6vunwegmsdball.xn--qq3a27w.xn--fiqs8s Open in urlscan Pro Puny
6vunwegmsdball.超马.中国 IDN
23.224.238.37 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/
Submission: On October 01 via api (October 1st 2024, 11:51:23 am UTC) from US — Scanned from DE

Summary HTTP 104 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 104 HTTP transactions. The main IP is 23.224.238.37, located in United States and belongs to CNSERVERS, US. The main domain is 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s.
TLS certificate: Issued by R10 on July 29th 2024. Valid for: 3 months.

This is the only time 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	23.224.238.37 23.224.238.37	40065 (CNSERVERS) (CNSERVERS)
27	104.219.213.80 104.219.213.80	398823 (PEG-LA) (PEG-LA)
4	111.45.11.83 111.45.11.83	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
3	23.224.238.42 23.224.238.42	40065 (CNSERVERS) (CNSERVERS)
1	163.181.92.250 163.181.92.250	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
9	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.150.22.100 20.150.22.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	107.148.132.133 107.148.132.133	398823 (PEG-LA) (PEG-LA)
1	104.219.213.82 104.219.213.82	54600 (PEG-SV) (PEG-SV)
6	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
104	11

34 23.224.238.37 (United States)

ASN40065 (CNSERVERS, US)

6vunwegmsdball.xn--qq3a27w.xn--fiqs8s	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.219.213.80 (United States)

ASN398823 (PEG-LA, US)

increases3.shanghaikeypower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 111.45.11.83 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.224.238.42 (United States)

ASN40065 (CNSERVERS, US)

financial1.shanghaikeypower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.250 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cbu01.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

qiniu.gdjuwang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.150.22.100 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

gtphoto.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 107.148.132.133 (United States)

ASN398823 (PEG-LA, US)

argument2.shanghaikeypower.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.219.213.82 (United States)

ASN54600 (PEG-SV, US)

k9k9.jiangsugoldmoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

s1.imagehub.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	shanghaikeypower.com increases3.shanghaikeypower.com financial1.shanghaikeypower.com argument2.shanghaikeypower.com	278 KB
34	function sub() { [native code] }.	536 KB
9	gdjuwang.com qiniu.gdjuwang.com	878 KB
6	imagehub.cc s1.imagehub.cc	20 KB
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 10108	24 KB
2	windows.net gtphoto.blob.core.windows.net	384 KB
1	jiangsugoldmoon.com k9k9.jiangsugoldmoon.com
1	alicdn.com cbu01.alicdn.com — Cisco Umbrella Rank: 76569	38 KB
0	bdimg.com Failed apps.bdimg.com Failed
104	9

	Domain	Requested by
34	6vunwegmsdball.xn--qq3a27w.xn--fiqs8s	6vunwegmsdball.xn--qq3a27w.xn--fiqs8s increases3.shanghaikeypower.com
27	increases3.shanghaikeypower.com	6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
11	argument2.shanghaikeypower.com	increases3.shanghaikeypower.com 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
9	qiniu.gdjuwang.com	6vunwegmsdball.xn--qq3a27w.xn--fiqs8s increases3.shanghaikeypower.com
6	s1.imagehub.cc	6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
4	hm.baidu.com	6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
3	financial1.shanghaikeypower.com	increases3.shanghaikeypower.com 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
2	gtphoto.blob.core.windows.net	6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
1	k9k9.jiangsugoldmoon.com	6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
1	cbu01.alicdn.com	6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
0	apps.bdimg.com Failed	increases3.shanghaikeypower.com argument2.shanghaikeypower.com
104	11

This site contains links to these domains. Also see Links.

Domain
zdhlzz1.yellowcranetower.com
bxj678.38ama.com
derivedllse2.xn--c5wm6gf0pm6d.com
169.197.142.175
k9k9.jiangsugoldmoon.com
cpinternational.shanghaikeypower.com

Subject Issuer	Validity	Valid
xn--qq3a27w.xn--fiqs8s R10	`2024-07-29` - `2024-10-27`	3 months	crt.sh
*.shanghaikeypower.com R10	`2024-09-14` - `2024-12-13`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
shanghaikeypower.com R10	`2024-07-28` - `2024-10-26`	3 months	crt.sh
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3	`2024-06-19` - `2025-07-21`	a year	crt.sh
qiniu.gdjuwang.com WE1	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.blob.core.windows.net Microsoft Azure RSA TLS Issuing CA 04	`2024-04-03` - `2025-03-29`	a year	crt.sh
jiangsugoldmoon.com R10	`2024-08-12` - `2024-11-10`	3 months	crt.sh
s1.imagehub.cc E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/
Frame ID: 0D112922F30F7D156E63C1A7FBB942FB
Requests: 21 HTTP requests in this frame

Frame: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Frame ID: DA05184355748864F13DB9CDC47622B3
Requests: 28 HTTP requests in this frame

Frame: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413
Frame ID: F874EADC9E4EE14F80916F95F662B175
Requests: 11 HTTP requests in this frame

Frame: https://k9k9.jiangsugoldmoon.com/chajian/kj.html?url=https%3A%2F%2Fcpinternational.shanghaikeypower.com%2Fgac%2Findex.html
Frame ID: ABBBA7AC822C4ECFA160A2D0AC23FCD5
Requests: 1 HTTP requests in this frame

Frame: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413
Frame ID: 9656BB465E22B2792E03DED5E37A2728
Requests: 10 HTTP requests in this frame

Frame: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/1.html?16821345601.10.202413
Frame ID: CEE3521B1AEBEC62D6C3EB2B3B64550B
Requests: 6 HTTP requests in this frame

Frame: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/2.html?16821345601.10.202413
Frame ID: C50CDDD705DE2112FDAAB5211F6181D1
Requests: 8 HTTP requests in this frame

Frame: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/3.html?16821345601.10.202413
Frame ID: AE2CB0FC54193D7E9F75631CA2D55109
Requests: 6 HTTP requests in this frame

Frame: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/4.html?16821345601.10.202413
Frame ID: E8EEF042CE903B657BD1D994BA64C068
Requests: 4 HTTP requests in this frame

Frame: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413
Frame ID: B1007AD230E4C1909790289A3766FE3B
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【小.鱼.儿】致力打造，火热全网！

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

94 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

5
Countries

2157 kB
Transfer

3203 kB
Size

6
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://zdhlzz1.yellowcranetower.com:8766//bylm/107733.html#306567am

Search URL Search Domain Scan URL

URL: https://bxj678.38ama.com/index.html?channelCode=lhse9

Search URL Search Domain Scan URL

URL: https://derivedllse2.xn--c5wm6gf0pm6d.com/?f=zxzx&chat=2

Search URL Search Domain Scan URL

URL: http://169.197.142.175/wxzz.php?f=zxzx
Title: 1

Search URL Search Domain Scan URL

URL: https://k9k9.jiangsugoldmoon.com/chajian/kj.html?url=https%3A%2F%2Fcpinternational.shanghaikeypower.com%2Fgac%2Findex.html
Title: 开奖

Search URL Search Domain Scan URL

URL: https://cpinternational.shanghaikeypower.com/gac/index.html
Title: 抢红包

Search URL Search Domain Scan URL

URL: https://zdhlzz1.yellowcranetower.com:8766/bylm/107733.html#more
Title: 大赢家

Search URL Search Domain Scan URL

URL: https://zdhlzz1.yellowcranetower.com:8766/bylm/216677.html#more
Title: 六合宝典

Search URL Search Domain Scan URL

URL: https://zdhlzz1.yellowcranetower.com:8766/bylm/216966.html#more
Title: 藏宝阁

Search URL Search Domain Scan URL

URL: https://zdhlzz1.yellowcranetower.com:8766/bylm/217789.html#more
Title: 一点红

Search URL Search Domain Scan URL

URL: https://zdhlzz1.yellowcranetower.com:8766/bylm/211277.html#more
Title: 大三巴

Search URL Search Domain Scan URL

URL: https://zdhlzz1.yellowcranetower.com:8766/bylm/784123.html#more
Title: 摇钱树

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/ 12 KB
4 KB 784ms
249ms Document
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

dc523552912a4cc23085267195f30089dda44841e4e9adef08760f48591e99a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 01 Oct 2024 11:51:06 GMT
etag: W/"66fbcf2a-2f98"
last-modified: Tue, 01 Oct 2024 10:30:02 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 xycp.js Show response
increases3.shanghaikeypower.com/assets/ 2 KB
889 B 520ms
167ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/xycp.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

6983e36ac4888e1ecbfadb088e03e2a6e6c1ec2dff2e95262af081e102a15337

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbdd39-619"
expires: Tue, 01 Oct 2024 23:51:07 GMT
date: Tue, 01 Oct 2024 11:51:07 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:30:01 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/js/ 94 KB
37 KB 525ms
524ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/js/jquery.min.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"644bea43-1787d"
expires: Tue, 01 Oct 2024 23:51:06 GMT
date: Tue, 01 Oct 2024 11:51:06 GMT
content-type: application/javascript
last-modified: Fri, 28 Apr 2023 15:46:11 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 common.css
increases3.shanghaikeypower.com/assets/ 7 KB
2 KB 519ms
167ms Stylesheet
text/css 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/common.css

