urlscan.io logo urlscan.io
SecurityTrails logo

1mav.cc Open in urlscan Pro
172.67.159.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://1mav98.top/
Effective URL: https://1mav.cc/
Submission: On November 13 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 8 countries across 43 domains to perform 98 HTTP transactions. The main IP is 172.67.159.154, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1mav.cc.
TLS certificate: Issued by WE1 on November 9th 2024. Valid for: 3 months.
This is the only time 1mav.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.130.204 13335 (CLOUDFLAR...)
4 172.67.159.154 13335 (CLOUDFLAR...)
5 47.246.24.242 24429 (TAOBAO Zh...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 43.152.182.31 139341 (ACE-AS-AP...)
4 46.105.201.240 16276 (OVH)
2 118.178.60.162 37963 (ALIBABA-C...)
2 2 47.252.96.7 45102 (ALIBABA-C...)
8 203.107.47.192 37963 (ALIBABA-C...)
2 2 47.252.96.15 45102 (ALIBABA-C...)
2 2 47.89.140.69 45102 (ALIBABA-C...)
2 2600:9000:220... 16509 (AMAZON-02)
2 2 154.91.91.19 399077 (TERAEXCH)
2 123.6.18.18 4837 (CHINA169-...)
2 142.0.133.121 54600 (PEG-SV)
3 149.104.32.60 40065 (CNSERVERS)
1 1 202.81.230.143 4658 (M2012LIMI...)
1 98.96.229.29 21859 (ZEN-ECN)
2 2600:9000:211... 16509 (AMAZON-02)
4 115.223.9.120 134771 (CHINATELE...)
2 120.78.115.72 37963 (ALIBABA-C...)
2 2 47.89.140.74 45102 (ALIBABA-C...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 149.56.240.128 16276 (OVH)
5 2606:4700:21:... 13335 (CLOUDFLAR...)
1 58.254.150.48 136958 (UNICOM-GU...)
1 88.99.67.51 24940 (HETZNER-AS)
2 183.240.98.228 56040 (CMNET-GUA...)
4 23.196.3.181 20940 (AKAMAI-ASN1)
2 172.64.153.173 13335 (CLOUDFLAR...)
3 108.138.128.28 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3 54.38.113.8 16276 (OVH)
2 2 34.229.3.43 14618 (AMAZON-AES)
1 2 2001:4998:14:... 14777 (YAHOO)
1 23.22.89.70 14618 (AMAZON-AES)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 4 172.253.122.156 15169 (GOOGLE)
3 67.202.105.32 32748 (STEADFAST)
11 18 35.244.154.8 396982 (GOOGLE-CL...)
2 2 35.71.131.137 16509 (AMAZON-02)
1 2 107.178.254.65 396982 (GOOGLE-CL...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
3 3 35.244.159.8 15169 (GOOGLE)
2 35.245.15.98 396982 (GOOGLE-CL...)
2 2 68.67.160.75 29990 (ASN-APPNEX)
1 2 98.82.156.207 14618 (AMAZON-AES)
2 2600:9000:261... 16509 (AMAZON-02)
98 37
1    172.67.130.204 (United States)

ASN13335 (CLOUDFLARENET, US)
1mav98.top
4    172.67.159.154 (United States)

ASN13335 (CLOUDFLARENET, US)
1mav.cc
5    47.246.24.242 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
xewl.xyz
3    2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    43.152.182.31 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)
hongosi.xn--b0tp7pc6a827b.cc
4    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    118.178.60.162 (Hangzhou, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
768guanggaot.oss-cn-hangzhou.aliyuncs.com
2    47.252.96.7 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
xpj46-xz.oss-accelerate.aliyuncs.com
8    203.107.47.192 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
xx4848.jjcclt.com
2    47.252.96.15 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
5454ylylgh.oss-accelerate.aliyuncs.com
2    47.89.140.69 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
5845-xxpp.oss-accelerate.aliyuncs.com
2    2600:9000:2209:7600:1c:fa01:b800:93a1 (United States)

ASN16509 (AMAZON-02, US)
img88.szapaqi.cn
2    154.91.91.19 (Seychelles)

ASN399077 (TERAEXCH, US)
gif.ssjljk.com
2    123.6.18.18 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)
PTR: hn.kd.ny.adsl
img3.tyqxzx.com
2    142.0.133.121 (United States)

ASN54600 (PEG-SV, US)
bpyyllqqj7.kmqianneng66.com
3    149.104.32.60 (United States)

ASN40065 (CNSERVERS, US)
images.1031.academy
1    202.81.230.143 (Hong Kong)

ASN4658 (M2012LIMITED-AS 2012 Limited Netfront, HK)
PTR: 230-143.ha.cloud.netfront.net
img.539355.com
1    98.96.229.29 (United States)

ASN21859 (ZEN-ECN, US)
picx.zhimg.com
2    2600:9000:211c:d200:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.wixstatic.com
4    115.223.9.120 (China)

ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN)
cc777img.dqsldz.com
2    120.78.115.72 (Shenzhen, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
kysz.oss-cn-shenzhen.aliyuncs.com
2    47.89.140.74 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
646464xpj.oss-accelerate.aliyuncs.com
4    2606:4700:10::6816:159d (United States)

ASN13335 (CLOUDFLARENET, US)
timg190.top
3    2607:f8b0:4004:c06::8a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    149.56.240.128 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534296.ip-149-56-240.net
s4.histats.com
5    2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
1    58.254.150.48 (Guangzhou, China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)
zz.bdstatic.com
1    88.99.67.51 (Aachen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.51.67.99.88.clients.your-server.de
lan.trans711.top
2    183.240.98.228 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)
hm.baidu.com
4    23.196.3.181 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-181.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
2    172.64.153.173 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
3    108.138.128.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-28.jfk50.r.cloudfront.net
tags.crwdcntrl.net
2    2606:4700:20::681a:c3c (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
3    54.38.113.8 (France)

