165638.com-165638.mpv.165638ee6ee.buzz Open in urlscan Pro
27.124.33.26  Public Scan

URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Submission: On April 28 via api from US — Scanned from SG

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 38 HTTP transactions. The main IP is 27.124.33.26, located in Singapore and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is 165638.com-165638.mpv.165638ee6ee.buzz.
TLS certificate: Issued by R3 on April 28th 2024. Valid for: 3 months.
This is the only time 165638.com-165638.mpv.165638ee6ee.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 27.124.33.26 152194 (CTGSERVER...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
23 104.21.234.173 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 111.45.11.83 56040 (CMNET-GUA...)
38 6
Domain Requested by
23 amtk.11828.cc 165638.com-165638.mpv.165638ee6ee.buzz
10 165638.com-165638.mpv.165638ee6ee.buzz 165638.com-165638.mpv.165638ee6ee.buzz
2 hm.baidu.com 165638.com-165638.mpv.165638ee6ee.buzz
1 tk.tutu.finance 165638.com-165638.mpv.165638ee6ee.buzz
1 h5.l1l1l1l1l11l-l1l1l11l1l1l.com 165638.com-165638.mpv.165638ee6ee.buzz
0 vbe.smhkbnry.com Failed 165638.com-165638.mpv.165638ee6ee.buzz
38 6
Subject Issuer Validity Valid
h5.ww522sd-jdnn.com
R3
2024-04-28 -
2024-07-27
3 months crt.sh
l1l1l1l1l11l-l1l1l11l1l1l.com
GTS CA 1P5
2024-04-16 -
2024-07-15
3 months crt.sh
11828.cc
GTS CA 1P5
2024-03-21 -
2024-06-19
3 months crt.sh
tutu.finance
E1
2024-03-06 -
2024-06-04
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2023-07-06 -
2024-08-06
a year crt.sh

This page contains 3 frames:

Primary Page: https://165638.com-165638.mpv.165638ee6ee.buzz/
Frame ID: 7A1957F43D2E6AE3958E6E79CF9485ED
Requests: 11 HTTP requests in this frame

Frame: https://h5.l1l1l1l1l11l-l1l1l11l1l1l.com/new/new_kj.html
Frame ID: EA729F26778463ACE39191DEBD0E307E
Requests: 1 HTTP requests in this frame

Frame: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Frame ID: 93CCAD8DA9153F2435390A59FAAB9418
Requests: 26 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

