gmtea.net Open in urlscan Pro
68.66.226.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gmtea.net/
Submission: On October 09 via api (October 9th 2024, 11:25:30 am UTC) from US — Scanned from CA

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 49 HTTP transactions. The main IP is 68.66.226.92, located in United States and belongs to A2HOSTING, US. The main domain is gmtea.net.
TLS certificate: Issued by R11 on September 4th 2024. Valid for: 3 months.

This is the only time gmtea.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	68.66.226.92 68.66.226.92	55293 (A2HOSTING) (A2HOSTING)
6	142.250.80.66 142.250.80.66	15169 (GOOGLE) (GOOGLE)
22	172.67.150.214 172.67.150.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	39.156.66.111 39.156.66.111	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
2	142.251.41.8 142.251.41.8	15169 (GOOGLE) (GOOGLE)
3	104.21.26.12 104.21.26.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
3	142.251.40.174 142.251.40.174	15169 (GOOGLE) (GOOGLE)
2	142.251.40.161 142.251.40.161	15169 (GOOGLE) (GOOGLE)
1	172.217.165.132 172.217.165.132	15169 (GOOGLE) (GOOGLE)
49	11

3 68.66.226.92 (United States)

ASN55293 (A2HOSTING, US)
PTR: az1-ts4.a2hosting.com

gmtea.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 172.67.150.214 (United States)

ASN13335 (CLOUDFLARENET, US)

static.yunjiema.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 39.156.66.111 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

libs.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.8 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.21.26.12 (None, )

ASN13335 (CLOUDFLARENET, US)

1.jacie.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.174 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.161 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.165.132 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	yunjiema.net static.yunjiema.net	382 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 163	311 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
3	jacie.top 1.jacie.top	22 KB
3	gmtea.net gmtea.net	5 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	173 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	baidu.com libs.baidu.com — Cisco Umbrella Rank: 245814	29 KB
49	9

	Domain	Requested by
22	static.yunjiema.net	gmtea.net static.yunjiema.net
6	pagead2.googlesyndication.com	gmtea.net pagead2.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	1.jacie.top	gmtea.net 1.jacie.top
3	gmtea.net	gmtea.net
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.googletagmanager.com	gmtea.net www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	libs.baidu.com	gmtea.net
49	10

This site contains links to these domains. Also see Links.

Domain
www.xxfseo.com

Subject Issuer	Validity	Valid
gmtea.net R11	`2024-09-04` - `2024-12-03`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
yunjiema.net WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
jacie.top WE1	`2024-10-04` - `2025-01-02`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://gmtea.net/
Frame ID: CCC143D17001E0F1CA2DD09034ACD886
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241007/r20190131/zrt_lookup_fy2021.html
Frame ID: 22607F297890015FBEB2F1201B1F6724
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1711213447767808&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1728473121&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgmtea.net%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728473119169&bpp=2307&bdt=404&idt=2307&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4182689676444&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C95338738%2C31087658%2C44798934%2C95331833%2C95332586%2C95343455&oid=2&pvsid=1207027079820477&tmod=1444012271&uas=0&nvt=1&fsapi=1&fc=1920&brdim=920%2C920%2C920%2C920%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=2363
Frame ID: 102645362EE5478DC26A2D8774314BA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=1132976473&adf=1715028348&pi=t.ma~as.7365343729&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1728473121&rafmt=1&format=1110x280&url=https%3A%2F%2Fgmtea.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728473121598&bpp=34&bdt=2833&idt=34&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4182689676444&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=307&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C95338738%2C31087658%2C44798934%2C95331833%2C95332586%2C95343455&oid=2&pvsid=1207027079820477&tmod=1444012271&uas=0&nvt=1&fc=1920&brdim=920%2C920%2C920%2C920%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=50
Frame ID: E3DEFA7F5881154E9CD52D0E4CC497C4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=3539489905&adf=33162377&pi=t.ma~as.7365343729&w=1080&abgtt=6&fwrn=4&fwrnh=100&lmt=1728473121&rafmt=1&format=1080x280&url=https%3A%2F%2Fgmtea.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728473121682&bpp=13&bdt=2917&idt=13&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=4182689676444&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C95338738%2C31087658%2C44798934%2C95331833%2C95332586%2C95343455&oid=2&pvsid=1207027079820477&tmod=1444012271&uas=0&nvt=1&fc=1920&brdim=920%2C920%2C920%2C920%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=20
Frame ID: A1A9F1AC15AFDEF6372337F0B1763AE4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=3539489905&adf=3178925079&pi=t.ma~as.7365343729&w=1080&abgtt=6&fwrn=4&fwrnh=100&lmt=1728473121&rafmt=1&format=1080x280&url=https%3A%2F%2Fgmtea.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728473121722&bpp=4&bdt=2957&idt=5&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280%2C1080x280&nras=1&correlator=4182689676444&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1693&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C95338738%2C31087658%2C44798934%2C95331833%2C95332586%2C95343455&oid=2&pvsid=1207027079820477&tmod=1444012271&uas=0&nvt=1&fc=1920&brdim=920%2C920%2C920%2C920%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=10
Frame ID: 588DD665501D38059D16075B68A5DE82
Requests: 1 HTTP requests in this frame

Frame: https://gmtea.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
Frame ID: BE105F7DC56E18B312457EEE32B0DF77
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 5C27568347BC708AA85BCE3863226988
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 773759478F29304EC1BC1F0AB92FA57A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

免費在線领受短信验证码,短信接码,免費接短信,姑且手机号码 - 云接码

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

943 kB
Transfer

2401 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.xxfseo.com/?time=1728473118
Title: xxfseo.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gmtea.net/ 28 KB
4 KB 2945ms
742ms Document
text/html 68.66.226.92
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://gmtea.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.92 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts4.a2hosting.com

Software

LiteSpeed / PHP/7.4.33

Resource Hash

4381fdfd7dab9cf310320734b9099119edd052565c53bb5b69683bf0eda6246b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-type: text/html;charset=utf-8
date: Wed, 09 Oct 2024 11:25:18 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
52 KB 287ms
87ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1711213447767808

