urlscan.io logo urlscan.io
SecurityTrails logo

ip938.com Open in urlscan Pro
211.149.202.241  Public Scan

Go To Rescan Add Verdict Report
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Submission: On December 30 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 46 HTTP transactions. The main IP is 211.149.202.241, located in China and belongs to CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN. The main domain is ip938.com.
TLS certificate: Issued by sslTrus (RSA) DV CA on December 4th 2024. Valid for: 3 months.
This is the only time ip938.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
29 211.149.202.241 38283 (CHINANET-...)
4 142.251.163.155 15169 (GOOGLE)
5 173.194.205.155 15169 (GOOGLE)
2 111.45.3.198 9808 (CHINAMOBI...)
1 172.217.197.154 15169 (GOOGLE)
2 173.194.175.132 15169 (GOOGLE)
1 64.233.180.105 15169 (GOOGLE)
46 8
29    211.149.202.241 (China)

ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN)
ip938.com
www.ip938.com
4    142.251.163.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net
pagead2.googlesyndication.com
5    173.194.205.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qm-in-f155.1e100.net
googleads.g.doubleclick.net
2    111.45.3.198 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)
hm.baidu.com
1    172.217.197.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f154.1e100.net
ep1.adtrafficquality.google
2    173.194.175.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qs-in-f132.1e100.net
ep2.adtrafficquality.google
1    64.233.180.105 (United States)

ASN15169 (GOOGLE, US)
PTR: on-in-f105.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
29 ip938.com
ip938.com
www.ip938.com
135 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
4 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
256 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 12020
12 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
0 withgoogle.com Failed
csp.withgoogle.com Failed
46 7
Domain Requested by
28 ip938.com ip938.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com ip938.com
pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 hm.baidu.com ip938.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 www.ip938.com ip938.com
0 csp.withgoogle.com Failed
46 9

This site contains links to these domains. Also see Links.

Domain
fbwz.com
12603.com
qqkz.com
998o.com
211l.com
92wb.com
i233.com
2z33.com
299g.com
11z2.com
Subject Issuer Validity Valid
ip938.com
sslTrus (RSA) DV CA		 2024-12-04 -
2025-03-04		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2024-07-08 -
2025-08-09		 a year crt.sh
adtrafficquality.google
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Frame ID: 68F27B829F77C91EFE5B06DF103C028E
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 18821C7982A5C881AE4EDE1ABFC198C7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2337363310251132&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1735549528&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fip938.com%2Fmip%2Fwww.tb6999.com%2F0.913528351726475&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735549528085&bpp=8&bdt=103&idt=77&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2220298435714&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533203%2C31089323%2C31089325%2C31089330%2C95335245%2C95345967&oid=2&pvsid=810654544667707&tmod=1165017788&uas=0&nvt=1&fsapi=1&fc=1920&brdim=540%2C540%2C540%2C540%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=104
Frame ID: 472F3DFC94BF5D2FD28972B25D427218
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 73ABABC5175EB47A671C2205B37104FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: 12D1A8214385CCF8BD86D9240800CA08
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2337363310251132&output=html&h=284&slotname=8908002092&adk=2824409532&adf=4061442901&pi=t.ma~as.8908002092&w=1200&abgtt=6&lmt=1735549528&rafmt=11&format=1200x284&url=https%3A%2F%2Fip938.com%2Fmip%2Fwww.tb6999.com%2F0.913528351726475&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735549528576&bpp=2&bdt=594&idt=2&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1600x1200%2C320x100&nras=3&correlator=2220298435714&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533203%2C31089323%2C31089325%2C31089330%2C95335245%2C95345967&oid=2&pvsid=810654544667707&tmod=1165017788&uas=0&nvt=1&fc=1920&brdim=540%2C540%2C540%2C540%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=8
Frame ID: 97420D879A210BECD4F431E85CE6CFFC
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: B43C7D8E86174488251E947A50D915E1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 414F1E912F0972EB94EC049A8BD99C09
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