ASN16276 (OVH, FR)
PTR: falcon-1.cloudy.ovh
pixel.onaudience.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loada.exelator.com
2    2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    23.22.89.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-89-70.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    2606:4700:10::6816:3362 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
4    172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net
cm.g.doubleclick.net
3    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
18    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
rc.rlcdn.com
idsync.rlcdn.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    35.245.15.98 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.15.245.35.bc.googleusercontent.com
i.simpli.fi
2    68.67.160.75 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    98.82.156.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-156-207.compute-1.amazonaws.com
s.amazon-adsystem.com
2    2600:9000:261f:fc00:17:c65c:dac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
az.tu2024020388.com
Apex Domain
Subdomains		 Transfer
18 rlcdn.com
rc.rlcdn.com — Cisco Umbrella Rank: 5479
idsync.rlcdn.com — Cisco Umbrella Rank: 519
3 KB
12 aliyuncs.com
768guanggaot.oss-cn-hangzhou.aliyuncs.com
xpj46-xz.oss-accelerate.aliyuncs.com
5454ylylgh.oss-accelerate.aliyuncs.com
5845-xxpp.oss-accelerate.aliyuncs.com
txdy-xxxx1329.oss-cn-beijing.aliyuncs.com Failed
kysz.oss-cn-shenzhen.aliyuncs.com — Cisco Umbrella Rank: 943964
646464xpj.oss-accelerate.aliyuncs.com
535 KB
8 jjcclt.com
xx4848.jjcclt.com — Cisco Umbrella Rank: 992052
2 MB
6 histats.com
s10.histats.com — Cisco Umbrella Rank: 11273
s4.histats.com — Cisco Umbrella Rank: 9666
18 KB
5 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 20523
ic.tynt.com — Cisco Umbrella Rank: 16631
de.tynt.com — Cisco Umbrella Rank: 1768
10 KB
5 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 11281
t.dtscout.com — Cisco Umbrella Rank: 9584
9 KB
5 xewl.xyz
xewl.xyz — Cisco Umbrella Rank: 811423
488 KB
4 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 294
2 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1258
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1277
22 KB
4 lijit.com
pxdrop.lijit.com — Cisco Umbrella Rank: 4874
2 KB
4 timg190.top
timg190.top — Cisco Umbrella Rank: 778827
107 KB
4 dqsldz.com
cc777img.dqsldz.com — Cisco Umbrella Rank: 473688
171 KB
4 1mav.cc
1mav.cc
20 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 593
840 B
3 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2969
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
21 KB
3 1031.academy
images.1031.academy
612 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
283 KB
2 tu2024020388.com
az.tu2024020388.com
871 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 351
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 302
2 KB
2 simpli.fi
i.simpli.fi — Cisco Umbrella Rank: 5203
297 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 404
1 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 947
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 426
1 KB
2 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3099
mwzeom.zeotap.com — Cisco Umbrella Rank: 3481
1 KB
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 2476
ups.analytics.yahoo.com — Cisco Umbrella Rank: 599
512 B
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 38584
2 KB
2 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 10317
1 KB
2 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 10979
sp0.baidu.com Failed
12 KB
2 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 7034
152 KB
2 kmqianneng66.com
bpyyllqqj7.kmqianneng66.com — Cisco Umbrella Rank: 461790
232 KB
2 tyqxzx.com
img3.tyqxzx.com — Cisco Umbrella Rank: 705474
323 KB
2 ssjljk.com
gif.ssjljk.com — Cisco Umbrella Rank: 573662
333 B
2 szapaqi.cn
img88.szapaqi.cn — Cisco Umbrella Rank: 896979
718 KB
1 trans711.top
lan.trans711.top — Cisco Umbrella Rank: 776479
395 KB
1 bdstatic.com
zz.bdstatic.com — Cisco Umbrella Rank: 47412
563 B
1 zhimg.com
picx.zhimg.com — Cisco Umbrella Rank: 59227
1 539355.com
img.539355.com
111 B
1 xn--b0tp7pc6a827b.cc
hongosi.xn--b0tp7pc6a827b.cc — Cisco Umbrella Rank: 484813
630 B
1 1mav98.top
1mav98.top
617 B
0 img00874478.cc Failed
img88ky.img00874478.cc Failed
0 img88391511.cc Failed
img88pg.img88391511.cc Failed
98 43
Domain Requested by
11 rc.rlcdn.com 11 redirects
8 xx4848.jjcclt.com 1mav.cc
7 idsync.rlcdn.com 1mav.cc
5 xewl.xyz 1mav.cc
xewl.xyz
4 cm.g.doubleclick.net 4 redirects
4 pxdrop.lijit.com e.dtscout.com
pxdrop.lijit.com
4 timg190.top 1mav.cc
4 cc777img.dqsldz.com 1mav.cc
4 s10.histats.com 1mav.cc
s10.histats.com
4 1mav.cc 1mav.cc
xewl.xyz
3 us-u.openx.net 3 redirects
3 pixel.onaudience.com 3 redirects
3 tags.crwdcntrl.net e.dtscout.com
tags.crwdcntrl.net
3 t.dtscout.com e.dtscout.com
3 www.google-analytics.com www.googletagmanager.com
xewl.xyz
3 images.1031.academy 1mav.cc
3 www.googletagmanager.com 1mav.cc
www.googletagmanager.com
2 az.tu2024020388.com 1mav.cc
2 s.amazon-adsystem.com 1 redirects 1mav.cc
2 ib.adnxs.com 2 redirects
2 i.simpli.fi 1mav.cc
2 px.ads.linkedin.com 1 redirects 1mav.cc
2 pippio.com 1 redirects 1mav.cc
2 match.adsrvr.org 2 redirects
2 de.tynt.com cdn.tynt.com
2 loada.exelator.com 2 redirects
2 t.dtscdn.com e.dtscout.com
2 cdn.tynt.com e.dtscout.com
2 hm.baidu.com hongosi.xn--b0tp7pc6a827b.cc
1mav.cc
2 e.dtscout.com s4.histats.com
2 s4.histats.com s10.histats.com
2 646464xpj.oss-accelerate.aliyuncs.com 2 redirects
2 kysz.oss-cn-shenzhen.aliyuncs.com 1mav.cc
2 static.wixstatic.com 1mav.cc
2 bpyyllqqj7.kmqianneng66.com 1mav.cc
2 img3.tyqxzx.com 1mav.cc
2 gif.ssjljk.com 2 redirects
2 img88.szapaqi.cn 1mav.cc
2 5845-xxpp.oss-accelerate.aliyuncs.com 2 redirects
2 5454ylylgh.oss-accelerate.aliyuncs.com 2 redirects
2 xpj46-xz.oss-accelerate.aliyuncs.com 2 redirects
2 768guanggaot.oss-cn-hangzhou.aliyuncs.com 1mav.cc
1 ic.tynt.com 1mav.cc
1 mwzeom.zeotap.com 1mav.cc
1 spl.zeotap.com 1 redirects
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 ups.analytics.yahoo.com 1mav.cc
1 cms.analytics.yahoo.com 1 redirects
1 lan.trans711.top 1mav.cc
1 zz.bdstatic.com xewl.xyz
1 picx.zhimg.com 1mav.cc
1 img.539355.com 1 redirects
1 hongosi.xn--b0tp7pc6a827b.cc xewl.xyz
1 1mav98.top 1 redirects
0 sp0.baidu.com Failed 1mav.cc
0 img88ky.img00874478.cc Failed 1mav.cc
0 img88pg.img88391511.cc Failed 1mav.cc
0 txdy-xxxx1329.oss-cn-beijing.aliyuncs.com Failed 1mav.cc
98 58
Subject Issuer Validity Valid
1mav.cc
WE1		 2024-11-09 -
2025-02-07		 3 months crt.sh
*.xewl.xyz
E5		 2024-11-10 -
2025-02-08		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.xn--b0tp7pc6a827b.cc
R10		 2024-10-01 -
2024-12-30		 3 months crt.sh
histats.com
R11		 2024-10-30 -
2025-01-28		 3 months crt.sh
cn-hangzhou.oss.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-02-19 -
2025-03-22		 a year crt.sh
img88.szapaqi.cn
Sectigo RSA Domain Validation Secure Server CA		 2024-09-17 -
2025-09-17		 a year crt.sh
bpyyllqqj7.kmqianneng66.com
R10		 2024-09-07 -
2024-12-06		 3 months crt.sh
*.1031.academy
R10		 2024-10-29 -
2025-01-27		 3 months crt.sh
*.wixstatic.com
R11		 2024-09-09 -
2024-12-08		 3 months crt.sh
cc777img.dqsldz.com
TrustAsia RSA DV TLS CA G2		 2024-10-28 -
2025-01-26		 3 months crt.sh
*.oss-cn-shenzhen.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3		 2024-01-26 -
2025-02-26		 a year crt.sh
timg190.top
WR1		 2024-10-21 -
2025-01-19		 3 months crt.sh
dtscout.com
WE1		 2024-11-08 -
2025-02-06		 3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2024-07-08 -
2025-08-09		 a year crt.sh
lan.trans711.top
R10		 2024-11-09 -
2025-02-07		 3 months crt.sh
cert2-prod.aut.a24365.net
R11		 2024-11-04 -
2025-02-02		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-09-05 -
2025-09-30		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
dtscdn.com
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
az.tu2024020388.com
Amazon RSA 2048 M03		 2024-02-03 -
2025-03-03		 a year crt.sh

This page contains 6 frames:

Primary Page: https://1mav.cc/
Frame ID: 7444D7EA196AD92545FA9E984DBB9AB3
Requests: 82 HTTP requests in this frame