Requested by

Host: gmtea.net
URL: https://gmtea.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

bb3b60ce33280cbf3eeae5f953a9e886304161b0eb7bf4ec2a042b6e1953f63c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://gmtea.net
Referer: https://gmtea.net/

Response headers

content-encoding: br
etag: 12556831301590755479
x-content-type-options: nosniff
expires: Wed, 09 Oct 2024 11:25:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52833
x-xss-protection: 0
server: cafe

GET
H2 200 bootstrap-sortable.css
static.yunjiema.net/style/css/ 2 KB
815 B 513ms
258ms Stylesheet
text/css 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/bootstrap-sortable.css
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc89e48147a069f0faaf2da79766e633938ca8d6d81f3f17b27a643f18f3354

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-bgj: minify
etag: W/"5cc6830c-657"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uM1M4KHulU6%2FVHRFu2IGM%2BP714QBvzyOY0I0EwNIJKgm%2BAIAyReIZ4%2FL39uYolN2XR7BmS%2FibX7uzZejW2qMyZMSWhSAYGuTjn63L2C5Kds2TogldjsR6sdvIDJ0ymSWb04pG1KR"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0261fd8ba247-YYZ
expires: Wed, 09 Oct 2024 17:18:15 GMT
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2019 04:52:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 subbscribe.css
static.yunjiema.net/style/css/ 4 KB
1 KB 515ms
260ms Stylesheet
text/css 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/subbscribe.css
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 170123c95adf24326177c11b88a97f979a781326a11a998e66ec93461311a67c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-bgj: minify
etag: W/"5cc6830c-feb"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n79oA2CYMN8m%2Bx2Eurpevhn9tblzw3VDKBzRsxRGnO%2FjIB3KZsrFVwSwOa%2Bm2vJ0y6M6FRk6LhTs2IFCeN1gasE9sRcqZENmqSODsaFbY40FscFrA2piBfpTChbD4ePM3fdTjvfR"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0261fd86a247-YYZ
expires: Wed, 09 Oct 2024 16:35:20 GMT
cf-polished: origSize=4075
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2019 04:52:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK jquery.min.js Show response
libs.baidu.com/jquery/2.0.0/ 81 KB
29 KB 1894ms
268ms Script
application/x-javascript 39.156.66.111
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.baidu.com/jquery/2.0.0/jquery.min.js

Requested by

Host: gmtea.net
URL: https://gmtea.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),

Reverse DNS

Software

Apache /

Resource Hash

91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451

Security Headers

Name	Value
Strict-Transport-Security	max-age=87600

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=87600
Cache-Control: max-age=2592000
Content-Encoding: gzip
Connection: keep-alive
Expires: Fri, 08 Nov 2024 11:25:20 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Date: Wed, 09 Oct 2024 11:25:20 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Jan 2015 09:16:30 GMT
Server: Apache
Vary: Accept-Encoding

GET
H2 200 bootstrap.min.js Show response
static.yunjiema.net/style/js/ 27 KB
8 KB 371ms
117ms Script
application/javascript 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/js/bootstrap.min.js
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5cc68320-6c51"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qv51Zs7pjt0UW4Q2RLOXzVQSglu7AqquqXhj4n7Lb2co5RFq%2FNsWVOMt%2FyI3SfE1e1DclgRpAf15A1eeDU6DaaDpaN6uP2DICOk1AZz%2B%2B73Qd73VqPt1go8HqhwSPvvzt3nsaMuU"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe02620dbfa247-YYZ
expires: Wed, 09 Oct 2024 16:17:21 GMT
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2019 04:52:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 bootstrap.min.css
static.yunjiema.net/style/css/ 141 KB
25 KB 512ms
260ms Stylesheet
text/css 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/bootstrap.min.css
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5cc68310-235f0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7jdUycBHkpE%2BNF%2B%2Bd70WLxoT30kfuEczQHatYub8LWj7zWDZ2eeYNw%2FY%2Btw4S3Mz0EZwLfGnU%2FOPWtSC1SqCPGabfESYpRh6uwIhhizoXEaGIgzJHpsqOpW7RWk1Sl0Q%2BvKYuB6T"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0261fd8aa247-YYZ
expires: Wed, 09 Oct 2024 12:46:07 GMT
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: text/css
last-modified: Mon, 29 Apr 2019 04:52:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 custom.css
static.yunjiema.net/style/css/ 19 KB
4 KB 510ms
258ms Stylesheet
text/css 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/custom.css
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ff099cd80faf11a847e939f8056c400ca8d2e8d29edcff32b16b5631e65488

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-bgj: minify
etag: W/"5de38848-4e2f"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2FGU71ORjRifvhCsV2wlN5lemWG4wZyroRPbbTwB1%2BAmR5q8AKF6CpkuD1MZJiQXFukTReyEUKoscid2%2FX29%2BkQRhtDdvavAR3JDCPw2GvK%2BbtcsZJ7kbNBgrUT%2BvZou%2BwNaL%2BZU"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0261fd89a247-YYZ
expires: Wed, 09 Oct 2024 23:03:09 GMT
cf-polished: origSize=20015
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: text/css
last-modified: Sun, 01 Dec 2019 09:30:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 bootstrap.3.0.0.css
static.yunjiema.net/style/css/ 89 KB
16 KB 511ms
259ms Stylesheet
text/css 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/bootstrap.3.0.0.css
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dcbd3aa09c5dbb6b1334d4ed35a63125e4c666243a53d9bc4b77e3f2d5d26bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"5de626aa-164e2"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rs46s%2BZ8jaKSDvj5b9x7AdWazttYJrU7JpOdFg1gmp527DTrHWyWY0yIWPrwg3e9h1dBx8tQj8ySB%2Bj6SLZI%2BXylXOkUHt89nacmRNZ8sfmgrjIji0gKIwSqwtnjX%2F5uBbJLR6yP"}],"group":"cf-nel","max_age":604800}
expires: Wed, 09 Oct 2024 16:31:24 GMT
cf-polished: origSize=91362
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: text/css
last-modified: Tue, 03 Dec 2019 09:11:06 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cfe0261fd88a247-YYZ
server: cloudflare