38
Requests

97 %
HTTPS

40 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

3053 kB
Transfer

3180 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
165638.com-165638.mpv.165638ee6ee.buzz/
71 KB
10 KB
Document
General
Full URL
https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
60e32aa7adaa3a0271281fa265c3a74f887172149fe700e82a58a6a1062e6feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 28 Apr 2024 22:34:29 GMT
server
nginx
strict-transport-security
max-age=31536000
txcss.css
165638.com-165638.mpv.165638ee6ee.buzz/style/
28 KB
9 KB
Stylesheet
General
Full URL
https://165638.com-165638.mpv.165638ee6ee.buzz/style/txcss.css
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
eba3d0525ae916ec3a7d16e49e71f640fa719de81ac488bee00a67974183b16c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:40 GMT
server
nginx
etag
W/"65ef66a8-6e5c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:34:29 GMT
wind-reset.css
165638.com-165638.mpv.165638ee6ee.buzz/images/wind/
3 KB
1 KB
Stylesheet
General
Full URL
https://165638.com-165638.mpv.165638ee6ee.buzz/images/wind/wind-reset.css
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
4a4d95870439260445a3b5a53f1b450a64321c168730d700ec40ba2f794b655a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:41 GMT
server
nginx
etag
W/"65ef66a9-af2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:34:29 GMT
media.css
165638.com-165638.mpv.165638ee6ee.buzz/style/
5 KB
1 KB
Stylesheet
General
Full URL
https://165638.com-165638.mpv.165638ee6ee.buzz/style/media.css
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
a53530620f94eb34730e1635c95f4d02f9ed449addcb2595a34a848bd37374b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:40 GMT
server
nginx
etag
W/"65ef66a8-15a6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:34:29 GMT
pw_ajax.js
165638.com-165638.mpv.165638ee6ee.buzz/js/
7 KB
3 KB
Script
General
Full URL
https://165638.com-165638.mpv.165638ee6ee.buzz/js/pw_ajax.js
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
a17c51f0de393f2cacd76464680d68a21148dc940f61afc5dc4e79784896e4c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 13 Apr 2024 13:52:21 GMT
server
nginx
etag
W/"661a8e15-1a5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:34:29 GMT
865559.gif
165638.com-165638.mpv.165638ee6ee.buzz/images/
231 KB
231 KB
Image
General
Full URL
https://165638.com-165638.mpv.165638ee6ee.buzz/images/865559.gif
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
ed9b8bbd6e2a85ccca09d5b1785de308a4ec1f5b8fb3fc5a2229ef65d04f467c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:29 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 11 Mar 2024 20:16:42 GMT
server
nginx
etag
"65ef66aa-39a00"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
236032
expires
Tue, 28 May 2024 22:34:29 GMT
Deploy.js
165638.com-165638.mpv.165638ee6ee.buzz/js/
2 KB
1 KB
Script
General
Full URL
https://165638.com-165638.mpv.165638ee6ee.buzz/js/Deploy.js
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
5c08766973e46c6237da4860553a264670d96726234185ddb4ce43c6ba8e7352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:43 GMT
server
nginx
etag
W/"65ef66ab-778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:34:29 GMT
global.js
165638.com-165638.mpv.165638ee6ee.buzz/js/
10 KB
4 KB
Script
General
Full URL
https://165638.com-165638.mpv.165638ee6ee.buzz/js/global.js
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
9b43e375f0f7cb0112794f903f588c8eecc8994d17cb408780cac22f6d6de82e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:29 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:43 GMT
server
nginx
etag
W/"65ef66ab-2669"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:34:29 GMT
new_kj.html
h5.l1l1l1l1l11l-l1l1l11l1l1l.com/new/ Frame EA72
0
0
Document
General
Full URL
https://h5.l1l1l1l1l11l-l1l1l11l1l1l.com/new/new_kj.html
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87ba8529d8cb4ca7-SIN
content-encoding
br
content-type
text/html
date
Sun, 28 Apr 2024 22:34:31 GMT
last-modified
Sat, 17 Feb 2024 13:47:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2FQfmMMNTsrDBrz%2BbMTxOqMdMGwHMrrvYaFfGJtfVvl3%2BV8H8IBwVvufB8B08Yd2UcAzED6EdDxKBVCSRqI6gVwsvWMhVRpsLH8dNxrj3eEUNy%2FsWEo3K8tob8ldLE2NR25vhHg8Dj3mBzJY5qpKjThVeczDM8Y9NSgv1p9aiA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
xgk.html
165638.com-165638.mpv.165638ee6ee.buzz/ Frame 93CC
28 KB
3 KB
Document
General
Full URL
https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
39b21b2f01a58ef707196261bf9e090b9c9b0cde567ede9e33f8232c0ce2e278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 28 Apr 2024 22:34:30 GMT
etag
W/"662de422-6f78"
last-modified
Sun, 28 Apr 2024 05:52:34 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
amgp.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
68 KB
69 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amgp.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7e3f8d12a15e17eafc0e29ac215d2f17851084444979cb5002d5c81f4a022479

