open.gwaitw.com Open in urlscan Pro
114.116.169.51  Public Scan

32 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response open.gwaitw.com/	12 KB 3 KB	3335ms 1056ms	Document text/html	114.116.169.51 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL https://open.gwaitw.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 114.116.169.51 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS ecs-114-116-169-51.compute.hwclouds-dns.com Software nginx/1.14.2 / Resource Hash 3a68f5118139a3dbd030c6a31007fa3e022bfa73e6ad89d45b9a5b3c2a62f47c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,ADMIN-Authorization,API-Authorization access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS access-control-max-age 3600 content-encoding gzip content-language de-DE content-type text/html;charset=utf-8 date Thu, 18 Apr 2024 17:58:41 GMT expires Thu, 01 Jan 1970 00:00:00 GMT server nginx/1.14.2 strict-transport-security max-age=31536000 vary Accept-Encoding, User-Agent
GET H2	200	rain.css www.gwaitw.com/themes/Fantasy/source/css/	3 KB 2 KB	1710ms 520ms	Stylesheet text/css	114.116.169.51 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL https://www.gwaitw.com/themes/Fantasy/source/css/rain.css Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 114.116.169.51 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS ecs-114-116-169-51.compute.hwclouds-dns.com Software nginx/1.14.2 / Resource Hash 63a69b3c599faefd25dab98359255ca4bcfe7e02bb6d082d0df985b70efd45ea Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:43 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 24 Nov 2022 04:31:52 GMT server nginx/1.14.2 access-control-max-age 3600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/css vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Content-Type,ADMIN-Authorization,API-Authorization content-length 1061 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	kico.css www.gwaitw.com/themes/Fantasy/source/css/	22 KB 5 KB	1461ms 271ms	Stylesheet text/css	114.116.169.51 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL https://www.gwaitw.com/themes/Fantasy/source/css/kico.css Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 114.116.169.51 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS ecs-114-116-169-51.compute.hwclouds-dns.com Software nginx/1.14.2 / Resource Hash c7e084121b498c158aa002d0ba2838fa1295bc43e7f34a03e3475ad8dcd3f70e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:43 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 24 Nov 2022 04:31:52 GMT server nginx/1.14.2 access-control-max-age 3600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/css vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Content-Type,ADMIN-Authorization,API-Authorization content-length 4683 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	fantasy.css www.gwaitw.com/themes/Fantasy/source/css/	12 KB 4 KB	1713ms 523ms	Stylesheet text/css	114.116.169.51 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL https://www.gwaitw.com/themes/Fantasy/source/css/fantasy.css Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 114.116.169.51 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS ecs-114-116-169-51.compute.hwclouds-dns.com Software nginx/1.14.2 / Resource Hash c912a6fb2c130894a4357ea5a0d7da0998bddcf76fe2e4f3b69de4969917371b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:43 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 24 Nov 2022 04:31:52 GMT server nginx/1.14.2 access-control-max-age 3600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/css vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Content-Type,ADMIN-Authorization,API-Authorization content-length 3958 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	font-awesome.min.css 6.cdn.moea.top/font-awesome-4.7.0/css/	30 KB 7 KB	1072ms 716ms	Stylesheet text/css	