Frame: https://1mav.cc/anyalytics?v=_0f4d82b07b4
Frame ID: 950F8232518074072FE0FC129C93258D
Requests: 13 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=1040173146856351791A465A947147DD
Frame ID: 26581A26ACDE4D85228D7CCA38D63A8F
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1587.855&cid=c026&cls=sync
Frame ID: 5520F7A37995B2DB4AB5427FE5B0FCD8
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 680ED4ABFD00C38D4DB7896CE335FCEB
Requests: 1 HTTP requests in this frame

Frame: https://pxdrop.lijit.com/a/t_.htm?ver=1.1587.855&cid=c026&cls=sync
Frame ID: 7A79B32AB84CEB3647433716661165BF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

新型的黄色网站,日本AV,国产自拍 - 1MAV

Page URL History Show full URLs

  1. https://1mav98.top/ HTTP 301
    https://1mav.cc/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

98
Requests

72 %
HTTPS

22 %
IPv6

43
Domains

58
Subdomains

37
IPs

8
Countries

6711 kB
Transfer

13231 kB
Size

115
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://1mav98.top/ HTTP 301
    https://1mav.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://xpj46-xz.oss-accelerate.aliyuncs.com/xpj.gif HTTP 301
  • https://xx4848.jjcclt.com/xpj.gif
Request Chain 12
  • https://5454ylylgh.oss-accelerate.aliyuncs.com/1.gif HTTP 301
  • https://xx4848.jjcclt.com/1.gif
Request Chain 13
  • https://5845-xxpp.oss-accelerate.aliyuncs.com/5845.gif HTTP 301
  • https://xx4848.jjcclt.com/5845.gif
Request Chain 18
  • https://gif.ssjljk.com/ky96080a_new.gif HTTP 302
  • https://img3.tyqxzx.com/ky96080a_new.gif
Request Chain 21
  • https://img.539355.com/images/660b84a1142a300952998e5e.gif HTTP 302
  • https://picx.zhimg.com/v2-c26316acdf7138cc40514fb1ebb4d1a3
Request Chain 26
  • https://646464xpj.oss-accelerate.aliyuncs.com/2.gif HTTP 301
  • https://xx4848.jjcclt.com/2.gif
Request Chain 54
  • https://pixel.onaudience.com/?partner=137085098&mapped=1040173146856351791A465A947147DD HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8129210f3ccc5b9ee7d4f3805e4442fa&gdpr=1 HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1
Request Chain 62
  • https://xpj46-xz.oss-accelerate.aliyuncs.com/xpj.gif HTTP 301
  • https://xx4848.jjcclt.com/xpj.gif
Request Chain 63
  • https://5845-xxpp.oss-accelerate.aliyuncs.com/5845.gif HTTP 301
  • https://xx4848.jjcclt.com/5845.gif
Request Chain 64
  • https://5454ylylgh.oss-accelerate.aliyuncs.com/1.gif HTTP 301
  • https://xx4848.jjcclt.com/1.gif
Request Chain 69
  • https://gif.ssjljk.com/ky96080a_new.gif HTTP 302
  • https://img3.tyqxzx.com/ky96080a_new.gif
Request Chain 76
  • https://pixel.onaudience.com/?partner=137085098&mapped=1040173146856351791A465A947147DD HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=710512ea322a0daf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3c59277e-14eb-4e8e-520a-54dcf267e7c5&reqId=b0c9dd71-611e-49c3-4292-e463a7e70092&zcluid=710512ea322a0daf&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3c59277e-14eb-4e8e-520a-54dcf267e7c5&reqId=b0c9dd71-611e-49c3-4292-e463a7e70092&zcluid=710512ea322a0daf&zdid=1332&google_error=15
Request Chain 81
  • https://646464xpj.oss-accelerate.aliyuncs.com/2.gif HTTP 301
  • https://xx4848.jjcclt.com/2.gif
Request Chain 82
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.1 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc= HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_error=15
Request Chain 83
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.2 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=be1716d1-54f3-4a21-b0cb-bc80c4a8a659
Request Chain 84
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.3 HTTP 307
  • https://pippio.com/api/sync?pid=5324&_=2
Request Chain 85
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.4 HTTP 307
  • https://rc.rlcdn.com/1000.gif?memo=CP6JFhoNCJi60LkGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=96c10df8a2176de8d0a5cbdb94dfeb2ba11bd010125eb67e67c61fc42c3c3f50791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=96c10df8a2176de8d0a5cbdb94dfeb2ba11bd010125eb67e67c61fc42c3c3f50791426b5417dce21&rand=07460146 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=96c10df8a2176de8d0a5cbdb94dfeb2ba11bd010125eb67e67c61fc42c3c3f50791426b5417dce21&rand=07460146&expected_cookie=5fae4b18-57cb-47cf-8e1e-3d9d6b872577
Request Chain 86
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.5 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e3c34895-91dc-4e2c-a0e5-0b49332071e3
Request Chain 87
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.6 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e3c34895-91dc-4e2c-a0e5-0b49332071e3
Request Chain 88
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568311.1 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_error=15
Request Chain 90
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568311.3 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=be1716d1-54f3-4a21-b0cb-bc80c4a8a659
Request Chain 92
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568311.5 HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3182313418842172804
Request Chain 93
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568311.6 HTTP 307
  • https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=56f80942dab190ea7eaf52f6114b429e7e832a21a3e4139db84206bbe712170ec0cb235b3774c97e&cb=07357081 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=56f80942dab190ea7eaf52f6114b429e7e832a21a3e4139db84206bbe712170ec0cb235b3774c97e&cb=07357081&dcc=t

98 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
1mav.cc/
Redirect Chain
  • https://1mav98.top/
  • https://1mav.cc/
78 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1mav.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1ea4857909cf8d06f75c34948b24c2e8c59f9eeea5c75cf0cc8b11a2587d22c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
age
33698
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=31536000, stale-if-error=1209600
cache-key
1mav:_2bc8a6d96e8:/
cf-cache-status
HIT
cf-ray
8e1bad4d8b2e2aa7-LAX
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 13 Nov 2024 03:29:21 GMT
expires
Sat, 11 Jan 2025 17:34:26 GMT
ghash
_2bc8a6d96e8
ipcountry
US
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IKLh2K7SWt88oattx8eLoTrLFiSywua8LqmPiJZL665Gc%2BXeo23VkvBuzD%2FaRCB%2B4jQn4j3jigbbi7r9%2F6kvUJzzxjBcF2z1nC7BDTCYpCpLz8RAxarDJse6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=70851&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4082&recv_bytes=4340&delivery_rate=41010&cwnd=12000&unsent_bytes=0&cid=fa5b06f6cd91e3d6&ts=120&x=1" cfHdrFlush;dur=0
t-ray
wslaif14
vary
Accept-Encoding
w-cache
HIT

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-ray
8e1bad4c2cd30924-LAX
content-length
0
date
Wed, 13 Nov 2024 03:29:21 GMT
location
https://1mav.cc/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5YySyEej4fURyo9OYr0yu24d4XyyKdK4arUEkDKmTADftaHt%2FSvSzNzJM%2BOnt8xzJ1wCmj2%2BWV%2BcZu7BfQDJVvMTKQhuNxg7NzQCBzAIhs5RNv22Su2yIqddQLS"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=70803&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4100&recv_bytes=4348&delivery_rate=44240&cwnd=12000&unsent_bytes=0&cid=a1ed6f79e445872d&ts=91&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
t.1mav.js
xewl.xyz/1mav/js/ 		767 KB
220 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xewl.xyz/1mav/js/t.1mav.js?30fbb5b366df1fafe1f
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.24.242 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a4f3b9e8bbc74953c9b160b0806edd5dd32de20bc2fb0ddd517d6adeb9ee3213