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
69675
last-modified
Sun, 28 Apr 2024 02:18:47 GMT
server
cloudflare
etag
"7dcc0661299da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FGuLE9fGokZ6y4cWr6edna1DTtvx0hRBjC24U7dVRJ6zfcWQrCkt%2FUw6eCMuAeKYj9hPjJRD6WSAkhlXXPSdTMNuHY4onpFh22FyqZaUmJtcgl7sLB6LeRqWnR1ZCTWJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852d98ea40e5-SIN
shym.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
120 KB
121 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/shym.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ddf4a13930a996f0cecc3faa4a89f805dfd223f61e6630fbff7ae1c5dbf783f2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
123221
last-modified
Sun, 28 Apr 2024 01:25:02 GMT
server
cloudflare
etag
"44be5e4a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eq7aAMn11zVddQZChISwe%2BD8ZhRFnPFr06wavCpF8XzCb3ELgiAduNtBXMRSwfVo8%2BSSmBi88beMj9DAHrRb7IZyBg%2FG2R4ycf7LNZlydSxC83WKrDCUhqWfQMgS6Oku"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852d98ed40e5-SIN
amsbx.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
119 KB
119 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amsbx.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a074fe10930a14ab2d49da765394e65386f57d02c2134732fb033ff89349d874

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
121470
last-modified
Sun, 28 Apr 2024 01:24:35 GMT
server
cloudflare
etag
"67abadd4a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O4Cw8O4bqGsKsQtYUR%2F7YL8D1n3CJpb2SoDheyt5KF6bZq36aLiu8Qsfn3miJXlw1fbSD%2FvYocu5avcL7Zxt6AMFpK8L0t%2BPrCXhcoegXab43H1pd5BQE%2FHAR4Ujdtw%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852d98ee40e5-SIN
amnrw.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
44 KB
44 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amnrw.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2dab282e8c82efcae05d5219d4b75d8848c56723d4d6a72574e57c31f338ce29

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
44796
last-modified
Sun, 28 Apr 2024 01:24:33 GMT
server
cloudflare
etag
"e3997ad3a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNLM93Gdxgg4Pi%2BNy8jkZ%2F7hYqxWFIaVyThOiFlovYEIT%2BSR9Bov0acg3R%2FPOpC0a84E67qxIijrJBvfaRXVfRuCWNdpOM8jT0jnthIedGX9eJdIXYR7xs5dKPFvOC2E"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852d98ef40e5-SIN
amyzjtm.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
50 KB
51 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amyzjtm.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
41528347461d71a665b4787645ca9f9ccc9a57f21c50daaccd3f57275201d425

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
51460
last-modified
Sun, 28 Apr 2024 01:24:39 GMT
server
cloudflare
etag
"447ec0d6a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MwZ7fs3hmXIm78kwlC7HJtoT3neE1U6MPBIAwkm4m6LxEZyoHlQ5MEvihGfSN5j%2BOt1UfGQO708FjhrbpXOmiDZiZoRYU3ajiyHw7sUWafEERjTzPkIsdDtNy8AV%2BREo"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852d98f040e5-SIN
amzbsp.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
101 KB
102 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amzbsp.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d585048269b70c6d7eba8593455e23b2e7f4901788186ab28fa4c5cfd2b671a7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
103670
last-modified
Sun, 28 Apr 2024 01:24:39 GMT
server
cloudflare
etag
"cb243d7a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oqwm3V%2F1EuXz%2FzEjpFeGlyW96XZKOA5h5kD0%2FV%2BtndisGBy4lfKnZGNFz5H5MztaAEYFs3i9vMnzWAlMyjXZ4jOtd%2FAlaOc16mDJGEgPbb80ZLQwzuvD48llHdY4wDLg"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852d98f240e5-SIN
dcxj.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
25 KB
25 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/dcxj.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
01a4f88d4f865121cc5be80c73d942882f3c0f0498d8f66e5430cbd662013927