2606:4700:3037::6815:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.cdn.moea.top/font-awesome-4.7.0/css/font-awesome.min.css Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:46 GMT strict-transport-security max-age=15552000; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sun, 16 Apr 2023 04:17:40 GMT server cloudflare etag W/"269550530cc127b6aa5a35925a7de6ce" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yBfPQ5WvtMuBGi7QonIiptd7yI3PpX3CVMgLo1Q1cy47Ha31GIlLh%2BxzMrY7miIJ4p6I5xZFDurrOFtqYm6VtilaTFKI4X9VamfmnjdafjnlnPa64o1WI9odKDrsuOKn9D6dd3s%2BfY3cIZkoRw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-frame-options SAMEORIGIN cache-control max-age=31536000 cf-ray 87668b768f932ba3-FRA
GET H2	200	androidstudio.min.css 6.cdn.moea.top/js/highlight@11.6.0/styles/	611 B 622 B	1074ms 718ms	Stylesheet text/css	2606:4700:3037::6815:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.cdn.moea.top/js/highlight@11.6.0/styles/androidstudio.min.css Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0869a17349d3f1bdd078763e8c11ec9808c9f38239bb254720577662fba87bf Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:46 GMT strict-transport-security max-age=15552000; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sun, 16 Apr 2023 04:17:58 GMT server cloudflare etag W/"9376f7dbec4832ee53ebe70c37d3853e" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnQaad%2Bbb8I60Prfk6EQwesVZqU0gd2kdTwHddAItTc8hsJBmqa4VivT4sezAwNQk7j6LxeuOtV3a05MqoFYl1z%2FzkNwRNMtu3wdNQOC0aoI7SSGLs%2BKF8DlZRJtOweOqrspgO0ArUXIhpHxdQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css x-frame-options SAMEORIGIN cache-control max-age=31536000 cf-ray 87668b768f962ba3-FRA
GET H2	200	APlayer.min.css www.gwaitw.com/themes/Fantasy/source/css/	12 KB 3 KB	1460ms 270ms	Stylesheet text/css	114.116.169.51 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL https://www.gwaitw.com/themes/Fantasy/source/css/APlayer.min.css Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 114.116.169.51 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS ecs-114-116-169-51.compute.hwclouds-dns.com Software nginx/1.14.2 / Resource Hash baa4101a70dc9912af84ac1ce559b85d3d46436a15eadd54d0d47637db55f814 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:43 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 24 Nov 2022 04:31:52 GMT server nginx/1.14.2 access-control-max-age 3600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/css vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Content-Type,ADMIN-Authorization,API-Authorization content-length 2537 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 50 KB	121ms 63ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961993857932053 Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash ec2c6b6a261bad9c8bc4eb960fb7bfbd00f2e3dde3edf483166595f762ad0d55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Origin https://open.gwaitw.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:46 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50843 x-xss-protection 0 server cafe etag 1556114930817620741 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Thu, 18 Apr 2024 17:58:46 GMT
GET H2	200	cm.js Show response cpro.baidustatic.com/cpro/ui/	114 KB 39 KB	3008ms 281ms	Script text/javascript	220.169.152.35 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://cpro.baidustatic.com/cpro/ui/cm.js Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 220.169.152.