-DE1-1081

GET
H2 200 style.css
assets.readmepublic.com/static/web2/css/ 24 KB
6 KB 1440ms
173ms Stylesheet
text/css 107.148.199.132
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.readmepublic.com:59800/static/web2/css/style.css
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.199.132 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 107.148.199.132.news2.beatsphone.com
Software: nginx /
Resource Hash: f1b4fb61371257bb31fd289969b733ccee8a600cbd5e2e8bdff05acb5dea19ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

content-encoding: gzip
etag: W/"6769d008-5f6d"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache: HIT, server, memory
date: Fri, 03 Jan 2025 07:39:50 GMT
content-type: text/css
last-modified: Fri, 03 Jan 2025 08:47:50 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 main.js Show response
console.readmepublic.com/static/web2/js/ 82 KB
25 KB 1752ms
195ms Script
application/javascript 107.148.21.154
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://console.readmepublic.com:59801/static/web2/js/main.js
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.21.154 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: e75125e9a55714ee9b6f7dfe6d950f199568754c8a53af2e8bc0a66926d3102a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

content-encoding: gzip
etag: W/"67779242-14913"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache: HIT, server, memory
date: Fri, 03 Jan 2025 08:33:59 GMT
content-type: application/javascript
last-modified: Fri, 03 Jan 2025 08:42:59 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 qrcode.min.js Show response
registry.npmmirror.com/qrcodejs/1.0.0/files/ 19 KB
8 KB 702ms
34ms Script
application/javascript 2404:2280:1bf:0:3::7ea
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://registry.npmmirror.com/qrcodejs/1.0.0/files/qrcode.min.js

Requested by

Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:2280:1bf:0:3::7ea , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

content-encoding: gzip
age: 8799713
x-content-type-options: nosniff
request-id: ec1ced00-79a8-11ef-ba5d-2775891a74e8
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
date: Mon, 23 Sep 2024 12:39:49 GMT
content-type: application/javascript; charset=utf-8
vary: Origin, Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=5184000
cache-control: public, max-age=31536000
x-swift-cachetime: 23377070
timing-allow-origin: *
x-readtime: 90.441
x-download-options: noopen
via: us18.l1, ens-cache16.us18, l2de3.l2, ens-cache2.l2de3, registry.npmmirror.com-06, ens-cache2.l2de3[0,0,200-0,H], ens-cache16.l2de3[1,0], ens-cache1.de7[0,0,200-0,H], ens-cache2.de7[1,0]
ali-swift-global-savetime: 1727095189
x-swift-savetime: Thu, 26 Dec 2024 23:01:59 GMT
eagleid: a3b5839617358949028321877e
content-length: 7887
x-xss-protection: 1; mode=block
server: Tengine

GET
H2 200 lw_logo.png
static.readmepublic.com/static/logo/ 6 KB
7 KB 1183ms
168ms Image
image/png 107.148.199.132
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.readmepublic.com:59802/static/logo/lw_logo.png
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.199.132 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 107.148.199.132.news2.beatsphone.com
Software: nginx /
Resource Hash: a2b06e636d9abbb68d765b9cda11e8de2a32f2666da0544ec74e963411e11508

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

content-encoding: gzip
etag: W/"66fd849a-19f6"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache: HIT, server, memory
date: Fri, 03 Jan 2025 06:17:51 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 08:19:50 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 logo.png
static.readmepublic.com/static/sese/img/ 15 KB
15 KB 999ms
168ms Image
image/png 107.148.199.132
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.readmepublic.com:59802/static/sese/img/logo.png
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.199.132 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 107.148.199.132.news2.beatsphone.com
Software: nginx /
Resource Hash: 8c4fd59fefc8bfa4813e23a8047339a83a8fc68e25b3c24b98c024a976a532d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

content-encoding: gzip
etag: W/"66fd8305-3aa8"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache: HIT, server, memory
date: Fri, 03 Jan 2025 03:06:50 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 08:45:50 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 logo.png
static.readmepublic.com/static/ytao/img/ 10 KB
10 KB 1326ms
496ms Image
image/png 107.148.199.132
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.readmepublic.com:59802/static/ytao/img/logo.png
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.199.132 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 107.148.199.132.news2.beatsphone.com
Software: nginx /
Resource Hash: faa960877eb2fd29401f41650a638cbfc76acc268a250676abc42ff862726cf3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

content-encoding: gzip
etag: W/"66fd82d8-28ae"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache: HIT, server, memory
date: Fri, 03 Jan 2025 05:25:50 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 08:57:50 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 index.js Show response
console.readmepublic.com/static/web2/js/ 18 KB
6 KB 1737ms
180ms Script
application/javascript 107.148.21.154
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://console.readmepublic.com:59801/static/web2/js/index.js
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.21.154 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: cc565c54699f3e8c43050e538303e01b2ac191da59ac242cbec8a85b51286987

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

content-encoding: gzip
etag: W/"67248fc2-4806"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache: HIT, server, memory
date: Fri, 03 Jan 2025 04:07:01 GMT
content-type: application/javascript
last-modified: Fri, 03 Jan 2025 08:23:59 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 alpha.js Show response
console.readmepublic.com/static/web2/js/ 2 KB
1 KB 1736ms
180ms Script
application/javascript 107.148.21.154
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://console.readmepublic.com:59801/static/web2/js/alpha.js?u=https://d.dkfgytty.xyz/ty/E432FF3D-4BEB-15929-34-8AC5635224C4.8DFF6
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.21.154 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: 00bf73aae52d45f3f55761c1f9acb929cd332f2232e066833082ce09f9a62b21

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer

Response headers

content-encoding: gzip
etag: W/"67248fce-955"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache: HIT, server, memory
content-length: 970
date: Fri, 03 Jan 2025 04:07:00 GMT
content-type: application/javascript
last-modified: Fri, 03 Jan 2025 08:31:59 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 icon.css
assets.readmepublic.com/static/web2/css/ 14 KB
8 KB 173ms
173ms Stylesheet
text/css 107.148.199.132
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.readmepublic.com:59800/static/web2/css/icon.css
Requested by: Host: assets.readmepublic.com
URL: https://assets.readmepublic.com:59800/static/web2/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.199.132 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 107.148.199.132.news2.beatsphone.com
Software: nginx /
Resource Hash: af85fcdc0ffe18f2b68d0f0188d8122ee6e2cb8e81fa4247d7f9f4bdf9ca6e29

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://assets.readmepublic.com:59800/static/web2/css/style.css

Response headers

content-encoding: gzip
etag: W/"67248fd4-375b"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache: HIT, server, memory
date: Fri, 03 Jan 2025 02:57:50 GMT
content-type: text/css
last-modified: Fri, 03 Jan 2025 08:21:50 GMT
server: nginx
vary: Accept-Encoding

GET lw_logo.png
static.readmepublic.com/static/logo/ 0
0

GET
H2 200 sexygirl.gif
static.readmepublic.com/static/web2/img/ 14 KB
15 KB 993ms
166ms Image
image/gif 107.148.199.132
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.readmepublic.com:59802/static/web2/img/sexygirl.gif
Requested by: Host: assets.readmepublic.com
URL: https://assets.readmepublic.com:59800/static/web2/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.199.132 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 107.148.199.132.news2.beatsphone.com
Software: nginx /
Resource Hash: 34548ea196b54a72899bbedf294bcc3b0ac732ad983a35d0748366a2d7d8cea5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://assets.readmepublic.com:59800/