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
25429
last-modified
Sun, 28 Apr 2024 11:37:07 GMT
server
cloudflare
etag
"c8f146666099da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wUsYzhEaETEwNkN2QLsmHesOriM3fFmm%2BeFhADOvIwT7W%2Bt%2BW0t2SYWK93qJ7%2BJcVcrIEkrZ1%2B6LAFx1YUQ9T7zr6e0ywT%2BZiDiFUgNTAwY2JZ83dm1CdYkImCI54wbq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90840e5-SIN
ampt.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
41 KB
42 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ampt.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5726236e13a45f0461852176bb31087d2ebe7d7d4b92a26fb3200c919aaeeb3f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
42171
last-modified
Sun, 28 Apr 2024 01:24:35 GMT
server
cloudflare
etag
"9fc76fd4a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l5jMa4jqnzD4M9H%2BMOvtDxxAVmYKm%2Fabe1vGSIlCTkn7TzEU57AA9YebwRBuZ%2BC8syUsypV8mxPD58eS%2BMYyyH%2FOkkm8BDrD4cYWbjUXxnlJgUFU8yRnK4%2B%2FVDbrxqe4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db8fd40e5-SIN
amqlb.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
60 KB
61 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amqlb.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
331daa0a575061d7276d4a12f8f9664d6e7890f1a7fe4e23eefac2b3c53b558d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
61705
last-modified
Sun, 28 Apr 2024 01:24:35 GMT
server
cloudflare
etag
"e31a91d4a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4LSLYNj%2F5D2KJW9IZ4FxJcuhJDwHrfsuAJ4COxZ1fI3MK7494cS6sMi17ESY3uQEwfV1mb%2BWnUQkAXcHACY43Ho2pRqx6oDy%2B7T%2Fi4Ow60M5O%2BApCjJbtcbWoCl9FpuT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90240e5-SIN
amhh.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
137 KB
138 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amhh.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
23d9be245567cbdd0e59e24ec2ec8d34bdb70304b9e248ca35d88e6ee8c8e927

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
140491
last-modified
Sun, 28 Apr 2024 01:24:31 GMT
server
cloudflare
etag
"342de1d1a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqHoci5XKIswxv5fGMnJnO2YMHYEcpsLhZf6SP60YGUr%2BWIWEzFddHwtw4%2BrS%2FGzzMyVyKwv33hXd34YM4uRzgkVJ0VSTB1sjGRLoOVn7tlpKD%2F4Kjl7eLXDCM5TE%2BSq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90940e5-SIN
ambxgh.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
171 KB
171 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ambxgh.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3be5879ff60bcfb1fe42f63b9b8d19b024f861ef0f6885dc65f5acd280311f69

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
174782
last-modified
Sun, 28 Apr 2024 01:24:28 GMT
server
cloudflare
etag
"aafa74d0a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yo6mN0MzhnZt72l5XUwhcB%2F9naTc2AeeI0kVnU5yWY2ABWYVj4Z4ycEcMNruHtJ51jcxX4%2BCM8AKObGY50nHrJbxGntzMXgoD5nXXpwe4Hfu0lHcMfWAeBWnX9u06aDk"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db8fe40e5-SIN
am30ma.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
95 KB
96 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/am30ma.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3bb5c512a323b2238563f6f26f1977a32922e0d7418adc73d88a0d62a914cd77

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
97446
last-modified
Sun, 28 Apr 2024 01:24:28 GMT
server
cloudflare
etag
"c2f22fd0a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DJLyOZXZNlV7yPlyO%2FmojbXEP6exlQjbFTa8JpZNePP%2BVYk0y0ZYkuvGAX%2B%2FQoNtyTgQko4U2xl2riB%2BfdmDqKtdRt0sSxmlAdIRs0btx1I%2FvxOF0qnrSOp2njVEz429"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db8ff40e5-SIN
am4z3l.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
145 KB
145 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/am4z3l.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ae59e1edd0a0cdb37401e794ea9b124e15b62bba40b90355f2eedac8a5306f5f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
147998
last-modified
Sun, 28 Apr 2024 01:24:28 GMT
server
cloudflare
etag
"a8ef61d0a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQcRHeIVsbPNDshGArSLo3Bc4SiwYuHSGDQ%2B02yxaGOFWfte9IvlP8oLD%2FGQoq8OAp9lGQ9uTkcAZYYXsjBCHWeUljMB%2F7hg0LvwsW7UrORkorKH00053zZduWxiQYUr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90640e5-SIN
amht.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
141 KB
141 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amht.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
55cbcceab0a4c3d441c21e15b4cc917423d1df485678856c3711e34018cea8af