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"30fbb5b366dfd990083f1e4af0f862ae"
age
7626
x-cache
MISS TCP_MISS dirn:-2:-2
date
Wed, 13 Nov 2024 01:22:16 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 12 Nov 2024 10:47:53 GMT
cache-control
max-age=31536000
x-swift-cachetime
2584374
timing-allow-origin
*
via
ens-cache11.l2us3[0,0,200-0,H], ens-cache16.l2us3[2,0], ens-cache5.us18[3,4,200-0,M], ens-cache14.us18[7,0]
cf-ray
8e1af3238ca985e3-HKG
ali-swift-global-savetime
1731460936
x-swift-savetime
Wed, 13 Nov 2024 03:29:22 GMT
eagleid
2ff618a217314685620145304e
content-length
225058
server
Tengine
web.1mav.css
xewl.xyz/1mav/css/ 		711 KB
114 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xewl.xyz/1mav/css/web.1mav.css?cb4d2b0aa3857
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.24.242 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7d0a60227422353ea1f40efb5758ef984daa42205fd25e6c6f26aa5f11f23c39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"2cb4d2b0aa3857f9ea0fc2cf28c57c33"
age
166225
x-cache
MISS TCP_MISS dirn:-2:-2
date
Wed, 13 Nov 2024 03:29:22 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 11 Nov 2024 03:21:25 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
x-swift-cachetime
2592000
timing-allow-origin
*
via
ens-cache17.l2us3[62,62,200-0,M], ens-cache33.l2us3[63,0], ens-cache16.us18[66,66,200-0,M], ens-cache14.us18[71,0]
cf-ray
8e1bad50cf1d9c30-IAD
ali-swift-global-savetime
1731468562
x-swift-savetime
Wed, 13 Nov 2024 03:29:22 GMT
eagleid
2ff618a217314685620145300e
server
Tengine
placeholder.png
1mav.cc/static/images/ 		1 KB
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1mav.cc/static/images/placeholder.png?v=1
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a66cac0788d315c4909b62c9290287c0ff9db72ea53bed8754661ca423c2014

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66880df7-466"
age
10997
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fa2zVVTi2a0jq8XLiyU9X2P58PSTdvghDUgvKsMnQJVSF2ZipMiBeJH2zW41lMAysQ3Bq00d2WNXUQzI0u3BuhTggwZVA0cGeIUGdIcHxQKBSLY2%2BU0Ei%2FYc"}],"group":"cf-nel","max_age":604800}
expires
Thu, 12 Dec 2024 23:58:53 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=91394&sent=28&recv=19&lost=0&retrans=0&sent_bytes=21736&recv_bytes=5173&delivery_rate=92316&cwnd=21000&unsent_bytes=0&cid=fa5b06f6cd91e3d6&ts=286&x=1", cfHdrFlush;dur=0
date
Wed, 13 Nov 2024 03:29:21 GMT
content-type
image/png
last-modified
Fri, 05 Jul 2024 15:15:03 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e1bad4eac8c2aa7-LAX
server
cloudflare
b.css
xewl.xyz/1mav/css/ 		141 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xewl.xyz/1mav/css/b.css?82dc0780923a44ae484b51e82d6cb
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.24.242 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
36cf8c6a69a612b6d2a5b2db27cd2e354d5795caadf76182755dc8be509daa32

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"672a0fc3-23326"
age
604951
access-control-allow-methods
*
x-cache
MISS TCP_MISS dirn:-2:-2
date
Wed, 06 Nov 2024 03:26:51 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 12:29:55 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-if-error=7200
x-swift-cachetime
1987049
timing-allow-origin
*
access-control-allow-credentials
true
via
ens-cache10.l2us3[0,2,200-0,H], ens-cache17.l2us3[3,0], ens-cache14.us18[6,14,200-0,M], ens-cache14.us18[13,0]
cf-ray
8de1fc05699bc599-IAD
ali-swift-global-savetime
1730863611
x-swift-savetime
Wed, 13 Nov 2024 03:29:22 GMT
access-control-allow-origin
*
eagleid
2ff618a217314685620145306e
content-length
28715
server
Tengine
js
www.googletagmanager.com/gtag/ 		322 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0WWEJ6KBYJ
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
974f78ab5653a3543fdb60b7a5b129e763b76e1c0afc98af7e5390cad8fe2327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 13 Nov 2024 03:29:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 03:29:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109438
x-xss-protection
0
server
Google Tag Manager
jquery.js
hongosi.xn--b0tp7pc6a827b.cc/ 		252 B
630 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hongosi.xn--b0tp7pc6a827b.cc/jquery.js
Requested by
Host: xewl.xyz
URL: https://xewl.xyz/1mav/js/t.1mav.js?30fbb5b366df1fafe1f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.182.31 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
nginx /
Resource Hash
6a611b07812e26a4cf071555354dc13586a100c29dac1c0b93d70dea23155279

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Cache-Control
max-age=43200
X-NWS-LOG-UUID
10683507063242341610
Etag
"673375f0-fc"
Connection
keep-alive
Expires
Wed, 13 Nov 2024 13:02:46 GMT
Accept-Ranges
bytes
Content-Length
252
Date
Wed, 13 Nov 2024 01:02:46 GMT
X-Cache-Lookup
Cache Hit
Last-Modified
Tue, 12 Nov 2024 15:36:16 GMT
Content-Type
application/javascript
Server
nginx
info
1mav.cc/app/user/ 		217 B
997 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://1mav.cc/app/user/info?reactive=true
Requested by
Host: xewl.xyz
URL: https://xewl.xyz/1mav/js/t.1mav.js?30fbb5b366df1fafe1f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b9e1657bcd870320fd4ba5062cac29539f248c768b06fa5f06abc084d80b1b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://1mav.cc/

Response headers

ghash
_2bc8a6d96e8
cf-cache-status
DYNAMIC
t-ray
wslaif14
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OxcKpxcpzC6egV5%2BHMfwkPTKJcD2OYOTjZO4t8vCQ4qmPlrf%2BN8d7eNlDfSqL6OFGjNyfVYq1q3mY39kh57MpsUF96NWOk3NgGesXItItb7Lgeh3zHmUZnsx"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
POST, GET, OPTIONS, GET,HEAD,OPTIONS
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=91256&sent=30&recv=21&lost=0&retrans=0&sent_bytes=22553&recv_bytes=5534&delivery_rate=6878&cwnd=21000&unsent_bytes=0&cid=fa5b06f6cd91e3d6&ts=1113&x=1", cfHdrFlush;dur=0
date
Wed, 13 Nov 2024 03:29:22 GMT
content-type
text/html; charset=UTF-8
access-control-allow-headers
x-requested-with,content-type,Authorization,token,app-lang,uuid,version
cache-control
public, max-age=31536000, stale-if-error=1209600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
True
cf-ray
8e1bad53bbb32aa7-LAX
access-control-allow-origin
*, *
x-ray
wslaif14-7a86a5738398429e9a47f1b94b4e21f2
server
cloudflare
icons.woff2
xewl.xyz/static/css/themes/default/assets/fonts/ 		39 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://xewl.xyz/static/css/themes/default/assets/fonts/icons.woff2?aw1
Requested by
Host: xewl.xyz
URL: https://xewl.xyz/1mav/css/web.1mav.css?cb4d2b0aa3857
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.24.242 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://1mav.cc
Referer
https://xewl.xyz/1mav/css/web.1mav.css?cb4d2b0aa3857

