urlscan.io logo urlscan.io
SecurityTrails logo

18.jm-tt.xyz Open in urlscan Pro
104.21.96.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://2024.comicjm.xyz/
Effective URL: https://18.jm-tt.xyz/
Submission: On December 30 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 11 domains to perform 36 HTTP transactions. The main IP is 104.21.96.1, located in and belongs to CLOUDFLARENET, US. The main domain is 18.jm-tt.xyz.
TLS certificate: Issued by WE1 on November 4th 2024. Valid for: 3 months.
This is the only time 18.jm-tt.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 188.114.97.3 13335 (CLOUDFLAR...)
16 104.21.96.1 13335 (CLOUDFLAR...)
6 142.250.186.130 15169 (GOOGLE)
1 65.9.66.13 16509 (AMAZON-02)
1 142.250.184.200 15169 (GOOGLE)
1 151.101.65.229 54113 (FASTLY)
1 104.26.7.141 13335 (CLOUDFLAR...)
2 13.107.246.45 8075 (MICROSOFT...)
1 185.199.111.153 54113 (FASTLY)
1 216.239.32.36 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
2 142.250.184.225 15169 (GOOGLE)
2 20.231.53.73 8075 (MICROSOFT...)
36 13
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
2024.comicjm.xyz
16    104.21.96.1 (None, )

ASN13335 (CLOUDFLARENET, US)
18.jm-tt.xyz
6    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
1    65.9.66.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-13.fra56.r.cloudfront.net
ik.imagekit.io
1    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
1    151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.26.7.141 (None, )

ASN13335 (CLOUDFLARENET, US)
aifuck.cc
2    13.107.246.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    185.199.111.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-111-153.github.com
sweetalert2.github.io
1    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
ep1.adtrafficquality.google
2    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
ep2.adtrafficquality.google
2    20.231.53.73 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
Apex Domain
Subdomains		 Transfer
16 jm-tt.xyz
18.jm-tt.xyz
1 MB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
197 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 625
q.clarity.ms — Cisco Umbrella Rank: 7784
30 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3353
1 github.io
sweetalert2.github.io
42 KB
1 aifuck.cc
aifuck.cc
305 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
19 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
135 KB
1 imagekit.io
ik.imagekit.io — Cisco Umbrella Rank: 23836
1 comicjm.xyz
2024.comicjm.xyz
705 B
36 11
Domain Requested by
16 18.jm-tt.xyz 18.jm-tt.xyz
6 pagead2.googlesyndication.com 18.jm-tt.xyz
pagead2.googlesyndication.com
2 q.clarity.ms www.clarity.ms
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 www.clarity.ms 18.jm-tt.xyz
www.clarity.ms
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 sweetalert2.github.io 18.jm-tt.xyz
1 aifuck.cc 18.jm-tt.xyz
1 cdn.jsdelivr.net 18.jm-tt.xyz
1 www.googletagmanager.com 18.jm-tt.xyz
1 ik.imagekit.io 18.jm-tt.xyz
1 2024.comicjm.xyz 1 redirects
36 13

This site contains links to these domains. Also see Links.

Domain
t.me
Subject Issuer Validity Valid
18.jm-tt.xyz
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.imagekit.io
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-20		 a year crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
aifuck.cc
WE1		 2024-12-08 -
2025-03-08		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.github.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-15 -
2025-03-14		 a year crt.sh
adtrafficquality.google
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 5 frames:

Primary Page: https://18.jm-tt.xyz/
Frame ID: D0D5865BA3C938488B0E4ED1ABA3EA58
Requests: 32 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Frame ID: B4DB4BA751376150B97AF19D7C3C1169
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3067229574419048&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1735539969&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F18.jm-tt.xyz%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735539969020&bpp=364&bdt=125&idt=488&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4480540725098&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089323%2C31089325%2C31089327%2C31089330%2C31089338%2C95333409%2C95335245%2C95345967&oid=2&pvsid=4447914045668972&tmod=1967208140&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=502
Frame ID: 82595B8EBAACA2C4D64659D93B92897E
Requests: 1 HTTP requests in this frame

