165638.com-165638.mpv.165638ee11ee.buzz Open in urlscan Pro
27.124.33.26  Public Scan

URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Submission: On April 28 via api from US — Scanned from SG

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 39 HTTP transactions. The main IP is 27.124.33.26, located in Singapore and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is 165638.com-165638.mpv.165638ee11ee.buzz.
TLS certificate: Issued by R3 on April 28th 2024. Valid for: 3 months.
This is the only time 165638.com-165638.mpv.165638ee11ee.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 27.124.33.26 152194 (CTGSERVER...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
23 2606:4700:303... 13335 (CLOUDFLAR...)
1 172.67.69.123 13335 (CLOUDFLAR...)
2 183.240.98.228 9808 (CHINAMOBI...)
39 6
Domain Requested by
23 amtk.11828.cc 165638.com-165638.mpv.165638ee11ee.buzz
11 165638.com-165638.mpv.165638ee11ee.buzz 165638.com-165638.mpv.165638ee11ee.buzz
2 hm.baidu.com 165638.com-165638.mpv.165638ee11ee.buzz
1 tk.tutu.finance 165638.com-165638.mpv.165638ee11ee.buzz
1 h5.l1l1l1l1l11l-l1l1l11l1l1l.com 165638.com-165638.mpv.165638ee11ee.buzz
0 vbe.smhkbnry.com Failed 165638.com-165638.mpv.165638ee11ee.buzz
39 6
Subject Issuer Validity Valid
h5.ww522sd-jdnn.com
R3
2024-04-28 -
2024-07-27
3 months crt.sh
l1l1l1l1l11l-l1l1l11l1l1l.com
GTS CA 1P5
2024-04-16 -
2024-07-15
3 months crt.sh
11828.cc
GTS CA 1P5
2024-03-21 -
2024-06-19
3 months crt.sh
tutu.finance
E1
2024-03-06 -
2024-06-04
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2023-07-06 -
2024-08-06
a year crt.sh

This page contains 3 frames:

Primary Page: https://165638.com-165638.mpv.165638ee11ee.buzz/
Frame ID: 662A10E3C66E3AEB5BA0431D3A507A9C
Requests: 12 HTTP requests in this frame

Frame: https://h5.l1l1l1l1l11l-l1l1l11l1l1l.com/new/new_kj.html
Frame ID: 230CFAD99117E2165374369B2F189C6B
Requests: 1 HTTP requests in this frame

Frame: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Frame ID: 177ED5F18576C445D18E330B09FE6A35
Requests: 26 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