www.tb6999.com-IPv4/IPv6地址查询

Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

46
Requests

96 %
HTTPS

0 %
IPv6

7
Domains

9
Subdomains

8
IPs

2
Countries

423 kB
Transfer

1040 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 0.913528351726475
ip938.com/mip/www.tb6999.com/ 		33 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3239a151f422dbeb34cff9caf1cc0e6f88793fc9900dd9d77df61711a862d4fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html
date
Mon, 30 Dec 2024 09:05:26 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
strict-transport-security
max-age=63072000
x-powered-by
ASP.NET
hxt_m22_top1.css
ip938.com/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ip938.com/css/hxt_m22_top1.css
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2ded53ff374a49a0f28747a580a874a470d1ca7d7e03a1f3934362994aa236cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"f3e9b66181b3da1:0"
accept-ranges
bytes
content-length
2398
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
text/css
last-modified
Fri, 31 May 2024 17:38:43 GMT
x-powered-by
ASP.NET
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2337363310251132
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
21600816dc81a85790f39d469f0826d4cded69ba79a9263ca4814b6d02d81111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://ip938.com
Referer
https://ip938.com/

Response headers

content-encoding
br
etag
1076924731956624463
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 09:05:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Dec 2024 09:05:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53410
x-xss-protection
0
server
cafe
ipv1.png
ip938.com/images/logo/red/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ip938.com/images/logo/red/ipv1.png
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c1b15154334bcf520090c55235c527799b79ce4549ce80b8d4ecb43af07f1c2b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"a3aea9dac3ddb1:0"
accept-ranges
bytes
content-length
20792
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
image/png
last-modified
Sat, 23 Nov 2024 13:31:51 GMT
x-powered-by
ASP.NET
search_mip_top_1.js
ip938.com/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/js/search_mip_top_1.js
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2db54dfd8d2a166a6a086459c940d2f58a7e4f4030193cb38d0abc070a7468ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"eba2baa387b3da1:0"
accept-ranges
bytes
content-length
2323
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
application/javascript
last-modified
Fri, 31 May 2024 18:23:30 GMT
x-powered-by
ASP.NET
q_t_6.png
ip938.com/images/icon12/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ip938.com/images/icon12/q_t_6.png
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
711159ec92e910de0552fa30a05b79669a1d4c07dd6d68d6cb946f42e70462d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"faa85be1f127d91:0"
accept-ranges
bytes
content-length
13377
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
image/png
last-modified
Sat, 14 Jan 2023 08:26:20 GMT
x-powered-by
ASP.NET
i_g_a1.gif
ip938.com/images/tu_new_22/ 		62 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ip938.com/images/tu_new_22/i_g_a1.gif
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
4d1cc6b4088399916eb27006ae94b92df3de9acca99659d7ac9062687190b7c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"7ebcb9c4aa80d31:0"
accept-ranges
bytes
content-length
62
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
image/gif
last-modified
Fri, 29 Dec 2017 13:41:45 GMT
x-powered-by
ASP.NET
ipv4_1.png
ip938.com/images/tu_new_22/ 		333 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ip938.com/images/tu_new_22/ipv4_1.png
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
4d57dcce9f758b63e53d7129a81b7465d7c23785fe79c980f8d861eaa499e6a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"36dab33a97a2d41:0"
accept-ranges
bytes
content-length
333
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
image/png
last-modified
Wed, 02 Jan 2019 12:32:30 GMT
x-powered-by
ASP.NET
gg_xxl_2.js
ip938.com/js/ 		690 B
886 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/js/gg_xxl_2.js
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
104ae1c0a55f155436410b72313d189e59acf0328eb9b8ebb0c3addbe77c6e0f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"4e1aae1954b1d71:0"
accept-ranges
bytes
content-length
690
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
application/javascript
last-modified
Fri, 24 Sep 2021 14:54:39 GMT
x-powered-by
ASP.NET
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 		435 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2337363310251132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/