GET
H2 200 home.css
static.yunjiema.net/style/css/ 6 KB
2 KB 306ms
55ms Stylesheet
text/css 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/home.css
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78620bf0b66edc359528949fe57b963afcc15668f2f67713ead45416e2c078b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

content-encoding: br
cf-bgj: minify
etag: W/"5dc6e936-18a1"
age: 37566
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAqPmLelyV%2BI4CnMbKXVcpIL%2BKUFT0CUc8tzONgzyr7%2BI%2FYQm%2Bks7ftic%2BMgfBjlWY7il%2FFBnF4mmTSM83Lt2moz55TQJJgue5hf4tuahs1Ayq%2Fb8lRLHpBGdH02Hj0q1xRYHRL0"}],"group":"cf-nel","max_age":604800}
expires: Wed, 09 Oct 2024 03:41:45 GMT
cf-polished: origSize=6305
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: text/css
last-modified: Sat, 09 Nov 2019 16:28:38 GMT
vary: Accept-Encoding
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cfe0261fd8ea247-YYZ
server: cloudflare

GET
H2 200 index.css
static.yunjiema.net/style/css/ 2 KB
988 B 517ms
266ms Stylesheet
text/css 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/css/index.css
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 275810868348a8ad70acdd2e4ecd776d62fddb226d7ab3deea9fe6187289a2d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-bgj: minify
etag: W/"5cec771e-9b5"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BojSIIl84tgGCK3JhW1%2Biue2NvqmMRjMzEeEJzI3cS8GVLqeFP920apCwdXHs6wKenPXLZqtLpE2U9MwVbeaJFHdBJjs0OLAlgel7mH%2FkQ6pDx93fzOMgl3UDzkDDuQG1vtRiEki"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0261fd8da247-YYZ
expires: Wed, 09 Oct 2024 16:41:20 GMT
cf-polished: origSize=2485
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: text/css
last-modified: Mon, 27 May 2019 23:47:42 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 clipboard.min.js Show response
static.yunjiema.net/style/js/ 10 KB
4 KB 473ms
222ms Script
application/javascript 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/js/clipboard.min.js
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d25c45901b74f341ca3abb0d40859e5b2a2511e08feb135a786e262af8fc621f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5cc68322-26a6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JpM8BWLyZLTczyaq%2BNf6JWQyu%2Bmr3hsGfxBDW1rubeE9GEpfM%2FwVKD0KHfCz1WMGNMLJOp3EsVDf4TKDRI1LtNCQytfzlBYOzpUfSWe5CxrotkcJ5aOsQMRa2P%2BDrTfXVvtGPFyk"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0261fd8fa247-YYZ
expires: Wed, 09 Oct 2024 16:51:52 GMT
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: application/javascript
last-modified: Mon, 29 Apr 2019 04:52:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 89ms
88ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3993128489863289

Requested by

Host: gmtea.net
URL: https://gmtea.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

085eb391adb41186cc2c97c7d4bf56880c448b4fe2e45a576dcdd0df3d548d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://gmtea.net
Referer: https://gmtea.net/

Response headers

content-encoding: br
etag: 12860383779165477339
x-content-type-options: nosniff
expires: Wed, 09 Oct 2024 11:25:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52817
x-xss-protection: 0
server: cafe

GET
H2 200 logo.png
static.yunjiema.net/style/img/ 27 KB
27 KB 31ms
28ms Image
image/png 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/logo.png
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d08c960fd0fb23ab9b0a02328f08b3089919699b2c6dc634c3d583b4cf7287b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5cd2bae2-6afc"
age: 56163
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S8GvngQ9LBeZPSELQQgy6x7iWlQa1nmAZHNd94A1L36HgGN6Z7R0S0XSVzy93asnQhuiVPORmg%2BADgXw2G0LdXgNnihHhnD4G76ehDZ4x4aBoJ5jtQS%2FqvFzfnmkdaLjUo3j%2B9I3"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe02625e03a247-YYZ
expires: Tue, 08 Oct 2024 21:45:59 GMT
accept-ranges: bytes
content-length: 27388
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: image/png
last-modified: Wed, 08 May 2019 11:17:54 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 nl.png
static.yunjiema.net/style/img/flags/normal/ 437 B
780 B 32ms
30ms Image
image/png 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/flags/normal/nl.png
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd657f59f6177fe452dcc444fd43c7cdc785fefd6e74ce2b60c0dfde3c5618d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5c2b7142-1b5"
age: 56071
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9ZuX4NYOmO7NELILn6%2B8WjC1wlCLKCeYWYwWknlkepiRPIKLRpnYIB4pqhWLj9%2Fv0KoRXvhMNgTC1bPDlSOoO3xZT63%2Fiyl23A7hAQITfrPzZ1d1LQjv3sJPPDGbMRu7gU%2FUzFH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe02625e04a247-YYZ
expires: Mon, 14 Oct 2024 23:27:25 GMT
accept-ranges: bytes
content-length: 437
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: image/png
last-modified: Tue, 01 Jan 2019 13:55:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 us.png
static.yunjiema.net/style/img/flags/normal/ 11 KB
12 KB 34ms
32ms Image
image/png 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/flags/normal/us.png
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b0da5ae266460e1cb6084e6f48f18a0fbc3c7cd286ecd3f6386503326e698a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5c2b7160-2d40"
age: 56248
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5B5Wdh25YBlLkJCKCZNqFk7%2BsuXaaDHwxZPJp2Ls5OBq%2Bjr19yAO1L3EwJ4TdQMVqW9d87bPyWmvVbsxhhXdHGdSV%2FDQWkJIBd73tiBB%2B8XGtuuNm%2BxR8Kh02dc5iOo0k5tGjzd"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe02648f8fa247-YYZ
expires: Thu, 07 Nov 2024 06:36:09 GMT
accept-ranges: bytes
content-length: 11584
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: image/png
last-modified: Tue, 01 Jan 2019 13:55:44 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ru.png
static.yunjiema.net/style/img/flags/normal/ 557 B
991 B 103ms
102ms Image
image/png 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/flags/normal/ru.png
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 097120f26463b30ef295e0c6ceda482ef82c7a948de02db71a9334a4d907cf1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5c2b714c-22d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eAv0i4CXRUMyHdXkMHI3ewsuZioCk3b1x7cTS2jV5jDDC6NyHTZZvteUGc55T4L5uPjPpAI%2FaKa7X427KTjoBNGXSopiu7F5YjhR1TdPeMo%2FyCz9j5Uv4eE8cqKXCUEcPMfh%2BuOT"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0264bfdfa247-YYZ
expires: Tue, 15 Oct 2024 00:18:14 GMT
accept-ranges: bytes
content-length: 557
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: image/png
last-modified: Tue, 01 Jan 2019 13:55:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 tool.js Show response
static.yunjiema.net/style/js/ 776 B
649 B 113ms
112ms Script
application/javascript 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.yunjiema.net/style/js/tool.js?v1
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f577e2d4b70c5bfbacda4e900bbc259374b85f881032d1952586d2609d557c0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-bgj: minify
etag: W/"65f12042-37f"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t8qCDDHpg7dz%2BaUcanhhpmtpAzZ3JolwPqqP9ZOeIAOapNKNKwYFV9fUVDjcz2a5dM2Hbf2LIikrjR6pPtN2d2rCkoQxpeuwGXmhYYNzdyooaBgpwN6CDseTzF4resRjC0mh9vvA"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe02629e1da247-YYZ
expires: Wed, 09 Oct 2024 16:51:55 GMT
cf-polished: origSize=895
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 03:40:50 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
79 KB 711ms
71ms Script
application/javascript 142.251.41.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128637489-4