39
Requests

97 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

3078 kB
Transfer

3207 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
165638.com-165638.mpv.165638ee11ee.buzz/
71 KB
10 KB
Document
General
Full URL
https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
2e656c5878af1424a05eae5bc783edaba54291ecb553e28857eba094d5004f0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 28 Apr 2024 22:25:23 GMT
server
nginx
strict-transport-security
max-age=31536000
txcss.css
165638.com-165638.mpv.165638ee11ee.buzz/style/
28 KB
9 KB
Stylesheet
General
Full URL
https://165638.com-165638.mpv.165638ee11ee.buzz/style/txcss.css
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
eba3d0525ae916ec3a7d16e49e71f640fa719de81ac488bee00a67974183b16c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:40 GMT
server
nginx
etag
W/"65ef66a8-6e5c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:25:23 GMT
wind-reset.css
165638.com-165638.mpv.165638ee11ee.buzz/images/wind/
3 KB
1 KB
Stylesheet
General
Full URL
https://165638.com-165638.mpv.165638ee11ee.buzz/images/wind/wind-reset.css
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
4a4d95870439260445a3b5a53f1b450a64321c168730d700ec40ba2f794b655a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:41 GMT
server
nginx
etag
W/"65ef66a9-af2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:25:23 GMT
media.css
165638.com-165638.mpv.165638ee11ee.buzz/style/
5 KB
1 KB
Stylesheet
General
Full URL
https://165638.com-165638.mpv.165638ee11ee.buzz/style/media.css
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
a53530620f94eb34730e1635c95f4d02f9ed449addcb2595a34a848bd37374b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:40 GMT
server
nginx
etag
W/"65ef66a8-15a6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:25:23 GMT
pw_ajax.js
165638.com-165638.mpv.165638ee11ee.buzz/js/
7 KB
3 KB
Script
General
Full URL
https://165638.com-165638.mpv.165638ee11ee.buzz/js/pw_ajax.js
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
a17c51f0de393f2cacd76464680d68a21148dc940f61afc5dc4e79784896e4c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 13 Apr 2024 13:52:21 GMT
server
nginx
etag
W/"661a8e15-1a5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:25:23 GMT
865559.gif
165638.com-165638.mpv.165638ee11ee.buzz/images/
231 KB
231 KB
Image
General
Full URL
https://165638.com-165638.mpv.165638ee11ee.buzz/images/865559.gif
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
ed9b8bbd6e2a85ccca09d5b1785de308a4ec1f5b8fb3fc5a2229ef65d04f467c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:23 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 11 Mar 2024 20:16:42 GMT
server
nginx
etag
"65ef66aa-39a00"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
236032
expires
Tue, 28 May 2024 22:25:23 GMT
Deploy.js
165638.com-165638.mpv.165638ee11ee.buzz/js/
2 KB
1 KB
Script
General
Full URL
https://165638.com-165638.mpv.165638ee11ee.buzz/js/Deploy.js
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
5c08766973e46c6237da4860553a264670d96726234185ddb4ce43c6ba8e7352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:23 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:43 GMT
server
nginx
etag
W/"65ef66ab-778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:25:23 GMT
global.js
165638.com-165638.mpv.165638ee11ee.buzz/js/
10 KB
4 KB
Script
General
Full URL
https://165638.com-165638.mpv.165638ee11ee.buzz/js/global.js
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
9b43e375f0f7cb0112794f903f588c8eecc8994d17cb408780cac22f6d6de82e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:24 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:43 GMT
server
nginx
etag
W/"65ef66ab-2669"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:25:24 GMT
new_kj.html
h5.l1l1l1l1l11l-l1l1l11l1l1l.com/new/ Frame 230C
0
0
Document
General
Full URL
https://h5.l1l1l1l1l11l-l1l1l11l1l1l.com/new/new_kj.html
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87ba77d6cdfaa033-SIN
content-encoding
br
content-type
text/html
date
Sun, 28 Apr 2024 22:25:25 GMT
last-modified
Sat, 17 Feb 2024 13:47:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9BiclDFhZmP4mKxJm%2FCFkZuFVQFQ0FEqD2jcMZy9ou5i5QAq617d4KGeR4KWr4k%2BvXlNqR%2BlMl7edI0JbRocSLAcN9xOU6GTQDDbqWt%2F%2FEk2SkBoYNH%2FCgJ2wN8JHvi71p%2BNlNOXjci4j6dqb7%2FfNZ%2F5t5m2Wt7URvIoE9AMtA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
xgk.html
165638.com-165638.mpv.165638ee11ee.buzz/ Frame 177E
28 KB
3 KB
Document
General
Full URL
https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
39b21b2f01a58ef707196261bf9e090b9c9b0cde567ede9e33f8232c0ce2e278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 28 Apr 2024 22:25:24 GMT
etag
W/"662de422-6f78"
last-modified
Sun, 28 Apr 2024 05:52:34 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
Deploy.js
165638.com-165638.mpv.165638ee11ee.buzz/js/
2 KB
0
Script
General
Full URL
https://165638.com-165638.mpv.165638ee11ee.buzz/js/Deploy.js
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
5c08766973e46c6237da4860553a264670d96726234185ddb4ce43c6ba8e7352

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:23 GMT
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:43 GMT
server
nginx
etag
W/"65ef66ab-778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:25:23 GMT
amgp.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
68 KB
69 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amgp.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7e3f8d12a15e17eafc0e29ac215d2f17851084444979cb5002d5c81f4a022479

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2474
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
69675
last-modified
Sun, 28 Apr 2024 02:18:47 GMT
server
cloudflare
etag
"7dcc0661299da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1ITUWL4Cba%2BFw526yGYnib6OtI61qxkxfnUzn4e03I%2BpNKxc0KaWXdQWmwJEIyTJ7lyAjA0wZ2hQXqTd3y6DzG%2B5qIzSsBzIsjgTuVXcjOMuA4C2Wx4L8I%2B%2BxConw5MFE6ORuvjT1%2FYc4Af"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df5d48e8-SIN
shym.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
120 KB
121 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/shym.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ddf4a13930a996f0cecc3faa4a89f805dfd223f61e6630fbff7ae1c5dbf783f2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:25:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"44be5e4a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T6JCLvVhiK318aZpKjso%2BKY9CYvl1eJsXlqh3i3Eo4A3Qabvs%2BBUaIDufuxHT7sLe7Bw5AXCgs8wxC2eFmwERV10azIA91juS5NOud0P1vLzrPkmVyJXvEfmf%2B20Xr8wCN3swFZac7GZB%2BCR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df5c48e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
123221
amsbx.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
119 KB
119 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amsbx.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a074fe10930a14ab2d49da765394e65386f57d02c2134732fb033ff89349d874