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

68791450d24aa8d519bdd5817cc47e8e7fa29063bf5cc8680b2ffcd3bc999427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6683b1ee-1aa5"
expires: Tue, 01 Oct 2024 23:51:07 GMT
date: Tue, 01 Oct 2024 11:51:07 GMT
content-type: text/css
last-modified: Tue, 02 Jul 2024 07:53:18 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 style.css
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/skin/css/ 28 KB
8 KB 251ms
250ms Stylesheet
text/css 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/skin/css/style.css?v=2

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

390f71f595ce69ea91abcb01d2f9cd106f4adaf1be0bf08e5f0a87479ebf47f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"64b53e62-6f9d"
expires: Tue, 01 Oct 2024 23:51:06 GMT
date: Tue, 01 Oct 2024 11:51:06 GMT
content-type: text/css
last-modified: Mon, 17 Jul 2023 13:13:06 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 common.js Show response
increases3.shanghaikeypower.com/assets/ 5 KB
2 KB 521ms
169ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/common.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

8dfec2f230275bcf4b7e72fbd2042e3e01276381ba6f07888584a7867660a4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66ec3bde-1529"
expires: Tue, 01 Oct 2024 23:51:07 GMT
date: Tue, 01 Oct 2024 11:51:07 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 14:57:34 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 zbnav3.js Show response
increases3.shanghaikeypower.com/assets/ 9 KB
3 KB 684ms
332ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/zbnav3.js?v=44

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

61989ce504ee49a997c59d981f9af6844eceec0c01b0d6308f50c1e62a18946e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbdd39-2563"
expires: Tue, 01 Oct 2024 23:51:07 GMT
date: Tue, 01 Oct 2024 11:51:07 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:30:01 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 wenzhang.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/ 2 KB
2 KB 747ms
746ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/wenzhang.js?1684349588

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

50c8b607344f141ccba9af0f87a56368fdca3c21fde944a0e4e01b8dadb1c185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"64b67cae-947"
expires: Tue, 01 Oct 2024 23:51:06 GMT
date: Tue, 01 Oct 2024 11:51:06 GMT
content-type: application/javascript
last-modified: Tue, 18 Jul 2023 11:51:10 GMT
server: nginx
vary: Accept-Encoding

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 2034ms
873ms Script
application/javascript 111.45.11.83
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1ebc8b2b544c96f917df404b72d6f48b

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

b4d3746092851ffd65d3d4d7e49c56caf1baa8c5812b32703ed8cb8950d8bcc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Etag: c46f1afc316b8edf43515a45dad62bd1
Content-Length: 11289
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Tue, 01 Oct 2024 11:51:09 GMT
Content-Type: application/javascript
Server: apache

GET
H2 200 tc.js Show response
financial1.shanghaikeypower.com/assets/ 18 KB
6 KB 783ms
248ms Script
application/javascript 23.224.238.42
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://financial1.shanghaikeypower.com/assets/tc.js?441.10.202413

Requested by

Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/zbnav3.js?v=44

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.42 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ed874e24648c6e366689c4957aee1b7f2684dd55b752e18600b14d62ee4f44a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbcf2a-4835"
expires: Tue, 01 Oct 2024 23:51:08 GMT
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 10:30:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 23247269256_2020908872.jpg
cbu01.alicdn.com/img/ibank/2020/652/962/ 38 KB
38 KB 1147ms
44ms Image
image/gif 163.181.92.250
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbu01.alicdn.com/img/ibank/2020/652/962/23247269256_2020908872.jpg
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.250 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / Picasso
Resource Hash: 0a49154bbe1e5115cb63983b2c7f66f893b84077ee262b5bd1e28460abeddb7f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

picasso-image-type: normal
eagleid: a3b55ca117277834685473354e
age: 17211965
picasso-cache-info: MISS
x-cache: MISS TCP_MISS dirn:-2:-2
picasso-ret-code: SUCCESS
date: Sat, 16 Mar 2024 06:45:03 GMT
content-type: image/gif
last-modified: Sat, 06 Aug 2022 13:03:56 GMT
cache-control: max-age=31536000
x-swift-cachetime: 14324035
timing-allow-origin: *
request-time: 0.076
via: cache3.l2fr1[0,0,200-0,H], cache11.l2fr1[2,0], ens-cache7.de5[19,19,200-0,M], ens-cache13.de5[21,0]
ali-swift-global-savetime: 1710571503
x-swift-savetime: Tue, 01 Oct 2024 11:51:08 GMT
picasso-fmt: jpg2
access-control-allow-origin: *
content-length: 38506
traceid: 2ff632a117105715027248816e
x-powered-by: Picasso
server: Tengine

GET
H3 200 xamzl.jpg
qiniu.gdjuwang.com/6tp/ 387 KB
387 KB 955ms
636ms Image
image/jpeg 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qiniu.gdjuwang.com/6tp/xamzl.jpg?1.10.202413
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4263c3bee7eee95b9f242375841608a4232c60c057a779bd6da9e0e4a1a9309

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "66faab8c-60b58"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jC5rAe5%2FZ5pNxG%2BV60oF%2FO2Dy64eV4iwmIJ6r3q%2FzImHKQY3h497YbSBJBh%2FYAnpS62yASjkJyvEJ29I08vuFlGDJHmhP4dT7W2enGS9vf2iYEqrd7KHJ4OFbwuAIiWvtKhdVBk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d365ddddb0e-FRA
expires: Thu, 31 Oct 2024 11:51:08 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 396120
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: image/jpeg
last-modified: Mon, 30 Sep 2024 13:45:48 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK 3.gif
gtphoto.blob.core.windows.net/phh/ 235 KB
235 KB 857ms
212ms Image
image/gif 20.150.22.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtphoto.blob.core.windows.net/phh/3.gif
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.22.100 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: aa801e2b6a5f8230de1bd9711cc37e95f049d14cb26c927a273798972af7bed3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

Content-MD5: nUbRFYwrrzNJ3rvPlzPmjA==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
ETag: 0x8DCCE44608CB02D
x-ms-request-id: 02072959-d01e-002b-0df8-13e065000000
Content-Length: 240146
Date: Tue, 01 Oct 2024 11:51:08 GMT
Content-Type: image/gif
Last-Modified: Fri, 06 Sep 2024 07:20:25 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob

GET
H2 200 jqBtn.gif
financial1.shanghaikeypower.com/assets/img/ 74 KB
75 KB 296ms
296ms Image
image/gif 23.224.238.42
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://financial1.shanghaikeypower.com/assets/img/jqBtn.gif?v=1

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.42 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

edd995d53d65ad2d375c2236f1347718a82cedfa0f1d502eb72065155de14357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "6603f335-129d5"
expires: Thu, 31 Oct 2024 11:51:08 GMT
accept-ranges: bytes
content-length: 76245
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: image/gif
last-modified: Wed, 27 Mar 2024 10:21:41 GMT
server: nginx

GET
H2 200 realindex.html Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/ Frame DA05 64 KB
9 KB 272ms
270ms Document
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/wenzhang.js?1684349588

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

d4af242ae5997a94070bba87778313562cad6050208c33c1d32354442de8757b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 01 Oct 2024 11:51:08 GMT
etag: W/"66fbcf2a-1007e"
last-modified: Tue, 01 Oct 2024 10:30:02 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 404 search.jpg
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/skin/images/ 548 B
548 B 249ms
248ms Image
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/skin/images/search.jpg
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/skin/css/style.css?v=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.238.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/skin/css/style.css?v=2

Response headers

content-length: 548
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: text/html
server: nginx

GET
H3 200 cfl4.abc
qiniu.gdjuwang.com/6tp/ 3 KB
3 KB 613ms
336ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qiniu.gdjuwang.com/6tp/cfl4.abc
Requested by: Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/common.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae5773a30e6419126a021f04b00f71f152a42b8c04276b44ef958a54a220b56a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://increases3.shanghaikeypower.com/

Response headers

cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "665ee761-a4c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9PxegZgXNEaLVXo0AiAvkXYtfj2GHlzecNvn1Vjdi9rdEVAsgvf2HdT%2BT28omHOlDWaNFHbhHJM9MBXzJOeEEE5wr0WgsT2e3rH2ys%2B%2Fh5hz56%2BD2dq5h9VoGO3wxWCItS1YK4w%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d365ddbdb0e-FRA
accept-ranges: bytes
content-length: 2636
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: application/octet-stream
last-modified: Tue, 04 Jun 2024 10:07:29 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 list3.abc
qiniu.gdjuwang.com/6tp/ 4 KB
4 KB 610ms
332ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qiniu.gdjuwang.com/6tp/list3.abc
Requested by: Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/common.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a1aeef84acc4fd3314b3f6f5d33c3bf894a1a7e797003a7cebbe54a8b3f953a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://increases3.shanghaikeypower.com/