Response headers

content-encoding: gzip
etag: W/"66a887f6-39b5"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache: HIT, server, memory
date: Fri, 03 Jan 2025 05:15:50 GMT
content-type: image/gif
last-modified: Fri, 03 Jan 2025 08:39:50 GMT
server: nginx
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e74120903652a0e424990f1199e1ca4ecf2b67b3bb817a12f0cfc6204dbfbbf7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://6mqcu.ut-sm.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 VR2025010108003660HtkJ.webp
vimg.larkstatic.com/vod/20250101/ 60 KB
61 KB 672ms
59ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108003660HtkJ.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c84b90346936b3d458c9a4a1aba1337ef2a540079b9001b50a15ad6cc00da50f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748605-f0a7"
age: 3023
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nRVdC0cDTBI2u5XWWoN36Mq2zTNcfO5P7E4Obc%2FjFfBYvzFRxxs9LgNPXTcBVsDrAPGy65uy7yCjnzJMs5RBqbEyAxl2LA19rL5IKigx0hVQeAWg0tVJytxLgAAogXzqk8PpVgM8"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21492&min_rtt=21374&rtt_var=3453&sent=69&recv=19&lost=0&retrans=0&sent_bytes=67624&recv_bytes=3509&delivery_rate=187656&cwnd=230&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=59&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:13 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52be842c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 61607
server: cloudflare

GET
H2 200 VR20250101080038877HCM.webp
vimg.larkstatic.com/vod/20250101/ 56 KB
56 KB 670ms
57ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR20250101080038877HCM.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9038ec36d109265e8fedf25b975ff516a9ecbc6488bdcdd17475c2524e988cb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748605-de7b"
age: 3126
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w2WqS39vQWV%2FjZiIQPzGth3Arfly%2BLrCQCynJTMCREXwP%2BVnL%2FfaRRDuaL7TX1nNWXr%2BHUeR8fHZyTgDRRNc0xUGH2DfVvcaUBWXExJ6CzbEUQTZKfyIPi0pv5oZctlf6NtOX9lG"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21492&min_rtt=21374&rtt_var=3453&sent=69&recv=19&lost=0&retrans=0&sent_bytes=67624&recv_bytes=3509&delivery_rate=187656&cwnd=230&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=59&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:13 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52be862c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56955
server: cloudflare

GET
H2 200 VR2025010108011905v9DG.webp
vimg.larkstatic.com/vod/20250101/ 48 KB
48 KB 672ms
59ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108011905v9DG.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cac04308aecf9aa8139e696bfc3f9ac0be0fb8b5d2eb01fe3599f7f1a6e100e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748603-bff0"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X0QOJQk9vivSiRjZq4a7n4UFhttlMsILyxokMnlIPF6dzEDvkTfYhX9RiPIuss3CZ%2F6GMmM3Ekpb5ds71VCmklfIue1KpEZEeGg64YuQfKCS27zYI9wriik2NLDOrBQx%2BP%2BTYFU9"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=22772&min_rtt=21374&rtt_var=5151&sent=69&recv=20&lost=0&retrans=0&sent_bytes=67624&recv_bytes=3509&delivery_rate=187656&cwnd=232&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=60&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:11 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52be882c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 49136
server: cloudflare

GET
H2 200 VR2025010201002782GB5S.webp
vimg.larkstatic.com/vod/20250102/ 304 KB
305 KB 668ms
56ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250102/VR2025010201002782GB5S.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 243b7ed67f937a15108d153d7e11630ad05ebfd609a3f6dc15e2cd16cf6019f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "6775750f-4c057"
age: 3023
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1mkM9T1Rxx22%2FuiP1g9G39mYBgx7MjrPV6iNuqpDtEThf%2Bnp6k%2BzLAxDiHf7zruS%2FKQpOFtKxwYfHrrzftpWU2mdNqvIVz2LDId6ZUIkp4T197T7Nzx%2FicKre%2BbW6BsKSY2%2BHtmc"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21509&min_rtt=21478&rtt_var=4559&sent=68&recv=17&lost=0&retrans=0&sent_bytes=67624&recv_bytes=2842&delivery_rate=187656&cwnd=229&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=41&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 17:02:07 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce529e682c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 311383
server: cloudflare

GET
H2 200 VR2025010108004800GUey.webp
vimg.larkstatic.com/vod/20250101/ 17 KB
17 KB 644ms
31ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108004800GUey.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d28530bf85dba1356c9d4384fdca056ea9d00f2f270c7b197e555054a1d34d97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748604-42dc"
age: 5685
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HRXopYa%2F7GhHlU6KOPoWw6IGk5qLKa8KGYMIkfjYevukjQBNnRUSjrYL1MRNWIJYqMC4zkgC3yhGTKyFnLCpRj9TFT3RtimiGlI26kj3rIYU2ncduPWNvq39F20xBYWYM6%2FCva%2Bq"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21509&min_rtt=21478&rtt_var=4559&sent=7&recv=17&lost=0&retrans=0&sent_bytes=4039&recv_bytes=2842&delivery_rate=187656&cwnd=229&unsent_bytes=0&cid=1c6e1eeff74ea318&ts=38&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:12 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce529e6a2c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17116
server: cloudflare

GET
H2 200 VR2025010108024371oMdq.webp
vimg.larkstatic.com/vod/20250101/ 48 KB
48 KB 669ms
57ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108024371oMdq.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0e970cf525d6ba930b88f7aca532eafebee62693c923ada13b3dbd33eb7f9d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748679-bf91"
age: 3136
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHvo5tTP8ov%2BMx4lxwGnpg1dm2I6le0FdiMcwUkglVPErnnlqU6EvPKQzAMCWSmRSIhLXghTNS1G3z3VtAtOAd%2FV%2F06u4e4W7%2BnCEE44RUz3vKIJa%2BG0IeqY4PbFW7rWfS4CGJR%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21509&min_rtt=21478&rtt_var=4559&sent=68&recv=17&lost=0&retrans=0&sent_bytes=67624&recv_bytes=2842&delivery_rate=187656&cwnd=229&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=41&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:04:09 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce529e6b2c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 49041
server: cloudflare

GET
H2 200 VR20250102000117685DKs.webp
vimg.larkstatic.com/vod/20250102/ 1 MB
1 MB 653ms
56ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250102/VR20250102000117685DKs.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c48a42e47b69f22b5537bb81d2af4a462e38cb1b3d6c1591e91ed3f6169a2679

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67756701-163d56"
age: 3005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zTroJXflP0yIhdkKuHPvoR5NOn9YvU2yl22cIOrLooxRz8ZsI5x8JEDn%2FerShuiQdm6blilrebXyrn0vLOArp8f363RKJQOF8dxw08ZOuidybFTqEMTplM%2FpsVbqLy%2BIUCtXtOSr"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21509&min_rtt=21478&rtt_var=4559&sent=68&recv=17&lost=0&retrans=0&sent_bytes=67624&recv_bytes=2842&delivery_rate=187656&cwnd=229&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=40&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 16:02:09 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce529e6e2c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1457494
server: cloudflare

GET
H2 200 VR2025010108035597r4tl.webp
vimg.larkstatic.com/vod/20250101/ 187 KB
188 KB 655ms
57ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108035597r4tl.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af9430cebe3c5bfd931de83cb59968164915a6eca89e41882dd78dba259b552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748679-2edb4"
age: 3005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q8jcleM3AZJMSjOXXEmGkUMc85q45vz79mOJUEhjjog6kwUhrtiRDE5%2B9E%2Bjkt9qeTpHklEgOcLPiPYXQQIEuOAHl3QFKmY7RKll0XH9uRQauU1h07KYesEzZR2LAbrNMBAWlYov"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21492&min_rtt=21374&rtt_var=3453&sent=69&recv=19&lost=0&retrans=0&sent_bytes=67624&recv_bytes=3509&delivery_rate=187656&cwnd=230&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=59&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:04:09 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52be832c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 191924
server: cloudflare

GET
H2 200 VR2025010108003084PEnL.webp
vimg.larkstatic.com/vod/20250101/ 59 KB
59 KB 654ms
57ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108003084PEnL.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e116cd90cd5843a148c438c5696f6c29c8422c048a83f7312971c8a500561573

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748601-ea06"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SNqJG%2BT64Tsb4%2BqMk4YrFkikz4xt81XNnJbClMxkuCMOcPFapUSKWLNwyvh5Dkcf6jqxAneJBJz9xHpdK%2BND6T23XrbbHAQSOYfxKgpIovtsIy9BPHwusgZ%2BOTaSrskUacagWzAW"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21509&min_rtt=21478&rtt_var=4559&sent=68&recv=17&lost=0&retrans=0&sent_bytes=67624&recv_bytes=2842&delivery_rate=187656&cwnd=229&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=41&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:09 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce529e6f2c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 59910
server: cloudflare