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4753
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
121470
last-modified
Sun, 28 Apr 2024 01:24:35 GMT
server
cloudflare
etag
"67abadd4a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dTrbQj9Q3mMxuORJOZZguVqL3WLDEjUB%2F9fm3riOocBDg4MyNUF%2BUBhaDIVEFxZZHROmVMcJ6e5ZTzBgxptzL5mfSA9MPpr8uHa1fkM9sfeC60M2FpUNTF%2FhWXtZXPNPAy7DDiNQLK%2BQA8Yy"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df5e48e8-SIN
amnrw.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
44 KB
44 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amnrw.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2dab282e8c82efcae05d5219d4b75d8848c56723d4d6a72574e57c31f338ce29

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2858
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
44796
last-modified
Sun, 28 Apr 2024 01:24:33 GMT
server
cloudflare
etag
"e3997ad3a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fgRPqL3Fbts22nz7XvwkIUsOO1u0Wet2P49NBIdvrgIhKN2P1GvUWVawccoY3h6MNS2POOwBtiu3EBryCguecQyyd%2BHuomUKh7oWGezarzxxVLD8VRCd1nDmiQYjTpoiNYNrMoh6Unat30lQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df5f48e8-SIN
amyzjtm.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
50 KB
51 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amyzjtm.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
41528347461d71a665b4787645ca9f9ccc9a57f21c50daaccd3f57275201d425

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"447ec0d6a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86Eg9SonQYS2mQqVO5CSPI1ABssMC7Yhipl9Yon%2BRtrfDT2VGuBWhYWIBVMtnopQsAzZrSN%2F%2Flmi9neL8gyrn3qQpakhlnP4SPNl86Uqy5JJPXILqiH3czkoHJLoj%2FULY%2BkwOCjHdhZzB4UW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6048e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
51460
amzbsp.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
101 KB
102 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amzbsp.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d585048269b70c6d7eba8593455e23b2e7f4901788186ab28fa4c5cfd2b671a7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"cb243d7a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J5oGfQ%2BeSDRvB68uSSRKbptiWGZ0%2FiqZsqhLYKX0tUBQdjpXLfsXyl%2BRp%2FLDJDfX96hxx3JVp4SrozLVsVxr0RGWpoL0V7z4De1coJNkJ3vbxYALwoplKqQR0J8bvCELRcukVIau6EL%2Bad5G"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6248e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
103670
dcxj.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
25 KB
25 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/dcxj.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
01a4f88d4f865121cc5be80c73d942882f3c0f0498d8f66e5430cbd662013927

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 11:37:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c8f146666099da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kopmiRcZc7j6oPw03v%2B4Go9QdTzhUXMzr1iDmLbqPJwHRt5bL760J7crBoeEBXbtfHrZDIE9CdJSsTNCBeutHaV2DHUtaLUbir9UCvMjLekAlrc4BpIg5nD2OwcTPV9vfV42uslGozp31fyG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df7148e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
25429
ampt.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
41 KB
42 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ampt.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5726236e13a45f0461852176bb31087d2ebe7d7d4b92a26fb3200c919aaeeb3f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9fc76fd4a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wdtPZ5kIn9p1W4p1VTc0VwfsmXrHeFv9Fy8Tf7lbjpWgEcbmtAEXQhpKMrHmAiZswQCkdpL7Z%2FXGBUDPS9ePmKI3TMNmKjyP%2F1o9Z4i1alGauhaoxvVAZXNEV8Qasd%2B7p3n4W2Ht0t3aMmF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6548e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
42171
amqlb.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
60 KB
61 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amqlb.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
331daa0a575061d7276d4a12f8f9664d6e7890f1a7fe4e23eefac2b3c53b558d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4702
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
61705
last-modified
Sun, 28 Apr 2024 01:24:35 GMT
server
cloudflare
etag
"e31a91d4a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Ttd%2B6SubDK5r0oRLlneXoAT9za7dyVo2evtksohFTs%2BhcRNEhz3M1zeyUhg%2F0tuEJej%2FWCm2YIFOG4O1moBGigqabb01lnDc2v1JbqjoSKA%2FoYcVnD0bWMRvHF1wlUfmgG%2Fq3HgbBrF%2FUw1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6b48e8-SIN
amhh.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
137 KB
138 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amhh.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
23d9be245567cbdd0e59e24ec2ec8d34bdb70304b9e248ca35d88e6ee8c8e927