Response headers

cf-cache-status
HIT
etag
"665a8750-9cd4"
age
1752973
access-control-allow-methods
*
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
date
Wed, 23 Oct 2024 20:33:09 GMT
content-type
font/woff2
last-modified
Sat, 01 Jun 2024 02:28:32 GMT
cache-control
public, max-age=31536000, stale-if-error=7200
x-swift-cachetime
2422521
timing-allow-origin
*
access-control-allow-credentials
true
via
ens-cache6.l2us3[0,7,200-0,H], ens-cache29.l2us3[10,0], ens-cache4.us18[0,0,200-0,H], ens-cache16.us18[1,0]
cf-ray
8d7480211ed681bd-IAD
ali-swift-global-savetime
1729715589
x-swift-savetime
Fri, 25 Oct 2024 19:37:48 GMT
accept-ranges
bytes
access-control-allow-origin
*
eagleid
2ff618a417314685628951294e
content-length
40148
server
Tengine
b.1mav.js
xewl.xyz/1mav/js/ 		324 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xewl.xyz/1mav/js/b.1mav.js?ce541eadfd85189755dfc4
Requested by
Host: xewl.xyz
URL: https://xewl.xyz/1mav/js/t.1mav.js?30fbb5b366df1fafe1f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.24.242 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
50b13f6743b142be52c3b632565a06cb851b5e2cb586332009986c140a679d38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"2ce541eadfd85189755dfc41f2b33d63"
age
7615
x-cache
MISS TCP_MISS dirn:-2:-2
date
Wed, 13 Nov 2024 01:22:26 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding, Accept-Encoding
last-modified
Tue, 12 Nov 2024 17:06:11 GMT
cache-control
max-age=31536000
x-swift-cachetime
2584385
timing-allow-origin
*
via
ens-cache34.l2us3[0,0,200-0,H], ens-cache30.l2us3[1,0], ens-cache5.us18[2,2,200-0,M], ens-cache14.us18[4,0]
cf-ray
8e1af3667eaeddc6-HKG
ali-swift-global-savetime
1731460947
x-swift-savetime
Wed, 13 Nov 2024 03:29:22 GMT
eagleid
2ff618a217314685627191952e
content-length
87276
server
Tengine
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

x-request-id
67340746
content-encoding
br
etag
"-375139978"
x-cdn-pop
bhs
x-cacheable
Matched cache
accept-ranges
bytes
x-cdn-pop-ip
137.74.122.0/26
content-length
4364
date
Wed, 13 Nov 2024 03:27:02 GMT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
content-type
text/javascript
1960x80.gif
768guanggaot.oss-cn-hangzhou.aliyuncs.com/ 		197 KB
198 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://768guanggaot.oss-cn-hangzhou.aliyuncs.com/1960x80.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.178.60.162 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c8c41978318135faaf588755a3899a3400f071d817b2d4f59c2f9eb6b4fe16cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Content-MD5
xsVKfuFcB74442E/POh4PQ==
x-oss-storage-class
Standard
ETag
"C6C54A7EE15C07BE38E3613F3CE8783D"
x-oss-object-type
Normal
Date
Wed, 13 Nov 2024 03:29:23 GMT
x-oss-server-time
3
Content-Disposition
attachment
Content-Type
image/gif
Last-Modified
Sun, 05 May 2024 06:09:13 GMT
x-oss-ec
0048-00000105
x-oss-hash-crc64ecma
7084945504932346765
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
201726
x-oss-request-id
67341D13AF96A13438776E91
x-oss-force-download
true
Server
AliyunOSS
xpj.gif
xx4848.jjcclt.com/
Redirect Chain
  • https://xpj46-xz.oss-accelerate.aliyuncs.com/xpj.gif
  • https://xx4848.jjcclt.com/xpj.gif
300 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx4848.jjcclt.com/xpj.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
203.107.47.192 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
NgxFence /
Resource Hash
410aa2b421123bb3e712216283a7f169b6d6e53307e2d93d74a6c03c97207a85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2592000
etag
"6610fb18-4b083"
expires
Mon, 16 Sep 2024 13:01:05 GMT
accept-ranges
bytes
x-cache
HIT
content-length
307331
date
Wed, 13 Nov 2024 03:29:25 GMT
content-type
image/gif
last-modified
Sat, 06 Apr 2024 07:34:48 GMT
server
NgxFence

Redirect headers

Location
https://xx4848.jjcclt.com/xpj.gif
Content-Length
0
x-oss-request-id
67341D14797B2A29D5D1D051
Date
Wed, 13 Nov 2024 03:29:24 GMT
Server
AliyunOSS
Connection
keep-alive
1.gif
xx4848.jjcclt.com/
Redirect Chain
  • https://5454ylylgh.oss-accelerate.aliyuncs.com/1.gif
  • https://xx4848.jjcclt.com/1.gif
615 KB
616 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx4848.jjcclt.com/1.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
203.107.47.192 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
NgxFence /
Resource Hash
4a8992f56d246e47398f2e8cf9857c26f04ae9f305ff49788d1da34088bcb6f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2592000
etag
"66f131d4-99c89"
expires
Wed, 23 Oct 2024 09:16:47 GMT
accept-ranges
bytes
x-cache
HIT
content-length
629897
date
Wed, 13 Nov 2024 03:29:25 GMT
content-type
image/gif
last-modified
Mon, 23 Sep 2024 09:16:04 GMT
server
NgxFence

Redirect headers

Location
http://xx4848.jjcclt.com/1.gif
Content-Length
0
x-oss-request-id
67341D138BE59F813566675E
Date
Wed, 13 Nov 2024 03:29:23 GMT
Server
AliyunOSS
Connection
keep-alive
5845.gif
xx4848.jjcclt.com/
Redirect Chain
  • https://5845-xxpp.oss-accelerate.aliyuncs.com/5845.gif
  • https://xx4848.jjcclt.com/5845.gif
465 KB
466 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx4848.jjcclt.com/5845.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
203.107.47.192 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
NgxFence /
Resource Hash
4cae409bb456a7e01557fb38a9e2490535d48158d0f6a5daf24fa2dd3de13646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2592000
etag
"66f13bd2-744ab"
expires
Wed, 23 Oct 2024 09:59:34 GMT
accept-ranges
bytes
x-cache
HIT
content-length
476331
date
Wed, 13 Nov 2024 03:29:25 GMT
content-type
image/gif
last-modified
Mon, 23 Sep 2024 09:58:42 GMT
server
NgxFence

Redirect headers

Location
https://xx4848.jjcclt.com/5845.gif
Content-Length
0
x-oss-request-id
67341D13B8FACD202B7670EF
Date
Wed, 13 Nov 2024 03:29:23 GMT
Server
AliyunOSS
Connection
keep-alive
1329.gif
txdy-xxxx1329.oss-cn-beijing.aliyuncs.com/ 		0
0
80.gif
img88pg.img88391511.cc/8888/pg1101/ 		0
0
80.gif
img88ky.img00874478.cc/8888/xm/508/ 		0
0
jnc80.gif
img88.szapaqi.cn/8888/jnc/ 		717 KB
718 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img88.szapaqi.cn/8888/jnc/jnc80.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7600:1c:fa01:b800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b2fc68b321375f3d006bf2cb0b7838d1d7f9d6a767ac50f8f6adba3b32133150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

etag
"664dc89d-b334b"
age
2146053
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 07:21:43 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
emvhNVeOLIJvZdkyUZmPu5Got3j1S2OIPzTyoTFYFOCRJe8Xkfr3GA==
date
Sat, 19 Oct 2024 07:21:43 GMT
content-type
image/gif
last-modified
Wed, 22 May 2024 10:27:41 GMT
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
max-age=2592000
referrer-policy
strict-origin-when-cross-origin
via
1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
734027
x-xss-protection
1; mode=block
x-amz-cf-pop
EWR53-P1
server
nginx
ky96080a_new.gif
img3.tyqxzx.com/
Redirect Chain
  • https://gif.ssjljk.com/ky96080a_new.gif
  • https://img3.tyqxzx.com/ky96080a_new.gif
322 KB
323 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img3.tyqxzx.com/ky96080a_new.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
123.6.18.18 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
hn.kd.ny.adsl
Software
NgxFence /
Resource Hash
3e43b986ad551e7bdc1d07df228bfa76788961d81f4bf814956d0ca3a99669ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-md5
OkGD5YEjgUesxj7k0Sfaag==
x-oss-storage-class
Standard
etag
"3A4183E581238147ACC63EE4D127DA6A"
x-oss-object-type
Normal
x-cache
HIT
date
Wed, 13 Nov 2024 03:29:26 GMT
x-oss-server-time
6
content-disposition
attachment
content-type
image/gif
last-modified
Tue, 29 Oct 2024 10:16:54 GMT
x-oss-ec
0048-00000111
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-oss-hash-crc64ecma
6711693292216280587
accept-ranges
bytes
content-length
329620
x-oss-request-id
6720B70D81C2E13EAD566585
x-oss-force-download
true
server
NgxFence