Response headers

cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "665ee769-e8c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JTQWKWJ4l4PSpgND%2F6eSyj4%2F6e%2BjzDPQB7zuMhvj9w3QductHTp3IKubtRrfa2zr50pBSb%2BhXIcYWmiPjXMJTR27jJg57I4fhJ5ugt0ZeIp2CDFs3%2Fcp7DAbJNasoT4ion97n3M%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d365dd5db0e-FRA
accept-ranges: bytes
content-length: 3724
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: application/octet-stream
last-modified: Tue, 04 Jun 2024 10:07:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 cfl-more5.abc
qiniu.gdjuwang.com/6tp/ 25 KB
26 KB 757ms
479ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qiniu.gdjuwang.com/6tp/cfl-more5.abc
Requested by: Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/common.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b72dd2d1a81a30aeecdd921e283f3d919e1d5e50cd626024aea9d0bfc16988

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://increases3.shanghaikeypower.com/

Response headers

cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "665ee763-65db"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xjs0gTyvGm4v27afNDEQPsQLEERJ8PoFaQ%2FRKqwr1MuGjB%2BExpb9V4CsEXvG3Qze%2B9ySx6xmToi%2BRcqf5v6ZnqFykLc8%2FU2%2B9734JaIp1lApqU4j%2FvuS0zs24k63x6CstVXshAc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d365dd7db0e-FRA
accept-ranges: bytes
content-length: 26075
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: application/octet-stream
last-modified: Tue, 04 Jun 2024 10:07:31 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 cfl2.abc
qiniu.gdjuwang.com/6tp/ 3 KB
3 KB 608ms
331ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qiniu.gdjuwang.com/6tp/cfl2.abc
Requested by: Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/common.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 690525e35adf0a12e48716dd62cd5efe930485d8e5e876a11762b9658b667e00

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://increases3.shanghaikeypower.com/

Response headers

cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "665ee760-be4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1RrNrToq0qwu612E7UOKWLyzggr9R2Fvg0Pf2aJfseTQhOZ6lmLkoDaivEZAzC88in7v86FMY0V9hpPM%2Bl5eFCfOVZiGntdB%2BfJbE13Rw%2Bk4j5ZI8i7OVPpdh7V%2BIci7v5cFztE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d365ddedb0e-FRA
accept-ranges: bytes
content-length: 3044
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: application/octet-stream
last-modified: Tue, 04 Jun 2024 10:07:28 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 bag1.abc
qiniu.gdjuwang.com/6tp/ 6 KB
6 KB 616ms
338ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qiniu.gdjuwang.com/6tp/bag1.abc
Requested by: Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/common.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d361cc19ba56003bf13087c2981908ea3a90c0017244ac92d7a748b8ebc91c1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://increases3.shanghaikeypower.com/

Response headers

cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "665ee75f-1617"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J6QXEXNMHbr906NS73iN081GHR12npwY8W1V5SUIEprlobl3wJObGr1gpGCpK%2B%2B%2FK8iKyYtjCQGI71EXpN2ECqiKl3WCunNjBC9%2FVZ4cGgPPrdsKzNryKwqblTlsp4BdcpJxvLA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d365de1db0e-FRA
accept-ranges: bytes
content-length: 5655
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: application/octet-stream
last-modified: Tue, 04 Jun 2024 10:07:27 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 xycp.js Show response
increases3.shanghaikeypower.com/assets/ Frame DA05 2 KB
0 1ms
1ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://increases3.shanghaikeypower.com/assets/xycp.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.213.80 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: 6983e36ac4888e1ecbfadb088e03e2a6e6c1ec2dff2e95262af081e102a15337

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbdd39-619"
expires: Tue, 01 Oct 2024 23:51:07 GMT
date: Tue, 01 Oct 2024 11:51:07 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:30:01 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 style.css
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/css/ Frame DA05 32 KB
8 KB 252ms
247ms Stylesheet
text/css 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/css/style.css?1680357107

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

82c0bb7a78b2b1bb03dd852a99e3a5577fd008a4687c7b337603218ae86508cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6442901e-7f06"
expires: Tue, 01 Oct 2024 23:51:08 GMT
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: text/css
last-modified: Fri, 21 Apr 2023 13:31:10 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 common.css
increases3.shanghaikeypower.com/assets/ Frame DA05 7 KB
0 2ms
2ms Stylesheet
text/css 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://increases3.shanghaikeypower.com/assets/common.css
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.213.80 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: 68791450d24aa8d519bdd5817cc47e8e7fa29063bf5cc8680b2ffcd3bc999427

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"6683b1ee-1aa5"
expires: Tue, 01 Oct 2024 23:51:07 GMT
date: Tue, 01 Oct 2024 11:51:07 GMT
content-type: text/css
last-modified: Tue, 02 Jul 2024 07:53:18 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/js/ Frame DA05 94 KB
0 3ms
3ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/js/jquery.min.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.238.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"644bea43-1787d"
expires: Tue, 01 Oct 2024 23:51:06 GMT
date: Tue, 01 Oct 2024 11:51:06 GMT
content-type: application/javascript
last-modified: Fri, 28 Apr 2023 15:46:11 GMT
server: nginx
vary: Accept-Encoding

GET
H2 404 jquery.tmpl.min.js
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/js/assets/ Frame DA05 0
0 253ms
249ms Script
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/js/assets/jquery.tmpl.min.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.238.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Response headers

content-length: 548
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: text/html
server: nginx

GET
H2 200 no.js Show response
increases3.shanghaikeypower.com/assets/ Frame DA05 1 KB
818 B 169ms
166ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/no.js?1682134560

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

d3138b81261ccc1339cf3340f49719b0fe7ea72afcb6d489471f10ff8d066d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fac274-566"
expires: Tue, 01 Oct 2024 23:51:08 GMT
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 15:23:32 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 common.js Show response
increases3.shanghaikeypower.com/assets/ Frame DA05 5 KB
2 KB 172ms
168ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/common.js?1680357107

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

8dfec2f230275bcf4b7e72fbd2042e3e01276381ba6f07888584a7867660a4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66ec3bde-1529"
expires: Tue, 01 Oct 2024 23:51:08 GMT
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 14:57:34 GMT
server: nginx
vary: Accept-Encoding

GET
H2 404 SuperSlide.js
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/js/assets/ Frame DA05 0
0 251ms
248ms Script
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/js/assets/SuperSlide.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.238.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Response headers

content-length: 548
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: text/html
server: nginx

GET
H2 200 biglogo.png
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/images/ Frame DA05 80 KB
80 KB 307ms
305ms Image
image/png 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/images/biglogo.png

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

3813df5a57c0bc71268d8bd44ec17b26def5eae2896ee78358a40c6ba7962c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "663c9c37-13f97"
expires: Thu, 31 Oct 2024 11:51:08 GMT
accept-ranges: bytes
content-length: 81815
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: image/png
last-modified: Thu, 09 May 2024 09:49:43 GMT
server: nginx

GET
H2 200 bxjzb.js Show response
increases3.shanghaikeypower.com/assets/ Frame DA05 2 KB
985 B 171ms
168ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/bxjzb.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

7d857907c2899e92bce24cada16e58fe5cc6d9b59490c9db874ffb409ea68cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"669ffe78-63f"
expires: Tue, 01 Oct 2024 23:51:08 GMT
date: Tue, 01 Oct 2024 11:51:08 GMT
content-type: application/javascript
last-modified: Tue, 23 Jul 2024 19:03:20 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 header.js Show response
increases3.shanghaikeypower.com/assets/ Frame DA05 11 KB
3 KB 167ms
167ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/header.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

ed36d917dffb8541e6964fd903c7bf03b70865e4dbd3a9018b5c8646a43d4551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbd632-2aaf"
expires: Tue, 01 Oct 2024 23:51:09 GMT
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:00:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 zbbm.js Show response
increases3.shanghaikeypower.com/assets/ Frame DA05 7 KB
3 KB 168ms
167ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/zbbm.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

881395f9d4d1442c341c8ee173c2703ea25786a5418df1c9b85239d1c167dd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbdd39-1ac2"
expires: Tue, 01 Oct 2024 23:51:09 GMT
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:30:01 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 scfl.js Show response
increases3.shanghaikeypower.com/assets/ Frame DA05 9 KB
3 KB 169ms
168ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/scfl.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

5130bbc8877988a646428603a1041c64b1e559c70f2a65b6f466859fc11475cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66a08300-2307"
expires: Tue, 01 Oct 2024 23:51:09 GMT
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: application/javascript
last-modified: Wed, 24 Jul 2024 04:28:48 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 gsbimg1.jpg
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/images/ Frame DA05 152 KB
152 KB 519ms
518ms Image
image/jpeg 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/images/gsbimg1.jpg

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ba4ddd4c1d6395a65ca45266ae2ffe5cfbdba29fae2796b0277e8695eb70c2f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "6442901e-2603c"
expires: Thu, 31 Oct 2024 11:51:09 GMT
accept-ranges: bytes
content-length: 155708
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: image/jpeg
last-modified: Fri, 21 Apr 2023 13:31:10 GMT
server: nginx

GET
H2 200 gsbimg2.jpg
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/images/ Frame DA05 153 KB
153 KB 632ms
631ms Image
image/jpeg 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/images/gsbimg2.jpg