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"342de1d1a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wAsLu1%2BdWZHeXyfniTdiDqwwdhfvzBn0I5OuE%2Fcrm86VFXCd5T7kZVtny%2F9new357Bs%2By5HiVzhlkY7CboHJvN%2FXY41fA4%2Bw0ve%2B0f%2FMA7LQW%2FHwZEeKmZdbxfuaIagW7FqX5UkBUMCwvBIG"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df7248e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
140491
ambxgh.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
171 KB
171 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ambxgh.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3be5879ff60bcfb1fe42f63b9b8d19b024f861ef0f6885dc65f5acd280311f69

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"aafa74d0a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9sZ5sSJ4B%2Famwd0QOjoG1Y7AX42h%2FkBhil7NoJv6cIvmxFj1dTeyHMQbiRZXoBiOP12SxhFtqTd%2FonJ1dS2EypT1Qa%2BLP%2F7kDg3QH6sw1LeDdm7jTJgvcWH3aGoJ%2Bcvbo585FdaBEf60eGNL"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6648e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
174782
am30ma.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
95 KB
96 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/am30ma.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3bb5c512a323b2238563f6f26f1977a32922e0d7418adc73d88a0d62a914cd77

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c2f22fd0a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Q8DhiByAaXZtr9byoyH%2FAPdrUQCvq1NE5XjiJz8nGALAxjJiL8Og%2BIlmn3UoNSxLnDMh58UYhz9eMsHKrtkbA5%2F7bLNYGntQ5WrRsq%2B3ChsHyqDudZaSkJRTcFW5hvLiYNArvtR3V1TfsnA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6748e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
97446
am4z3l.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
145 KB
145 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/am4z3l.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ae59e1edd0a0cdb37401e794ea9b124e15b62bba40b90355f2eedac8a5306f5f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a8ef61d0a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vdtleus%2Fd3c725jqZzkXka9j9HA%2BJUR2eXfNM%2FTcAXqFQ7qPYoUgZYNUYw4UgU3CjPAaO5%2Bt9FcWSdOaR9hbTpR%2B4pJ%2BaytWvcNg5Q%2BshSe2%2FposwGDCnh%2BnRd%2BWToQifDXi%2BzFBi03Juh6N"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6f48e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
147998
amht.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
141 KB
141 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amht.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
55cbcceab0a4c3d441c21e15b4cc917423d1df485678856c3711e34018cea8af

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5b7221d2a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqQ4MKPULABufF90H4YH7SWcd4BUyFOBtgcS%2FnwIOOpq4tp9i9pppkHB0CvWrgJTeuZyvnKf88C4NpB6Je6Zgrq0OSu%2FOMhZgyLgLjWXVq3FxX4Li76LeAKK4LXH0nHI%2BQ2EwOMz5ia3qHrl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6a48e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
144136
amdszt.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
154 KB
155 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amdszt.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
614613bb3c6d72f6712af33fd6e25d49deb6356199f3db8717e0575499d0c570