Response headers

content-encoding
br
etag
4174761130244020438
age
27511
x-content-type-options
nosniff
expires
Mon, 13 Jan 2025 01:26:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Dec 2024 01:26:57 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147831
x-xss-protection
0
server
cafe
index_leaf8.png
ip938.com/images/mid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ip938.com/images/mid/index_leaf8.png
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
7e4cfd0f664de598928951330e81f7f10540831017fa735ebc26908d917c960a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"1fa6389c1b6ed91:0"
accept-ranges
bytes
content-length
3295
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
image/png
last-modified
Thu, 13 Apr 2023 15:21:24 GMT
x-powered-by
ASP.NET
tx1.js
ip938.com/js/ 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/js/tx1.js
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a4cf4cd950ea72964c3867d70ed5821dfea4ef7a3b20b5f3dcd137d07eafa7da
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"797e4f1e5a4fd51:0"
accept-ranges
bytes
content-length
14452
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
application/javascript
last-modified
Sat, 10 Aug 2019 09:00:55 GMT
x-powered-by
ASP.NET
tx2.js
ip938.com/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/js/tx2.js
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
67a7c90dfc499931099f8533d80981a4e404f70fb8b23f4f6dc09f73f7e6008e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"a055c7305a4fd51:0"
accept-ranges
bytes
content-length
3867
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
application/javascript
last-modified
Sat, 10 Aug 2019 09:01:26 GMT
x-powered-by
ASP.NET
backtop_foot.js
ip938.com/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/js/backtop_foot.js
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
dc9aec2016cae574b405057afe9a7adc0946d4287344da8ca5da1b1e3d46f171
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"6a23236f87b3da1:0"
accept-ranges
bytes
content-length
8794
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
application/javascript
last-modified
Fri, 31 May 2024 18:22:02 GMT
x-powered-by
ASP.NET
backtop_foot2.js
ip938.com/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/js/backtop_foot2.js
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
b1d5566f5232a2150530ec8f1bfd20bbc2ee141a21f542bd6c32323dd3ca3658
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"5466677887b3da1:0"
accept-ranges
bytes
content-length
2678
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
application/javascript
last-modified
Fri, 31 May 2024 18:22:18 GMT
x-powered-by
ASP.NET
/
ip938.com/u/all_dns_foot2/ 		107 B
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/u/all_dns_foot2/?dns_ipv520=www.tb6999.com
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
da186b639e48f68f290430d4e165be64ea846f0ba2787f2d0d677742d26df8e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options ALLOW-FROM https://ip938.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
text/html
x-powered-by
ASP.NET
x-frame-options
ALLOW-FROM https://ip938.com
/
ip938.com/u/ 		343 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/u/?all_ipv520=15.197.148.33
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
6659248c17a223cc03fe86d682005fbc9e0300858973ac278ab4102696f3b509
Security Headers
Name Value
Strict-Transport-Security max-age=63072000
X-Frame-Options ALLOW-FROM https://ip938.com

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
text/html
x-powered-by
ASP.NET
x-frame-options
ALLOW-FROM https://ip938.com
so9.js
ip938.com/js/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/js/so9.js
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
50ac9fadd9737a58c5f686cfaf990c35fe5cb21a8f07bd0fbed55f59bfdc42c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"b87eef5be534d51:0"
accept-ranges
bytes
content-length
14763
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
application/javascript
last-modified
Sun, 07 Jul 2019 16:59:37 GMT
x-powered-by
ASP.NET
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 1882 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ip938.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
48054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 Dec 2024 19:44:34 GMT
etag
17661348622971093804
expires
Sun, 12 Jan 2025 19:44:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 472F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2337363310251132&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1735549528&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fip938.com%2Fmip%2Fwww.tb6999.com%2F0.913528351726475&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735549528085&bpp=8&bdt=103&idt=77&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=2220298435714&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533203%2C31089323%2C31089325%2C31089330%2C95335245%2C95345967&oid=2&pvsid=810654544667707&tmod=1165017788&uas=0&nvt=1&fsapi=1&fc=1920&brdim=540%2C540%2C540%2C540%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=104
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ip938.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45462
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Dec 2024 09:05:28 GMT
expires
Mon, 30 Dec 2024 09:05:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
mouse2.cur
ip938.com/images/icon8/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ip938.com/images/icon8/mouse2.cur
Requested by
Host: ip938.com
URL: https://ip938.com/css/hxt_m22_top1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
105798ff1e02154fbe412c6e287e50fa24977e859e0d62fd5736d7e8a2c8f49a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/css/hxt_m22_top1.css