GET
H2 200 VR2024120809001744rgPj.webp
vimg.larkstatic.com/vod/20241208/ 39 KB
39 KB 656ms
59ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20241208/VR2024120809001744rgPj.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c2b22f2a98122616d54783499416f073c34ee82c436a49e588926d0a70a8cfd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "6755d3c7-9a9a"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9nRRr8KMLOnaz77VP5E1klNEWfaxnHl2IB6qbnV8ez%2BzooaJf84HbtP8eB5NTbe8zYSDp9G%2Bi5Eowj9FMZitax3CwIavIHXkAHcCL40WJLaqtCXIf1xayMjwlUGW%2FchrqJkkgOIu"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21492&min_rtt=21374&rtt_var=3453&sent=69&recv=19&lost=0&retrans=0&sent_bytes=67624&recv_bytes=3509&delivery_rate=187656&cwnd=230&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=59&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Sun, 08 Dec 2024 17:13:43 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52be812c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39578
server: cloudflare

GET
H2 200 VR20250101080026026vqb.webp
vimg.larkstatic.com/vod/20250101/ 86 KB
86 KB 656ms
59ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR20250101080026026vqb.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ed976e697847cec1de8647a544542af0c0d25196ba3759721a4664c7b8f7d1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748601-15874"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ud6zItsOuA8TL5ahgRHTm4jwgrIQlyO7oHCwH%2Bq69MQwyLQwyv6Lr0Ftd5%2FwDV%2FT6g7GIgwzlVPC5kkOGN7DEcRHbReokPDgK7hDz5y2vpeSR6I%2BUt5MWL88q%2F3pOCciih3OiHgE"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21492&min_rtt=21374&rtt_var=3453&sent=69&recv=19&lost=0&retrans=0&sent_bytes=67624&recv_bytes=3509&delivery_rate=187656&cwnd=230&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=59&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:09 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52be822c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 88180
server: cloudflare

GET
H2 200 VR2025010108003040YX4L.webp
vimg.larkstatic.com/vod/20250101/ 52 KB
53 KB 631ms
33ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108003040YX4L.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab399f6ef8a4a91e74c07bd96f7f65e09269ee1c76a62014d4e57f42a93a20f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748601-d17c"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1lZ003FSYGZK07%2BXrXUaolZCOInxLWMTeYK%2BKqx0oPan0iysybaTBdKb9O0A%2Bl7ezDwGBUcx9aVRXediuAp1mfDr68mQkbPWq4JTTrcTrYRqYWgHyRZcv17HRladlLgoa2CYkR%2FA"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21509&min_rtt=21478&rtt_var=4559&sent=27&recv=17&lost=0&retrans=0&sent_bytes=22281&recv_bytes=2842&delivery_rate=187656&cwnd=229&unsent_bytes=0&cid=1c6e1eeff74ea318&ts=39&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:09 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce529e742c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 53628
server: cloudflare

GET
H2 200 VR20250101080025413VCr.webp
vimg.larkstatic.com/vod/20250101/ 83 KB
84 KB 652ms
54ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR20250101080025413VCr.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c0fab1fa50c26035b31f35370e70814cf7f2da9c50974efa15527dedc7844fa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748601-14cb7"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DWfnP%2Fs9a7Kd0Ti6aP9trVU%2BspqZ8o9xfvAj%2FuhRiNU1b4h%2BqulKnmGQ3wlRXChKTK420YTDwD%2FKuYnHOjRn5jmopoL%2B8HZqHRNnVArmSrIdAphjkB5MLVPNjiqEKY1HrBYaV%2Fv2"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21509&min_rtt=21478&rtt_var=4559&sent=55&recv=17&lost=0&retrans=0&sent_bytes=50577&recv_bytes=2842&delivery_rate=187656&cwnd=229&unsent_bytes=26562&cid=1c6e1eeff74ea318&ts=40&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:09 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce529e712c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 85175
server: cloudflare

GET
H2 200 VR2024120809001898lcqL.webp
vimg.larkstatic.com/vod/20241208/ 53 KB
54 KB 655ms
58ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20241208/VR2024120809001898lcqL.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1b55025344e357313065e8a4c8be9b2d0e37bc0665cc138531bdd536e9dd664

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "6755d3c7-d52e"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OzopQ18z%2Fh%2BZmzvuyy7yCwFOGnQ9CgIyTAa%2B%2BLSjpmo0sJBpdd5Gr3LeBkEDBhRbJzxYnfIQgUedIIcYZWyMzoHEn8HvNJj%2B2tHmhKLuHI%2F6MHkWFMy1UqrEAAqtbWzAilsjP24o"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21492&min_rtt=21374&rtt_var=3453&sent=69&recv=19&lost=0&retrans=0&sent_bytes=67624&recv_bytes=3509&delivery_rate=187656&cwnd=230&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=59&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Sun, 08 Dec 2024 17:13:43 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52be852c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54574
server: cloudflare

GET
H2 200 VR2025010108002540X1L8.webp
vimg.larkstatic.com/vod/20250101/ 82 KB
82 KB 655ms
57ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002540X1L8.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eaedbc4b7f802d565a66abf7e71a59939a89b38efd0683f79a2d0dca606873b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748601-14817"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tUp0wjSHbVWNMrE%2BW%2FIhacRHML%2Fax8guZdw57qtT0pC2J29nhlFESUd%2BcQHpLRhbtWI%2BYlgr8JCIavuu%2B1nmrrCaf%2B7zqYmytJyJM15bWJZjPsDWonoEBF5aH2obHb07X6%2FWxNXn"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21509&min_rtt=21478&rtt_var=4559&sent=68&recv=17&lost=0&retrans=0&sent_bytes=67624&recv_bytes=2842&delivery_rate=187656&cwnd=229&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=41&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:09 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce529e702c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83991
server: cloudflare

GET
H2 200 VR2024112715001933nZgi.webp
vimg.larkstatic.com/vod/20241127/ 13 KB
13 KB 657ms
59ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20241127/VR2024112715001933nZgi.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 249d649d9b6a8ea029bc9de43b498178ce00c7efdbd2718df43892e9dbb838fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "674c990b-321c"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XpaIb%2BAzzu404WSodUcC6MQR%2FhVU5j3SeDfiWW5J3N0qruDqT6cdu8wve1k5%2FQrHuZBICgenxF%2FExkGkScSV3drCgVEDv7fQkxEoPgeUZAE4NwgAoC%2BmY9jFVgGMATPMFQRuArXn"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21492&min_rtt=21374&rtt_var=3453&sent=69&recv=19&lost=0&retrans=0&sent_bytes=67624&recv_bytes=3509&delivery_rate=187656&cwnd=230&unsent_bytes=31004&cid=1c6e1eeff74ea318&ts=60&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Sun, 01 Dec 2024 17:12:43 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52be7e2c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12828
server: cloudflare

GET
H2 200 VR2025010108002377lo06.webp
vimg.larkstatic.com/vod/20250101/ 18 KB
19 KB 40ms
39ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002377lo06.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e717dec94a9d8503e371278588ddc54e7a59c220a9f329aaafa15d9c492f4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748602-498f"
age: 6621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2FdBCWorC98Qb23SyIF9ZUDEe%2BHhKV3akN17GzFFjJ33V69557vOZlrRsolri53c4Ndo%2FxP9luUNg9ZqDmWEwhUfpq3ngk%2Bvix3fiE8QFSs64sH9W0hd%2BO4AxoOQVdrKdRuAGh7G"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=76&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:10 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52de982c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18831
server: cloudflare

GET
H2 200 VR2025010108003077g2yv.webp
vimg.larkstatic.com/vod/20250101/ 14 KB
15 KB 40ms
38ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108003077g2yv.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90023ae7eae594cfee861580bb2fadffe34b9b3fe6ee17b8d12db1357deb500f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748602-3916"
age: 3022
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VwrdCOXYwxQDWs6IS7FvzSwVHAs9TS5M6hgv6DBCDSfoV5hY7IEoaBxOvNbgsxTXkKxet%2FuPrRLIqgO56wvEqKpqKA1XxrkKVfIbcqz3CZLdpeGRIowEwkcOh00yd2lZ1dV2hciY"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=75&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:10 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52de992c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14614
server: cloudflare