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software JSP3/2.0.14 / Resource Hash 1cc1b80d4c8d0827137e8ef1d12ca63549848ae4ca3fe3fa361e073bbf01ee9a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers ohc-file-size 39127 date Thu, 18 Apr 2024 17:58:48 GMT content-encoding gzip ohc-cache-hit yy2ct72 [2], czix162 [2] last-modified Wed, 30 Aug 2023 02:38:15 GMT server JSP3/2.0.14 age 1188 x-cache-status HIT content-type text/javascript; charset=utf-8 cache-control max-age=3600 accept-ranges bytes ohc-global-saved-time Thu, 18 Apr 2024 17:39:00 GMT content-length 39127 expires Thu, 18 Apr 2024 18:39:00 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/	412 KB 140 KB	126ms 85ms	Script text/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961993857932053&plah=open.gwaitw.com&aplac=true&bust=31082890 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961993857932053 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash e8c12792fd298a630b55010c5244ae5b46143ffc43eeb1a06ed00239a0d45d4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:47 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 142909 x-xss-protection 0 server cafe etag 8110855462671640164 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 18 Apr 2024 17:58:47 GMT
GET H2	200	background.png open.gwaitw.com/themes/Fantasy/source/images/	15 KB 15 KB	518ms 518ms	Image image/png	114.116.169.51 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Show image Full URL https://open.gwaitw.com/themes/Fantasy/source/images/background.png Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 114.116.169.51 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS ecs-114-116-169-51.compute.hwclouds-dns.com Software nginx/1.14.2 / Resource Hash 60050164439114e210d713af1f2649518183caee43ae00071cec8a364275517a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:45 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Thu, 24 Nov 2022 04:31:52 GMT server nginx/1.14.2 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-max-age 3600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type image/png access-control-allow-credentials true access-control-allow-headers Content-Type,ADMIN-Authorization,API-Authorization
GET DATA	200 OK	truncated /	325 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3a6465704ddf5023ddd3b6a85cf0c4ec81332a4c17be33b9dd8194a9a66ef015 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	244 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7c50e5cd6df13fc46618b56d56e83ac04bcb5a4ffb4eee33cdde1a6dc7642b32 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	fontawesome-webfont.woff2 6.cdn.moea.top/font-awesome-4.7.0/fonts/	75 KB 76 KB	911ms 866ms	Font font/woff2	2606:4700:3037::6815:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.cdn.moea.top/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: 6.cdn.moea.top URL: https://6.cdn.moea.top/font-awesome-4.7.0/css/font-awesome.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://6.cdn.moea.top/font-awesome-4.7.0/css/font-awesome.min.css Origin https://open.gwaitw.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:49 GMT strict-transport-security max-age=15552000; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 content-length 77160 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sun, 16 Apr 2023 04:17:41 GMT server cloudflare etag "af7ae505a9eed503f8b8e6982036873e" expect-ct max-age=86400, enforce vary Origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N51bkDBZmwMj8JrVdJEXlG4iJl2rpi2wjd4pC87rw06Ofh%2FLM42Jw1iSZmDw5VLt%2B4b%2F85SmqH8h1cfVIDBUYqQzhlHnUo7RudHOLJ2WPI24lEsJn6a4V8B7QUjI1u6oen%2BBZzPUeqydQQxUcw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 x-frame-options SAMEORIGIN accept-ranges bytes cf-ray 87668b89999192b4-FRA