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"23d548d1a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OqPmQ3WwM76fCjnQqX1Mz5YIDNCp4Y4V8BdN0G%2FxypFQAKgIQ9zuaF9JZfvk8zDBxeucdZE5BxuCTZFZtpB%2Bm4z3FjHqQh7C0da6cYInaOoXb2Jyo3sABR6KZHGocQVrhxUUHO3h46W5rnEA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df7048e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
157958
ammhb.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
131 KB
132 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ammhb.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d23c59b758e66b9dff1f53bc3b634c889e29947c2865aa7576dd1f7b0790484f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"94ffad2a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H9dmstrEJ0qPvcbkLeJMffbnkNQSDBjpOSS2dHvpXwMcwZ7M713UUgH80iqALY9uLcowrF79ATKaKjPW05bZEZfT%2BBblHLBnb%2Bgee%2F98yRpfWi5jrosjl%2FkNU6JgnVisXllLEpbkIz6NrPq8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df7348e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
134353
amcsb.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
144 KB
144 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amcsb.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6cd0b3b1de18a26e633b1b4c44eeddb94c8aafb9c0fb8dcb9a8473352c819e5c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b326c1d0a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d2Ozu3SvCb9k94h%2FrZeSOGYGJgmiqkyHUKdDzP1WdKogXs0DPIApp4X9Ojd%2Fyo14WGvr1hjcvgbDsgCRjRKD36I3Ab7cNg%2FGpzXXcttRsbSSKAjEuflE0hgxmnko06nhCezWxzTsESMJJtHI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6d48e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
146976
ammh.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
43 KB
43 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ammh.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a1867f5cd8b3d2fae73ddc1cbe0027f2ad3c6a5b4db075aadc8930fd330055f7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f365e9d2a99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fDbiz1k5HryEX9mmxuUr56UZQWC3Qa79vFKpz9LDRccBjjM0ay3rRawXMYvDWv1Gid%2FBVhdPkM8afq6f%2FVT7V9cAPvs9LArw1E%2FtHq4li33wFR2Q73l1NdCFRmfhc0RW6meQOelLiI%2BilKHl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6848e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
43681
m33.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
76 KB
77 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/m33.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ee8de895de42678b44345a6c61c0664ebf984e8cfcc0a69ebbc67af7700146a2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 27 Apr 2024 14:17:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ed74b0a0ad98da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zeEiI9eZFzNwmuGhGJFCOa5%2BJ9yPzEmgEB5%2FzXSaNFJpeDkNIHJ3alv02xZXS3b8eAGL3jG2YEq%2FOvErRsG%2B5zxt8wNl9WsGPuO31NNcpB4sq%2FtiPUx4pNEF%2BUOSwMwLQSRZfKZzs4Yc%2BUAq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df7548e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
77831
c008.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
187 KB
188 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/c008.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
696104dbe69d21a6dc26d598ef5356861e0341fd92d5fe7ad5f72f81d5a9a50e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 27 Apr 2024 16:08:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e1cd5714bd98da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BESTY6yM0C%2FDxredOh94O5a2m34%2FhMjrTvOy6odK8MaoHE6aTaUUzyMeO5nAJrZJX0kzKpGEfCDJURk2nAU%2FY39ofGgkr80kkuGn25CWOlSeIjcmf5ZcKq%2FtgUMWwiJbvpN1i2Fl%2F3ZYgWiK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6e48e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
191926
jigongshi.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
110 KB
111 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/jigongshi.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5f2da1d669d113cd9f263817116f4ddc52e68ad1ff0fa7738a14680c32b4c593

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7f2c33dea99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9JITzJOBB74Gy9qXU8VmsbzvTXD6yK%2BqS%2BBndPItOXVl%2FWRpCFF%2FnkoP3SopEJjdA%2BFMxUXNs5DNxqtriGfa1yNc7amIpal4a95SCG5IJmK18ysgQMAbNe3UsKgFRxlazHX4Z9UIt%2F1y8694"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6448e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
112757
fhtjt.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
244 KB
245 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/fhtjt.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8d0d55182a9ce5604733c35d0b60574d6d7175f1df69835648f9e9c7502a233b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"514376daa99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iNElane8vDorPGoE5XXJKvJpzqBz5i7wsQizL%2BhyLeBwvizWclQy2akkC2dntCh5EQRBvdho5u%2Fnq37qp08ftOfHHungG0NEzmpucPVFnLIpv4l3NL6BhFYAPGhyjxhH5GNtyaYDUiqThX7D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df7448e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
249885
ktjtx.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 177E
191 KB
192 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ktjtx.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bcf7283882324993effa604c7460453f23b08bed70191487e4e5fd75c164b985