GET
H2 200 VR2025010108002737MmRS.webp
vimg.larkstatic.com/vod/20250101/ 21 KB
21 KB 40ms
39ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002737MmRS.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62759c0ecb3c1b26b7d92afc553f0ebf9f682e49b55612051447bcd35a296762

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748602-5360"
age: 5134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nWDBWxAjbizXiHpabvpLaMspTwbvR%2FBvvBFvIU00L3PlNEYQureUvZaRtRnytV3C2glwBW73zOv8%2F5%2BgFcQuTSpm9YxQ6DR%2FAJ%2B7BdvA6mWut2md61teUUk%2FJR%2BPE5qR3EvCUJo5"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=76&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:10 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52de9a2c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21344
server: cloudflare

GET
H2 200 VR20250101080024347HEK.webp
vimg.larkstatic.com/vod/20250101/ 22 KB
22 KB 41ms
40ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR20250101080024347HEK.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8d2e08530c0c4b6d4782c75924046598579afc47b85f196892ee2a0701f8d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748602-585f"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AndC2SvHMNLOheobpbcb0%2F%2BKCNab9El0Os5eD%2FUVGXZTsgSEJ9sWdEFU3mB2aN8hHQj2BgctoO1C0M2uItsdR2AHGZwO1V5mVyonjhEb88HAo3NhRLEN22rUmmnKcwlzfemjB3JZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=77&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:10 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52de9b2c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22623
server: cloudflare

GET
H2 200 VR2025010108002594XKZQ.webp
vimg.larkstatic.com/vod/20250101/ 14 KB
15 KB 40ms
39ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002594XKZQ.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a41c5c8558348415799ae9e0cd38988ffa174030ce85f02373ee8c45df105d4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748602-39f5"
age: 5135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XGC3jBcUde0dRRTDdg8eLM4GV%2B44KMH1X9dVusRgY4lrl%2BIfRhswk44M5mDSXRWgeSs%2B%2FHbyhFHXFqVnRptwZssuD0Eb5uAfy8Z%2FX0BdKJLJucoXvBUcCspsh2MWGH%2Bali%2BoNiwc"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=76&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:10 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52de9c2c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14837
server: cloudflare

GET
H2 200 VR2025010108002472DAPY.webp
vimg.larkstatic.com/vod/20250101/ 17 KB
18 KB 40ms
39ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002472DAPY.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 387bf305985c6f9587696d929f84b7c6b044fba15b9379e33ceabf54a7a22c1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748602-45a5"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q%2FoftN7HO0fIC2atqbaFNX0YOyxt4%2FrYEH9VGinBlLveslzFJCS2%2Bw5410RHhFnpRN9XoikUNm3twlBpXkeiOudm7j6mM32ynn%2B3JHgjNfOX9o3OKpi6KLsqMo5L5DMBNFXKjFFO"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=77&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:10 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52de9d2c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17829
server: cloudflare

GET
H2 200 VR202501010800235816eY.webp
vimg.larkstatic.com/vod/20250101/ 13 KB
13 KB 42ms
41ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR202501010800235816eY.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e10aed88be193a32494866a702f9b11dd365adcce94983342d85761652df69bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748602-32d3"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0SpfbOYG0zR%2B1%2BjpctZZ%2FOjS1S0bXMrb6iJm1%2FWvXLYEorB4x1aNalzWI0KIC%2BRxxQPAvfrodzsSdB1xzLVn7uThrPnUl5TxLcM%2BbGhGAkNX5D7%2FW7Tqk7NfvhXv48KOxoGKrZ9G"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=77&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:10 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52de9e2c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13011
server: cloudflare

GET
H2 200 VR2025010108002431uLnr.webp
vimg.larkstatic.com/vod/20250101/ 13 KB
13 KB 62ms
61ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002431uLnr.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11eea58ba03157a28f5c537d4f961e6a1daf27c5782490a759e4c5632181498f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748602-3408"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MsYL9kuwyDr27IUkh45dlMqJRQxjJOW%2FRF0rmdrJZjKigiSoYpCCuPHOuugguqbAJQO%2BQnRF8uqGG44HEqqF9mZA%2Bf37JcEgVfkUEYj4eXmAO9JJlyTJd9ubgOReoYnzDSiKH8bt"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21880&min_rtt=21374&rtt_var=24&sent=280&recv=84&lost=0&retrans=0&sent_bytes=339752&recv_bytes=4779&delivery_rate=3177659&cwnd=261&unsent_bytes=64704&cid=1c6e1eeff74ea318&ts=87&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:10 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52de9f2c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13320
server: cloudflare

GET
H2 200 VR2025010108002181ebjy.webp
vimg.larkstatic.com/vod/20250101/ 60 KB
61 KB 41ms
40ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002181ebjy.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34b7f6cc1d59ea232895402e1e6f7270193a4e32d8e51bf064c31fe0bce710dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748600-f04a"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6LQiV%2Bj5tu8NnAXUrewakWlWRh1taHP3Soparx11Fn3OQFdLBOP95r5TUHtcXBGKRGdhIEjL95uMOoDNblXR4rFp4zKLecR2FjUVn1tcl016SVfxcxcIe0sYeaPC5Icp4VpTLip"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=77&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:08 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52dea02c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 61514
server: cloudflare

GET
H2 200 VR2025010108001989lkap.webp
vimg.larkstatic.com/vod/20250101/ 51 KB
52 KB 41ms
40ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108001989lkap.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f5f823da760db4df0a8492d4e00b507db977154367059cd015f3fb5a32fdc3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748600-cd3d"
age: 3005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T7UYG7C4Iv1Yfx%2BqYye1ra8nS3GaX5Sl%2FUmuhMKztHg8hN%2FlHJTP6RBO5pjaE1KEGuR8HsOAM38x74EW6aDBygSxfpPgLECpR5ttBhPn%2FKg5wsBOVA1nA2%2BF4JJ00Qb%2Bvxrs0txT"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=77&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:08 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52dea12c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 52541
server: cloudflare

GET
H2 200 VR2025010108002311DPwi.webp
vimg.larkstatic.com/vod/20250101/ 17 KB
17 KB 41ms
40ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002311DPwi.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f57fd4f97e491daab2968d767749efd524e60a4d7842231bf6564d5ef8dfcf6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748600-43cf"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZsI%2BEe%2Bt3vH%2BEb1PqYM5INn1VOJcfPKhL7w0Id3LWthmxHNwCh0fC1VSxLZFDqjK6gfdeidUSnYhsHncz9XwB03oFejNZ4DXb0AchjS%2F%2F3Cuw1p4was7HznFw59%2FmvknharmIOvR"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=77&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:08 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52dea22c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 17359
server: cloudflare

GET
H2 200 VR2025010108002065eVLB.webp
vimg.larkstatic.com/vod/20250101/ 18 KB
18 KB 42ms
41ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002065eVLB.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40dc8a19751a3fc0d6ea5de06f25c4928017280e4f2cd9ca03480533d89bfcaa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748600-47ac"
age: 6620
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ftkJ9bsvNONe6DejoVc7ugOH2qphHREo65e9LQdTjoAqlLnJ29DNjnjpL%2FxCi%2BLvKrx2%2BV%2BHZcJy7%2FpJZi7td1YuxDNDFW%2BYopXcK50jBfbmxue2aH6oWxBMZ%2BLJCNmamZhJOLXB"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=78&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:08 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52dea32c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18348
server: cloudflare

GET
H2 200 VR2025010108002191ENAg.webp
vimg.larkstatic.com/vod/20250101/ 14 KB
14 KB 41ms
40ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002191ENAg.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1b80f1e1c2b0b7141c81eb303b76ebd39136094fe81c54ec8e51cf8928145a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748600-388c"
age: 6621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CIQ6K0EEUSqivnzRpCUJpxFFbu%2FzGLL2jFuOQEvSpzR7U1ugheaksPZ7ZuyEwLsW7Zhx5ziLkTWt2YzlSjnSWnekLvnl19BD8%2Bs%2BjNYN49mSJZQYAT6dYl3M1s8OSgPa243fv2U%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=77&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:08 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52dea42c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14476
server: cloudflare