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
144136
last-modified
Sun, 28 Apr 2024 01:24:31 GMT
server
cloudflare
etag
"5b7221d2a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1k91HUSWL9sVFJr1yz%2F0%2BxA0k6hLXzu4mlgkBhsvFSy9ziz7nQtJdhCRk9TCqYZ%2BkUr6KEDIopMz0eJLjgaKGw86PgX%2B2iG%2BsY7sug4LJO0yDhsUgaXklYyl80zUtXG1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90140e5-SIN
amdszt.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
154 KB
155 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amdszt.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
614613bb3c6d72f6712af33fd6e25d49deb6356199f3db8717e0575499d0c570

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
157958
last-modified
Sun, 28 Apr 2024 01:24:30 GMT
server
cloudflare
etag
"23d548d1a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Gp8VH3XjUXYWenPuIiUHcRW9aG923iwfRKekmPR5g4dLK3VCb7PV8JLextq0fa5dDxnfhsmtW%2BrHgoq2ov2u6C7UDHRvO4GD%2BVxYCHsZZhDyYiaY59C5P2vDpSu63EB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90740e5-SIN
ammhb.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
131 KB
132 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ammhb.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d23c59b758e66b9dff1f53bc3b634c889e29947c2865aa7576dd1f7b0790484f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
134353
last-modified
Sun, 28 Apr 2024 01:24:32 GMT
server
cloudflare
etag
"94ffad2a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZITWQMCGqlRI3hidGcXhYaKFQuMwmys9DVfbCi7qfgLuwiW8UDDHXKeUcFjryZEWvawd7IY%2FfVmkJAWt5lCYk8i%2BT8l48VVNGI0diXPxO%2FQCFfDOf1OQscKn6kFSKWv"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90a40e5-SIN
amcsb.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
144 KB
144 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amcsb.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6cd0b3b1de18a26e633b1b4c44eeddb94c8aafb9c0fb8dcb9a8473352c819e5c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
146976
last-modified
Sun, 28 Apr 2024 01:24:29 GMT
server
cloudflare
etag
"b326c1d0a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NM0G4Fh4HeARrgxTMewiv8hvmwUJMxDKdg0o1g6EujXF5UIWde0kf1tKBcpiI3mBPyUZjnfgolnVrBvelsUAlW6kCupiTDkRxtx3MfmLFlDc%2B6VrkSeGmZEztVBeumhR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90440e5-SIN
ammh.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
43 KB
43 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ammh.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a1867f5cd8b3d2fae73ddc1cbe0027f2ad3c6a5b4db075aadc8930fd330055f7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
43681
last-modified
Sun, 28 Apr 2024 01:24:32 GMT
server
cloudflare
etag
"f365e9d2a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jN5X2ns1VGSt3JzsmY%2F%2BgKQjDgzCFB0GcMSbcwKHT9wGfm67LjYkgz30jWkt9hC0cLWpRc9ARx3Uf0LSLXDyO8dFHJiapN6kb8P5zJLiK1kf538pdvAkGh4Yfv84qDA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90040e5-SIN
m33.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
76 KB
76 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/m33.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ee8de895de42678b44345a6c61c0664ebf984e8cfcc0a69ebbc67af7700146a2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
77831
last-modified
Sat, 27 Apr 2024 14:17:25 GMT
server
cloudflare
etag
"ed74b0a0ad98da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YeI6x8IXDgLdsednqZd5eD7ulD9MpltWARc%2Fr8ZmONIf7%2BR%2FsyU0iL%2B5KwccqvpmUbvf%2B2WzTaighSgTN%2FGu8i1m8PHt9B9KmaeKrjTyHlEvzdxIAnUnwMD6k5Gi2oRi"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90c40e5-SIN
c008.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
187 KB
188 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/c008.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
696104dbe69d21a6dc26d598ef5356861e0341fd92d5fe7ad5f72f81d5a9a50e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
191926
last-modified
Sat, 27 Apr 2024 16:08:01 GMT
server
cloudflare
etag
"e1cd5714bd98da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3nFaUVp3cNc3S41Qv7LLaIjHkCdj%2FDvyIJPk8YeEWWQielLgmAGPZUbjTbbH0n3DI0vqrOl4JIJN1r5%2Fb1WJEdvkVzLV6FLQzLMzCLwaHS%2F1frQWP7Pk43xTJF%2FbdDNr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90540e5-SIN
jigongshi.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
110 KB
111 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/jigongshi.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5f2da1d669d113cd9f263817116f4ddc52e68ad1ff0fa7738a14680c32b4c593