Response headers

strict-transport-security
max-age=63072000
etag
"1072fd3ee534d51:0"
accept-ranges
bytes
content-length
4286
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
application/octet-stream
last-modified
Sun, 07 Jul 2019 16:58:48 GMT
x-powered-by
ASP.NET
mouse6.cur
ip938.com/images/icon8/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ip938.com/images/icon8/mouse6.cur
Requested by
Host: ip938.com
URL: https://ip938.com/css/hxt_m22_top1.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c6d483fbf356de40b7504dd92947fa16ccf1805ec70ff45615fba182c7ecd50c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/css/hxt_m22_top1.css

Response headers

strict-transport-security
max-age=63072000
etag
"5bd862305cecd71:0"
accept-ranges
bytes
content-length
4286
date
Mon, 30 Dec 2024 09:05:27 GMT
content-type
application/octet-stream
last-modified
Wed, 08 Dec 2021 17:51:12 GMT
x-powered-by
ASP.NET
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 		177 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
8c2bc0bf7d4173ae067a69b92d929d2bf35be376709117a97f1bf21d3b6bc6de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/

Response headers

content-encoding
br
etag
1667813206267593936
age
27508
x-content-type-options
nosniff
expires
Mon, 13 Jan 2025 01:27:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Dec 2024 01:27:00 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
60482
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 73AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ip938.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
48054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 Dec 2024 19:44:34 GMT
etag
17661348622971093804
expires
Sun, 12 Jan 2025 19:44:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/ Frame 12D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ip938.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
48054
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 29 Dec 2024 19:44:34 GMT
etag
17661348622971093804
expires
Sun, 12 Jan 2025 19:44:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9742 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2337363310251132&output=html&h=284&slotname=8908002092&adk=2824409532&adf=4061442901&pi=t.ma~as.8908002092&w=1200&abgtt=6&lmt=1735549528&rafmt=11&format=1200x284&url=https%3A%2F%2Fip938.com%2Fmip%2Fwww.tb6999.com%2F0.913528351726475&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735549528576&bpp=2&bdt=594&idt=2&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1600x1200%2C320x100&nras=3&correlator=2220298435714&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42533203%2C31089323%2C31089325%2C31089330%2C95335245%2C95345967&oid=2&pvsid=810654544667707&tmod=1165017788&uas=0&nvt=1&fc=1920&brdim=540%2C540%2C540%2C540%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.205.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ip938.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
406
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Dec 2024 09:05:29 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ip938.com/