GET
H2 200 VR2025010108002268CyRS.webp
vimg.larkstatic.com/vod/20250101/ 58 KB
58 KB 41ms
41ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002268CyRS.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4e5fc96b874994133372faa61108801098942b3c59afb83c0a0a87ad2828068

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748600-e718"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8rf%2B1CUZ3sVBdRSQQWZ8oj6aKTN3Xs04kj8Ph0sfx%2BtCQEVPrDInmjLl5wrqWC4Ykt3dpjIWAZNM%2Bd%2B4TIAL%2BgRv1C53ZlaO2t9zYvWaxYr64RMRqYb0xO9OMCRwrhOnHuF2G0Vx"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=78&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:08 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52dea52c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 59160
server: cloudflare

GET
H2 200 VR2025010108002056jdbw.webp
vimg.larkstatic.com/vod/20250101/ 23 KB
24 KB 42ms
41ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108002056jdbw.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07ea13db5968359af05f0eab913d1f23460ff895d36c1409abd0a48ebfa7e636

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748600-5de0"
age: 3549
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c13FDLrIn4jDzI0boOhGepgGxXnIxt%2BYqVg5fj9wBKcn000x4rTHkJTOOap1jONmJSfSJyUlZWMIVHznk%2B1VZunP%2BAfB6Ctemowml7qlxRK2GV1TZ0q7uWqh1UB2MDTz4bgZFPeA"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=78&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:08 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52dea62c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24032
server: cloudflare

GET
H2 200 VR2025010108001939gteL.webp
vimg.larkstatic.com/vod/20250101/ 20 KB
21 KB 42ms
41ms Image
image/webp 198.41.216.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vimg.larkstatic.com/vod/20250101/VR2025010108001939gteL.webp
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.41.216.3 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d66d8642454bc51c8cba48b6f94b46ad1cc633f6aa54532870e60e1dfb0d0560

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cf-cache-status: HIT
etag: "67748600-512c"
age: 5133
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cB1zm5dkVngYAkEjBddyKrgbo5AQ2GvJH4Vxhk7HRPptYdm38ZnYv8t3QSt66OkSKGKKrOqEynpJeRNaYf06arWdboUYxlwb5UXSJPb9BDvAMEkZSF025RJjp7cP%2FH8Ml2tcmcN"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=21798&min_rtt=21374&rtt_var=247&sent=122&recv=59&lost=0&retrans=0&sent_bytes=131752&recv_bytes=4779&delivery_rate=2431401&cwnd=234&unsent_bytes=9612&cid=1c6e1eeff74ea318&ts=79&x=0"
date: Fri, 03 Jan 2025 09:01:44 GMT
content-type: image/webp
last-modified: Wed, 01 Jan 2025 00:02:08 GMT
vary: Accept-Encoding
access-control-allow-headers: Origin, Authorization, Accept, Content-Type, X-Requested-With
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8fc1ce52dea82c2e-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20780
server: cloudflare

GET
H2 200 E432FF3D-4BEB-15929-34-8AC5635224C4.8DFF6 Show response
d.dkfgytty.xyz/ty/ 57 KB
17 KB 1843ms
378ms Script
text/html 47.129.177.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d.dkfgytty.xyz/ty/E432FF3D-4BEB-15929-34-8AC5635224C4.8DFF6

Requested by

Host: console.readmepublic.com
URL: https://console.readmepublic.com:59801/static/web2/js/alpha.js?u=https://d.dkfgytty.xyz/ty/E432FF3D-4BEB-15929-34-8AC5635224C4.8DFF6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.129.177.99 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-47-129-177-99.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1bdde59d8bef6b317be2eadaa98d84403c03a2ec57737d3b2b7617b4d869e967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=900
content-encoding: gzip
expires: Fri, 03 Jan 2025 09:16:45 GMT
access-control-allow-origin: *
date: Fri, 03 Jan 2025 09:01:45 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: nginx
last-modified: Fri, 03 Jan 2025 09:01:45 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1566ms
301ms Script
application/javascript 14.215.183.79
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?76a047d2c3123b45766d9dd697b629cb

Requested by

Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

b821c7b7b6514f4d94c3186d4ff9a6c729835b2b70fd0bb2a4dd6f9c581b1c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Etag: 4d325eeedc8941f07d476de147a5b5cc
Content-Length: 11285
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Fri, 03 Jan 2025 09:01:45 GMT
Content-Type: application/javascript
Server: apache

GET
H2 200 cg_logo.png
static.readmepublic.com/static/logo/ 8 KB
8 KB 1299ms
497ms Image
image/png 107.148.199.132
PEG-SV

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.readmepublic.com:59802/static/logo/cg_logo.png
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.199.132 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 107.148.199.132.news2.beatsphone.com
Software: nginx /
Resource Hash: f7a517ac7a7bbeca1886d481a4aff84a5a301ab75dec11ee80ad342c4f84792b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

content-encoding: gzip
etag: W/"66fd84a5-1fe3"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache: HIT, server, disk
date: Fri, 03 Jan 2025 08:05:48 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2025 08:05:48 GMT
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK 0f3f7f72126c23d0f37703dbde7dacb6.js
bfs.consoleiis.com/js/ 190 KB
153 KB 3043ms
309ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/0f3f7f72126c23d0f37703dbde7dacb6.js?t=hgdcq
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: 0df81fbf2a97c65d32c2afda55b673d8ef966dd90af403c6f7fc1d0d9e8c9ed7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770def-2f892"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, memory
Date: Thu, 02 Jan 2025 22:22:06 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Jan 2025 08:23:38 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK defb3d4adbfd656135ed8fce7cec5355.js
bfs.consoleiis.com/js/ 406 KB
222 KB 3089ms
292ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/defb3d4adbfd656135ed8fce7cec5355.js?t=fhylw
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: b7af4e3cfb09ccddf0023ef4e3d8a78aa6f4c82564c528f910cf400ac4d1a623

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67771002-659f8"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, disk
Date: Thu, 02 Jan 2025 22:22:19 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jan 2025 22:22:19 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK 7a5c07dbe7cfc7690cb463a8731a251c.js
bfs.consoleiis.com/js/ 176 KB
176 KB 3197ms
297ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/7a5c07dbe7cfc7690cb463a8731a251c.js?t=amxpj
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: ba6e88b153b39fcf2f697e3ac46889f57521c86760fa58e282637cdef0a1a4ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770e54-2bf04"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, disk
Date: Thu, 02 Jan 2025 22:22:05 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jan 2025 22:22:06 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK 752cf0096522cc4a0e805887c73b7d0b.js
bfs.consoleiis.com/js/ 100 KB
100 KB 3678ms
288ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/752cf0096522cc4a0e805887c73b7d0b.js?t=pgyl
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: b2de548ca7548afd4382d502bd7ec8ffabb7544b43e26ac4da713ed5a9120658