Frame: https://18.jm-tt.xyz/cdn-cgi/challenge-platform/scripts/invisible.js
Frame ID: 621CA629FD08A3F9BEFC33A8B86BEE26
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: F051496F2A58FF30E4C928363541BC5E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

禁漫天堂 - 官方APP

Page URL History Show full URLs

  1. https://2024.comicjm.xyz/ HTTP 301
    https://18.jm-tt.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

36
Requests

97 %
HTTPS

0 %
IPv6

11
Domains

13
Subdomains

13
IPs

3
Countries

2242 kB
Transfer

3143 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://2024.comicjm.xyz/ HTTP 301
    https://18.jm-tt.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
18.jm-tt.xyz/
Redirect Chain
  • https://2024.comicjm.xyz/
  • https://18.jm-tt.xyz/
69 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4a94f7344045f7c376be77498479a4169d370f8a44d4bfa509b5b8aca504779
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f9ff4e53fa6fff6-AMS
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 30 Dec 2024 06:26:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ASOptkiYYvbcKdZC6%2FtwFQ1ecX7L3bycvC4MgUs68SspMrfvigmcqj5uoLuvrvfkNU5SfxwkyH2UaAaE9%2F1Z6lttRIhQNgCtVo%2Fg1DMCwexeWqMONUnhOJNI1hase8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-ray
8f9ff4e4cf4793c0-AMS
content-length
167
content-type
text/html
date
Mon, 30 Dec 2024 06:26:08 GMT
expires
Mon, 30 Dec 2024 07:26:08 GMT
location
https://18.jm-tt.xyz/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPV6mON2prQEiL%2BHgxZWexsjZX98wab8yp%2FPjhKa1zs4wbzNu2LcbxV4ZbOegwxZXQvmH6w5YOZsOf4FXIcu3pQSOtjyvqrb4LVxjzN0%2FbdMbOo94cg%2Be1Y%2BnVsBZ8Qec8is"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=15816&min_rtt=15615&rtt_var=5999&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4136&recv_bytes=4355&delivery_rate=166973&cwnd=12000&unsent_bytes=0&cid=7f48228c2cc290a9&ts=31&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3067229574419048
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a8956efd8634a46f003bf24844cf64afd0fa13f1fbc28564f2afe2ec405255e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://18.jm-tt.xyz
Referer
https://18.jm-tt.xyz/

Response headers

content-encoding
br
etag
16408481429813108864
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 06:26:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Dec 2024 06:26:08 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53295
x-xss-protection
0
server
cafe
result.css
ik.imagekit.io/chinesefonts/packages/cubic/dist/Cubic/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ik.imagekit.io/chinesefonts/packages/cubic/dist/Cubic/result.css
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-13.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