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
112757
last-modified
Sun, 28 Apr 2024 01:24:51 GMT
server
cloudflare
etag
"7f2c33dea99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=381%2BRjYEqWg3lGAZT799ucqZO2oIUsXVfLzQZ8Hil8tDg%2BobeYHVUeCn0CGnFd7L5g1ntvKL7ThACgKwUTURfE6F5Holv0d%2Fn1ywdNtyZRKZ0Ag8UYNPk2BrrMaSFSeD"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db8fc40e5-SIN
fhtjt.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
244 KB
245 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/fhtjt.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8d0d55182a9ce5604733c35d0b60574d6d7175f1df69835648f9e9c7502a233b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
249885
last-modified
Sun, 28 Apr 2024 01:24:45 GMT
server
cloudflare
etag
"514376daa99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3CUKR2Ryc8XBNeljQmi%2FnwQWJ5tDMBu%2FnY8iidmBHhLwZ9x0gn9GkjWMn9aDHl%2FsL7DsvrUW1yHIP1%2FBQAWetOsfTNQj51x%2FLzcVTIsbiNm%2B3%2FTpgB87DEnCE63E6yq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90b40e5-SIN
ktjtx.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 93CC
191 KB
192 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ktjtx.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.234.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bcf7283882324993effa604c7460453f23b08bed70191487e4e5fd75c164b985

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
543
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
195760
last-modified
Sun, 28 Apr 2024 01:24:53 GMT
server
cloudflare
etag
"bfea44dfa99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xS91YLvLfsAP61BoCEHF3JqGqWAFlweXlMPqst7MXxG3xzjJJQtggRJJ%2BIDNuyqLWwQMWeXSp5HNZUBLxbFkl6TgKkEJyQU%2FW7IVcuuKdUocRLkqkHp3PzsU%2BeLJWKdl"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba852db90340e5-SIN
amwc39m.jpg
vbe.smhkbnry.com/aomen/2024/col/119/ Frame 93CC
0
0

tt39.jpg
tk.tutu.finance//aomen/2024/col/119/ Frame 93CC
75 KB
76 KB
Image
General
Full URL
https://tk.tutu.finance//aomen/2024/col/119/tt39.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:fbf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
06d46aa3b4e27038d0ba39834a572da24dfcc347d790dd047e2f495c22ceba61