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770ef6-18f04"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, memory
Date: Thu, 02 Jan 2025 22:22:21 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Jan 2025 08:10:38 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK 0dc5a45bca94cc2cc24333538a234f8c.js
bfs.consoleiis.com/js/ 125 KB
83 KB 3693ms
289ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/0dc5a45bca94cc2cc24333538a234f8c.js?t=dfyl
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f30167ba87595e7b5320fd34be55a69b64996b1e9bf01249336bf46dee01db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770de4-1f47e"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, memory
Date: Thu, 02 Jan 2025 22:22:19 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Jan 2025 08:04:38 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK 5cec9f59305f673d1e78bc92af06b574.js
bfs.consoleiis.com/js/ 224 KB
154 KB 3797ms
302ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/5cec9f59305f673d1e78bc92af06b574.js?t=amwns
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: 4409eb408ef00626f06c3cd4f23d790dda4667f1dd36274af06db267fe6187ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770e37-37e1c"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, disk
Date: Thu, 02 Jan 2025 22:22:22 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jan 2025 22:22:22 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK 96735662e3e0cedc6641ec99b6844940.js
bfs.consoleiis.com/js/ 176 KB
139 KB 295ms
295ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/96735662e3e0cedc6641ec99b6844940.js?t=wns929
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: 7292a0bb513b5c9baf449fbb249c8af5ff7cbb8ab242bfc898274f2060f573c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770f67-2be04"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, disk
Date: Thu, 02 Jan 2025 22:22:05 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jan 2025 22:22:06 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK 574d017e25138ad36d0c9504f852ac45.js
bfs.consoleiis.com/js/ 205 KB
139 KB 1379ms
297ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/574d017e25138ad36d0c9504f852ac45.js?t=hgdcq
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc9faa52b0b7dd0c9af0ac487c53e377d3d2edaf84a9e88f3f5160a4a9a18c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770ee8-33340"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, disk
Date: Thu, 02 Jan 2025 22:19:47 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jan 2025 22:19:48 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK acbebf7c91c3c7dbc0a8a9336bc3a9e9.js
bfs.consoleiis.com/js/ 243 KB
232 KB 1373ms
295ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/acbebf7c91c3c7dbc0a8a9336bc3a9e9.js?t=amwns
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: 9288acf1b7adbe8f3af1b97ff112016654bfd4c2f2f565aa02c9473821e10fa5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770f92-3ca98"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, disk
Date: Thu, 02 Jan 2025 22:21:55 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jan 2025 22:21:55 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK b14537e94cfb81055856b10678d163dc.js
bfs.consoleiis.com/js/ 105 KB
80 KB 1355ms
289ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/b14537e94cfb81055856b10678d163dc.js?t=wns929
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: 88ffe3a1eb8249f12623debd2d7b6ed3ed8e2cf144da98583609a12c23e181ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770faf-1a4a8"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, disk
Date: Thu, 02 Jan 2025 22:21:55 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jan 2025 22:21:55 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK 653baf379a65a8e9c375cf23f5222d5d.js
bfs.consoleiis.com/js/ 94 KB
93 KB 2804ms
289ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/653baf379a65a8e9c375cf23f5222d5d.js?t=amxpj
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dd44d4e7c222a10828ef7a3d10ac740cbb6cf269ae4688c464b5b9b67917096

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770eeb-17764"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, disk
Date: Thu, 02 Jan 2025 22:21:53 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jan 2025 22:21:53 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK ef95257b1fba646bc667a3a85ece686c.js
bfs.consoleiis.com/js/ 473 KB
255 KB 2846ms
296ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/ef95257b1fba646bc667a3a85ece686c.js?t=fhylw
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: ec4a131dda94d9dcfc6ce619a078ea0f1a6e92442e0fa056a082ced11d8e55e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67771033-7653c"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, disk
Date: Thu, 02 Jan 2025 22:21:53 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jan 2025 22:21:54 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK 8d67369ddce023955622aa96f2cdb3f9.js
bfs.consoleiis.com/js/ 132 KB
99 KB 1346ms
286ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/8d67369ddce023955622aa96f2cdb3f9.js?t=pgyl
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f5edb2d009e84c0fc6053f5abd5d6f2f0a8b0d9ce36e68fa69a81e8ecdb5ae2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770e6c-21050"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, disk
Date: Thu, 02 Jan 2025 22:21:57 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jan 2025 22:21:58 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK 56efdaf7f86165268b28c20bffdb9793.js
bfs.consoleiis.com/js/ 143 KB
116 KB 2225ms
289ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/56efdaf7f86165268b28c20bffdb9793.js?t=pgyl
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: 70cdefe44e6286d402b0958e8e889198cbd03ddf4570fe9b7f3f5ac702dfa951

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67770eae-23a18"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, memory
Date: Thu, 02 Jan 2025 22:21:55 GMT
Content-Type: application/javascript
Last-Modified: Fri, 03 Jan 2025 08:46:38 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK f71c71b4ab74183b4765c8fe5a3a1946.js
bfs.consoleiis.com/js/ 128 KB
127 KB 2414ms
297ms Image
application/javascript 36.150.215.134
CMNET-JIANGSU-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bfs.consoleiis.com:5791/js/f71c71b4ab74183b4765c8fe5a3a1946.js?t=dfyl
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 36.150.215.134 , China, ASN56046 (CMNET-JIANGSU-AP China Mobile communications corporation, CN),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a30f0b06318bc56fb5de25678d30cb69c2fa918572de01183a96d4475003221

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Cache-Control: max-age=2678400
Content-Encoding: gzip
Etag: W/"67771043-20090"
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
X-Cache: HIT, server, disk
Date: Thu, 02 Jan 2025 22:21:57 GMT
Content-Type: application/javascript
Last-Modified: Thu, 02 Jan 2025 22:21:57 GMT
Server: cloudflare
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
DATA 200
OK truncated
/ 85 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a5191848aef5f9b12385c5c5817f6e6d9fc85093cb7ec8632aedb0d3b2c8485

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 299ms
299ms Image
image/gif 14.215.183.79
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=B44F7F21DCC0C22A&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1469745219&si=76a047d2c3123b45766d9dd697b629cb&v=1.3.2&lv=1&sn=3826&r=0&ww=1600&u=https%3A%2F%2F6mqcu.ut-sm.com%2F&tt=%E4%B8%BB%E9%A1%B5%20-%20%E8%80%81%E7%8E%8B%E8%A7%86%E9%A2%91

Requested by

Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Fri, 03 Jan 2025 09:01:45 GMT
Content-Type: image/gif
Server: apache

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 322ms
303ms Script
application/javascript 14.215.183.79
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?de71d33996c1f5d88b5e7a859512d227

Requested by

Host: d.dkfgytty.xyz
URL: https://d.dkfgytty.xyz/ty/E432FF3D-4BEB-15929-34-8AC5635224C4.8DFF6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

3d5c80a280a11a9cd3250fbce8a5fb7c91b6da0452e25a06ca6fa3c1a8e45861

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Etag: 99ff729cad8e0326b81d436b8ed0f9aa
Content-Length: 11289
Date: Fri, 03 Jan 2025 09:01:46 GMT
Content-Type: application/javascript
Server: apache

GET
H2 200 01A2d224x8xhxu4pm9AD3.gif
dimg04.tripcdn.com/images/ 1 KB
1 KB 140ms
37ms Image
image/gif 2a02:26f0:3500:1b::1724:a38f
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dimg04.tripcdn.com/images/01A2d224x8xhxu4pm9AD3.gif
Requested by: Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:1b::1724:a38f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: /
Resource Hash: 6723dd61debb18f765a49a7ea34875b8144c4eabed0892bfc1d142cccf3c0a7a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

cache-control: max-age=1139091
timing-allow-origin: *
etag: Dg0on7fbkA,01A,01A2d224x8xhxu4pm9AD3
x-cdn-pop: DE
x-cdn-cache: Hit
c-via: akamai
expires: Thu, 16 Jan 2025 13:26:37 GMT
access-control-allow-origin: *
content-length: 1103
date: Fri, 03 Jan 2025 09:01:46 GMT
last-modified: Mon, 01 Apr 2024 00:00:00 GMT
content-type: image/gif
unique-request-id: 650331f3

GET
DATA 200
OK truncated
/ 594 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bb2963c4fa5c227501188ef57b2a7e43913d878acb70e64fb6036a3f154d46b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 e5eee24098c4bbd7.gif
img12.360buyimg.com/jdsurvey/jfs/t1/220981/4/29649/71476/64a01eccFdec621e5/ 70 KB
70 KB 243ms
24ms Image
image/gif 163.171.132.119
ML-1432-54994

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img12.360buyimg.com/jdsurvey/jfs/t1/220981/4/29649/71476/64a01eccFdec621e5/e5eee24098c4bbd7.gif