x-request-id
85ed60c9-5622-4123-a11d-992a22ae0946
access-control-allow-methods
GET
server-timing
download;dur=361
alt-svc
h3=":443"; ma=86400
x-cache
Error from cloudfront
x-amz-cf-id
3Wyur3XTn32-nhIGaOFRY5g1GNDPZ_SN0TPL1-j-YnkEPET1EAm7Sg==
date
Mon, 30 Dec 2024 06:26:09 GMT
x-server
ImageKit.io
access-control-allow-headers
*
cache-control
no-cache,no-store
timing-allow-origin
*
pragma
no-cache
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
0
x-amz-cf-pop
FRA56-C1
ik-error
ENOENT - No file found at specified URL
js
www.googletagmanager.com/gtag/ 		420 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VZTVGR5D66
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
9138af7673ff3b48b84f173f50db3460211299b255916afe296db744edb7e098
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 30 Dec 2024 06:26:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
137369
x-xss-protection
0
server
Google Tag Manager
sweetalert2@11
cdn.jsdelivr.net/npm/ 		71 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
be4607a6dcff84bde41bd1d5a651aeb8a246a51277d5fb71906520e2e9437829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"11bcf-e4vMGoTTdrGUenXLa3iDDtWH0ew"
age
34559
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Mon, 30 Dec 2024 06:26:08 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230029-FRA, cache-ams2100138-AMS
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
18752
x-jsd-version
11.15.3
LOGO-1.png
18.jm-tt.xyz/img/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.jm-tt.xyz/img/LOGO-1.png
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c9b972144186e193b60eef5fc950a78d6b6d187fd52c377447ec4069bf76b0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cf-cache-status
REVALIDATED
etag
"3f3ed8721bae7122a163893652daa4f3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppdV3%2F%2FDnCkgwFbocjcms99EzRJCligHGDA2ZOgU6mcXflYY7d94tcXG6b4u%2Bb004wKmZPKSvye79db3ad85kzwQgkeuivMM1kIqTuIqqqdrYMxHsGBLl0vGhH%2BdWSo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:08 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f9ff4e5bfabfff6-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
163624
server
cloudflare
img-telegram.png
18.jm-tt.xyz/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.jm-tt.xyz/img/img-telegram.png
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0407af136c7773e1527442115d355ab6854cf6167eeda37d3994b2bf2bbcc1d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cf-cache-status
REVALIDATED
etag
"9991434c5d744531f5a186f9c5c2f655"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ckKlEKWODSP6NsBsr4DNnhRsDbMzdFP5%2BlhCVAIqSFDT4bfyoEM9%2BVTtAc%2BLTEUGGcN4HoWtGknrqXM6GkGQWvqwaND6d1QyZy%2BYKNYTGqmcq40zU3%2Ftmcz%2Br4sYEp8aqbll0LeQxSLPas%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:08 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f9ff4e5bfaafff6-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
3423
server
cloudflare
logo-site.png
aifuck.cc/logo/ 		304 KB
305 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aifuck.cc/logo/logo-site.png
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.7.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e62f2d255c97db79cf2867573b65d8f857024be6ad06938c35c0190467a602a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
W/"4be77-193de20e8d8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SgiNASuKzc82G%2Bt6sqbi3hD%2BWpfcUFNTbg4TRhKox%2FP%2BsKysbM0%2BlugjCD0sVca%2FUWYxQtpiGPxMMOtXZv%2BKYMlkdek%2FpMKbOiio7zULrOuGm%2BuG5hIXfGCulw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f9ff4e67d2c0a68-AMS
accept-ranges
bytes
server-timing
cfL4;desc="?proto=TCP&rtt=4251&min_rtt=2889&rtt_var=3003&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3992&recv_bytes=2221&delivery_rate=1463118&cwnd=254&unsent_bytes=0&cid=8aaa7b912c130c85&ts=107&x=0"
content-length
310903
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
image/png
last-modified
Thu, 19 Dec 2024 08:55:19 GMT
vary
Accept-Encoding
server
cloudflare
jm-title-1.png
18.jm-tt.xyz/img/ 		252 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.jm-tt.xyz/img/jm-title-1.png
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da1c95e85b10b11051e546c784c18635346086686675e086b6e6425a79a423f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cf-cache-status
REVALIDATED
etag
"06eb6a7bec42ba73c42a65f8fc065069"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tl3n9X%2B895NOduAjunADp0u2liQ%2Bp5jHc%2BI57EmVQTd8DsBqbzKnw%2F8RBdzwXD3najRpX10gg90Ob0Y9q2KUIaX5%2BG01BandmaZ4H%2FDo%2BHXDwwK2rJZtZLAjEqx51ao%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f9ff4e64facfff6-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
258405
server
cloudflare
title_girl_m.png
18.jm-tt.xyz/img/ 		282 KB
282 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.jm-tt.xyz/img/title_girl_m.png
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
141455de4455605afedbcec16d6c59d77f88590b02881e28bcbaf5032f85ceaa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cf-cache-status
REVALIDATED
etag
"7e9da7b2aa498aaba571fadc7872a8b8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvpXgtSvAPDoXlq9wl4f%2FFLTRdvhTH2q%2FnQE36rvQ%2BDGtvvymOd5Le%2B0g%2Fu0E8u1Qb%2BtFNX%2B1RSBa6l7uNm9XU%2Fn9I30ULgl544I0tEbwXsleDLzNaXccC0mHTqFfvE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f9ff4e6cfadfff6-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
288605
server
cloudflare
phone.png
18.jm-tt.xyz/img/ 		334 KB
335 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.jm-tt.xyz/img/phone.png