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 28 Apr 2024 01:24:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"bfea44dfa99da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qlauOqECfNMEWek%2BpxFAt2hxcG0Cq2M25967DiOSY8r%2FHtn%2BxhQNl1Cki8JSqRYj7cWiYXngQ2SYDgfmnFB%2BR9VhG1B2shtUI3%2Bwe9mYZYflI%2BHy7RNTqhVLOUnjsk3goncAE54kcyc4Kpmc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba77d8df6c48e8-SIN
alt-svc
h3=":443"; ma=86400
content-length
195760
amwc39m.jpg
vbe.smhkbnry.com/aomen/2024/col/119/ Frame 177E
0
0

tt39.jpg
tk.tutu.finance//aomen/2024/col/119/ Frame 177E
100 KB
101 KB
Image
General
Full URL
https://tk.tutu.finance//aomen/2024/col/119/tt39.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b28ea076c16c171990f2073b3b5a9ba3721157c46869f7237e2ef2dd0eac6a1e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:26 GMT
cf-cache-status
MISS
last-modified
Sat, 27 Apr 2024 16:08:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"698d131bd98da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sYnZjmn3aFqK7wAxaac4sQ3Kfp1S%2BmBwLA4QywsmFTa7akrnSq8pzwUGHXxk1uU0%2FxyQOTjIyeIQIOmEOHsTwJk59omDGyXF697UVSx3pwOhUEKI%2BIzt4yCl45yfMAy1UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87ba77dada72a0aa-SIN
content-length
102605
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?09deae81aef712c3d64d5987a096ae05
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.240.98.228 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
6913b34aea8ce59f60d09fed739941a2d949f2ed5c818a116ba2c3b9d98286ec
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 28 Apr 2024 22:25:26 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
11ecc5c586efe9c5a5f769df96f17f6a
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11258
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=zh-sg&lo=0&rnd=1293094173&si=09deae81aef712c3d64d5987a096ae05&v=1.3.0&lv=1&sn=13062&r=0&ww=1600&u=https%3A%2F%2F165638.com-165638.mpv.165638ee11ee.buzz%2F
Requested by
Host: 165638.com-165638.mpv.165638ee11ee.buzz
URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.240.98.228 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 28 Apr 2024 22:25:27 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
165638.com-165638.mpv.165638ee11ee.buzz/
95 KB
95 KB
Other
General
Full URL
https://165638.com-165638.mpv.165638ee11ee.buzz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
25b3ef77305d519872426483e316a4dd224f7c57b94c24a51e01c7916739f9cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee11ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:25:25 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 11 Mar 2024 20:16:42 GMT
server
nginx
etag
"65ef66aa-17c97"
content-type
image/x-icon
accept-ranges
bytes
content-length
97431

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vbe.smhkbnry.com
URL
https://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| AjaxObj function| XMLhttp object| ajax function| sendmsg function| getObj function| objCheck function| ietruebody function| getTop function| getLeft function| IsElement function| setCurrent function| strlen function| initCheckTextNum function| checkTextNum string| agt boolean| is_ie boolean| is_gecko string| imgpath string| verifyhash string| modeimg string| modeBase string| winduid string| windid string| groupid boolean| gIsPost undefined| base function| AddFavorite function| IndexDeploy function| SaveDeploy function| SetCookie function| FetchCookie function| Ajump boolean| ifcheck string| fid string| myshortcut function| tz function| CheckAll function| Fjump number| totalpage number| page function| PwMenu object| read function| closep function| findPosX function| findPosY function| in_array function| loadjs function| keyCodes function| opencode function| getPWBox function| getPWContainer function| elementBind function| addChild function| delElement function| pwForumList function| char_cv function| JSONParse function| showDialog object| _hmt boolean| _bdhm_loaded_09deae81aef712c3d64d5987a096ae05 object| mini_tangram_log_k3cm3c

5 Cookies

Domain/Path Name / Value
165638.com-165638.mpv.165638ee11ee.buzz/ Name: 1005a_lastvisit
Value: 0%091714343123%09%2Findex.php%3F
165638.com-165638.mpv.165638ee11ee.buzz/ Name: 1005a_threadlog
Value: %2C2%2C
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: F4DB6C6580CEC015
.165638.com-165638.mpv.165638ee11ee.buzz/ Name: Hm_lvt_09deae81aef712c3d64d5987a096ae05
Value: 1714343127
.165638.com-165638.mpv.165638ee11ee.buzz/ Name: Hm_lpvt_09deae81aef712c3d64d5987a096ae05
Value: 1714343127

6 Console Messages

Source Level URL
Text
security warning URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html
Message:
Mixed Content: The page at 'https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html' was loaded over HTTPS, but requested an insecure element 'http://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html(Line 542)
Message:
Mixed Content: The page at 'https://165638.com-165638.mpv.165638ee11ee.buzz/xgk.html' was loaded over HTTPS, but requested an insecure element 'http://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
recommendation verbose URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://165638.com-165638.mpv.165638ee11ee.buzz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