Requested by

Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

163.171.132.119 Frankfurt am Main, Germany, ASN54994 (ML-1432-54994, CA),

Reverse DNS

Software

nginx /

Resource Hash

09e50d97a2eb4a44f64e59d674f951527f599a2f46c49ac39a370db1e0ef862b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

x-trace: 200-1732041191937-0-0-0-39-39;200;200-1732042308352-0-0-0-1-1;200-1732042271655-0-0-0-5-5
strict-transport-security: max-age=31536000
cache-control: max-age=15552000
timing-allow-origin: *
x-ws-request-id: 6777a77a_PSdgflkfFRA2gb73_3774-47486
x-via: 1.1 PSdgflkfFRA1hb199:10 (Cdn Cache Server V2.0), 0.0 PSdgflkfFRA2gb73:13 (Cdn Cache Server V2.0)
age: 1
via: http/1.1 ORI-CLOUD-HB1-MIX-74 (jcs [cHs f ]), http/1.1 HB-UNI-3-MIX-227 (jcs [cMsSfW])
expires: Sun, 18 May 2025 18:51:48 GMT
access-control-allow-origin: *
content-length: 71476
date: Fri, 03 Jan 2025 09:01:46 GMT
content-type: image/gif
last-modified: Sat, 01 Jul 2023 12:40:44 GMT
server: nginx

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 322ms
322ms Image
image/gif 14.215.183.79
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=B44F7F21DCC0C22A&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1166041927&si=de71d33996c1f5d88b5e7a859512d227&v=1.3.2&lv=1&sn=3826&r=0&ww=1600&u=https%3A%2F%2F6mqcu.ut-sm.com%2F&tt=%E4%B8%BB%E9%A1%B5%20-%20%E8%80%81%E7%8E%8B%E8%A7%86%E9%A2%91

Requested by

Host: 6mqcu.ut-sm.com
URL: https://6mqcu.ut-sm.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Fri, 03 Jan 2025 09:01:46 GMT
Content-Type: image/gif
Server: apache

GET sv
d.dkfgytty.xyz/ty/ Frame 2B13 0
0

GET
H2 200 pv.php Show response
pv.dakawm.cc/ 9 B
184 B 1050ms
227ms XHR
text/html 47.236.72.183
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL

https://pv.dakawm.cc/pv.php?op=pv&ext=3676k2rC6sELkf8DB4UyC3iOuGbjbxMGiR38IypqDbuG50Q3cDxmlHcpShAAi8JLn0PiEt+HLSU40hm7QjCoGOgIfM2zDJfh+vr3gHkq7Cr+uNL8XhQWshDwdf34LsmfqFAD/uBPvpgSpUw4XBzFcybneSN/6ObQOeo1+0BVvp7EvvK6iG9GKcvk0JI

Requested by

Host: d.dkfgytty.xyz
URL: https://d.dkfgytty.xyz/ty/E432FF3D-4BEB-15929-34-8AC5635224C4.8DFF6

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.236.72.183 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),

Reverse DNS

Software

nginx /

Resource Hash

9d3faa7e12325ccecd87e9b0f7ed4c343e32a184ad493c187d5989a0e9d20e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 03 Jan 2025 09:01:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 lw_logo.png
static.readmepublic.com/static/logo/ 6 KB
20 B 167ms
167ms Other
image/png 107.148.199.132
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL: https://static.readmepublic.com:59802/static/logo/lw_logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.148.199.132 , United States, ASN54600 (PEG-SV, US),
Reverse DNS: 107.148.199.132.news2.beatsphone.com
Software: nginx /
Resource Hash: a2b06e636d9abbb68d765b9cda11e8de2a32f2666da0544ec74e963411e11508

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://6mqcu.ut-sm.com/

Response headers

content-encoding: gzip
etag: W/"66fd849a-19f6"
access-control-allow-credentials: true
access-control-allow-methods: PUT, GET, POST, DELETE, HEAD, OPTIONS, PATCH
x-cache: HIT, server, memory
date: Fri, 03 Jan 2025 06:17:51 GMT
last-modified: Fri, 03 Jan 2025 08:19:50 GMT
vary: Accept-Encoding
server: nginx
content-type: image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.readmepublic.com
URL: https://static.readmepublic.com:59802/static/logo/lw_logo.png

Domain: d.dkfgytty.xyz
URL: https://d.dkfgytty.xyz/ty/sv?gp=3676k2rC6sELkf8DB4UyC3iOuGbjbxMGiR38IypqDbuG50Q3cDxmlHcpShAAi8JLn0PiEt+HLSU40hm7QjCoGOgIfM2zDJfh+vr3gHkq7Cr+uNL8XhQWshDwdf34LsmfqFAD/uBPvpgSpUw4XBzFcybneSN/6ObQOeo1+0BVvp7EvvK6iG9GKcvk0JI&u_fv=0&u_url=&r_url=aHR0cHMlM0ElMkYlMkY2bXFjdS51dC1zbS5jb20lMkY=&u_sw=1600&u_sh=1200&u_scd=24&plat=Linux%20x86_64&os=Linux%20x86_64&lang=de-DE&enjc=11&u_bw=1600&u_bh=2716&iv=rzhxi.1735894906&u_utz=1&yd=ZGNjPXllcyZkY2w9MTAwJSZjcG49MjgmZ3ZkPUludGVsIEluYy4mZ3JyPUludGVsIElyaXMgT3BlbkdMIEVuZ2luZSZjdD0xJmRpaXQ9JmRpdD0mY21uPQ==

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-21 11:47:34	Name: HMACCOUNT_BFESS Value: B44F7F21DCC0C22A
.6mqcu.ut-sm.com/	1970-01-21 10:57:10	Name: Hm_lvt_76a047d2c3123b45766d9dd697b629cb Value: 1735894906
.6mqcu.ut-sm.com/	1969-12-31 23:59:59	Name: Hm_lpvt_76a047d2c3123b45766d9dd697b629cb Value: 1735894906
.6mqcu.ut-sm.com/	1969-12-31 23:59:59	Name: HMACCOUNT Value: B44F7F21DCC0C22A
.6mqcu.ut-sm.com/	1970-01-21 10:57:10	Name: Hm_lvt_de71d33996c1f5d88b5e7a859512d227 Value: 1735894906
.6mqcu.ut-sm.com/	1969-12-31 23:59:59	Name: Hm_lpvt_de71d33996c1f5d88b5e7a859512d227 Value: 1735894906
6mqcu.ut-sm.com/	1970-01-21 02:12:25	Name: UBGLAI63GV Value: rzhxi.1735894906
6mqcu.ut-sm.com/	1970-01-21 02:12:25	Name: __ty_cpvx_t_15929_cpv_plan_ids Value: %7C130%7C
6mqcu.ut-sm.com/	1970-01-21 02:12:25	Name: __ty_cpvx_t_15929_cpv_plan_uids Value: %7C63%7C