Redirect headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
location
http://img3.tyqxzx.com/ky96080a_new.gif
content-length
0
date
Wed, 13 Nov 2024 03:29:24 GMT
content-type
text/html; charset=utf-8
x-cache
DYNAMIC
server
NgxFence
JS2XW7c7x4nfyo1yvP5jaBeXQ9Uhxu.gif
bpyyllqqj7.kmqianneng66.com/ 		231 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpyyllqqj7.kmqianneng66.com:9988/JS2XW7c7x4nfyo1yvP5jaBeXQ9Uhxu.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.0.133.121 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
openresty /
Resource Hash
c80d7badb5f81716f759b1091d8da8fef332379d859de82769f6f6d946c654f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=2592000
ETag
"66ed79fa-39daf"
Connection
keep-alive
Via
mycdn
Expires
Thu, 31 Oct 2024 06:46:10 GMT
Accept-Ranges
bytes
Content-Length
236975
Date
Wed, 13 Nov 2024 03:29:24 GMT
Content-Type
image/gif
Last-Modified
Fri, 20 Sep 2024 13:34:50 GMT
Server
openresty
CDN-Cache
HIT
362bff3977c919c19f00532c76c72498284bb42d.gif
images.1031.academy/i/2024/11/11/ 		392 KB
387 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1031.academy/i/2024/11/11/362bff3977c919c19f00532c76c72498284bb42d.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.104.32.60 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/onex /
Resource Hash
812f749bebf24708919bb1838993d3387cc44bfbab5bb298ce71049e117ecc9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"6731ccb2-6209f"
Connection
keep-alive
X-One-Cache
HIT
Date
Wed, 13 Nov 2024 03:29:24 GMT
Content-Type
image/gif
Last-Modified
Mon, 11 Nov 2024 09:21:54 GMT
Server
nginx/onex
Vary
Accept-Encoding
v2-c26316acdf7138cc40514fb1ebb4d1a3
picx.zhimg.com/
Redirect Chain
  • https://img.539355.com/images/660b84a1142a300952998e5e.gif
  • https://picx.zhimg.com/v2-c26316acdf7138cc40514fb1ebb4d1a3
47 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://picx.zhimg.com/v2-c26316acdf7138cc40514fb1ebb4d1a3
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
98.96.229.29 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
Byte-nginx / ImageX
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-request-ip
162.245.206.246
x-tt-logid
20241031102658B250CEB808FCC551369F
x-request-id
977bfc9f90df61078b61e3a1b7d2c2ed
x-bdcdn-cache-status
TCP_HIT
age
1126948
nw-session-id
20241031102658B250CEB808FCC551369Fnsqc403ff
server-timing
inner; dur=374
date
Wed, 13 Nov 2024 03:29:26 GMT
x-length
548532
content-type
image/webp
last-modified
Thu, 31 Oct 2024 02:26:58 GMT
x-tt-trace-host
01a309cab9549805b45dad4d6591911545ccb19ea70692261145f3ca69ca5aa65c13a2bf033887460b89037106cdeec83a3864fe6f98763db37e5280cb81ab03a358273a359d775c40d3ee45d1c97f204b177707ba48cd0d3b81f91e13716d894b586b4658a8e7bca764c6c36105d236288dc113680ba400606db3b301141f5f156c9cef88c99c8ad67a9f697d302b27b4fc21f0e403103cd5af5564c19cca1f8a
cache-control
max-age=31536000
nw-session-trace
2024-10-31T10:26:58.609537514+08:00 365
x-response-date
Thu, 31 Oct 2024 10:26:58 GMT
x-tt-trace-tag
id=5
via
cache02.oversea-US-MIA1
imagex-fmt
awebp2awebp
access-control-allow-origin
*
x-tt-trace-id
20241031102657bf936348f48d016CD1DB
content-length
548532
x-powered-by
ImageX
server
Byte-nginx
x-response-cinfo
162.245.206.246
x-response-cache
edge_hit

Redirect headers

cache-control
max-age=600
location
https://picx.zhimg.com/v2-c26316acdf7138cc40514fb1ebb4d1a3
content-length
0
referrer-policy
no-referrer
4d9c96_7c7212f3511e4ebb9a33319b957429b3~mv2.gif
static.wixstatic.com/media/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/4d9c96_7c7212f3511e4ebb9a33319b957429b3~mv2.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:d200:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.25.3.2 /
Resource Hash
b5a315d7e2a6996c7f8d996676fe4bca879f10d35c9a9390b7e7fc080570b0cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

access-control-expose-headers
Content-Length
etag
"6111dc0e5c6d64c05c716720dbd72e2b"
age
1710428
expires
Thu, 24 Oct 2024 09:22:16 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
FgvkIIWeUNwiCTkBjc9qrHao4k5g-DmU60qym06aI_eGGKW9WEkerA==
date
Thu, 24 Oct 2024 08:22:16 GMT
content-type
image/gif
last-modified
Thu, 24 Oct 2024 07:45:04 GMT
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
via
1.1 google, 1.1 9ff0b6c9de3fbfb51f9f14244e2651a4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-seen-by
gcp.us-central-1.media-router-56f88799f9-4s984
content-length
155249
x-amz-cf-pop
JFK52-P4
server
openresty/1.25.3.2
zepvuj.gif
cc777img.dqsldz.com/i/2024/10/28/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc777img.dqsldz.com/i/2024/10/28/zepvuj.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.223.9.120 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
59c406011b6bc0e40cf0ffd0121ae38b5034bb54d745a15e483c4c3abc306444

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

ETag
"671f946f-13623"
Age
1341684
nginx-hit
1
Expires
Wed, 27 Nov 2024 14:17:51 GMT
X-CCDN-REQ-ID-46B1
540e43eb4bf0142a7874cada6f4ed87a
Date
Wed, 13 Nov 2024 03:29:26 GMT
Content-Type
image/gif
Last-Modified
Mon, 28 Oct 2024 13:41:03 GMT
Vary
Accept-Encoding
Cache-Control
max-age=2592000
X-CCDN-Expires
1258299
Connection
keep-alive
x-hcs-proxy-type
1
via
CHN-ZJwenzhou-AREACT1-CACHE16[3],CHN-ZJwenzhou-AREACT1-CACHE44[0,TCP_HIT,0],CHN-SH-GLOBAL4-CACHE69[19],CHN-SH-GLOBAL4-CACHE54[0,TCP_HIT,15]
X-CCDN-CacheTTL
2592000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
79395
Server
openresty
KYKY960x80.gif
kysz.oss-cn-shenzhen.aliyuncs.com/kkykhk/ 		336 KB
337 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kysz.oss-cn-shenzhen.aliyuncs.com/kkykhk/KYKY960x80.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.78.115.72 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
0ac4ab90c2edc1de1a904b997c4d5df60990df149dc65e84e04bbf3918dd2c14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Content-MD5
iq9X0CEkE3Ov+V8MORkgUQ==
x-oss-storage-class
Standard
ETag
"8AAF57D021241373AFF95F0C39192051"
x-oss-object-type
Normal
Date
Wed, 13 Nov 2024 03:29:25 GMT
x-oss-server-time
3
Content-Disposition
attachment
Content-Type
image/gif
Last-Modified
Wed, 07 Feb 2024 14:40:15 GMT
x-oss-ec
0048-00000103
x-oss-hash-crc64ecma
8590035710478461481
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
344435
x-oss-request-id
67341D157C440B303683C8EA
x-oss-force-download
true
Server
AliyunOSS
zd4i70.gif
cc777img.dqsldz.com/i/2024/10/28/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc777img.dqsldz.com/i/2024/10/28/zd4i70.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.223.9.120 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
2426d7c7f0b4642d2ff76822c538917cca6b4dc26aee76e52b6ddfca5442f90b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