GET H3	200	ads pagead2.googlesyndication.com/pagead/ Frame 42B6	0 0	381ms 341ms	Document text/html	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-5961993857932053&output=html&adk=1812271804&adf=3025194257&lmt=1713463128&plat=2%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x675_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fopen.gwaitw.com%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuNjAiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMjQuMC42MzY3LjYwIl0sWyJHb29nbGUgQ2hyb21lIiwiMTI0LjAuNjM2Ny42MCJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&dt=1713463127036&bpp=1433&bdt=1898&idt=1434&shv=r20240415&mjsv=m202404160101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7819934080394&frm=20&pv=2&ga_vid=188586044.1713463128&ga_sid=1713463128&ga_hid=2066910466&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082703%2C31082890%2C95320376%2C95329829%2C31081717%2C31082144&oid=2&pvsid=2977584070553428&tmod=896866705&uas=0&nvt=1&fsapi=1&fc=1920&brdim=190%2C190%2C190%2C190%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=1464 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961993857932053&plah=open.gwaitw.com&aplac=true&bust=31082890 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://open.gwaitw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 18 Apr 2024 17:58:48 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	168ms 168ms	Image image/gif	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=ASIDE&ign=false&pw=1600&ph=1200&x=0&y=139.2 Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 18 Apr 2024 17:58:48 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	801ms 317ms	Script application/javascript	111.45.3.198 CMNET-GUANGDONG-A...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?4cb1ef7b32dba129687c8106d981762c Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN), Reverse DNS Software apache / Resource Hash bf988e8e3beeb19c01c388a1750b8c7f0275b25cb4ef5d5b1db800dc3c1d531c Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 18 Apr 2024 17:58:49 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 0ffad85c30bdcd971045466d8dbe9bf2 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11302
GET H2	200	pjax.min.js Show response 6.cdn.moea.top/js/pjax@0.2.8/	23 KB 7 KB	332ms 331ms	Script text/javascript	2606:4700:3037::6815:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.cdn.moea.top/js/pjax@0.2.8/pjax.min.js Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c9819844d18cf059f52a7da53f786d418348cc662dd7e243f009ec559bac85e2 Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:48 GMT strict-transport-security max-age=15552000; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sun, 16 Apr 2023 04:17:54 GMT server cloudflare etag W/"d810aff16a7f45392bdeec5493ebee8e" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=flDRMoBobDAd9h9mLK7YhBUwhrxfvNPFYtkGcTOff2KBFItj22rBoZj8XPHzJNu3p8QyheurmhFO7hjERcGeOTQaQSW7TdeWhgFtNli%2BW5i13FiPN%2BsIkLJIMnYLsyh8aDd9ZX5y2UYBNvbmow%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript x-frame-options SAMEORIGIN cache-control max-age=31536000 cf-ray 87668b894dfb2ba3-FRA
GET H2	200	jquery.min.js Show response 6.cdn.moea.top/js/jquery@3.6.0/	87 KB 32 KB	361ms 358ms	Script text/javascript	2606:4700:3037::6815:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.cdn.moea.top/js/jquery@3.6.0/jquery.min.js Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:49 GMT strict-transport-security max-age=15552000; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sun, 16 Apr 2023 04:17:52 GMT server cloudflare etag W/"8fb8fee4fcc3cc86ff6c724154c49c42" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atiZf8UME%2B%2F7CwnqMgeKKPAvGDZhGRTHflUTBKLLcj%2BHvFI2uK82aNKq1PWb28cKFFcCDRuwyDT5F9BiNtMEFw8Uiv%2Ftt2Oug1bSRZQkcBJSnr3ZRQXhOOZD53fD0S%2B%2FiN7iVkS2Wv6fdX7KNw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript x-frame-options SAMEORIGIN cache-control max-age=31536000 cf-ray 87668b8b686a2ba3-FRA