Requested by

Host: gmtea.net
URL: https://gmtea.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6d3c55c171a09e6544a355fa9c5d13c95b5e8ccc9fa29638e170d6de0d2eaf89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 09 Oct 2024 11:25:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 11:25:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Oct 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 79942
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 94ms
93ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4630225026977889

Requested by

Host: gmtea.net
URL: https://gmtea.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

c08c849b74fc6de0f8558313faf936cc9161e516ccc7726e356ea5d65fcf6957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://gmtea.net
Referer: https://gmtea.net/

Response headers

content-encoding: br
etag: 9110161540262151260
x-content-type-options: nosniff
expires: Wed, 09 Oct 2024 11:25:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 09 Oct 2024 11:25:20 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52815
x-xss-protection: 0
server: cafe

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/ 409 KB
136 KB 151ms
80ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1711213447767808

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

d43ab73c812755b38f4c02ee3a19ad92f252dd21faf19a6d5d3de79e3aa9c920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

content-encoding: br
etag: 4934494818015002474
x-content-type-options: nosniff
expires: Wed, 09 Oct 2024 11:25:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 09 Oct 2024 11:25:20 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 139471
x-xss-protection: 0
server: cafe

GET
H3 200 matomo.js Show response
1.jacie.top/matomo/ 64 KB
22 KB 450ms
157ms Script
application/javascript 104.21.26.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://1.jacie.top/matomo/matomo.js

Requested by

Host: gmtea.net
URL: https://gmtea.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.26.12 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

content-encoding: gzip
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Q4oQoXpMTw4Mx6bdjikcYuXuo3qGfgEIfEiNniG3g%2BsMfGBhEqlJrdClBm0k%2Fi3%2Fv1hxNMl633QHyZQ7dXAabYHwTCoktXrrrI9uCMAjftr0zWM%2BvRM%2BdD91XhjLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 11:25:21 GMT
date: Wed, 09 Oct 2024 11:25:21 GMT
content-type: application/javascript
last-modified: Tue, 18 Apr 2023 11:33:06 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8cfe02731aab36cd-YYZ
accept-ranges: bytes
content-length: 21519
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241007/r20190131/ Frame 2260 0
0 169ms
45ms Document
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241007/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gmtea.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Oct 2024 11:22:55 GMT
etag: 13108003645644964576
expires: Wed, 23 Oct 2024 11:22:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1026 0
0 174ms
63ms Document
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1711213447767808&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1728473121&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fgmtea.net%2F&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728473119169&bpp=2307&bdt=404&idt=2307&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4182689676444&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C95338738%2C31087658%2C44798934%2C95331833%2C95332586%2C95343455&oid=2&pvsid=1207027079820477&tmod=1444012271&uas=0&nvt=1&fsapi=1&fc=1920&brdim=920%2C920%2C920%2C920%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=2363

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gmtea.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Oct 2024 11:25:21 GMT
expires: Wed, 09 Oct 2024 11:25:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
0 1ms
1ms Script
text/javascript 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3993128489863289

Requested by

Host: gmtea.net
URL: https://gmtea.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

085eb391adb41186cc2c97c7d4bf56880c448b4fe2e45a576dcdd0df3d548d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://gmtea.net
Referer: https://gmtea.net/

Response headers

content-encoding: br
etag: 12860383779165477339
x-content-type-options: nosniff
expires: Wed, 09 Oct 2024 11:25:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 52817
x-xss-protection: 0
server: cafe

GET
H2 200 bg-min.jpg
static.yunjiema.net/style/css/img/ 252 KB
253 KB 31ms
29ms Image
image/jpeg 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/css/img/bg-min.jpg
Requested by: Host: static.yunjiema.net
URL: https://static.yunjiema.net/style/css/home.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 083828ee2916031aaa4969753ab1c20bdd49b4034b5afdda1af915574cea6e69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://static.yunjiema.net/style/css/home.css

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5ce93306-3f043"
age: 56167
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrXIFOA7spRTtyPNyPwwkc8Ii8v1xvQfSsauYN59dEM6yRrCI9epR7w003wVHfrSVUkuS%2FlL1OTj%2BSd0BBQ0JCX8f7zRArwc5kjzVgt%2FE7YmU3pHoD7MDIVVlqI9JSAQaUIcqpUI"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe02721cc7a247-YYZ
expires: Thu, 24 Oct 2024 02:34:12 GMT
accept-ranges: bytes
content-length: 258115
date: Wed, 09 Oct 2024 11:25:21 GMT
content-type: image/jpeg
last-modified: Sat, 25 May 2019 12:20:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 403 ads
googleads.g.doubleclick.net/pagead/ Frame E3DE 0
0 141ms
60ms Document
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=1132976473&adf=1715028348&pi=t.ma~as.7365343729&w=1110&abgtt=6&fwrn=4&fwrnh=100&lmt=1728473121&rafmt=1&format=1110x280&url=https%3A%2F%2Fgmtea.net%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728473121598&bpp=34&bdt=2833&idt=34&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4182689676444&frm=20&pv=2&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=307&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C95338738%2C31087658%2C44798934%2C95331833%2C95332586%2C95343455&oid=2&pvsid=1207027079820477&tmod=1444012271&uas=0&nvt=1&fc=1920&brdim=920%2C920%2C920%2C920%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=50