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96f65edd11eb55b76620c7102ddf43c4f877168646824e6be4a949e11fbe2ffc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cf-cache-status
REVALIDATED
etag
"1a850c470b3a19a4cb3bf892c91cc780"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ydx5BjjX172yUTyjUrEp6iYLy3pQMueOaXLBOnwRmfMhgWtaE0LVamo2m39fMdu1MhmTA4tMkPzjr%2F%2BSrckRuUj%2FhquZUwyF4cmBhDJZwIer0s5u%2FcfCg5Nm0mLJsg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f9ff4e8bfb3fff6-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
342347
server
cloudflare
img-and-how-1.png
18.jm-tt.xyz/img/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.jm-tt.xyz/img/img-and-how-1.png
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d684a451ee5dd757bd30c86615cd608c1e0807f921f667f0db61e19663d20f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cf-cache-status
REVALIDATED
etag
"1f7e8102fe894677850f9882dd07c553"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=or4pPq61yNwRdmSQTBgcus6rR%2BD3AQhgFKDI5NRQ%2B3qYlDTPTbA%2BVKs963X2D%2F1NtqNspCiGYshRCyupFY9l2FJTQIndwhWXmWX1Y6Uo81qugg8yAQPALG6XdEy%2FLOk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f9ff4e8bfb4fff6-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
38571
server
cloudflare
arrow-right.png
18.jm-tt.xyz/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.jm-tt.xyz/img/arrow-right.png
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5ef6c8235e2795f06903c30b623ccbc8ecfdce360b515e2c45703ff5fe0ae8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"158a6c5dc3e0cc0fd6c8f93887447130"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E7MNDkT47qbB9r9qcpeJjhoRikJzSiGpIlyZ%2BcQ3tM6zwLNoBQ8CFEijpXn7n48AxU7kmowf7lKmOpBg82Qn%2B0%2FHXclUGKOdMH3sEynI8k3%2BQWvP0yynf0ZXKzGFTns%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f9ff4e8bfb5fff6-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
2506
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
img-and-how-2.png
18.jm-tt.xyz/img/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.jm-tt.xyz/img/img-and-how-2.png
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2365581c67ad48c51737c142702f1bb2644ba637f708c4f6f67b995ce0242712
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cf-cache-status
REVALIDATED
etag
"5b2c678092f47223d3b36c25c8f3d197"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8jer%2BMm4EqekLeSpA%2B4hyLbdTiRQtHwNtdm74U9ffIso21QxDzzU6ZnmV09ZKViJaOafSTE3HxBOR0foOZ6YQWmrFJMo%2By1%2FxhHfkXLCwYzr2nmsTx1LPYX9gF%2F7p78%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f9ff4e8bfb6fff6-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
73711
server
cloudflare
ios_close_bar.png
18.jm-tt.xyz/img/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.jm-tt.xyz/img/ios_close_bar.png
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6affc037ee3f3900837f907e10b3dd7854e226da0b210fd8bebb64f2009f8295
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cf-cache-status
REVALIDATED
etag
"962393ec32f20478b84ffdcd949204a2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ikFfE8UaZ5kGy0NGJcybjhI6ihI5ZTDdOkqy0kp%2BWm0Kmac5CE48R9Cgad3GTHPT%2FWu9Z7hXEeh0VSIglxQ6aYue7MvXW1TLDS1DsJVWyQLCEjc8FDlYF9TyLYFYm4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f9ff4e8bfb7fff6-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
164408
server
cloudflare
jquery.min.js
18.jm-tt.xyz/img/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18.jm-tt.xyz/img/jquery.min.js
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"5e50651694cfe452faefafe2bf2e7b3a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DvGu6J7T7OUPFEypTeKVn491ymrc74XmJJYBcu6g3m6tUFlZ0n7nQrE0csmR%2Fw0vd5WwKCX%2F5GYhO2Af4f6PX4onit%2Bhl7bF%2FxQS4u1KBfihJOaAias8gMGZDrf7k4vMmP834qFSmgIuzgE%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f9ff4e77fb0fff6-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
jquery.qrcode.js
18.jm-tt.xyz/img/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18.jm-tt.xyz/img/jquery.qrcode.js
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b17526a26c40ec11465d199ef39ef6c58ff7fa84635bdffafa00a8127abf7135
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"5f2aff725f0d27635ed87c803f8f7e3c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qi4B4cg4k1g1ce4LRzOK5ERTY3zbf%2BZdkDZCW%2BjwBQsuPkHwwapdwxsTtCYQpyTMJFKLQ1Po8fMxHKJA18v3tCc4nx5HiFYIm%2B05ATmXvxZy87eamptN0f49AOs9CyQ%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f9ff4e78fb1fff6-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
toastr.min.js
18.jm-tt.xyz/img/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://18.jm-tt.xyz/img/toastr.min.js
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee74bbdb99c1cd83dfe17594bdeba68832d5c38144be889d3d041bdcbd8765f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"c96cbaa121c6dda477faf9949185e038"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mQJj7bZ1cAKjWzJ734IBpyCpVDw%2FmzgH%2Fp5zypdfqnFKyM1k6llpQcYjcJbiC%2FupqNkkmNecucnDMQnXmm9fLLAqS9QGUqC8Uy7HtHdBpTC0w8Ymk7iV1zuv5BSTVEo%3D"}],"group":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
cf-ray
8f9ff4e7bfb2fff6-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/ 		435 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3067229574419048&plah=18.jm-tt.xyz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3067229574419048
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e7fba67f6353ece51669c67fcd7f625e717ac9e6979fce7cb53081298d98a329
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