GET H2	200	kico.js Show response www.gwaitw.com/themes/Fantasy/source/js/	4 KB 2 KB	255ms 254ms	Script application/javascript	114.116.169.51 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL https://www.gwaitw.com/themes/Fantasy/source/js/kico.js Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 114.116.169.51 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS ecs-114-116-169-51.compute.hwclouds-dns.com Software nginx/1.14.2 / Resource Hash 63a2b53783644bc01d4910660716162b0cc881fe93a0c6d661be6de7d014d5b9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:46 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 24 Nov 2022 04:31:52 GMT server nginx/1.14.2 access-control-max-age 3600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/javascript; charset=utf-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Content-Type,ADMIN-Authorization,API-Authorization content-length 1524
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	312ms 311ms	Image image/gif	111.45.3.198 CMNET-GUANGDONG-A...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1466006504&si=4cb1ef7b32dba129687c8106d981762c&v=1.3.0&lv=1&sn=50554&r=0&ww=1600&u=https%3A%2F%2Fopen.gwaitw.com%2F&tt=%E8%8E%AB%E8%A8%80%E7%A6%BB%E6%AE%87 Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Thu, 18 Apr 2024 17:58:49 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H2	200	highlight.min.js Show response 6.cdn.moea.top/js/highlight@11.6.0/	145 KB 42 KB	358ms 358ms	Script text/javascript	2606:4700:3037::6815:1e28 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6.cdn.moea.top/js/highlight@11.6.0/highlight.min.js Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1e28 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dd13a924feb0bcc7c070b5e5f509590916d188013c2760bab7e7bc572ef5b2d Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:49 GMT strict-transport-security max-age=15552000; preload x-content-type-options nosniff cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sun, 16 Apr 2023 04:17:51 GMT server cloudflare etag W/"d18c8b04c0f4e71ef6d6307a91048064" expect-ct max-age=86400, enforce vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S6nN5FYjqyLimeNkDo1Wwh7w0o3O9n6Ls2LhpJ8OkPIf0hn6AqaRrtQV1g7Ig9icG1%2BQq9EX3R1Tg1hMDXDdZ813zRg3xjfthnGl65iVsDyLMq0xpAKcanRtTd85tfpYmr5QD5AmyCUBuG68rA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript x-frame-options SAMEORIGIN cache-control max-age=31536000 cf-ray 87668b8f4cfb2ba3-FRA
GET H2	200	rain.js Show response www.gwaitw.com/themes/Fantasy/source/js/	3 KB 2 KB	893ms 893ms	Script application/javascript	114.116.169.51 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL https://www.gwaitw.com/themes/Fantasy/source/js/rain.js Requested by Host: open.gwaitw.com URL: https://open.gwaitw.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 114.116.169.51 , China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS ecs-114-116-169-51.compute.hwclouds-dns.com Software nginx/1.14.2 / Resource Hash 8fe19a1cdfaf1e0068ff213ac5118f64bfe817a57d86fa971e76dc7789b30a32 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:47 GMT content-encoding gzip strict-transport-security max-age=31536000 last-modified Thu, 24 Nov 2022 04:31:52 GMT server nginx/1.14.2 access-control-max-age 3600 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type application/javascript; charset=utf-8 vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent access-control-allow-credentials true accept-ranges bytes access-control-allow-headers Content-Type,ADMIN-Authorization,API-Authorization content-length 1649
GET H/1.1	200 OK	auto_dup Show response pos.baidu.com/	59 B 752 B	2010ms 349ms	Script application/javascript	103.235.47.190 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://pos.baidu.com/auto_dup?di=0&uuid=5801da534fd3c1ab&dri=0&dis=0&dai=0&ps=0x0&enu=encoding&exps=110011&ant=0&psi=699221100eb3010c&dcb=___baidu_union_callback&dtm=AUTO_JSONP&dvi=0.0&dci=-1&dpt=none&tpr=1713463128458&ti=%E8%8E%AB%E8%A8%80%E7%A6%BB%E6%AE%87&ari=2&ver=0830&kws=%E8%8E%AB%E8%A8%80%E7%A6%BB%E6%AE%87%2C%E8%8E%AB%E8%A8%80%E7%A6%BB%E6%AE%87%E7%9A%84%E5%8D%9A%E5%AE%A2%2C%E8%8E%AB%E8%A8%80%E7%A6%BB%E6%AE%87%E7%9A%84%E5%B0%8F%E7%AB%99&dbv=2&drs=1&pcs=1600x1200&pss=1600x1200&cfv=0&cpl=5&chi=2&cce=true&cec=UTF-8&tlm=1713463128&prot=2&rw=1200&ltu=https%3A%2F%2Fopen.gwaitw.com%2F&ecd=1&dft=0&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1713463128&dc=4&aa=1 Requested by Host: cpro.baidustatic.com URL: https://cpro.baidustatic.com/cpro/ui/cm.