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://6mqcu.ut-sm.com/(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://console.readmepublic.com:59801/static/web2/js/main.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://6mqcu.ut-sm.com/(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://console.readmepublic.com:59801/static/web2/js/main.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://6mqcu.ut-sm.com/(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://registry.npmmirror.com/qrcodejs/1.0.0/files/qrcode.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://6mqcu.ut-sm.com/(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://console.readmepublic.com:59801/static/web2/js/index.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://6mqcu.ut-sm.com/(Line 1) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://console.readmepublic.com:59801/static/web2/js/alpha.js?u=https://d.dkfgytty.xyz/ty/E432FF3D-4BEB-15929-34-8AC5635224C4.8DFF6, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
recommendation	verbose	URL: https://6mqcu.ut-sm.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://6mqcu.ut-sm.com/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
rendering	warning	URL: https://6mqcu.ut-sm.com/ Message: [GroupMarkerNotSet(crbug.com/242999)!:A010120614380000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6mqcu.ut-sm.com
assets.readmepublic.com
bfs.consoleiis.com
console.readmepublic.com
d.dkfgytty.xyz
dimg04.tripcdn.com
hm.baidu.com
img12.360buyimg.com
ngs617.lrqmyn7xhkvz8l65het4.top
pv.dakawm.cc
registry.npmmirror.com
static.readmepublic.com
vimg.larkstatic.com
d.dkfgytty.xyz
static.readmepublic.com
104.219.214.13
107.148.199.132
107.148.21.154
14.215.183.79
163.171.132.119
198.41.216.3
2400:52e0:1e00::1081:1
2404:2280:1bf:0:3::7ea
2a02:26f0:3500:1b::1724:a38f
36.150.215.134
47.129.177.99
47.236.72.183
00bf73aae52d45f3f55761c1f9acb929cd332f2232e066833082ce09f9a62b21
06f5f823da760db4df0a8492d4e00b507db977154367059cd015f3fb5a32fdc3
07ea13db5968359af05f0eab913d1f23460ff895d36c1409abd0a48ebfa7e636
09e50d97a2eb4a44f64e59d674f951527f599a2f46c49ac39a370db1e0ef862b
0a30f0b06318bc56fb5de25678d30cb69c2fa918572de01183a96d4475003221
0a41c5c8558348415799ae9e0cd38988ffa174030ce85f02373ee8c45df105d4
0df81fbf2a97c65d32c2afda55b673d8ef966dd90af403c6f7fc1d0d9e8c9ed7
11eea58ba03157a28f5c537d4f961e6a1daf27c5782490a759e4c5632181498f
1a5191848aef5f9b12385c5c5817f6e6d9fc85093cb7ec8632aedb0d3b2c8485
1bb2963c4fa5c227501188ef57b2a7e43913d878acb70e64fb6036a3f154d46b
1bdde59d8bef6b317be2eadaa98d84403c03a2ec57737d3b2b7617b4d869e967
1f5edb2d009e84c0fc6053f5abd5d6f2f0a8b0d9ce36e68fa69a81e8ecdb5ae2
243b7ed67f937a15108d153d7e11630ad05ebfd609a3f6dc15e2cd16cf6019f4
249d649d9b6a8ea029bc9de43b498178ce00c7efdbd2718df43892e9dbb838fe
2dd44d4e7c222a10828ef7a3d10ac740cbb6cf269ae4688c464b5b9b67917096
34548ea196b54a72899bbedf294bcc3b0ac732ad983a35d0748366a2d7d8cea5
34b7f6cc1d59ea232895402e1e6f7270193a4e32d8e51bf064c31fe0bce710dc
387bf305985c6f9587696d929f84b7c6b044fba15b9379e33ceabf54a7a22c1f
3d5c80a280a11a9cd3250fbce8a5fb7c91b6da0452e25a06ca6fa3c1a8e45861
3ed976e697847cec1de8647a544542af0c0d25196ba3759721a4664c7b8f7d1d
40dc8a19751a3fc0d6ea5de06f25c4928017280e4f2cd9ca03480533d89bfcaa
4409eb408ef00626f06c3cd4f23d790dda4667f1dd36274af06db267fe6187ce
4a711f5cd03c09fd79ae2f19bb2f71168e71c18b7562626a1ae8d99ebc3212ff
5c8d2e08530c0c4b6d4782c75924046598579afc47b85f196892ee2a0701f8d5
5eaedbc4b7f802d565a66abf7e71a59939a89b38efd0683f79a2d0dca606873b
62759c0ecb3c1b26b7d92afc553f0ebf9f682e49b55612051447bcd35a296762
6723dd61debb18f765a49a7ea34875b8144c4eabed0892bfc1d142cccf3c0a7a
6c2b22f2a98122616d54783499416f073c34ee82c436a49e588926d0a70a8cfd
70cdefe44e6286d402b0958e8e889198cbd03ddf4570fe9b7f3f5ac702dfa951
7292a0bb513b5c9baf449fbb249c8af5ff7cbb8ab242bfc898274f2060f573c2
86e717dec94a9d8503e371278588ddc54e7a59c220a9f329aaafa15d9c492f4f
88ffe3a1eb8249f12623debd2d7b6ed3ed8e2cf144da98583609a12c23e181ae
8c4fd59fefc8bfa4813e23a8047339a83a8fc68e25b3c24b98c024a976a532d9
8dc9faa52b0b7dd0c9af0ac487c53e377d3d2edaf84a9e88f3f5160a4a9a18c1
90023ae7eae594cfee861580bb2fadffe34b9b3fe6ee17b8d12db1357deb500f
9038ec36d109265e8fedf25b975ff516a9ecbc6488bdcdd17475c2524e988cb1
9288acf1b7adbe8f3af1b97ff112016654bfd4c2f2f565aa02c9473821e10fa5
9ab399f6ef8a4a91e74c07bd96f7f65e09269ee1c76a62014d4e57f42a93a20f
9af9430cebe3c5bfd931de83cb59968164915a6eca89e41882dd78dba259b552
9c0fab1fa50c26035b31f35370e70814cf7f2da9c50974efa15527dedc7844fa
9d3faa7e12325ccecd87e9b0f7ed4c343e32a184ad493c187d5989a0e9d20e93
a2b06e636d9abbb68d765b9cda11e8de2a32f2666da0544ec74e963411e11508
af85fcdc0ffe18f2b68d0f0188d8122ee6e2cb8e81fa4247d7f9f4bdf9ca6e29
b2de548ca7548afd4382d502bd7ec8ffabb7544b43e26ac4da713ed5a9120658
b7af4e3cfb09ccddf0023ef4e3d8a78aa6f4c82564c528f910cf400ac4d1a623
b821c7b7b6514f4d94c3186d4ff9a6c729835b2b70fd0bb2a4dd6f9c581b1c86
ba6e88b153b39fcf2f697e3ac46889f57521c86760fa58e282637cdef0a1a4ef
c0e970cf525d6ba930b88f7aca532eafebee62693c923ada13b3dbd33eb7f9d7
c48a42e47b69f22b5537bb81d2af4a462e38cb1b3d6c1591e91ed3f6169a2679
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
c84b90346936b3d458c9a4a1aba1337ef2a540079b9001b50a15ad6cc00da50f
cac04308aecf9aa8139e696bfc3f9ac0be0fb8b5d2eb01fe3599f7f1a6e100e8
cc565c54699f3e8c43050e538303e01b2ac191da59ac242cbec8a85b51286987
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d28530bf85dba1356c9d4384fdca056ea9d00f2f270c7b197e555054a1d34d97
d66d8642454bc51c8cba48b6f94b46ad1cc633f6aa54532870e60e1dfb0d0560
dc1b80f1e1c2b0b7141c81eb303b76ebd39136094fe81c54ec8e51cf8928145a
e10aed88be193a32494866a702f9b11dd365adcce94983342d85761652df69bb
e116cd90cd5843a148c438c5696f6c29c8422c048a83f7312971c8a500561573
e4e5fc96b874994133372faa61108801098942b3c59afb83c0a0a87ad2828068
e74120903652a0e424990f1199e1ca4ecf2b67b3bb817a12f0cfc6204dbfbbf7
e75125e9a55714ee9b6f7dfe6d950f199568754c8a53af2e8bc0a66926d3102a
ec4a131dda94d9dcfc6ce619a078ea0f1a6e92442e0fa056a082ced11d8e55e4
f1b4fb61371257bb31fd289969b733ccee8a600cbd5e2e8bdff05acb5dea19ca
f1b55025344e357313065e8a4c8be9b2d0e37bc0665cc138531bdd536e9dd664
f410505b0981e30d6f3f60ab62e6e2472fceb50b5fa9c9e4656e58154c432fad
f57fd4f97e491daab2968d767749efd524e60a4d7842231bf6564d5ef8dfcf6f
f7a517ac7a7bbeca1886d481a4aff84a5a301ab75dec11ee80ad342c4f84792b
f7f30167ba87595e7b5320fd34be55a69b64996b1e9bf01249336bf46dee01db
faa960877eb2fd29401f41650a638cbfc76acc268a250676abc42ff862726cf3

6mqcu.ut-sm.com Open in urlscan Pro 104.219.214.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

97 %HTTPS

25 %IPv6

11 Domains

13 Subdomains

12 IPs

5 Countries

5432 kBTransfer

6403 kBSize

9 Cookies

3 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

6mqcu.ut-sm.com Open in urlscan Pro
104.219.214.13 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

97 %
HTTPS

25 %
IPv6

11
Domains

13
Subdomains

12
IPs

5
Countries

5432 kB
Transfer

6403 kB
Size

9
Cookies

70 HTTP transactions
4 data transactions