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
544
cf-polished
qual=85, origFmt=jpeg, origSize=102605
x-powered-by
ASP.NET
content-disposition
inline; filename="tt39.webp"
content-length
76986
cf-bgj
imgq:85,h2pri
last-modified
Sat, 27 Apr 2024 16:08:51 GMT
server
cloudflare
etag
"698d131bd98da1:0"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oLa5PjHWrSSSCGZnYYhDhgL5cuGHUgmMON3Y9yUlFQEpWCbjZmuX0zPx16OYriPscD87NWNCrHEOxupySIimOMmYKkHZ5Xh8ecAy2u43iSazbDL5E4ICnHHjU9q21spt8SMvplPBUIzNTjOj4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87ba852dba064097-SIN
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?09deae81aef712c3d64d5987a096ae05
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
c750328b87cad0268c55d65c6ba1f359d20d3250394aedec48b93e2ca76a010a
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 28 Apr 2024 22:34:32 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
5b1c51475dca33d80e1fe187b354eb3f
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11258
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=zh-sg&lo=0&rnd=1248684721&si=09deae81aef712c3d64d5987a096ae05&v=1.3.0&lv=1&sn=13607&r=0&ww=1600&u=https%3A%2F%2F165638.com-165638.mpv.165638ee6ee.buzz%2F
Requested by
Host: 165638.com-165638.mpv.165638ee6ee.buzz
URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 28 Apr 2024 22:34:32 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
165638.com-165638.mpv.165638ee6ee.buzz/
95 KB
95 KB
Other
General
Full URL
https://165638.com-165638.mpv.165638ee6ee.buzz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
25b3ef77305d519872426483e316a4dd224f7c57b94c24a51e01c7916739f9cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee6ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:34:31 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 11 Mar 2024 20:16:42 GMT
server
nginx
etag
"65ef66aa-17c97"
content-type
image/x-icon
accept-ranges
bytes
content-length
97431

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vbe.smhkbnry.com
URL
https://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| AjaxObj function| XMLhttp object| ajax function| sendmsg function| getObj function| objCheck function| ietruebody function| getTop function| getLeft function| IsElement function| setCurrent function| strlen function| initCheckTextNum function| checkTextNum string| agt boolean| is_ie boolean| is_gecko string| imgpath string| verifyhash string| modeimg string| modeBase string| winduid string| windid string| groupid boolean| gIsPost undefined| base function| AddFavorite function| IndexDeploy function| SaveDeploy function| SetCookie function| FetchCookie function| Ajump boolean| ifcheck string| fid string| myshortcut function| tz function| CheckAll function| Fjump number| totalpage number| page function| PwMenu object| read function| closep function| findPosX function| findPosY function| in_array function| loadjs function| keyCodes function| opencode function| getPWBox function| getPWContainer function| elementBind function| addChild function| delElement function| pwForumList function| char_cv function| JSONParse function| showDialog object| _hmt boolean| _bdhm_loaded_09deae81aef712c3d64d5987a096ae05 object| mini_tangram_log_kacpqp

5 Cookies

Domain/Path Name / Value
165638.com-165638.mpv.165638ee6ee.buzz/ Name: 1005a_lastvisit
Value: 0%091714343669%09%2Findex.php%3F
165638.com-165638.mpv.165638ee6ee.buzz/ Name: 1005a_threadlog
Value: %2C2%2C
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: B527C6EE8EF0274B
.165638.com-165638.mpv.165638ee6ee.buzz/ Name: Hm_lvt_09deae81aef712c3d64d5987a096ae05
Value: 1714343672
.165638.com-165638.mpv.165638ee6ee.buzz/ Name: Hm_lpvt_09deae81aef712c3d64d5987a096ae05
Value: 1714343672

6 Console Messages

Source Level URL
Text
security warning URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html
Message:
Mixed Content: The page at 'https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html' was loaded over HTTPS, but requested an insecure element 'http://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html(Line 542)
Message:
Mixed Content: The page at 'https://165638.com-165638.mpv.165638ee6ee.buzz/xgk.html' was loaded over HTTPS, but requested an insecure element 'http://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
recommendation verbose URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://165638.com-165638.mpv.165638ee6ee.buzz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