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gmtea.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Oct 2024 11:25:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nl.png
static.yunjiema.net/style/img/flags/normal/ 437 B
0 0ms
0ms Image
image/png 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/flags/normal/nl.png
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd657f59f6177fe452dcc444fd43c7cdc785fefd6e74ce2b60c0dfde3c5618d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5c2b7142-1b5"
age: 56071
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V9ZuX4NYOmO7NELILn6%2B8WjC1wlCLKCeYWYwWknlkepiRPIKLRpnYIB4pqhWLj9%2Fv0KoRXvhMNgTC1bPDlSOoO3xZT63%2Fiyl23A7hAQITfrPzZ1d1LQjv3sJPPDGbMRu7gU%2FUzFH"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe02625e04a247-YYZ
expires: Mon, 14 Oct 2024 23:27:25 GMT
accept-ranges: bytes
content-length: 437
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: image/png
last-modified: Tue, 01 Jan 2019 13:55:14 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 403 ads
googleads.g.doubleclick.net/pagead/ Frame A1A9 0
0 117ms
62ms Document
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=3539489905&adf=33162377&pi=t.ma~as.7365343729&w=1080&abgtt=6&fwrn=4&fwrnh=100&lmt=1728473121&rafmt=1&format=1080x280&url=https%3A%2F%2Fgmtea.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728473121682&bpp=13&bdt=2917&idt=13&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280&nras=1&correlator=4182689676444&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C95338738%2C31087658%2C44798934%2C95331833%2C95332586%2C95343455&oid=2&pvsid=1207027079820477&tmod=1444012271&uas=0&nvt=1&fc=1920&brdim=920%2C920%2C920%2C920%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=20

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gmtea.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Oct 2024 11:25:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 us.png
static.yunjiema.net/style/img/flags/normal/ 11 KB
0 0ms
0ms Image
image/png 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/flags/normal/us.png
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b0da5ae266460e1cb6084e6f48f18a0fbc3c7cd286ecd3f6386503326e698a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5c2b7160-2d40"
age: 56248
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5B5Wdh25YBlLkJCKCZNqFk7%2BsuXaaDHwxZPJp2Ls5OBq%2Bjr19yAO1L3EwJ4TdQMVqW9d87bPyWmvVbsxhhXdHGdSV%2FDQWkJIBd73tiBB%2B8XGtuuNm%2BxR8Kh02dc5iOo0k5tGjzd"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe02648f8fa247-YYZ
expires: Thu, 07 Nov 2024 06:36:09 GMT
accept-ranges: bytes
content-length: 11584
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: image/png
last-modified: Tue, 01 Jan 2019 13:55:44 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 403 ads
googleads.g.doubleclick.net/pagead/ Frame 588D 0
0 90ms
60ms Document
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3993128489863289&output=html&h=280&slotname=7365343729&adk=3539489905&adf=3178925079&pi=t.ma~as.7365343729&w=1080&abgtt=6&fwrn=4&fwrnh=100&lmt=1728473121&rafmt=1&format=1080x280&url=https%3A%2F%2Fgmtea.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1728473121722&bpp=4&bdt=2957&idt=5&shv=r20241007&mjsv=m202410030101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C1110x280%2C1080x280&nras=1&correlator=4182689676444&frm=20&pv=1&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=275&ady=1693&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C95343853%2C95338738%2C31087658%2C44798934%2C95331833%2C95332586%2C95343455&oid=2&pvsid=1207027079820477&tmod=1444012271&uas=0&nvt=1&fc=1920&brdim=920%2C920%2C920%2C920%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gmtea.net/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 09 Oct 2024 11:25:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ru.png
static.yunjiema.net/style/img/flags/normal/ 557 B
0 1ms
1ms Image
image/png 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/img/flags/normal/ru.png
Requested by: Host: gmtea.net
URL: https://gmtea.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 097120f26463b30ef295e0c6ceda482ef82c7a948de02db71a9334a4d907cf1c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5c2b714c-22d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eAv0i4CXRUMyHdXkMHI3ewsuZioCk3b1x7cTS2jV5jDDC6NyHTZZvteUGc55T4L5uPjPpAI%2FaKa7X427KTjoBNGXSopiu7F5YjhR1TdPeMo%2FyCz9j5Uv4eE8cqKXCUEcPMfh%2BuOT"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0264bfdfa247-YYZ
expires: Tue, 15 Oct 2024 00:18:14 GMT
accept-ranges: bytes
content-length: 557
date: Wed, 09 Oct 2024 11:25:19 GMT
content-type: image/png
last-modified: Tue, 01 Jan 2019 13:55:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sms.png
static.yunjiema.net/style/css/img/ 4 KB
5 KB 254ms
252ms Image
image/png 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/css/img/sms.png
Requested by: Host: static.yunjiema.net
URL: https://static.yunjiema.net/style/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14ae5f3b413cd6962d595986079bbf95605a9a00ea8c664913ee7d460b9d8a8e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://static.yunjiema.net/style/css/index.css

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5cc68110-1183"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dSO8H4qMYm5PKAfz10bpoGY5L1Jt8tBZq4eioNtdIlBDeIBo1oCOKkdZjNlR8D9QXLYpqE5I8HfYw3i1r%2F6f8eQDR1zi9bGSqpyqPbEZCEzoyF1a7tlv63tBij%2B6vldbZ2uR8H2q"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0273ce04a247-YYZ
expires: Tue, 15 Oct 2024 00:29:15 GMT
accept-ranges: bytes
content-length: 4483
date: Wed, 09 Oct 2024 11:25:22 GMT
content-type: image/png
last-modified: Mon, 29 Apr 2019 04:44:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 email.png
static.yunjiema.net/style/css/img/ 6 KB
6 KB 254ms
251ms Image
image/png 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/css/img/email.png
Requested by: Host: static.yunjiema.net
URL: https://static.yunjiema.net/style/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2d5ddaaa2b3bcbd4b21f5919acafdc761a10f261572ef5a8bf768210d637c8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://static.yunjiema.net/style/css/index.css