ETag
"671f93dc-16f56"
Age
1344932
nginx-hit
1
Expires
Wed, 27 Nov 2024 13:46:19 GMT
X-CCDN-REQ-ID-46B1
628b4f333fde706b412487f6c306ca7e
Date
Wed, 13 Nov 2024 03:29:26 GMT
Content-Type
image/gif
Last-Modified
Mon, 28 Oct 2024 13:38:36 GMT
Vary
Accept-Encoding
Cache-Control
max-age=2592000
X-CCDN-Expires
1249156
Connection
keep-alive
x-hcs-proxy-type
1
via
CHN-ZJwenzhou-AREACT1-CACHE60[2],CHN-ZJwenzhou-AREACT1-CACHE53[0,TCP_HIT,0],CHN-SH-GLOBAL4-CACHE155[3],CHN-SH-GLOBAL4-CACHE5[0,TCP_HIT,0]
X-CCDN-CacheTTL
2592000
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
94038
Server
openresty
2.gif
xx4848.jjcclt.com/
Redirect Chain
  • https://646464xpj.oss-accelerate.aliyuncs.com/2.gif
  • https://xx4848.jjcclt.com/2.gif
324 KB
324 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx4848.jjcclt.com/2.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
203.107.47.192 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
NgxFence /
Resource Hash
9b1b7922ad169978b544306d16430f4b11a60ba9d00081d32c33533b9b008c7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=2592000
etag
"66445843-50f6f"
expires
Wed, 16 Oct 2024 08:08:06 GMT
accept-ranges
bytes
x-cache
HIT
content-length
331631
date
Wed, 13 Nov 2024 03:29:28 GMT
content-type
image/gif
last-modified
Wed, 15 May 2024 06:37:55 GMT
server
NgxFence

Redirect headers

Location
https://xx4848.jjcclt.com/2.gif
Content-Length
0
x-oss-request-id
67341D174C216D8BCBD52B0F
Date
Wed, 13 Nov 2024 03:29:27 GMT
Server
AliyunOSS
Connection
keep-alive
5_505_259.webp
timg190.top/videos/9124b17f0b7bec1736ad41829e76a655348f9fb8/cover/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timg190.top/videos/9124b17f0b7bec1736ad41829e76a655348f9fb8/cover/5_505_259.webp?ih=1
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b467ed69dbe8aa8aa035884cbe58f8e3bc5f2a23c2583011452a5eb206d9754c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cf-cache-status
HIT
etag
"0954251aba96610f733a794c688693b8"
age
61663
x-referer
no
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rfp3w%2BoLv%2Bq%2FU%2B9kKaTHDxp2sqHov3yaiwL56K2kK7SNzSiHnw7t8stiDvyHIjSuFxP786XZyD4Ek1stJvGYIvL6QKcEsfOiSpbsClqDOVnsUnW6vBQpfmng2x%2BvXJcjSgk8"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-amz-meta-mtime
1731395920.636295935
server-timing
cfL4;desc="?proto=TCP&rtt=1089&sent=895&recv=888&lost=0&retrans=1&sent_bytes=655367&recv_bytes=126254&delivery_rate=2868369&cwnd=256&unsent_bytes=0&cid=3a6a987eb317740f&ts=135875&x=0"
date
Wed, 13 Nov 2024 03:29:27 GMT
content-type
image/webp
vary
Origin, Accept-Encoding
last-modified
Tue, 12 Nov 2024 07:18:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
block-all-mixed-content
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
1807314EF86FF0B2
t-cache
MISS
x-amz-meta-erid
13
accept-ranges
bytes
content-length
22544
x-xss-protection
1; mode=block
cf-ray
8e1bad73a8781036-LAX
server
cloudflare
5_505_259.webp
timg190.top/videos/e9c0e786bf492e15d8e52830daf045c409a1dc33/cover/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timg190.top/videos/e9c0e786bf492e15d8e52830daf045c409a1dc33/cover/5_505_259.webp?ih=1
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d37875797a4f82170205894a71eb36b44d6084aed9101934f64ae1319cd9ab7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cf-cache-status
HIT
etag
"aee6d0bac6979d2774496c18b7e6f6c5"
age
75921
x-referer
no
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D3MxBs1ZFgswXKNZEy8XQlRQC1wEJFJdfd6BQQVqwwYjuhpIfC4SheLplg58PZpUGMdc2%2FjD0X4BfL0RC3N16omuNiHPpmsqwRQAy%2BNbFtkyE3Ga%2B79jcvNy78LDyjyXAMZW"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-amz-meta-mtime
1731388716.397691257
server-timing
cfL4;desc="?proto=TCP&rtt=1112&sent=1460&recv=1458&lost=0&retrans=2&sent_bytes=1082922&recv_bytes=210999&delivery_rate=2749529&cwnd=256&unsent_bytes=0&cid=2105abe2522f0463&ts=45787&x=0"
date
Wed, 13 Nov 2024 03:29:27 GMT
content-type
image/webp
last-modified
Tue, 12 Nov 2024 05:18:37 GMT
vary
Origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
block-all-mixed-content
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
180724701F3BE388
t-cache
MISS
x-amz-meta-erid
52
accept-ranges
bytes
content-length
30974
x-xss-protection
1; mode=block
cf-ray
8e1bad73a8871036-LAX
server
cloudflare
5_505_259.webp
timg190.top/videos/4b3ba8e833fb8f15e197b11d34fdbfc8f1129ed5/cover/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timg190.top/videos/4b3ba8e833fb8f15e197b11d34fdbfc8f1129ed5/cover/5_505_259.webp?ih=1
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f9a3c63224546369e77d37850eeee9fa0d56e4465f9269cc81d5e79b9f091b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cf-cache-status
HIT
etag
"fae3af4749bb6729fa80c12ec204e38c"
age
82639
x-referer
no
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9PkAyGF3PKIbfb2JsY0SmO8oBqk2Szc67yKKVrea3TbrqaHYYUrYjrQU1cdjMzVjCeVRlUNkLHJiWkJol5OdmyjGNlJLUh77b5bfzXAoRCccSeSt173ahgNAnOitHZWe5ZOU"}],"group":"cf-nel","max_age":604800}
x-amz-meta-mtime
1731385112.15241237
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=1474&sent=1539&recv=1528&lost=0&retrans=1&sent_bytes=1147605&recv_bytes=220583&delivery_rate=10100628&cwnd=256&unsent_bytes=0&cid=8fa7446bfbf08d42&ts=153873&x=0"
date
Wed, 13 Nov 2024 03:29:27 GMT
content-type
image/webp
vary
Origin, Accept-Encoding
last-modified
Tue, 12 Nov 2024 04:18:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
block-all-mixed-content
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
18071E541C4257EE
t-cache
MISS
x-amz-meta-erid
1
accept-ranges
bytes
content-length
27540
x-xss-protection
1; mode=block
cf-ray
8e1bad73a87c1036-LAX
server
cloudflare
5_505_259.webp
timg190.top/videos/52782cabc48fe203320a5b649ef1d2614f57570a/cover/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://timg190.top/videos/52782cabc48fe203320a5b649ef1d2614f57570a/cover/5_505_259.webp?ih=1
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:159d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11f3d7093daaa39c3f289eded330c5c09dce203952ef669eff37e17d82f49074
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cf-cache-status
HIT
etag
"2717f164139acfade295fe04afd87f3c"
age
82508
x-referer
no
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0eNlyWudgYVcKIWacejgrzcefFuGFId3P5EGdIUvGW1SRVuiZmIK9KqO3Q4lvUd0hYntIK9VSbbOqPq40K8TVW1NV0HmQhcN0G0OHppI04Ej2It4K8cEHMPL8kv8Jm5%2FKl8D"}],"group":"cf-nel","max_age":604800}
x-amz-meta-mtime
1731385107.620321163
x-content-type-options
nosniff
server-timing
cfL4;desc="?proto=TCP&rtt=1143&sent=123&recv=125&lost=0&retrans=0&sent_bytes=90742&recv_bytes=17926&delivery_rate=2588652&cwnd=256&unsent_bytes=0&cid=5d6bda616a2744e2&ts=5144&x=0"
date
Wed, 13 Nov 2024 03:29:27 GMT
content-type
image/webp
last-modified
Tue, 12 Nov 2024 04:18:29 GMT
vary
Origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
block-all-mixed-content
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=31536000
x-amz-request-id
18071E7297FD4AD0
t-cache
MISS
x-amz-meta-erid
0
accept-ranges
bytes
content-length
25700
x-xss-protection
1; mode=block
cf-ray
8e1bad73a8811036-LAX
server
cloudflare
anyalytics
1mav.cc/ Frame 950F 		699 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1mav.cc/anyalytics?v=_0f4d82b07b4
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.159.154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7246ae006f0a9d9c098ca6ee2e9827f9c144493ef67e3f1d52925cb8b3e0169c