165638.com-165638.mpv.165638ee11ee.buzz
amtk.11828.cc
h5.l1l1l1l1l11l-l1l1l11l1l1l.com
hm.baidu.com
tk.tutu.finance
vbe.smhkbnry.com
vbe.smhkbnry.com
172.67.69.123
183.240.98.228
2606:4700:3035::ac43:9ecd
2606:4700:3038::6815:eaac
27.124.33.26
01a4f88d4f865121cc5be80c73d942882f3c0f0498d8f66e5430cbd662013927
23d9be245567cbdd0e59e24ec2ec8d34bdb70304b9e248ca35d88e6ee8c8e927
25b3ef77305d519872426483e316a4dd224f7c57b94c24a51e01c7916739f9cb
2dab282e8c82efcae05d5219d4b75d8848c56723d4d6a72574e57c31f338ce29
2e656c5878af1424a05eae5bc783edaba54291ecb553e28857eba094d5004f0a
331daa0a575061d7276d4a12f8f9664d6e7890f1a7fe4e23eefac2b3c53b558d
39b21b2f01a58ef707196261bf9e090b9c9b0cde567ede9e33f8232c0ce2e278
3bb5c512a323b2238563f6f26f1977a32922e0d7418adc73d88a0d62a914cd77
3be5879ff60bcfb1fe42f63b9b8d19b024f861ef0f6885dc65f5acd280311f69
41528347461d71a665b4787645ca9f9ccc9a57f21c50daaccd3f57275201d425
4a4d95870439260445a3b5a53f1b450a64321c168730d700ec40ba2f794b655a
55cbcceab0a4c3d441c21e15b4cc917423d1df485678856c3711e34018cea8af
5726236e13a45f0461852176bb31087d2ebe7d7d4b92a26fb3200c919aaeeb3f
5c08766973e46c6237da4860553a264670d96726234185ddb4ce43c6ba8e7352
5f2da1d669d113cd9f263817116f4ddc52e68ad1ff0fa7738a14680c32b4c593
614613bb3c6d72f6712af33fd6e25d49deb6356199f3db8717e0575499d0c570
6913b34aea8ce59f60d09fed739941a2d949f2ed5c818a116ba2c3b9d98286ec
696104dbe69d21a6dc26d598ef5356861e0341fd92d5fe7ad5f72f81d5a9a50e
6cd0b3b1de18a26e633b1b4c44eeddb94c8aafb9c0fb8dcb9a8473352c819e5c
7e3f8d12a15e17eafc0e29ac215d2f17851084444979cb5002d5c81f4a022479
8d0d55182a9ce5604733c35d0b60574d6d7175f1df69835648f9e9c7502a233b
9b43e375f0f7cb0112794f903f588c8eecc8994d17cb408780cac22f6d6de82e
a074fe10930a14ab2d49da765394e65386f57d02c2134732fb033ff89349d874
a17c51f0de393f2cacd76464680d68a21148dc940f61afc5dc4e79784896e4c6
a1867f5cd8b3d2fae73ddc1cbe0027f2ad3c6a5b4db075aadc8930fd330055f7
a53530620f94eb34730e1635c95f4d02f9ed449addcb2595a34a848bd37374b6
ae59e1edd0a0cdb37401e794ea9b124e15b62bba40b90355f2eedac8a5306f5f
b28ea076c16c171990f2073b3b5a9ba3721157c46869f7237e2ef2dd0eac6a1e
bcf7283882324993effa604c7460453f23b08bed70191487e4e5fd75c164b985
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d23c59b758e66b9dff1f53bc3b634c889e29947c2865aa7576dd1f7b0790484f
d585048269b70c6d7eba8593455e23b2e7f4901788186ab28fa4c5cfd2b671a7
ddf4a13930a996f0cecc3faa4a89f805dfd223f61e6630fbff7ae1c5dbf783f2
eba3d0525ae916ec3a7d16e49e71f640fa719de81ac488bee00a67974183b16c
ed9b8bbd6e2a85ccca09d5b1785de308a4ec1f5b8fb3fc5a2229ef65d04f467c
ee8de895de42678b44345a6c61c0664ebf984e8cfcc0a69ebbc67af7700146a2