Response headers
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?2baf2c6094856a86c72e1f71f6803fd8
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
7ef792dbb63d2a86c814d63cc222cacf62c80c084e0470da2bff9dbc2f165d87
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
c0af2664ab1f905586fa6dd42302e9b6
Content-Length
11289
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Mon, 30 Dec 2024 09:05:29 GMT
Content-Type
application/javascript
Server
apache
xtop.pagefk.js
ip938.com/mip/www.tb6999.com/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/mip/www.tb6999.com/xtop.pagefk.js
Requested by
Host: ip938.com
URL: https://ip938.com/js/backtop_foot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d46854e97a17ad2660613c8359b3b081f97a815ceea8fd9b0a93f5e875f7cb5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Mon, 30 Dec 2024 09:05:28 GMT
content-type
text/html
x-powered-by
ASP.NET
go_top.png
ip938.com/images/tu_new_22/ 		503 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ip938.com/images/tu_new_22/go_top.png
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2e697713a9096e3002490089d018521fc8655ccf3d59cae8c61b345f99223ec6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"de21c0ffdfb1cf1:0"
accept-ranges
bytes
content-length
503
date
Mon, 30 Dec 2024 09:05:28 GMT
content-type
image/png
last-modified
Thu, 07 Aug 2014 01:36:24 GMT
x-powered-by
ASP.NET
/
ip938.com/u/dns_js_ok1/ 		69 B
221 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/u/dns_js_ok1/?ipv_dns1=www.tb6999.com
Requested by
Host: ip938.com
URL: https://ip938.com/u/all_dns_foot2/?dns_ipv520=www.tb6999.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
8f7478bb6af62d8230eb1c20c60b2af29dfa77112c99dcc2d9926d8e80446454
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Mon, 30 Dec 2024 09:05:28 GMT
content-type
text/html
x-powered-by
ASP.NET
xtop.search.js
ip938.com/sitejs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/sitejs/xtop.search.js
Requested by
Host: ip938.com
URL: https://ip938.com/js/backtop_foot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3781cfab4bd089b57a84ace7816bc57d626f8778eb0b4a56373388432426e55d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Mon, 30 Dec 2024 09:05:28 GMT
etag
W/"fac19b4887b3da1:0"
content-type
text/html
last-modified
Fri, 31 May 2024 18:20:58 GMT
x-powered-by
ASP.NET
xtop.config.js
ip938.com/mip/www.tb6999.com/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/mip/www.tb6999.com/xtop.config.js
Requested by
Host: ip938.com
URL: https://ip938.com/js/backtop_foot.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a57b08bea3c18169655998929077f24ef0235aae3f312110a56f5c39ab2f9510
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
expires
Thu, 19 Nov 1981 08:52:00 GMT
date
Mon, 30 Dec 2024 09:05:28 GMT
content-type
text/html
x-powered-by
ASP.NET
/
ip938.com/u/ad_love_a1/ 		538 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/u/ad_love_a1/
Requested by
Host: ip938.com
URL: https://ip938.com/u/?all_ipv520=15.197.148.33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
17a4914e9358a3c134e19ffb1945737c81c91f698d01f2911ab590f8b2e10265
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Mon, 30 Dec 2024 09:05:29 GMT
content-type
text/html
x-powered-by
ASP.NET
/
ip938.com/u/ipv_mip_chaxun1/ 		97 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/u/ipv_mip_chaxun1/?ipv_mip2=15.197.148.33
Requested by
Host: ip938.com
URL: https://ip938.com/u/?all_ipv520=15.197.148.33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d135ceaf0b54e30209d1b8d178f09bf6c4a1d0ddee8ae5bb496f4fca80264c15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Mon, 30 Dec 2024 09:05:29 GMT
content-type
text/html
x-powered-by
ASP.NET
/
ip938.com/u/ipv_mip_bendi1/ 		116 B
262 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ip938.com/u/ipv_mip_bendi1/?ipv_mip3=15.197.148.33
Requested by
Host: ip938.com
URL: https://ip938.com/u/?all_ipv520=15.197.148.33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c6d3a3ec5086efa8042113c2d688c6dbc178d0553f9d0db8bcc87cecae10b875
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Mon, 30 Dec 2024 09:05:29 GMT
content-type
text/html
x-powered-by
ASP.NET
/
www.ip938.com/test_ipv/ipv4/ 		469 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ip938.com/test_ipv/ipv4/
Requested by
Host: ip938.com
URL: https://ip938.com/u/?all_ipv520=15.197.148.33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
43a3089a0f800e56e350eb38e9afe8c097b0cef527f376d2be575c606e8dddf4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/