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5cc68110-1738"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o9Eaid%2B%2FgBHvdB6mZeE65OZfWRrLF3EYD1EqAr0AYLRESH4cragL%2FdCrSDZe%2BjrA%2BaQailGuAtl1E06imSuuCOz4Cup4kaEBMS9FWf889bq7KkAGYVBCYkv4QpBg2JMeODuWUzKo"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0273ce06a247-YYZ
expires: Thu, 24 Oct 2024 03:13:00 GMT
accept-ranges: bytes
content-length: 5944
date: Wed, 09 Oct 2024 11:25:22 GMT
content-type: image/png
last-modified: Mon, 29 Apr 2019 04:44:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 webchat.png
static.yunjiema.net/style/css/img/ 9 KB
9 KB 254ms
252ms Image
image/png 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/css/img/webchat.png
Requested by: Host: static.yunjiema.net
URL: https://static.yunjiema.net/style/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08839bd4d5e633ee6a16ef0787ff14ee9ab60ce50d9dbcb62a22661a14c512f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://static.yunjiema.net/style/css/index.css

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5cc68110-2389"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hn7EPbKkvvarQ4LXr2Mjr9TeWaq0a%2B25O7%2BQFvq6%2FhpQOwQfGIntTLvwQ%2B3LB%2B28WQFihV5hY%2FhctGBb1Ls06BGukUJ1A%2BvvUcY2AASfC7JVOkHiswpR4AerI7UScNCUbMfRP%2FRL"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0273ce07a247-YYZ
expires: Mon, 14 Oct 2024 23:14:30 GMT
accept-ranges: bytes
content-length: 9097
date: Wed, 09 Oct 2024 11:25:22 GMT
content-type: image/png
last-modified: Mon, 29 Apr 2019 04:44:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 captcha.png
static.yunjiema.net/style/css/img/ 5 KB
6 KB 108ms
106ms Image
image/png 172.67.150.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.yunjiema.net/style/css/img/captcha.png
Requested by: Host: static.yunjiema.net
URL: https://static.yunjiema.net/style/css/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eec043548d710b80cd41fa600ba163753c3b6c5de8771be401ad40aa34f20354

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://static.yunjiema.net/style/css/index.css

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: HIT
etag: "5cc68110-14e7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YjfCv7TtAz18SuRC%2BGcnWhpOubFdvlownYNxbY6j3yjlE0w3pDTNsfqAFS%2FOCq8nVAxWT4pkkBEX4jcb7iPWTBN9gtNZ3nw5gn4%2BNS9u0lxXfaDhICpUx%2BzBgiBIm3wKA2aBoO8O"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cfe0273ce08a247-YYZ
expires: Mon, 14 Oct 2024 23:14:30 GMT
accept-ranges: bytes
content-length: 5351
date: Wed, 09 Oct 2024 11:25:21 GMT
content-type: image/png
last-modified: Mon, 29 Apr 2019 04:44:00 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
94 KB 84ms
74ms Script
application/javascript 142.251.41.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0S6T5QJZ4G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128637489-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.8 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6cb730762efb447136a7ac448672e5ef31e4aebdeb4d544c5758c73079c372f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 09 Oct 2024 11:25:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 11:25:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96197
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 186ms
67ms Script
text/javascript 142.251.40.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128637489-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

content-encoding: gzip
age: 4758
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 09 Oct 2024 12:06:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 10:06:04 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 404 main.js
gmtea.net/cdn-cgi/challenge-platform/scripts/jsd/ Frame BE10 0
0 76ms
73ms Script
text/html 68.66.226.92
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://gmtea.net/cdn-cgi/challenge-platform/scripts/jsd/main.js

Requested by

Host: gmtea.net
URL: https://gmtea.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

68.66.226.92 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts4.a2hosting.com

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-content-type-options: nosniff
content-length: 796
date: Wed, 09 Oct 2024 11:25:22 GMT
content-type: text/html
server: LiteSpeed
x-frame-options: SAMEORIGIN

POST
H3 204 matomo.php
1.jacie.top/matomo/ 0
0 275ms
273ms Ping
text/html 104.21.26.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1.jacie.top/matomo/matomo.php?action_name=%E5%85%8D%E8%B2%BB%E5%9C%A8%E7%B7%9A%E9%A2%86%E5%8F%97%E7%9F%AD%E4%BF%A1%E9%AA%8C%E8%AF%81%E7%A0%81%2C%E7%9F%AD%E4%BF%A1%E6%8E%A5%E7%A0%81%2C%E5%85%8D%E8%B2%BB%E6%8E%A5%E7%9F%AD%E4%BF%A1%2C%E5%A7%91%E4%B8%94%E6%89%8B%E6%9C%BA%E5%8F%B7%E7%A0%81%20-%20%E4%BA%91%E6%8E%A5%E7%A0%81&idsite=1&rec=1&r=339643&h=4&m=25&s=22&url=https%3A%2F%2Fgmtea.net%2F&_id=8e911d0174a0eae0&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=Io6Lwi&pf_net=2205&pf_srv=741&pf_tfr=3&pf_dm1=3215&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: 1.jacie.top
URL: https://1.jacie.top/matomo/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.26.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://gmtea.net/