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

e66970865851c311b03aa42ef7d6b021d291924a98270446bec519345404d55f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "6442901e-26270"
expires: Thu, 31 Oct 2024 11:51:09 GMT
accept-ranges: bytes
content-length: 156272
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: image/jpeg
last-modified: Fri, 21 Apr 2023 13:31:10 GMT
server: nginx

GET
H2 200 tpcl.js Show response
increases3.shanghaikeypower.com/assets/ Frame DA05 1 KB
721 B 169ms
168ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/tpcl.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

29852ee59c32d1c294358f162881f41fbd77fdbf9c867c0c7379e12c27f878a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"6526db6a-43f"
expires: Tue, 01 Oct 2024 23:51:09 GMT
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: application/javascript
last-modified: Wed, 11 Oct 2023 17:29:14 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 014.html Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/ Frame F874 17 KB
4 KB 627ms
626ms Document
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413

Requested by

Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/bxjzb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

56a6d00b84ebc9547fd50525d03e066eb4cf24277ddb1c3e1d815fa94389e732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 01 Oct 2024 11:51:09 GMT
etag: W/"66fbd6a9-442d"
last-modified: Tue, 01 Oct 2024 11:02:01 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bkimg.jpg
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/images/ Frame DA05 33 KB
33 KB 628ms
628ms Image
image/jpeg 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/images/bkimg.jpg

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

5e14294dbfb4b27a114d6c3661c7e297b7595168badc794380752db8742b1bb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "6442901e-837a"
expires: Thu, 31 Oct 2024 11:51:09 GMT
accept-ranges: bytes
content-length: 33658
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: image/jpeg
last-modified: Fri, 21 Apr 2023 13:31:10 GMT
server: nginx

GET
H2 200 tc.js Show response
argument2.shanghaikeypower.com/assets/ Frame DA05 18 KB
6 KB 527ms
165ms Script
application/javascript 107.148.132.133
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://argument2.shanghaikeypower.com/assets/tc.js?_1.10.2024

Requested by

Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/header.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.148.132.133 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

ed874e24648c6e366689c4957aee1b7f2684dd55b752e18600b14d62ee4f44a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbcf2a-4835"
expires: Tue, 01 Oct 2024 23:51:09 GMT
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 10:30:02 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 b084b9bad0f45f999082370f11c2dd5d.abc
qiniu.gdjuwang.com/6tp/ Frame DA05 222 KB
222 KB 631ms
630ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qiniu.gdjuwang.com/6tp/b084b9bad0f45f999082370f11c2dd5d.abc
Requested by: Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/header.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a9804e9136308733fd7b612fa92d31c1d8c8884e5629f841371dfa6a23a3af4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "665ee75e-376e4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8XAyPGopjsgs7pQ8TUDb9iusEF7FttTcfmY%2BB4QMWvq%2F1D%2FQMpwJbuuRqS9fTaYLNzh7eR0pJuethtjpkD%2BsWRDF4SEduovff79TFAS1yM2%2BPi0WHZeawQz9iknSMvsDZqa9Ro%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d3a498edb0e-FRA
accept-ranges: bytes
content-length: 227044
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: application/octet-stream
last-modified: Tue, 04 Jun 2024 10:07:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 6300.png
argument2.shanghaikeypower.com/assets/img/ Frame DA05 62 KB
62 KB 693ms
331ms Image
image/png 107.148.132.133
PEG-LA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://argument2.shanghaikeypower.com/assets/img/6300.png

Requested by

Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/header.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.148.132.133 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

69e2fa0ebb4aae6ce1ac698de078e98e2d18cae938f0bd916ff26ed34e4b4e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "6638d34c-f62d"
expires: Thu, 31 Oct 2024 11:51:09 GMT
accept-ranges: bytes
content-length: 63021
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: image/png
last-modified: Mon, 06 May 2024 12:55:40 GMT
server: nginx

GET
H2 200 star.png
argument2.shanghaikeypower.com/assets/img/ Frame DA05 5 KB
5 KB 859ms
497ms Image
image/png 107.148.132.133
PEG-LA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://argument2.shanghaikeypower.com/assets/img/star.png

Requested by

Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/header.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.148.132.133 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

02de150032a6bc397b93a5fc85cca8b7679a9a91be37df0758769f2ab507a668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "640ac0a4-13e3"
expires: Thu, 31 Oct 2024 11:51:09 GMT
accept-ranges: bytes
content-length: 5091
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: image/png
last-modified: Fri, 10 Mar 2023 05:31:16 GMT
server: nginx

GET
H2 200 rz.png
argument2.shanghaikeypower.com/assets/img/ Frame DA05 5 KB
5 KB 860ms
498ms Image
image/png 107.148.132.133
PEG-LA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://argument2.shanghaikeypower.com/assets/img/rz.png

Requested by

Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/header.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.148.132.133 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

dccc8e91b78ba7b840a47fbcedc06638b698a601da38c30014878c38a8cad35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "640ac0b0-127d"
expires: Thu, 31 Oct 2024 11:51:09 GMT
accept-ranges: bytes
content-length: 4733
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: image/png
last-modified: Fri, 10 Mar 2023 05:31:28 GMT
server: nginx

GET
H2 200 az.png
argument2.shanghaikeypower.com/assets/img/ Frame DA05 4 KB
4 KB 860ms
498ms Image
image/png 107.148.132.133
PEG-LA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://argument2.shanghaikeypower.com/assets/img/az.png

Requested by

Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/header.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.148.132.133 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

f86361830013708a83bb8ae824db42b8b05dcd33c95d3d0394ee2ff1e4985d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "640ac448-fbb"
expires: Thu, 31 Oct 2024 11:51:09 GMT
accept-ranges: bytes
content-length: 4027
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: image/png
last-modified: Fri, 10 Mar 2023 05:46:48 GMT
server: nginx

GET
H2 200 ios6b533a9.png
argument2.shanghaikeypower.com/assets/img/ Frame DA05 5 KB
5 KB 692ms
330ms Image
image/png 107.148.132.133
PEG-LA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://argument2.shanghaikeypower.com/assets/img/ios6b533a9.png

Requested by

Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/header.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.148.132.133 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

3fe7c24791c3dcb0e27fb33b8970960b39e4fb40127f1d21ce642219b1c9dcc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "640ac46e-14de"
expires: Thu, 31 Oct 2024 11:51:09 GMT
accept-ranges: bytes
content-length: 5342
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: image/png
last-modified: Fri, 10 Mar 2023 05:47:26 GMT
server: nginx

GET
H2 200 web.png
argument2.shanghaikeypower.com/assets/img/ Frame DA05 3 KB
3 KB 458ms
457ms Image
image/png 107.148.132.133
PEG-LA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://argument2.shanghaikeypower.com/assets/img/web.png

Requested by

Host: increases3.shanghaikeypower.com
URL: https://increases3.shanghaikeypower.com/assets/header.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.148.132.133 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

59563fd050c2c64916c411e9ffd48319f02ae4ca5e4024a649cc7e51d1062bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "640ab92e-b73"
expires: Thu, 31 Oct 2024 11:51:09 GMT
accept-ranges: bytes
content-length: 2931
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: image/png
last-modified: Fri, 10 Mar 2023 04:59:26 GMT
server: nginx

GET xgsmtm.js
argument2.shanghaikeypower.com/assets/ Frame DA05 0
0

GET
H2 200 kj.html
k9k9.jiangsugoldmoon.com/chajian/ Frame ABBB 0
0 544ms
166ms Document
text/html 104.219.213.82
PEG-SV

General

Check archive.org

Show headers Download Go to

Full URL

https://k9k9.jiangsugoldmoon.com/chajian/kj.html?url=https%3A%2F%2Fcpinternational.shanghaikeypower.com%2Fgac%2Findex.html

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.82 , United States, ASN54600 (PEG-SV, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 01 Oct 2024 11:51:10 GMT
etag: W/"66e3e18b-5bd8"
last-modified: Fri, 13 Sep 2024 06:54:03 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 6.html Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/ Frame 9656 25 KB
3 KB 283ms
278ms Document
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

c7cdd30ee021c73101c7c0c893e4e5d643696d0d32e0f498933062f3642ad015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 01 Oct 2024 11:51:09 GMT
etag: W/"66fbc821-6497"
last-modified: Tue, 01 Oct 2024 10:00:01 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 1.html Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/ Frame CEE3 78 KB
7 KB 331ms
326ms Document
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/1.html?16821345601.10.202413

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

5121ae78664ec804f271a3c794dbae21969f3c91f50661cc0209ad46001c2ed4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 01 Oct 2024 11:51:09 GMT
etag: W/"66fbdd39-13896"
last-modified: Tue, 01 Oct 2024 11:30:01 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 icon_tz.png
financial1.shanghaikeypower.com/assets/img/ Frame DA05 4 KB
4 KB 249ms
249ms Image
image/png 23.224.238.42
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://financial1.shanghaikeypower.com/assets/img/icon_tz.png

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.42 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

4125f1144c4db06c082c0519a4b400ef14bf3bb418ae069821595d72898e90e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "647d9042-f80"
expires: Thu, 31 Oct 2024 11:51:09 GMT
accept-ranges: bytes
content-length: 3968
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: image/png
last-modified: Mon, 05 Jun 2023 07:35:30 GMT
server: nginx