Response headers

strict-transport-security
max-age=63072000
content-encoding
gzip
date
Mon, 30 Dec 2024 09:05:29 GMT
content-type
text/html
x-powered-by
ASP.NET
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=43C51668168E7B3F&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=921090605&si=2baf2c6094856a86c72e1f71f6803fd8&v=1.3.2&lv=1&sn=51660&r=0&ww=1600&u=https%3A%2F%2Fip938.com%2Fmip%2Fwww.tb6999.com%2F0.913528351726475&tt=www.tb6999.com-IPv4%2FIPv6%E5%9C%B0%E5%9D%80%E6%9F%A5%E8%AF%A2
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.3.198 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Mon, 30 Dec 2024 09:05:30 GMT
Content-Type
image/gif
Server
apache
red_rose_m1.png
ip938.com/images/mid/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ip938.com/images/mid/red_rose_m1.png
Requested by
Host: ip938.com
URL: https://ip938.com/mip/www.tb6999.com/0.913528351726475
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
731b8249ed9e98c3b048cceb77023463db0594bb09054925ef7be33e632da997
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"bbe288dfc035da1:0"
accept-ranges
bytes
content-length
7437
date
Mon, 30 Dec 2024 09:05:29 GMT
content-type
image/png
last-modified
Sat, 23 Dec 2023 16:55:46 GMT
x-powered-by
ASP.NET
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f154.1e100.net
Software
cafe /
Resource Hash
dfa819889eb83184eafc3e127a06307920be8d9c30dd9348985f4c984b6a98fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13257
date
Mon, 30 Dec 2024 09:05:30 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
ip938.com/images/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ip938.com/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
211.149.202.241 , China, ASN38283 (CHINANET-SCIDC-AS-AP CHINANET SiChuan Telecom Internet Data Center, CN),
Reverse DNS
Software
/ ASP.NET
Resource Hash
cf1e2ab770f4c4fde8b13711a316c3e3df4209e327d36bc9e8385d6690e242b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/mip/www.tb6999.com/0.913528351726475

Response headers

strict-transport-security
max-age=63072000
etag
"ce195b582b3da1:0"
accept-ranges
bytes
content-length
1150
date
Mon, 30 Dec 2024 09:05:30 GMT
content-type
image/x-icon
last-modified
Fri, 31 May 2024 17:48:13 GMT
x-powered-by
ASP.NET
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.175.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f132.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://ip938.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 09:05:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Dec 2024 09:05:30 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame B43C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.175.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qs-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ip938.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Dec 2024 08:42:29 GMT
expires
Mon, 30 Dec 2024 09:32:29 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 414F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f105.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_lIHW2MjWDNiQBXsQeLpaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ip938.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-_lIHW2MjWDNiQBXsQeLpaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-security-policy-report-only
frame-ancestors 'self';report-uri https://csp.withgoogle.com/csp/frame-ancestors/38fac9d5b82543fc4729580d18ff2d3d
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Dec 2024 09:05:31 GMT
expires
Mon, 30 Dec 2024 09:05:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
38fac9d5b82543fc4729580d18ff2d3d
csp.withgoogle.com/csp/frame-ancestors/ 		0
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csp.withgoogle.com
URL
https://csp.withgoogle.com/csp/frame-ancestors/38fac9d5b82543fc4729580d18ff2d3d
Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241212&jk=810654544667707&bg=!oKOlo-zNAAbtGp3CzRo7ADQBe5WfOBzY8-2PJpV0K8ZAazcgGbAQTcS46pOG4T8k_GlXbJn7AyOEBwKRnfjIW30PhsZAAgAAAJFSAAAABGgBB34ANgwZmqsj5NHbmJOOXtUqcLuXq7uKEiOyj68imiqnCk7Qz0Ae4CdDQkY6nbn1dJgX8km7sCzeU5kCmAFIzEiwBpy5G2dd6D6-QI-yrC6_Qie_2dsjNnrazbkv-V-Zxjw74Av4_nbFSGgKK37HSoTibpXqSD5cZHq0ZP5e2sUgglrsyUIQs31c5_aNNSRLd-XVCI-GyHr-_T46hebm7d59rAA-ZWvU1lx-LGSxULlxJDQZ3llhL_8n4-EHUZDgos1udZEM2el9kQ7VQQF1exMuHv30YwJNCbLQ5JSyXRSS1kB2ooYMJ0C9VROPmzxt16JqcvsdpqB7UfMldPur3uv94o5lsQX_eyE8SB2TAE6_RAJTg8jBKRlvQWLQ7IfbJisp5Pt8D2H9TyW1U00m4-SRh-g_FXsToCZ_zYr0_E9kDIwqYpv2uKBTWMJuV21zDUtt9QuZmf5bEnTAXNOLTPRPLDl4Ho_oB1mOe_ZciMpiFBO1OK9UkOboZPPlf7bPzZW78d_nW1jkeb8yE5S65eatg1LwN36iHPBjz0WR2QejRfr407cIEhndAGwcNhYqiGuJbfeE4MUFNwPlgjl-m_g64FU5QszrMrz99gqkAW557f-_qHvKvOdLSFIrLxCMwQZurzygl6wAIDJ7S82SYGSjcubYEhsSzdS1deygHvInlRJCKYtb8qfrKGkldDSVM0SHA-F3OFovblalbdI-FZwM0LQljo9VfGTTq37vVnRCuvNO7MZ7-lwixQ-FGBZFUj7AmLCzoe-xeaOYxg9loYLaSWHuwghgk7O1xBmyg2gUr6u6ctAO6Bbk1Fy_T2-odYDjol1eJjl7OHSHdULnc60bCZSqDtfY6pLLyWlm7rzBi3AtWeGLLFjArmSrz13ESoNn_w82ZSiiuLZtIH_kp5i_qU4I9u3DM8fvCsju8-K3UIukvPwNwzUmwfuW5erchB8Adug