Response headers

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 52ms
48ms Fetch
text/plain 142.251.40.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0S6T5QJZ4G&gtm=45je4a70v9115702446za200&_p=1728473121810&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=1436818564.1728473122&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1728473122&sct=1&seg=0&dl=https%3A%2F%2Fgmtea.net%2F&dt=%E5%85%8D%E8%B2%BB%E5%9C%A8%E7%B7%9A%E9%A2%86%E5%8F%97%E7%9F%AD%E4%BF%A1%E9%AA%8C%E8%AF%81%E7%A0%81%2C%E7%9F%AD%E4%BF%A1%E6%8E%A5%E7%A0%81%2C%E5%85%8D%E8%B2%BB%E6%8E%A5%E7%9F%AD%E4%BF%A1%2C%E5%A7%91%E4%B8%94%E6%89%8B%E6%9C%BA%E5%8F%B7%E7%A0%81%20-%20%E4%BA%91%E6%8E%A5%E7%A0%81&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=6535
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0S6T5QJZ4G&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s81-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://gmtea.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 11:25:22 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
304 B 49ms
48ms XHR
text/plain 142.251.40.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1983947525&t=pageview&_s=1&dl=https%3A%2F%2Fgmtea.net%2F&ul=en-ca&de=UTF-8&dt=%E5%85%8D%E8%B2%BB%E5%9C%A8%E7%B7%9A%E9%A2%86%E5%8F%97%E7%9F%AD%E4%BF%A1%E9%AA%8C%E8%AF%81%E7%A0%81%2C%E7%9F%AD%E4%BF%A1%E6%8E%A5%E7%A0%81%2C%E5%85%8D%E8%B2%BB%E6%8E%A5%E7%9F%AD%E4%BF%A1%2C%E5%A7%91%E4%B8%94%E6%89%8B%E6%9C%BA%E5%8F%B7%E7%A0%81%20-%20%E4%BA%91%E6%8E%A5%E7%A0%81&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=718371064&gjid=1410269201&cid=1436818564.1728473122&tid=UA-128637489-4&_gid=747782136.1728473122&_r=1&gtm=457e4a70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727~101794737&jsscut=1&z=1080437367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.174 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://gmtea.net/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 11:25:22 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://gmtea.net
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 67ms
66ms XHR
application/json 142.250.80.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241007&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f2.1e100.net

Software

cafe /

Resource Hash

da45610f3cfe7e1b232e7bd289148c8523be2249d439951fa3430e20dba4bb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12933
date: Wed, 09 Oct 2024 11:25:22 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 404 favicon.ico
gmtea.net/ 796 B
1 KB 74ms
73ms Other
text/html 68.66.226.92
A2HOSTING

General

Check archive.org

Show headers Download Go to

Full URL

https://gmtea.net/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

68.66.226.92 , United States, ASN55293 (A2HOSTING, US),

Reverse DNS

az1-ts4.a2hosting.com

Software

LiteSpeed /

Resource Hash

c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 796
date: Wed, 09 Oct 2024 11:25:22 GMT
content-type: text/html
server: LiteSpeed
x-frame-options: SAMEORIGIN

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 988ms
59ms Script
text/javascript 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410030101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://gmtea.net/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 09 Oct 2024 11:25:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 09 Oct 2024 11:25:23 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

POST
H3 204 matomo.php
1.jacie.top/matomo/ 0
0 149ms
148ms Ping
text/html 104.21.26.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://1.jacie.top/matomo/matomo.php?action_name=%E5%85%8D%E8%B2%BB%E5%9C%A8%E7%B7%9A%E9%A2%86%E5%8F%97%E7%9F%AD%E4%BF%A1%E9%AA%8C%E8%AF%81%E7%A0%81%2C%E7%9F%AD%E4%BF%A1%E6%8E%A5%E7%A0%81%2C%E5%85%8D%E8%B2%BB%E6%8E%A5%E7%9F%AD%E4%BF%A1%2C%E5%A7%91%E4%B8%94%E6%89%8B%E6%9C%BA%E5%8F%B7%E7%A0%81%20-%20%E4%BA%91%E6%8E%A5%E7%A0%81&idsite=1&rec=1&r=746148&h=4&m=25&s=22&url=https%3A%2F%2Fgmtea.net%2F&_id=8e911d0174a0eae0&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=hL9eqr&pf_net=2205&pf_srv=741&pf_tfr=3&pf_dm1=3215&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: 1.jacie.top
URL: https://1.jacie.top/matomo/matomo.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.26.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Referer: https://gmtea.net/

Response headers

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 5C27 0
0 115ms
33ms Document
text/html 142.251.40.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.161 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gmtea.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 09 Oct 2024 11:22:59 GMT
expires: Wed, 09 Oct 2024 12:12:59 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 7737 0
0 139ms
55ms Document
text/html 172.217.165.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kz7dmQpire8sN4i5b9Uizw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gmtea.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Kz7dmQpire8sN4i5b9Uizw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 09 Oct 2024 11:25:23 GMT
expires: Wed, 09 Oct 2024 11:25:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241007&jk=1207027079820477&bg=!9_Sl9LvNAAax3igvkd47ADQBe5WfOI9h0D4geVt57wIHpnvl0AGJaE79bY6vJ-1lLBknrcMObVxbhAeNPzsmrpJtkwB8AgAAATZSAAAAC2gBB34ANvy1I7gCd2hxlXWOwvq0kVyxKM2lqZpNcKcnhHVZI5MdhJB11auteqQiu4iBZPRCIrAt-4tL6woAfMoi5h135BJ57pq13jlPDFbyK-T5eBcmNTt3SvvSRwqCkM_HTgrAU-YmIUOwHgh2wFAuYvlKxYU_zvFXUe2eXS6X475octFHAWmHz7Rr8tw7G-WbPMqFexkHN4PVJY-nLgKJhpkRCdNi5RnnQ86pYglEBrTQOuXFBOpRgaqZAozzEax9J8p7KvEbVZ2LzW3INfpaUib5HhNbevOB0sJh1HU8Qql4kaNWHBzAhaq0PficIX89VN8-dGR-fRaADWo73VrDQmAjG2P1bCgoOtho9kR1x_tv4Q-F24nZR1wMebJqSa0MC05XJSRQgZAeWSCrcEE-BHN1akvjlsFNlWtnx3R5Hsji4NaXneVLRn0tDh19W_cDbNehsjVvur3ZxrKXgQqYA0MaXVetHdqzfEEWUCLQH9V_DpbtmlBz8NcNHZLloLkeKeBQjnkOfAZEEmfuP_uAXcY_ucbkRFHSMSwwYLyJep_I2FBD90iGdcT87BiCNc31ckKiFAQgM__f6_PuRmuntayQ8Cy7-Hl0CELWRNi5G0-hRMdpKspKAarBpnnNmvsx9Pa84uNqdXzd1kHYKbMadTgcvt9ruZxQftQMVE4c1rX27mepCwv4AqXiKNbHlbYPZ5_IotSkG9hBE5VlfWstwB8EDzZC_IlMSazKZE5QaWve0aj81UM-LJSEVuvdR4HwHKs_FIT9DDXdoHN2MoYH5uqghtX8pbi_Q_wtxxVKujS0YL8UlqbOhARPdiNry8GZMkYIgkpaqp7abQJKa5kMXqIsgQpa5-vRHZIkznz3GTrsRCeX6Jt0NZSk3AKktJ02WA3xdYlYcL4L8ykqnDWvVr8roKWakzm2p0CbJpkOvRWEOtV_RiruCoWId_vPJ_yIInz9zz67FZvGzEoEmxYMmhVml06-anb1XUuDHFJAAOKXXW5nJrk4d8EFB9Ev6M6-M3gwX4nvBdo65NfFgqPKJAKjyUk0WRo5RWaZIoG9Y2Mdc09dTZ1_WvHF7S-CuX9abYGCcKQaphYcswFtFTwNmJmLy0g_ppi4