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.47.190 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software nginx / Resource Hash dcd38d7f84e18e6b0b29ef683c801865fa7382fc22c36150e32a4d34e32c77e4 Security Headers Name Value X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Thu, 18 Apr 2024 17:58:52 GMT Last-Modified Fri Apr 19 01:58:52 2024 Server nginx P3p CP=" OTI DSP COR IVA OUR IND COM " Content-Type application/javascript;charset=UTF-8 Cache-Control post-check=0, pre-check=0 Connection keep-alive Content-Length 59 X-Xss-Protection 0 Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	65ms 65ms	XHR application/json	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240415&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961993857932053&plah=open.gwaitw.com&aplac=true&bust=31082890 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash f98593e58e6bf8ef159714a172a15dae71d409b280c42f0c753f4485368232cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:52 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12190 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	91ms 31ms	Script text/javascript	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202404160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961993857932053&plah=open.gwaitw.com&aplac=true&bust=31082890 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://open.gwaitw.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 18 Apr 2024 17:58:52 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 18 Apr 2024 17:58:52 GMT
GET		Fn2sh1BryVwrW486A8Jmid4WB02t.png media.gwaitw.com/	0 0
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9AB9	0 0	386ms 21ms	Document text/html	2a00:1450:4001:82a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://open.gwaitw.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 27005 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 18 Apr 2024 10:28:48 GMT expires Fri, 18 Apr 2025 10:28:48 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

media.gwaitw.com

URL

https://media.gwaitw.com/Fn2sh1BryVwrW486A8Jmid4WB02t.png

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240415&jk=2977584070553428&bg=!6-il6KfNAAacqq62vKo7ADQBe5WfOBv0G7jVW7v2HpbdWxzNJLTDlYA4G2KC-B06RAJqz2bmumTUef6bKErYSPYRPLxpAgAAADtSAAAAAmgBB34ANZfe-XLl7PXVTIq7sTUGjNjNDhkO7J9Txd19SMZr951InP2kYsXG9t4EUgB10xnBu_bEHXaBmQLdDg4_vt8eEg3vA2FQORgmiPYNM01sJE4NCeULHqJAuoBDMP4BgCZuZ3Gqns6y1k_K_RSqsgnl3qaedBKm8IoNicO54bEo7dwKbBQ6RdfGl4KmAOS7nI3bgmjZ_YEuTlmgLqnoZafox5x7Pm2MKoHh4vnsT18fZqRhkPbM2h93csO4ZvOLHFsJP4P1g5_47LXYRY8e1wmrgGFZwY7fqfPMgfID2pXZTQ7l-mPecMislG6IRCaj12gXVe51IY4sjBBZautGDa9EZyOTRogmA1hKFds79FugB3OAkVda4k0JGEuBHXsfBMXdHfR82CjuDl8nFvTzwKyMnEewmqRVguPe6dLoi-Z6SjtZYahHKXgh3mOG3OADMUq-Hy-G24Xkz0horZXSVqdXlkf5ZNAbVTZkMBFv4TGAkfaDfCscnzqIHtj6KuR2laqVQIyT3GoWeroTroj2b7GF4r-Rsi6aIXiBq10_f8cCDplNUTiWdgTWz9yd75AVXhlEKBusV4YzBiAY2_Oa9-j4m0gahBtWRomU9YhQRYEGugEPfqdyf74W700dF4srPmVQVRyzLHogyXr8tUNKkil5RkqSRqDFiUXE56v6Ui58hhPxIM_M6VX5hYJ_oaCaktXMsb9nljIV_iAvTNccf4ULOun0u12ETVwG6Tm-Fugs6gnk31r_osmMz9oZhrg6lFbKG7ty0UXBP2CdVm_uAQ8TJoVjsesL_JKd8s-l4fdRhCNhvfVIYdNJC4ffOK7cHEOS2PHmGZLtPU2dahpjZV3kRYRT9_cNc6lzHZwNAy4ZfSU4bF053831io1HGwtZmqOlhl4kj1bhEZYyTIGQk2byKFWa-W1uSyzOPMPJQDMjOqL9S18dWlMzprzFDgwoTVGx6fy14cP3BUlcr4Wso8TvqSIx7k4-CRA1nj9vi8QHLrfGQ_MtTmEDRgLo6sVymR6Ulg0kZZ43LP7phMzL9lwEdOypy7oi1g