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp string| sitePath object| sc_sel object| sc_logo object| sc_sb object| sc_url function| $J function| set_so function| so_img function| do_so function| change_sp function| do_so_bd function| euc function| go function| s_sd function| s_n function| s_nc function| els function| addLoadEvent function| copyContent object| $jscomp object| $jscomp$this function| anime function| updateCoords function| setParticuleDirection function| createParticule function| createCircle function| renderParticule function| animateParticules function| debounce object| canvasEl object| ctx number| numberOfParticules string| tap object| colors function| setCanvasSize object| _hmt object| xTop object| xTopPageQuery object| ul function| goTopEx function| newBackTop object| googletag boolean| _bdhm_loaded_2baf2c6094856a86c72e1f71f6803fd8 object| BaiduSuggestion object| baidu object| GoogleGcLKhOms object| google_image_requests

17 Cookies

Domain/Path Name / Value
ip938.com/ Name: PHPSESSID
Value: 938imip5y6i9o01dq23
.doubleclick.net/ Name: IDE
Value: AHWqTUn3tZvaCj_t6tzGpJvVak135TxokrC8N2Mw5kx1dHhrUVJ02PAUoAA8U6PFPRY
.ip938.com/ Name: __gads
Value: ID=a8def16e0be97fc8:T=1735549528:RT=1735549528:S=ALNI_MY71XOF-ld4oKyawuNQf5kfF5J-Yw
.ip938.com/ Name: __gpi
Value: UID=00000fca00a487fd:T=1735549528:RT=1735549528:S=ALNI_MYly5eiIZxXb75AILhXRvI47_E47g
.ip938.com/ Name: __eoi
Value: ID=43d1dcc0685ea1fa:T=1735549528:RT=1735549528:S=AA-Afja-dCWru-GWIrud9Jnaa4xD
.media.net/ Name: visitor-id
Value: 3785511292018078000V10
.media.net/ Name: data-exp
Value: setstatuscode~~1
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 43C51668168E7B3F
.ip938.com/ Name: Hm_lvt_2baf2c6094856a86c72e1f71f6803fd8
Value: 1735549530
.ip938.com/ Name: Hm_lpvt_2baf2c6094856a86c72e1f71f6803fd8
Value: 1735549530
.ip938.com/ Name: HMACCOUNT
Value: 43C51668168E7B3F
.tapad.com/ Name: TapAd_TS
Value: 1735549529877
.tapad.com/ Name: TapAd_DID
Value: 1cb52b19-83c8-472f-bb90-f1f6e867293c
.media.net/ Name: data-g
Value: CAESEK9gigjSsk6SO1cNXSX2QXw~~6
.adsrvr.org/ Name: TDID
Value: 669413dc-01ff-460c-a6af-29c3e9bf2770
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8769
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiGlrTH5K7UPRAFGAUgAigCMgsI1t2d8_qu1D0QBTgB