content-encoding
br
etag
15922040943100451497
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 06:26:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147912
x-xss-protection
0
server
cafe
kthsod56ud
www.clarity.ms/tag/ 		571 B
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/kthsod56ud
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a49465c586c9a8081ec962e79bc0ddf77f05b78bd32844349e6c95b9fa2c5015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
571
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
application/x-javascript
x-azure-ref
20241230T062609Z-1777998d8f99vkwshC1DUSa6gs0000000aw0000000000bst
trees.png
sweetalert2.github.io/images/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sweetalert2.github.io/images/trees.png
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.111.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-111-153.github.com
Software
GitHub.com /
Resource Hash
dc26ae6f0112b64613ad0f86246953119d21c47411a01dcbe35b8b7a2a27ebdd
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

x-fastly-request-id
dfbf8114ef806e63886e3d3a47f39cdb2eabf0c7
etag
"6766b64e-a578"
age
0
x-github-request-id
4000:1149A9:92A4ABF:93C1FB0:67721C09
expires
Mon, 30 Dec 2024 04:15:29 GMT
x-proxy-cache
MISS
x-cache
HIT
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
image/png
last-modified
Sat, 21 Dec 2024 12:36:30 GMT
x-served-by
cache-ams2100088-AMS
x-cache-hits
0
vary
Accept-Encoding
strict-transport-security
max-age=31556952
cache-control
max-age=600
x-timer
S1735539969.450330,VS0,VE107
via
1.1 varnish
permissions-policy
interest-cohort=()
accept-ranges
bytes
access-control-allow-origin
*
content-length
42360
server
GitHub.com
head-bg-1.jpg
18.jm-tt.xyz/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.jm-tt.xyz/img/head-bg-1.jpg
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ee9bce08b5ae8d5c682f435719b28be74d202e0d84b3dbde60081d0c075cad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cache-control
no-store
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
BYPASS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v7bVJj67sR4ILegWW2aXXJI6B%2BDuK8jjqY%2Bef4c0p7lTHxMvbgi61Iv5N0oHyZU8T0UqxjHsVeBbBF1yoa2mzMC0hvxmbk5jrujHtO8QCHZdogFCKKlmbWLeBSEvOF0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f9ff4e8efb9fff6-AMS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
server
cloudflare
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VZTVGR5D66&gtm=45je4cc1v9100004643za200&_p=1735539969381&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=425414250.1735539969&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1735539969&sct=1&seg=0&dl=https%3A%2F%2F18.jm-tt.xyz%2F&dt=%E7%A6%81%E6%BC%AB%E5%A4%A9%E5%A0%82%20-%20%E5%AE%98%E6%96%B9APP&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=808
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VZTVGR5D66
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://18.jm-tt.xyz
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
text/plain
server
Golfe2
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241212/r20190131/ Frame B4DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20241212/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3067229574419048&plah=18.jm-tt.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://18.jm-tt.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
21764
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4128
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Dec 2024 00:23:25 GMT
etag
17661348622971093804
expires
Mon, 13 Jan 2025 00:23:25 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=swal2-container%20swal2-center%20swal2-backdrop-show&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 30 Dec 2024 06:26:09 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=swal2-container%20swal2-center%20swal2-backdrop-show&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 30 Dec 2024 06:26:09 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
pagead2.googlesyndication.com/pagead/ Frame 8259 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3067229574419048&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1735539969&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2F18.jm-tt.xyz%2F&pra=5&wgl=1&aihb=0&aiof=3&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&itsi=-1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1735539969020&bpp=364&bdt=125&idt=488&shv=r20241212&mjsv=m202412090101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=4480540725098&frm=20&pv=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31089323%2C31089325%2C31089327%2C31089330%2C31089338%2C95333409%2C95335245%2C95345967&oid=2&pvsid=4447914045668972&tmod=1967208140&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=502
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3067229574419048&plah=18.jm-tt.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://18.jm-tt.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Dec 2024 06:26:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
clarity.js
www.clarity.ms/s/0.7.59/ 		67 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.59/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/kthsod56ud
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.107.246.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