GET
H2 200 2.html Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/ Frame C50C 152 KB
11 KB 362ms
358ms Document
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/2.html?16821345601.10.202413

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

b46b948ad44db10a12b63081bca6a2ceb852c88e593d7583ae8609c88414ed6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 01 Oct 2024 11:51:09 GMT
etag: W/"66fbc119-26061"
last-modified: Tue, 01 Oct 2024 09:30:01 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 3.html Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/ Frame AE2C 13 KB
3 KB 362ms
359ms Document
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/3.html?16821345601.10.202413

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

37715ea19713b73020324da71d58fb433e920eb575268ad0ec2062f24a034007

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 01 Oct 2024 11:51:09 GMT
etag: W/"66fbd632-32a3"
last-modified: Tue, 01 Oct 2024 11:00:02 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 4.html Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/ Frame E8EE 4 KB
2 KB 363ms
360ms Document
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/4.html?16821345601.10.202413

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

80be0dc94f737360ea984ace7a1b186ec3079b47917188e8c2544e96e37a198e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 01 Oct 2024 11:51:09 GMT
etag: W/"66fbdd39-1182"
last-modified: Tue, 01 Oct 2024 11:30:01 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 5.html Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/ Frame B100 44 KB
11 KB 363ms
363ms Document
text/html 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

e842526dac336a40e160282e2c912ba2a77015c20a62eccea95a89c068e1990d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/realindex.html?_1.10.202413
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 01 Oct 2024 11:51:09 GMT
etag: W/"66fbd632-ae9d"
last-modified: Tue, 01 Oct 2024 11:00:02 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 xycp.js Show response
increases3.shanghaikeypower.com/assets/ Frame F874 2 KB
0 1ms
1ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://increases3.shanghaikeypower.com/assets/xycp.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.213.80 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: 6983e36ac4888e1ecbfadb088e03e2a6e6c1ec2dff2e95262af081e102a15337

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbdd39-619"
expires: Tue, 01 Oct 2024 23:51:07 GMT
date: Tue, 01 Oct 2024 11:51:07 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:30:01 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 common.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/js/ Frame F874 712 B
925 B 270ms
267ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/js/common.js?v=2

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

0fda3a966d6533ca2be16fcab9e74e145539adb4cba4114d29e9b9b6a668db2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
etag: "66ec3bf9-2c8"
expires: Tue, 01 Oct 2024 23:51:09 GMT
accept-ranges: bytes
content-length: 712
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 14:58:01 GMT
server: nginx

GET
H2 200 sty1e.css
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/css/ Frame F874 1 KB
947 B 269ms
266ms Stylesheet
text/css 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/css/sty1e.css

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

c71baee67aa665ed3062b7f7ffd07eb3b72bb4748b7c0263f7adeb26c78243ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"64a3e96c-5b9"
expires: Tue, 01 Oct 2024 23:51:09 GMT
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: text/css
last-modified: Tue, 04 Jul 2023 09:42:04 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 report.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/js/ Frame F874 208 B
421 B 269ms
266ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/js/report.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

fc08311e3b95b712f2108c904fb6e4e84a6e33711f2a2195e672f5f50a1aa2f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
etag: "64a3e96c-d0"
expires: Tue, 01 Oct 2024 23:51:09 GMT
accept-ranges: bytes
content-length: 208
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: application/javascript
last-modified: Tue, 04 Jul 2023 09:42:04 GMT
server: nginx

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 1336ms
1336ms Image
image/gif 111.45.11.83
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=0B2CA8D1DD89B4B9&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1226033035&si=1ebc8b2b544c96f917df404b72d6f48b&v=1.3.2&lv=1&sn=18730&r=0&ww=1600&u=https%3A%2F%2F6vunwegmsdball.xn--qq3a27w.xn--fiqs8s%2F&tt=%E3%80%90%E5%B0%8F.%E9%B1%BC.%E5%84%BF%E3%80%91%E8%87%B4%E5%8A%9B%E6%89%93%E9%80%A0%EF%BC%8C%E7%81%AB%E7%83%AD%E5%85%A8%E7%BD%91%EF%BC%81

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Tue, 01 Oct 2024 11:51:10 GMT
Content-Type: image/gif
Server: apache

GET
H2 200 amtu.jpg
increases3.shanghaikeypower.com/assets/img/ Frame 9656 36 KB
36 KB 335ms
332ms Image
image/jpeg 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://increases3.shanghaikeypower.com/assets/img/amtu.jpg

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

8927cc5b8726ffb42424a6e9fc660ce08bdf4d21e746ac2140235c5d2da7853b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "64771fd6-90b4"
expires: Thu, 31 Oct 2024 11:51:10 GMT
accept-ranges: bytes
content-length: 37044
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: image/jpeg
last-modified: Wed, 31 May 2023 10:22:14 GMT
server: nginx

GET
H2 200 2bc6168c4a31a54058dfdf7c5775236b.gif
s1.imagehub.cc/images/2024/07/22/ Frame 9656 24 KB
20 KB 1274ms
637ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.imagehub.cc/images/2024/07/22/2bc6168c4a31a54058dfdf7c5775236b.gif

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5522c600d469a1b82945f185a409549ac40aa2f40962159745379bdc05ff954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"669e7fba-6050"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FcMmAXKitK9%2BMOmwOQeVr%2BnKGISJuh5ANOO0hB8Iez6qFk5Rh6NN%2Bnhn%2FDZg2MSdW7Gdh7Gjf87e6IzR0MOomEjeGysddKJxwAlr602ff4OwQbjbEQ2oiuEq%2FAz2mRdkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d437a60d374-FRA
date: Tue, 01 Oct 2024 11:51:11 GMT
content-type: image/gif
last-modified: Mon, 22 Jul 2024 15:50:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 tp1.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/ Frame 9656 2 KB
0 0ms
0ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/tp1.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.238.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: e1e21afd72a1e1f8a8def484d840bf72f78caf3690f66b7a0b055fb6bb03aba4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fa87f3-61e"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 11:13:55 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 tp2.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/ Frame 9656 598 B
811 B 251ms
251ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/tp2.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

347a6350a9cddb8f36418faafae6b21f7a2b6677adb37fe54606e73b7ae37c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
etag: "66f652e1-256"
expires: Tue, 01 Oct 2024 23:51:10 GMT
accept-ranges: bytes
content-length: 598
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Fri, 27 Sep 2024 06:38:25 GMT
server: nginx

GET
H2 200 down.js Show response
increases3.shanghaikeypower.com/assets/ Frame 9656 5 KB
0 1ms
1ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://increases3.shanghaikeypower.com/assets/down.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.213.80 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: 8938b196896d143d14a7acb53a6e61538883f20d8a094b98193f2de73bec8509

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbd632-134c"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:00:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 tp3.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/ Frame 9656 14 B
0 0ms
0ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/tp3.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.238.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: c2e44be243035e607c43b8bd766e92d10172fd30774651ecf3c08b77bef6c07a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413

Response headers

cache-control: max-age=43200
etag: "65b286a4-e"
expires: Tue, 01 Oct 2024 23:51:10 GMT
accept-ranges: bytes
content-length: 14
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 16:04:52 GMT
server: nginx

GET
H2 200 xgtu.jpg
increases3.shanghaikeypower.com/assets/img/ Frame 9656 35 KB
35 KB 333ms
333ms Image
image/jpeg 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://increases3.shanghaikeypower.com/assets/img/xgtu.jpg

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

343dd0e71768c9c47c3e0a3240a71ab809bbeec23696905ea5f49468ccfc430b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=2592000
etag: "64771fd7-8b00"
expires: Thu, 31 Oct 2024 11:51:11 GMT
accept-ranges: bytes
content-length: 35584
date: Tue, 01 Oct 2024 11:51:11 GMT
content-type: image/jpeg
last-modified: Wed, 31 May 2023 10:22:15 GMT
server: nginx

GET
H2 200 no.js Show response
increases3.shanghaikeypower.com/assets/ Frame 9656 1 KB
818 B 171ms
168ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/no.js?_1.10.202413

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/6.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

d3138b81261ccc1339cf3340f49719b0fe7ea72afcb6d489471f10ff8d066d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fac274-566"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 15:23:32 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 2bc6168c4a31a54058dfdf7c5775236b.gif
s1.imagehub.cc/images/2024/07/22/ Frame CEE3 24 KB
0 1219ms
1219ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.imagehub.cc/images/2024/07/22/2bc6168c4a31a54058dfdf7c5775236b.gif
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/1.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5522c600d469a1b82945f185a409549ac40aa2f40962159745379bdc05ff954

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"669e7fba-6050"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FcMmAXKitK9%2BMOmwOQeVr%2BnKGISJuh5ANOO0hB8Iez6qFk5Rh6NN%2Bnhn%2FDZg2MSdW7Gdh7Gjf87e6IzR0MOomEjeGysddKJxwAlr602ff4OwQbjbEQ2oiuEq%2FAz2mRdkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d437a60d374-FRA
date: Tue, 01 Oct 2024 11:51:11 GMT
content-type: image/gif
last-modified: Mon, 22 Jul 2024 15:50:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 down.js Show response
argument2.shanghaikeypower.com/assets/ Frame CEE3 5 KB
3 KB 169ms
169ms Script
application/javascript 107.148.132.133
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://argument2.shanghaikeypower.com/assets/down.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/1.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.148.132.133 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