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baidu.com/	1970-01-21 09:43:53	Name: BAIDUID_BFESS Value: BE9309F0C24E1130A7DFF738A59A13AA:FG=1
.doubleclick.net/	1970-01-21 00:07:54	Name: test_cookie Value: CheckForPermission
gmtea.net/	1970-01-21 09:33:48	Name: _pk_id.1.7f4e Value: 8e911d0174a0eae0.1728473122.
gmtea.net/	1970-01-21 00:07:54	Name: _pk_ses.1.7f4e Value: 1
.gmtea.net/	1970-01-21 09:43:53	Name: _ga_0S6T5QJZ4G Value: GS1.1.1728473122.1.0.1728473122.0.0.0
.gmtea.net/	1970-01-21 09:43:53	Name: _ga Value: GA1.2.1436818564.1728473122
.gmtea.net/	1970-01-21 00:09:19	Name: _gid Value: GA1.2.747782136.1728473122
.gmtea.net/	1970-01-21 00:07:53	Name: _gat_gtag_UA_128637489_4 Value: 1

53 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/ru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/ Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/ru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 70) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 150) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 150) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 150) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 150) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 221) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 221) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 221) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 221) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/nl.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/ru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/us.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://gmtea.net/(Line 523) Message: Mixed Content: The page at 'https://gmtea.net/' was loaded over HTTPS, but requested an insecure element 'http://static.yunjiema.net/style/img/flags/normal/ru.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://gmtea.net/cdn-cgi/challenge-platform/scripts/jsd/main.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: about:blank Message: Refused to execute script from 'https://gmtea.net/cdn-cgi/challenge-platform/scripts/jsd/main.js' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://gmtea.net/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.jacie.top
gmtea.net
googleads.g.doubleclick.net
libs.baidu.com
pagead2.googlesyndication.com
static.yunjiema.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.21.26.12
142.250.65.194
142.250.80.66
142.251.40.161
142.251.40.174
142.251.41.8
172.217.165.132
172.67.150.214
39.156.66.111
68.66.226.92
083828ee2916031aaa4969753ab1c20bdd49b4034b5afdda1af915574cea6e69
085eb391adb41186cc2c97c7d4bf56880c448b4fe2e45a576dcdd0df3d548d00
08839bd4d5e633ee6a16ef0787ff14ee9ab60ce50d9dbcb62a22661a14c512f1
097120f26463b30ef295e0c6ceda482ef82c7a948de02db71a9334a4d907cf1c
14ae5f3b413cd6962d595986079bbf95605a9a00ea8c664913ee7d460b9d8a8e
170123c95adf24326177c11b88a97f979a781326a11a998e66ec93461311a67c
275810868348a8ad70acdd2e4ecd776d62fddb226d7ab3deea9fe6187289a2d2
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
40ff099cd80faf11a847e939f8056c400ca8d2e8d29edcff32b16b5631e65488
4381fdfd7dab9cf310320734b9099119edd052565c53bb5b69683bf0eda6246b
54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb730762efb447136a7ac448672e5ef31e4aebdeb4d544c5758c73079c372f8
6d3c55c171a09e6544a355fa9c5d13c95b5e8ccc9fa29638e170d6de0d2eaf89
6dc89e48147a069f0faaf2da79766e633938ca8d6d81f3f17b27a643f18f3354
78620bf0b66edc359528949fe57b963afcc15668f2f67713ead45416e2c078b5
91e8044a4b1bfce3c131d5579965a9808b42cdb9a350a53928d54cd35d6c1451
9dcbd3aa09c5dbb6b1334d4ed35a63125e4c666243a53d9bc4b77e3f2d5d26bf
b5b0da5ae266460e1cb6084e6f48f18a0fbc3c7cd286ecd3f6386503326e698a
bb3b60ce33280cbf3eeae5f953a9e886304161b0eb7bf4ec2a042b6e1953f63c
c08c849b74fc6de0f8558313faf936cc9161e516ccc7726e356ea5d65fcf6957
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
cd657f59f6177fe452dcc444fd43c7cdc785fefd6e74ce2b60c0dfde3c5618d0
d08c960fd0fb23ab9b0a02328f08b3089919699b2c6dc634c3d583b4cf7287b8
d25c45901b74f341ca3abb0d40859e5b2a2511e08feb135a786e262af8fc621f
d43ab73c812755b38f4c02ee3a19ad92f252dd21faf19a6d5d3de79e3aa9c920
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
da45610f3cfe7e1b232e7bd289148c8523be2249d439951fa3430e20dba4bb13
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2d5ddaaa2b3bcbd4b21f5919acafdc761a10f261572ef5a8bf768210d637c8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eec043548d710b80cd41fa600ba163753c3b6c5de8771be401ad40aa34f20354
f577e2d4b70c5bfbacda4e900bbc259374b85f881032d1952586d2609d557c0f
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

gmtea.net Open in urlscan Pro 68.66.226.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

0 %IPv6

9 Domains

10 Subdomains

11 IPs

3 Countries

943 kBTransfer

2401 kBSize

8 Cookies

1 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gmtea.net Open in urlscan Pro
68.66.226.92 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

10
Subdomains

11
IPs

3
Countries

943 kB
Transfer

2401 kB
Size

8
Cookies

49 HTTP transactions
0 data transactions