x-azure-ref
20241230T062609Z-1777998d8f99vkwshC1DUSa6gs0000000aw0000000000bta
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD267192E6C672"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
f2f16797-e01e-0003-509c-58cfbf000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Fri, 27 Dec 2024 12:25:39 GMT
invisible.js
18.jm-tt.xyz/cdn-cgi/challenge-platform/scripts/ Frame 621C 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://18.jm-tt.xyz/cdn-cgi/challenge-platform/scripts/invisible.js
Requested by
Host: 18.jm-tt.xyz
URL: https://18.jm-tt.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cf-chl-out
KRCOVqhjUTDXg71j9PlC599QcdOTg0xFvik=$sjPSYooGZm7HnMWH
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qAXArGaF%2FmqTrP%2BPFq%2FyzvhAGLPPgO93Xc11qkfZs0kgKjukM6TXDK1RLUSUpfpryt5BL1UsFW4LjDjVmYFsGYyDD7s%2BP9fKjKDPf5mUnERYxXuVxB%2BGFhCuJa0BOnY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f9ff4eacfc4fff6-AMS
alt-svc
h3=":443"; ma=86400
content-length
7
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241212&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3067229574419048&plah=18.jm-tt.xyz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8fa556db736a752f0fe2a38ed23b22103ae2789d7608eab6ac5ca08433018161
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13139
date
Mon, 30 Dec 2024 06:26:09 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
icon.png
18.jm-tt.xyz/img/ 		109 KB
109 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://18.jm-tt.xyz/img/icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d222feb938a2ddd246d68fda9914ea460a80ea49ee1e6fb5433a701922663029
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