8938b196896d143d14a7acb53a6e61538883f20d8a094b98193f2de73bec8509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbd632-134c"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:00:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bxjptfl.js Show response
argument2.shanghaikeypower.com/assets/ Frame CEE3 870 B
1 KB 166ms
166ms Script
application/javascript 107.148.132.133
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://argument2.shanghaikeypower.com/assets/bxjptfl.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/1.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.148.132.133 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

3a95e9a44648acbe9dc86ab8b0d0cecf1f3ee51a5a1f21402e460822ad0d56ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
etag: "66dc1e0b-366"
expires: Tue, 01 Oct 2024 23:51:10 GMT
accept-ranges: bytes
content-length: 870
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Sat, 07 Sep 2024 09:34:03 GMT
server: nginx

GET
H2 200 no.js Show response
argument2.shanghaikeypower.com/assets/ Frame CEE3 1 KB
818 B 171ms
170ms Script
application/javascript 107.148.132.133
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://argument2.shanghaikeypower.com/assets/no.js?16821345601.10.202413

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/1.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

107.148.132.133 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

d3138b81261ccc1339cf3340f49719b0fe7ea72afcb6d489471f10ff8d066d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fac274-566"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 15:23:32 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 tp1.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/ Frame C50C 2 KB
684 B 250ms
250ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/tp1.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/2.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

e1e21afd72a1e1f8a8def484d840bf72f78caf3690f66b7a0b055fb6bb03aba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/2.html?16821345601.10.202413

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fa87f3-61e"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 11:13:55 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 2bc6168c4a31a54058dfdf7c5775236b.gif
s1.imagehub.cc/images/2024/07/22/ Frame C50C 24 KB
0 1186ms
1186ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.imagehub.cc/images/2024/07/22/2bc6168c4a31a54058dfdf7c5775236b.gif
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/2.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5522c600d469a1b82945f185a409549ac40aa2f40962159745379bdc05ff954

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"669e7fba-6050"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FcMmAXKitK9%2BMOmwOQeVr%2BnKGISJuh5ANOO0hB8Iez6qFk5Rh6NN%2Bnhn%2FDZg2MSdW7Gdh7Gjf87e6IzR0MOomEjeGysddKJxwAlr602ff4OwQbjbEQ2oiuEq%2FAz2mRdkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d437a60d374-FRA
date: Tue, 01 Oct 2024 11:51:11 GMT
content-type: image/gif
last-modified: Mon, 22 Jul 2024 15:50:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 down.js Show response
increases3.shanghaikeypower.com/assets/ Frame C50C 5 KB
3 KB 417ms
417ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/down.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/2.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

8938b196896d143d14a7acb53a6e61538883f20d8a094b98193f2de73bec8509

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbd632-134c"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:00:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 bxjptfl.js Show response
increases3.shanghaikeypower.com/assets/ Frame C50C 870 B
0 3ms
3ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://increases3.shanghaikeypower.com/assets/bxjptfl.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/2.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.213.80 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a95e9a44648acbe9dc86ab8b0d0cecf1f3ee51a5a1f21402e460822ad0d56ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=43200
etag: "66dc1e0b-366"
expires: Tue, 01 Oct 2024 23:51:10 GMT
accept-ranges: bytes
content-length: 870
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Sat, 07 Sep 2024 09:34:03 GMT
server: nginx

GET
H2 200 tp2.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/ Frame C50C 598 B
0 147ms
147ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/tp2.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/2.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.238.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 347a6350a9cddb8f36418faafae6b21f7a2b6677adb37fe54606e73b7ae37c3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/2.html?16821345601.10.202413

Response headers

cache-control: max-age=43200
etag: "66f652e1-256"
expires: Tue, 01 Oct 2024 23:51:10 GMT
accept-ranges: bytes
content-length: 598
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Fri, 27 Sep 2024 06:38:25 GMT
server: nginx

GET
H2 200 bxjptfl.js Show response
increases3.shanghaikeypower.com/assets/ Frame AE2C 870 B
1 KB 413ms
412ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/bxjptfl.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/3.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

3a95e9a44648acbe9dc86ab8b0d0cecf1f3ee51a5a1f21402e460822ad0d56ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
etag: "66dc1e0b-366"
expires: Tue, 01 Oct 2024 23:51:10 GMT
accept-ranges: bytes
content-length: 870
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Sat, 07 Sep 2024 09:34:03 GMT
server: nginx

GET
H2 200 down.js Show response
increases3.shanghaikeypower.com/assets/ Frame AE2C 5 KB
0 417ms
417ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://increases3.shanghaikeypower.com/assets/down.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/3.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.213.80 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: 8938b196896d143d14a7acb53a6e61538883f20d8a094b98193f2de73bec8509

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbd632-134c"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:00:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 tp3.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/ Frame AE2C 14 B
225 B 249ms
248ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/tp3.js

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/3.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

c2e44be243035e607c43b8bd766e92d10172fd30774651ecf3c08b77bef6c07a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/3.html?16821345601.10.202413

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
etag: "65b286a4-e"
expires: Tue, 01 Oct 2024 23:51:10 GMT
accept-ranges: bytes
content-length: 14
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 16:04:52 GMT
server: nginx

GET
H2 200 2bc6168c4a31a54058dfdf7c5775236b.gif
s1.imagehub.cc/images/2024/07/22/ Frame E8EE 24 KB
0 1178ms
1178ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.imagehub.cc/images/2024/07/22/2bc6168c4a31a54058dfdf7c5775236b.gif
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/4.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5522c600d469a1b82945f185a409549ac40aa2f40962159745379bdc05ff954

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"669e7fba-6050"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FcMmAXKitK9%2BMOmwOQeVr%2BnKGISJuh5ANOO0hB8Iez6qFk5Rh6NN%2Bnhn%2FDZg2MSdW7Gdh7Gjf87e6IzR0MOomEjeGysddKJxwAlr602ff4OwQbjbEQ2oiuEq%2FAz2mRdkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d437a60d374-FRA
date: Tue, 01 Oct 2024 11:51:11 GMT
content-type: image/gif
last-modified: Mon, 22 Jul 2024 15:50:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 down.js Show response
argument2.shanghaikeypower.com/assets/ Frame E8EE 5 KB
0 130ms
130ms Script
application/javascript 107.148.132.133
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://argument2.shanghaikeypower.com/assets/down.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/4.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.148.132.133 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: 8938b196896d143d14a7acb53a6e61538883f20d8a094b98193f2de73bec8509

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbd632-134c"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:00:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 2bc6168c4a31a54058dfdf7c5775236b.gif
s1.imagehub.cc/images/2024/07/22/ Frame B100 24 KB
0 1175ms
1175ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.imagehub.cc/images/2024/07/22/2bc6168c4a31a54058dfdf7c5775236b.gif
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5522c600d469a1b82945f185a409549ac40aa2f40962159745379bdc05ff954

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"669e7fba-6050"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FcMmAXKitK9%2BMOmwOQeVr%2BnKGISJuh5ANOO0hB8Iez6qFk5Rh6NN%2Bnhn%2FDZg2MSdW7Gdh7Gjf87e6IzR0MOomEjeGysddKJxwAlr602ff4OwQbjbEQ2oiuEq%2FAz2mRdkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d437a60d374-FRA
date: Tue, 01 Oct 2024 11:51:11 GMT
content-type: image/gif
last-modified: Mon, 22 Jul 2024 15:50:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 down.js Show response
increases3.shanghaikeypower.com/assets/ Frame B100 5 KB
0 413ms
413ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://increases3.shanghaikeypower.com/assets/down.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.213.80 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: 8938b196896d143d14a7acb53a6e61538883f20d8a094b98193f2de73bec8509

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fbd632-134c"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Tue, 01 Oct 2024 11:00:02 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 tp1.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/ Frame B100 2 KB
0 1ms
1ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/tp1.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.238.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: e1e21afd72a1e1f8a8def484d840bf72f78caf3690f66b7a0b055fb6bb03aba4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fa87f3-61e"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 11:13:55 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 tp2.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/ Frame B100 598 B
0 142ms
142ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/tp2.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.238.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 347a6350a9cddb8f36418faafae6b21f7a2b6677adb37fe54606e73b7ae37c3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413

Response headers

cache-control: max-age=43200
etag: "66f652e1-256"
expires: Tue, 01 Oct 2024 23:51:10 GMT
accept-ranges: bytes
content-length: 598
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Fri, 27 Sep 2024 06:38:25 GMT
server: nginx

GET
H2 200 tp3.js Show response
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/ Frame B100 14 B
0 1ms
1ms Script
application/javascript 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/alljs/tp3.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.224.238.37 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: c2e44be243035e607c43b8bd766e92d10172fd30774651ecf3c08b77bef6c07a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413

Response headers

cache-control: max-age=43200
etag: "65b286a4-e"
expires: Tue, 01 Oct 2024 23:51:10 GMT
accept-ranges: bytes
content-length: 14
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 16:04:52 GMT
server: nginx