1 Console Messages

Source Level URL
Text
security error
Message:
[Report Only] Refused to frame 'https://www.google.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

csp.withgoogle.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
hm.baidu.com
ip938.com
pagead2.googlesyndication.com
www.google.com
www.ip938.com
csp.withgoogle.com
ep1.adtrafficquality.google
111.45.3.198
142.251.163.155
172.217.197.154
173.194.175.132
173.194.205.155
211.149.202.241
64.233.180.105
104ae1c0a55f155436410b72313d189e59acf0328eb9b8ebb0c3addbe77c6e0f
105798ff1e02154fbe412c6e287e50fa24977e859e0d62fd5736d7e8a2c8f49a
17a4914e9358a3c134e19ffb1945737c81c91f698d01f2911ab590f8b2e10265
21600816dc81a85790f39d469f0826d4cded69ba79a9263ca4814b6d02d81111
2db54dfd8d2a166a6a086459c940d2f58a7e4f4030193cb38d0abc070a7468ea
2ded53ff374a49a0f28747a580a874a470d1ca7d7e03a1f3934362994aa236cf
2e697713a9096e3002490089d018521fc8655ccf3d59cae8c61b345f99223ec6
3239a151f422dbeb34cff9caf1cc0e6f88793fc9900dd9d77df61711a862d4fe
3781cfab4bd089b57a84ace7816bc57d626f8778eb0b4a56373388432426e55d
43a3089a0f800e56e350eb38e9afe8c097b0cef527f376d2be575c606e8dddf4
4d1cc6b4088399916eb27006ae94b92df3de9acca99659d7ac9062687190b7c5
4d57dcce9f758b63e53d7129a81b7465d7c23785fe79c980f8d861eaa499e6a8
50ac9fadd9737a58c5f686cfaf990c35fe5cb21a8f07bd0fbed55f59bfdc42c6
6659248c17a223cc03fe86d682005fbc9e0300858973ac278ab4102696f3b509
67a7c90dfc499931099f8533d80981a4e404f70fb8b23f4f6dc09f73f7e6008e
711159ec92e910de0552fa30a05b79669a1d4c07dd6d68d6cb946f42e70462d3
731b8249ed9e98c3b048cceb77023463db0594bb09054925ef7be33e632da997
7a9a49efb33627e1afa3f0e8d1107600adeee7a8a78e9f67ec7bf2543bab5693
7e4cfd0f664de598928951330e81f7f10540831017fa735ebc26908d917c960a
7ef792dbb63d2a86c814d63cc222cacf62c80c084e0470da2bff9dbc2f165d87
8c2bc0bf7d4173ae067a69b92d929d2bf35be376709117a97f1bf21d3b6bc6de
8f7478bb6af62d8230eb1c20c60b2af29dfa77112c99dcc2d9926d8e80446454
a4cf4cd950ea72964c3867d70ed5821dfea4ef7a3b20b5f3dcd137d07eafa7da
a57b08bea3c18169655998929077f24ef0235aae3f312110a56f5c39ab2f9510
b1d5566f5232a2150530ec8f1bfd20bbc2ee141a21f542bd6c32323dd3ca3658
c1b15154334bcf520090c55235c527799b79ce4549ce80b8d4ecb43af07f1c2b
c6d3a3ec5086efa8042113c2d688c6dbc178d0553f9d0db8bcc87cecae10b875
c6d483fbf356de40b7504dd92947fa16ccf1805ec70ff45615fba182c7ecd50c
cf1e2ab770f4c4fde8b13711a316c3e3df4209e327d36bc9e8385d6690e242b0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d135ceaf0b54e30209d1b8d178f09bf6c4a1d0ddee8ae5bb496f4fca80264c15
d46854e97a17ad2660613c8359b3b081f97a815ceea8fd9b0a93f5e875f7cb5b
da186b639e48f68f290430d4e165be64ea846f0ba2787f2d0d677742d26df8e2
dc9aec2016cae574b405057afe9a7adc0946d4287344da8ca5da1b1e3d46f171
dfa819889eb83184eafc3e127a06307920be8d9c30dd9348985f4c984b6a98fa
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99