cf-cache-status
REVALIDATED
etag
"90b559e660d2f84bcb0841d895948b23"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lL%2Ft4Z3bRiXmrswwaVnl673dP8cbwNBAW9s8EjHvGFYJPtXcOPdc%2FWf0rcV99oO7SvFTNADgdNMiDcToG8oh3osces7mFl0x3dbKFYLuUPM8sBvq7OOF9NxtBJO10JM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=14400, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8f9ff4eadfc5fff6-AMS
accept-ranges
bytes
access-control-allow-origin
*
content-length
111341
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202412090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3067229574419048&plah=18.jm-tt.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://18.jm-tt.xyz/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 06:26:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 30 Dec 2024 06:26:09 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
collect
q.clarity.ms/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://18.jm-tt.xyz/

Response headers

Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin
https://18.jm-tt.xyz
Date
Mon, 30 Dec 2024 06:26:10 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame F051 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://18.jm-tt.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
440
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Dec 2024 06:18:50 GMT
expires
Mon, 30 Dec 2024 07:08:50 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0
collect
q.clarity.ms/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.59/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://18.jm-tt.xyz/

Response headers

Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
Access-Control-Allow-Origin
https://18.jm-tt.xyz
Date
Mon, 30 Dec 2024 06:26:11 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241212&jk=4447914045668972&bg=!s7ClsP_NAAbtGp3CzRo7ADQBe5WfODRIpqo23GJiJgfBXhK2Geji757utf1aaKsCi0cNikhoCa6j7XDMFby42PHKzuXMAgAAACdSAAAAAmgBB34ANhTDILcIGICpYwsN6Qy40fMdwJwiwBe1brZSAAe6CecRv33Xajub1hZrgCOgMa32YhfY3PLI5JkCklEzFMYhlJaeBzzWe5Q70x37CaGuU9KO6G6g7uB2fqx2A_T8xHUU5S7TdUor4ypDuhSkqq7-jf_qYSV0f3Kb9LoUd4o1_BIPO0CYlaQUqc9qytJkkPg4OCUop-N45-EoCUI6SnhRkK45c9upzb1Y-U01EJY918INBLrEdyRcLFushHMLYW6Hiq5nbjPJcm-Wht2ZpyWNLtwRdXGgNRiUUQqhuSAt2IBCmUELGJMP06zGengz_kWCZ7JsvpSNCKWJW6v7_2RJQHhUpDUvKJX3-lBfojrlc-bBn9JitGj8pOT0Do2CEiCLpO7VeQSEEMaMlOrr7eLYQEsJ31QxAF_aiZ38xqHmSPoe5E5PB2wzVJACbHAwcJ8f6UCy145ExwlKPjnRvEwDXA3OCfXgkXctdMGug1jz6Ogcx6JGuN1Qsh5t3l3kaxAU655DVZ3Yw4XB6SJVBLg5OOHj-XYCOMfNaKtG5VfyeTEwjXWmp6NqNeQ2HJn8ExSgOcg3ZfMPSGwPYoLWzeKts728G5ab0rJcef9mc71y7cyofKLiRecMSON3E-dF62_unsqLD8oF-xRYxs_TWuPsA8L7kG_vYXOdgvoWQC-fm0JAmhExz7qQoXY7464qVHn-XNsAaPO-ayUL-BCxeKVCkAFCRp0aS5jACsoHQVUv4AqTgdTFvnJmDVgfRaAlonnAH3IRmr9TvcbZnEkZMKgdoNZYFhIx8LwcOooGWYl8n3VMpXZ7zydFkNf7A1gPZsT7qV2R-2SOYMxiv_I-JxPm3Rw8bpvZFN1hpnmlyXL2Ogwo5iR9q2q3rTHJwHWJ-mxL8t4yvBBlShuWFJkErfH83s2Or5DXLLR5n0rw1F-8BPndPDBlBm90OZ1mstE