GET
H2 200 bxjptfl.js Show response
increases3.shanghaikeypower.com/assets/ Frame B100 870 B
0 0ms
0ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://increases3.shanghaikeypower.com/assets/bxjptfl.js
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.213.80 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a95e9a44648acbe9dc86ab8b0d0cecf1f3ee51a5a1f21402e460822ad0d56ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=43200
etag: "66dc1e0b-366"
expires: Tue, 01 Oct 2024 23:51:10 GMT
accept-ranges: bytes
content-length: 870
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Sat, 07 Sep 2024 09:34:03 GMT
server: nginx

GET
H2 200 no.js Show response
increases3.shanghaikeypower.com/assets/ Frame C50C 1 KB
818 B 403ms
401ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL

https://increases3.shanghaikeypower.com/assets/no.js?16821345601.10.202413

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/2.html?16821345601.10.202413

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.219.213.80 , United States, ASN398823 (PEG-LA, US),

Reverse DNS

Software

nginx /

Resource Hash

d3138b81261ccc1339cf3340f49719b0fe7ea72afcb6d489471f10ff8d066d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fac274-566"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 15:23:32 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 no.js Show response
increases3.shanghaikeypower.com/assets/ Frame AE2C 1 KB
0 406ms
406ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://increases3.shanghaikeypower.com/assets/no.js?16821345601.10.202413
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/3.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.213.80 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: d3138b81261ccc1339cf3340f49719b0fe7ea72afcb6d489471f10ff8d066d11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fac274-566"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 15:23:32 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 no.js Show response
increases3.shanghaikeypower.com/assets/ Frame B100 1 KB
0 408ms
408ms Script
application/javascript 104.219.213.80
PEG-LA

General

Check archive.org

Show headers Download Go to

Full URL: https://increases3.shanghaikeypower.com/assets/no.js?16821345601.10.202413
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/5.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.219.213.80 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software: nginx /
Resource Hash: d3138b81261ccc1339cf3340f49719b0fe7ea72afcb6d489471f10ff8d066d11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=43200
content-encoding: gzip
etag: W/"66fac274-566"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 15:23:32 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 style.css
6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/css/ Frame F874 21 KB
5 KB 252ms
251ms Stylesheet
text/css 23.224.238.37
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/css/style.css

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/css/sty1e.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.224.238.37 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

bd59bc26129f3046f03b0863a7df181d1eb94b83e0ddea441d4c398bb9bbe9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/css/sty1e.css

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=43200
content-encoding: gzip
etag: W/"64a3e96c-5554"
expires: Tue, 01 Oct 2024 23:51:10 GMT
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: text/css
last-modified: Tue, 04 Jul 2023 09:42:04 GMT
server: nginx
vary: Accept-Encoding

GET jquery.min.js
apps.bdimg.com/libs/jquery/1.7.2/ Frame 9656 0
0

GET
H2 200 2bc6168c4a31a54058dfdf7c5775236b.gif
s1.imagehub.cc/images/2024/07/22/ Frame E8EE 24 KB
0 1042ms
1042ms Image
image/gif 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.imagehub.cc/images/2024/07/22/2bc6168c4a31a54058dfdf7c5775236b.gif
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/file/4.html?16821345601.10.202413
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5522c600d469a1b82945f185a409549ac40aa2f40962159745379bdc05ff954

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"669e7fba-6050"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2FcMmAXKitK9%2BMOmwOQeVr%2BnKGISJuh5ANOO0hB8Iez6qFk5Rh6NN%2Bnhn%2FDZg2MSdW7Gdh7Gjf87e6IzR0MOomEjeGysddKJxwAlr602ff4OwQbjbEQ2oiuEq%2FAz2mRdkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d437a60d374-FRA
date: Tue, 01 Oct 2024 11:51:11 GMT
content-type: image/gif
last-modified: Mon, 22 Jul 2024 15:50:18 GMT
vary: Accept-Encoding
server: cloudflare

GET jquery.min.js
apps.bdimg.com/libs/jquery/1.7.2/ Frame CEE3 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame F874 29 KB
11 KB 448ms
447ms Script
application/javascript 111.45.11.83
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?e2f72af1301d458de86efa48b3f805fd

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

21428391036d4e4fa3fd40cf93bde089cff8564d3b846d348c2b21083cb0faae

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Etag: ec9c6b43c4f6ac33d914c74906116f07
Content-Length: 11289
Date: Tue, 01 Oct 2024 11:51:10 GMT
Content-Type: application/javascript
Server: apache

GET
H3 200 fdbb7582ef482f0dc5b130747ef5b519.abc
qiniu.gdjuwang.com/6tp/ Frame F874 226 KB
226 KB 184ms
183ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qiniu.gdjuwang.com/6tp/fdbb7582ef482f0dc5b130747ef5b519.abc
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b195363acd2b94fe6639c659ec1ff11654c39b3c6f2c56ba5005d8a0d155de5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "665ee768-3865a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7iLxOljJOZneNEdHMkP2OSX2nsPLr%2FXpkkyRTXO6aCE71L%2F56CwplKhQEGAo2f3QtUomTDYjFLPhhMFbz7bWZsCvT%2BGlp%2BHUYpO2cXlnkxOHS8B4DULcjXWsT2n%2F8LcicSzA8Mk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d41c9cddb0e-FRA
accept-ranges: bytes
content-length: 231002
date: Tue, 01 Oct 2024 11:51:10 GMT
content-type: application/octet-stream
last-modified: Tue, 04 Jun 2024 10:07:36 GMT
vary: Accept-Encoding
server: cloudflare

GET
H/1.1 200
OK 8.gif
gtphoto.blob.core.windows.net/phh/ Frame F874 149 KB
149 KB 217ms
216ms Image
image/gif 20.150.22.100
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtphoto.blob.core.windows.net/phh/8.gif
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.150.22.100 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 57c8a845b2c89a6636bfcd9b0bbd5cada3c8ef00a20e0d7bdb7e5d5ce64d2599

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

Content-MD5: VxUvb3jx2fC2cNSHajKaVA==
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
ETag: 0x8DCCE44E36462C3
x-ms-request-id: 02072f44-d01e-002b-08f8-13e065000000
Content-Length: 152515
Date: Tue, 01 Oct 2024 11:51:09 GMT
Content-Type: image/gif
Last-Modified: Fri, 06 Sep 2024 07:24:04 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob

GET
H3 200 b084b9bad0f45f999082370f11c2dd5d.abc
qiniu.gdjuwang.com/6tp/ Frame F874 222 KB
0 631ms
630ms Image
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qiniu.gdjuwang.com/6tp/b084b9bad0f45f999082370f11c2dd5d.abc
Requested by: Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a9804e9136308733fd7b612fa92d31c1d8c8884e5629f841371dfa6a23a3af4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "665ee75e-376e4"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y8XAyPGopjsgs7pQ8TUDb9iusEF7FttTcfmY%2BB4QMWvq%2F1D%2FQMpwJbuuRqS9fTaYLNzh7eR0pJuethtjpkD%2BsWRDF4SEduovff79TFAS1yM2%2BPi0WHZeawQz9iknSMvsDZqa9Ro%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cbc3d3a498edb0e-FRA
accept-ranges: bytes
content-length: 227044
date: Tue, 01 Oct 2024 11:51:09 GMT
content-type: application/octet-stream
last-modified: Tue, 04 Jun 2024 10:07:26 GMT
vary: Accept-Encoding
server: cloudflare

GET jquery.min.js
apps.bdimg.com/libs/jquery/1.7.2/ Frame C50C 0
0

GET jquery.min.js
apps.bdimg.com/libs/jquery/1.7.2/ Frame AE2C 0
0

GET jquery.min.js
apps.bdimg.com/libs/jquery/1.7.2/ Frame B100 0
0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame F874 43 B
299 B 436ms
435ms Image
image/gif 111.45.11.83
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=0B2CA8D1DD89B4B9&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1800&et=0&ja=0&ln=de-de&lo=0&rnd=567271009&si=e2f72af1301d458de86efa48b3f805fd&su=https%3A%2F%2F6vunwegmsdball.xn--qq3a27w.xn--fiqs8s%2Frealindex.html%3F_1.10.202413&v=1.3.2&lv=1&sn=18731&r=0&ww=800&u=https%3A%2F%2F6vunwegmsdball.xn--qq3a27w.xn--fiqs8s%2Fjzzb%2Fbbs%2F014.html%3F1.10.202413

Requested by

Host: 6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/jzzb/bbs/014.html?1.10.202413

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.11.83 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Tue, 01 Oct 2024 11:51:11 GMT
Content-Type: image/gif
Server: apache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: argument2.shanghaikeypower.com
URL: https://argument2.shanghaikeypower.com/assets/xgsmtm.js

Domain: apps.bdimg.com
URL: https://apps.bdimg.com/libs/jquery/1.7.2/jquery.min.js

Domain: apps.bdimg.com
URL: https://apps.bdimg.com/libs/jquery/1.7.2/jquery.min.js

Domain: apps.bdimg.com
URL: https://apps.bdimg.com/libs/jquery/1.7.2/jquery.min.js

Domain: apps.bdimg.com
URL: https://apps.bdimg.com/libs/jquery/1.7.2/jquery.min.js