165638.com-165638.mpv.165638ee6ee.buzz
amtk.11828.cc
h5.l1l1l1l1l11l-l1l1l11l1l1l.com
hm.baidu.com
tk.tutu.finance
vbe.smhkbnry.com
vbe.smhkbnry.com
104.21.234.173
111.45.11.83
2606:4700:20::681a:fbf
2606:4700:3035::ac43:9ecd
27.124.33.26
01a4f88d4f865121cc5be80c73d942882f3c0f0498d8f66e5430cbd662013927
06d46aa3b4e27038d0ba39834a572da24dfcc347d790dd047e2f495c22ceba61
23d9be245567cbdd0e59e24ec2ec8d34bdb70304b9e248ca35d88e6ee8c8e927
25b3ef77305d519872426483e316a4dd224f7c57b94c24a51e01c7916739f9cb
2dab282e8c82efcae05d5219d4b75d8848c56723d4d6a72574e57c31f338ce29
331daa0a575061d7276d4a12f8f9664d6e7890f1a7fe4e23eefac2b3c53b558d
39b21b2f01a58ef707196261bf9e090b9c9b0cde567ede9e33f8232c0ce2e278
3bb5c512a323b2238563f6f26f1977a32922e0d7418adc73d88a0d62a914cd77
3be5879ff60bcfb1fe42f63b9b8d19b024f861ef0f6885dc65f5acd280311f69
41528347461d71a665b4787645ca9f9ccc9a57f21c50daaccd3f57275201d425
4a4d95870439260445a3b5a53f1b450a64321c168730d700ec40ba2f794b655a
55cbcceab0a4c3d441c21e15b4cc917423d1df485678856c3711e34018cea8af
5726236e13a45f0461852176bb31087d2ebe7d7d4b92a26fb3200c919aaeeb3f
5c08766973e46c6237da4860553a264670d96726234185ddb4ce43c6ba8e7352
5f2da1d669d113cd9f263817116f4ddc52e68ad1ff0fa7738a14680c32b4c593
60e32aa7adaa3a0271281fa265c3a74f887172149fe700e82a58a6a1062e6feb
614613bb3c6d72f6712af33fd6e25d49deb6356199f3db8717e0575499d0c570
696104dbe69d21a6dc26d598ef5356861e0341fd92d5fe7ad5f72f81d5a9a50e
6cd0b3b1de18a26e633b1b4c44eeddb94c8aafb9c0fb8dcb9a8473352c819e5c
7e3f8d12a15e17eafc0e29ac215d2f17851084444979cb5002d5c81f4a022479
8d0d55182a9ce5604733c35d0b60574d6d7175f1df69835648f9e9c7502a233b
9b43e375f0f7cb0112794f903f588c8eecc8994d17cb408780cac22f6d6de82e
a074fe10930a14ab2d49da765394e65386f57d02c2134732fb033ff89349d874
a17c51f0de393f2cacd76464680d68a21148dc940f61afc5dc4e79784896e4c6
a1867f5cd8b3d2fae73ddc1cbe0027f2ad3c6a5b4db075aadc8930fd330055f7
a53530620f94eb34730e1635c95f4d02f9ed449addcb2595a34a848bd37374b6
ae59e1edd0a0cdb37401e794ea9b124e15b62bba40b90355f2eedac8a5306f5f
bcf7283882324993effa604c7460453f23b08bed70191487e4e5fd75c164b985
c750328b87cad0268c55d65c6ba1f359d20d3250394aedec48b93e2ca76a010a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d23c59b758e66b9dff1f53bc3b634c889e29947c2865aa7576dd1f7b0790484f
d585048269b70c6d7eba8593455e23b2e7f4901788186ab28fa4c5cfd2b671a7
ddf4a13930a996f0cecc3faa4a89f805dfd223f61e6630fbff7ae1c5dbf783f2
eba3d0525ae916ec3a7d16e49e71f640fa719de81ac488bee00a67974183b16c
ed9b8bbd6e2a85ccca09d5b1785de308a4ec1f5b8fb3fc5a2229ef65d04f467c
ee8de895de42678b44345a6c61c0664ebf984e8cfcc0a69ebbc67af7700146a2