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| ___baidu_union object| ___delivery___global___counter___ object| BAIDU_SSP__info object| __delivery_global_ function| ___adblockplus_ function| ___baidu_union_callback number| BAIDU_DUP2_pageFirstRequestTime object| cpro_id object| cproArray object| cpro_mobile_slot object| BAIDU_DUP object| BAIDU_CLB_SLOT_ID function| BAIDU_CLB_fillSlot function| BAIDU_CLB_singleFillSlot function| BAIDU_CLB_fillSlotWithSize function| BAIDU_CLB_fillSlotAsync function| BAIDU_CLB_prepareMoveSlot function| BAIDU_CLB_setConfig function| BAIDU_CLB_addOrientation function| BAIDU_CLB_addSlot function| BAIDU_CLB_enableAllSlots function| BAIDU_CLB_preloadSlots function| BAIDU_DUP_addSlotStatusCallback object| slotbydup function| google_spfd number| google_unique_id object| google_sv_map object| google_image_requests number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _hmt function| Pjax function| $ function| jQuery object| rain boolean| _bdhm_loaded_4cb1ef7b32dba129687c8106d981762c object| mini_tangram_log_59o7sb function| Kico_Style object| ks object| hljs object| that object| element object| pjax object| tocset function| loadbangumi function| loadstart function| loadend object| GoogleGcLKhOms

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			open.gwaitw.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: node0ulsyi12zvkrwc04kfi0qcjo4407417.node0
			www.gwaitw.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: node0104p2aevl3ob2m2gnkezktroq407420.node0
			.hm.baidu.com/	1970-01-21 05:33:43	Name: HMACCOUNT_BFESS Value: D875F13B7CC0FE70
			.gwaitw.com/	1970-01-21 04:43:19	Name: Hm_lvt_4cb1ef7b32dba129687c8106d981762c Value: 1713463129
			.gwaitw.com/	1969-12-31 23:59:59	Name: Hm_lpvt_4cb1ef7b32dba129687c8106d981762c Value: 1713463129
			.baidu.com/	1970-01-21 04:43:19	Name: BAIDUID_BFESS Value: 258F910BA219B3B61E20160F163E78B1:FG=1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://open.gwaitw.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://open.gwaitw.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://open.gwaitw.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6.cdn.moea.top
cpro.baidustatic.com
hm.baidu.com
media.gwaitw.com
open.gwaitw.com
pagead2.googlesyndication.com
pos.baidu.com
tpc.googlesyndication.com
www.gwaitw.com
media.gwaitw.com
pagead2.googlesyndication.com
103.235.47.190
111.45.3.198
114.116.169.51
142.250.186.34
220.169.152.35
2606:4700:3037::6815:1e28
2a00:1450:4001:82a::2001
1cc1b80d4c8d0827137e8ef1d12ca63549848ae4ca3fe3fa361e073bbf01ee9a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3a6465704ddf5023ddd3b6a85cf0c4ec81332a4c17be33b9dd8194a9a66ef015
3a68f5118139a3dbd030c6a31007fa3e022bfa73e6ad89d45b9a5b3c2a62f47c
60050164439114e210d713af1f2649518183caee43ae00071cec8a364275517a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a2b53783644bc01d4910660716162b0cc881fe93a0c6d661be6de7d014d5b9
63a69b3c599faefd25dab98359255ca4bcfe7e02bb6d082d0df985b70efd45ea
6dd13a924feb0bcc7c070b5e5f509590916d188013c2760bab7e7bc572ef5b2d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c50e5cd6df13fc46618b56d56e83ac04bcb5a4ffb4eee33cdde1a6dc7642b32
8fe19a1cdfaf1e0068ff213ac5118f64bfe817a57d86fa971e76dc7789b30a32
baa4101a70dc9912af84ac1ce559b85d3d46436a15eadd54d0d47637db55f814
bf988e8e3beeb19c01c388a1750b8c7f0275b25cb4ef5d5b1db800dc3c1d531c
c0869a17349d3f1bdd078763e8c11ec9808c9f38239bb254720577662fba87bf
c7e084121b498c158aa002d0ba2838fa1295bc43e7f34a03e3475ad8dcd3f70e
c912a6fb2c130894a4357ea5a0d7da0998bddcf76fe2e4f3b69de4969917371b
c9819844d18cf059f52a7da53f786d418348cc662dd7e243f009ec559bac85e2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dcd38d7f84e18e6b0b29ef683c801865fa7382fc22c36150e32a4d34e32c77e4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c12792fd298a630b55010c5244ae5b46143ffc43eeb1a06ed00239a0d45d4d
ec2c6b6a261bad9c8bc4eb960fb7bfbd00f2e3dde3edf483166595f762ad0d55
f98593e58e6bf8ef159714a172a15dae71d409b280c42f0c753f4485368232cd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e