Domain: apps.bdimg.com
URL: https://apps.bdimg.com/libs/jquery/1.7.2/jquery.min.js

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-21 09:32:23	Name: HMACCOUNT_BFESS Value: 0B2CA8D1DD89B4B9
.6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/	1970-01-21 08:41:59	Name: Hm_lvt_1ebc8b2b544c96f917df404b72d6f48b Value: 1727783470
.6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/	1969-12-31 23:59:59	Name: Hm_lpvt_1ebc8b2b544c96f917df404b72d6f48b Value: 1727783470
.6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/	1969-12-31 23:59:59	Name: HMACCOUNT Value: 0B2CA8D1DD89B4B9
.6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/	1970-01-21 08:41:59	Name: Hm_lvt_e2f72af1301d458de86efa48b3f805fd Value: 1727783471
.6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/	1969-12-31 23:59:59	Name: Hm_lpvt_e2f72af1301d458de86efa48b3f805fd Value: 1727783471

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://increases3.shanghaikeypower.com/assets/zbnav3.js?v=44(Line 172) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://financial1.shanghaikeypower.com/assets/tc.js?441.10.202413, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://increases3.shanghaikeypower.com/assets/zbnav3.js?v=44(Line 172) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://financial1.shanghaikeypower.com/assets/tc.js?441.10.202413, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/skin/images/search.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/js/assets/SuperSlide.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://6vunwegmsdball.xn--qq3a27w.xn--fiqs8s/js/assets/jquery.tmpl.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6vunwegmsdball.xn--qq3a27w.xn--fiqs8s
apps.bdimg.com
argument2.shanghaikeypower.com
cbu01.alicdn.com
financial1.shanghaikeypower.com
gtphoto.blob.core.windows.net
hm.baidu.com
increases3.shanghaikeypower.com
k9k9.jiangsugoldmoon.com
qiniu.gdjuwang.com
s1.imagehub.cc
apps.bdimg.com
argument2.shanghaikeypower.com
104.219.213.80
104.219.213.82
107.148.132.133
111.45.11.83
163.181.92.250
188.114.96.3
188.114.97.3
20.150.22.100
23.224.238.37
23.224.238.42
02de150032a6bc397b93a5fc85cca8b7679a9a91be37df0758769f2ab507a668
0a49154bbe1e5115cb63983b2c7f66f893b84077ee262b5bd1e28460abeddb7f
0fda3a966d6533ca2be16fcab9e74e145539adb4cba4114d29e9b9b6a668db2d
21428391036d4e4fa3fd40cf93bde089cff8564d3b846d348c2b21083cb0faae
29852ee59c32d1c294358f162881f41fbd77fdbf9c867c0c7379e12c27f878a8
2a1aeef84acc4fd3314b3f6f5d33c3bf894a1a7e797003a7cebbe54a8b3f953a
343dd0e71768c9c47c3e0a3240a71ab809bbeec23696905ea5f49468ccfc430b
347a6350a9cddb8f36418faafae6b21f7a2b6677adb37fe54606e73b7ae37c3b
37715ea19713b73020324da71d58fb433e920eb575268ad0ec2062f24a034007
3813df5a57c0bc71268d8bd44ec17b26def5eae2896ee78358a40c6ba7962c28
390f71f595ce69ea91abcb01d2f9cd106f4adaf1be0bf08e5f0a87479ebf47f6
3a95e9a44648acbe9dc86ab8b0d0cecf1f3ee51a5a1f21402e460822ad0d56ed
3fe7c24791c3dcb0e27fb33b8970960b39e4fb40127f1d21ce642219b1c9dcc1
4125f1144c4db06c082c0519a4b400ef14bf3bb418ae069821595d72898e90e1
50c8b607344f141ccba9af0f87a56368fdca3c21fde944a0e4e01b8dadb1c185
5121ae78664ec804f271a3c794dbae21969f3c91f50661cc0209ad46001c2ed4
5130bbc8877988a646428603a1041c64b1e559c70f2a65b6f466859fc11475cd
56a6d00b84ebc9547fd50525d03e066eb4cf24277ddb1c3e1d815fa94389e732
57c8a845b2c89a6636bfcd9b0bbd5cada3c8ef00a20e0d7bdb7e5d5ce64d2599
59563fd050c2c64916c411e9ffd48319f02ae4ca5e4024a649cc7e51d1062bc5
5e14294dbfb4b27a114d6c3661c7e297b7595168badc794380752db8742b1bb0
61989ce504ee49a997c59d981f9af6844eceec0c01b0d6308f50c1e62a18946e
68791450d24aa8d519bdd5817cc47e8e7fa29063bf5cc8680b2ffcd3bc999427
690525e35adf0a12e48716dd62cd5efe930485d8e5e876a11762b9658b667e00
6983e36ac4888e1ecbfadb088e03e2a6e6c1ec2dff2e95262af081e102a15337
69e2fa0ebb4aae6ce1ac698de078e98e2d18cae938f0bd916ff26ed34e4b4e5d
7d857907c2899e92bce24cada16e58fe5cc6d9b59490c9db874ffb409ea68cb6
80be0dc94f737360ea984ace7a1b186ec3079b47917188e8c2544e96e37a198e
82c0bb7a78b2b1bb03dd852a99e3a5577fd008a4687c7b337603218ae86508cd
881395f9d4d1442c341c8ee173c2703ea25786a5418df1c9b85239d1c167dd17
8927cc5b8726ffb42424a6e9fc660ce08bdf4d21e746ac2140235c5d2da7853b
8938b196896d143d14a7acb53a6e61538883f20d8a094b98193f2de73bec8509
8b195363acd2b94fe6639c659ec1ff11654c39b3c6f2c56ba5005d8a0d155de5
8dfec2f230275bcf4b7e72fbd2042e3e01276381ba6f07888584a7867660a4bc
9a9804e9136308733fd7b612fa92d31c1d8c8884e5629f841371dfa6a23a3af4
a5522c600d469a1b82945f185a409549ac40aa2f40962159745379bdc05ff954
aa801e2b6a5f8230de1bd9711cc37e95f049d14cb26c927a273798972af7bed3
ae5773a30e6419126a021f04b00f71f152a42b8c04276b44ef958a54a220b56a
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b4263c3bee7eee95b9f242375841608a4232c60c057a779bd6da9e0e4a1a9309
b46b948ad44db10a12b63081bca6a2ceb852c88e593d7583ae8609c88414ed6f
b4d3746092851ffd65d3d4d7e49c56caf1baa8c5812b32703ed8cb8950d8bcc1
b9b72dd2d1a81a30aeecdd921e283f3d919e1d5e50cd626024aea9d0bfc16988
ba4ddd4c1d6395a65ca45266ae2ffe5cfbdba29fae2796b0277e8695eb70c2f6
bd59bc26129f3046f03b0863a7df181d1eb94b83e0ddea441d4c398bb9bbe9f7
c2e44be243035e607c43b8bd766e92d10172fd30774651ecf3c08b77bef6c07a
c71baee67aa665ed3062b7f7ffd07eb3b72bb4748b7c0263f7adeb26c78243ae
c7cdd30ee021c73101c7c0c893e4e5d643696d0d32e0f498933062f3642ad015
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3138b81261ccc1339cf3340f49719b0fe7ea72afcb6d489471f10ff8d066d11
d361cc19ba56003bf13087c2981908ea3a90c0017244ac92d7a748b8ebc91c1b
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d4af242ae5997a94070bba87778313562cad6050208c33c1d32354442de8757b
dc523552912a4cc23085267195f30089dda44841e4e9adef08760f48591e99a9
dccc8e91b78ba7b840a47fbcedc06638b698a601da38c30014878c38a8cad35d
e1e21afd72a1e1f8a8def484d840bf72f78caf3690f66b7a0b055fb6bb03aba4
e66970865851c311b03aa42ef7d6b021d291924a98270446bec519345404d55f
e842526dac336a40e160282e2c912ba2a77015c20a62eccea95a89c068e1990d
ed36d917dffb8541e6964fd903c7bf03b70865e4dbd3a9018b5c8646a43d4551
ed874e24648c6e366689c4957aee1b7f2684dd55b752e18600b14d62ee4f44a7
edd995d53d65ad2d375c2236f1347718a82cedfa0f1d502eb72065155de14357
f86361830013708a83bb8ae824db42b8b05dcd33c95d3d0394ee2ff1e4985d55
fc08311e3b95b712f2108c904fb6e4e84a6e33711f2a2195e672f5f50a1aa2f5

6vunwegmsdball.xn--qq3a27w.xn--fiqs8s Open in urlscan Pro Puny 6vunwegmsdball.超马.中国 IDN 23.224.238.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

94 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

11 IPs

5 Countries

2157 kBTransfer

3203 kBSize

6 Cookies

12 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

6vunwegmsdball.xn--qq3a27w.xn--fiqs8s Open in urlscan Pro Puny
6vunwegmsdball.超马.中国 IDN
23.224.238.37 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

94 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

11
IPs

5
Countries

2157 kB
Transfer

3203 kB
Size

6
Cookies

104 HTTP transactions
0 data transactions