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint function| gtag object| dataLayer function| clarity string| host function| google_spfd number| google_unique_id object| google_sv_map function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| handleClick object| __cfQR function| $ function| jQuery object| toastr object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googPageScrollPreventerInfo boolean| googFloatingToolbarManagerAsyncPositionUpdate object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages boolean| __cfRLUnblockHandlers object| GoogleGcLKhOms

2 Cookies

Domain/Path Name / Value
.jm-tt.xyz/ Name: _ga_VZTVGR5D66
Value: GS1.1.1735539969.1.0.1735539969.0.0.0
.jm-tt.xyz/ Name: _ga
Value: GA1.1.425414250.1735539969

3 Console Messages

Source Level URL
Text
network error URL: https://ik.imagekit.io/chinesefonts/packages/cubic/dist/Cubic/result.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://18.jm-tt.xyz/img/head-bg-1.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://18.jm-tt.xyz/cdn-cgi/challenge-platform/scripts/invisible.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18.jm-tt.xyz
2024.comicjm.xyz
aifuck.cc
cdn.jsdelivr.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
ik.imagekit.io
pagead2.googlesyndication.com
q.clarity.ms
region1.google-analytics.com
sweetalert2.github.io
www.clarity.ms
www.googletagmanager.com
ep1.adtrafficquality.google
104.21.96.1
104.26.7.141
13.107.246.45
142.250.184.200
142.250.184.225
142.250.185.66
142.250.186.130
151.101.65.229
185.199.111.153
188.114.97.3
20.231.53.73
216.239.32.36
65.9.66.13
0407af136c7773e1527442115d355ab6854cf6167eeda37d3994b2bf2bbcc1d7
141455de4455605afedbcec16d6c59d77f88590b02881e28bcbaf5032f85ceaa
2365581c67ad48c51737c142702f1bb2644ba637f708c4f6f67b995ce0242712
28ee9bce08b5ae8d5c682f435719b28be74d202e0d84b3dbde60081d0c075cad
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
6affc037ee3f3900837f907e10b3dd7854e226da0b210fd8bebb64f2009f8295
7d684a451ee5dd757bd30c86615cd608c1e0807f921f667f0db61e19663d20f7
83146c62110f911cbc9e66daa824d1f4e1d8f8aa6508aa45fe061932db65fa27
8fa556db736a752f0fe2a38ed23b22103ae2789d7608eab6ac5ca08433018161
9138af7673ff3b48b84f173f50db3460211299b255916afe296db744edb7e098
96f65edd11eb55b76620c7102ddf43c4f877168646824e6be4a949e11fbe2ffc
9c9b972144186e193b60eef5fc950a78d6b6d187fd52c377447ec4069bf76b0a
a49465c586c9a8081ec962e79bc0ddf77f05b78bd32844349e6c95b9fa2c5015
a8956efd8634a46f003bf24844cf64afd0fa13f1fbc28564f2afe2ec405255e0
b17526a26c40ec11465d199ef39ef6c58ff7fa84635bdffafa00a8127abf7135
b4a94f7344045f7c376be77498479a4169d370f8a44d4bfa509b5b8aca504779
b5ef6c8235e2795f06903c30b623ccbc8ecfdce360b515e2c45703ff5fe0ae8c
be4607a6dcff84bde41bd1d5a651aeb8a246a51277d5fb71906520e2e9437829
d222feb938a2ddd246d68fda9914ea460a80ea49ee1e6fb5433a701922663029
da1c95e85b10b11051e546c784c18635346086686675e086b6e6425a79a423f0
dc26ae6f0112b64613ad0f86246953119d21c47411a01dcbe35b8b7a2a27ebdd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62f2d255c97db79cf2867573b65d8f857024be6ad06938c35c0190467a602a1
e7fba67f6353ece51669c67fcd7f625e717ac9e6979fce7cb53081298d98a329
ee74bbdb99c1cd83dfe17594bdeba68832d5c38144be889d3d041bdcbd8765f7
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99