Request headers

Referer
https://1mav.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
8993
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
cf-cache-status
HIT
cf-ray
8e1bad55be7c2aa7-LAX
content-encoding
zstd
content-type
text/html
date
Wed, 13 Nov 2024 03:29:22 GMT
f
opr
last-modified
Tue, 12 Nov 2024 23:58:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJN0Q%2BG9iU%2BLGRf2BHvFQVHAcsi9yVc5W6PgVt56anB8X9MvIgClLOW5%2FvaOiwpFyTMpRtXCSHH7mBdCw5mMVhMRK1DZs%2F3wRf%2Fzli8%2F4tOunInzIgkUijPA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=93151&sent=32&recv=23&lost=0&retrans=0&sent_bytes=23597&recv_bytes=6017&delivery_rate=7761&cwnd=21000&unsent_bytes=0&cid=fa5b06f6cd91e3d6&ts=1418&x=1" cfHdrFlush;dur=0
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		222 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-145955828-3&l=dataLayer&cx=c&gtm=45je4b70v9186904304za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0WWEJ6KBYJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b13239e5718d92f27676db38d562be8156d2f2ada9ea0327af2225380038457d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 13 Nov 2024 03:29:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 03:29:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81073
x-xss-protection
0
server
Google Tag Manager
js15_as.js
s10.histats.com/ Frame 950F 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 1mav.cc
URL: https://1mav.cc/anyalytics?v=_0f4d82b07b4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

x-request-id
67340746
content-encoding
br
etag
"-375139978"
x-cdn-pop
bhs
x-cacheable
Matched cache
accept-ranges
bytes
x-cdn-pop-ip
137.74.122.0/26
content-length
4364
date
Wed, 13 Nov 2024 03:27:02 GMT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
content-type
text/javascript
js
www.googletagmanager.com/gtag/ 		273 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-H877EXKX7Z&l=dataLayer&cx=c&gtm=457e4b70za200zb9186904304
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145955828-3&l=dataLayer&cx=c&gtm=45je4b70v9186904304za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
492320772d378aa654eadeed2fd8d0f5329c5727b5bb789d260bdfd44c252f73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 13 Nov 2024 03:29:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 03:29:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97833
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145955828-3&l=dataLayer&cx=c&gtm=45je4b70v9186904304za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-encoding
gzip
age
837
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 05:15:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 03:15:30 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
4373586.php
s4.histats.com/stats/ 		376 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4373586.php?4373586&@f16&@g1&@h1&@i1&@j1731468563131&@k0&@l1&@m%E6%96%B0%E5%9E%8B%E7%9A%84%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%2C%E6%97%A5%E6%9C%ACAV%2C%E5%9B%BD%E4%BA%A7%E8%87%AA%E6%8B%8D%20-%201MAV&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1600&@b1:189148454&@b3:1731468563&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2F1mav.cc%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534296.ip-149-56-240.net
Software
/
Resource Hash
892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Content-Length
376
Date
Wed, 13 Nov 2024 03:29:27 GMT
Content-Type
text/html;charset=UTF-8
Connection
close
4089347.php
s4.histats.com/stats/ Frame 950F 		382 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1731468563134&@k0&@l1&@m&@n0&@ohttps%3A%2F%2F1mav.cc%2F&@q0&@r0&@s100&@ten-US&@u1600&@b1:-131981272&@b3:1731468563&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2F1mav.cc%2Fanyalytics%3Fv%3D_0f4d82b07b4&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534296.ip-149-56-240.net
Software
/
Resource Hash
881352a0c6a3e3d0190b2283987cd4cb421c5d75582114289a08a7cb63d1cba4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Content-Length
382
Date
Wed, 13 Nov 2024 03:29:23 GMT
Content-Type
text/html;charset=UTF-8
Connection
close
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-H877EXKX7Z&gtm=45je4b70v9127552525za200&_p=1731468562663&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077855&cid=1980478702.1731468563&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1731468563&sct=1&seg=0&dl=https%3A%2F%2F1mav.cc%2F&dt=%E6%96%B0%E5%9E%8B%E7%9A%84%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%2C%E6%97%A5%E6%9C%ACAV%2C%E5%9B%BD%E4%BA%A7%E8%87%AA%E6%8B%8D%20-%201MAV&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2175
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H877EXKX7Z&l=dataLayer&cx=c&gtm=457e4b70za200zb9186904304
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://1mav.cc
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 03:29:23 GMT
content-type
text/plain
server
Golfe2
b5d29834fa538d15ac22fff5dce545595522faa2.gif
images.1031.academy/i/2024/11/11/ 		226 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1031.academy/i/2024/11/11/b5d29834fa538d15ac22fff5dce545595522faa2.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.104.32.60 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/onex /
Resource Hash
9ceb2ce2e291025e6cc0a4ba6bc5611f04da3edc68655d1c4c1244af5ed99de4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
ETag
W/"6731ccbc-3893f"
Connection
keep-alive
X-One-Cache
HIT
Date
Wed, 13 Nov 2024 03:29:24 GMT
Content-Type
image/gif
Last-Modified
Mon, 11 Nov 2024 09:22:04 GMT
Server
nginx/onex
Vary
Accept-Encoding
cc_100.js
s10.histats.com/counters/ Frame 950F 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_100.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
a6ad9f25b0c8652c06dd9d27c79ee44ae5b14a9bc3332e2d38b34a2cf3f580d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

x-request-id
220103669
content-encoding
br
etag
"1473736416"
x-cdn-pop
bhs
x-cacheable
Matched cache
accept-ranges
bytes
x-cdn-pop-ip
137.74.122.0/26
content-length
7662
date
Wed, 13 Nov 2024 03:28:26 GMT
last-modified
Thu, 16 Apr 2020 10:44:22 GMT
content-type
text/javascript
/
e.dtscout.com/e/ Frame 950F 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2Fanyalytics%3Fv%3D_0f4d82b07b4&j=https%3A%2F%2F1mav.cc%2F
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4089347.php?4089347&@f16&@g1&@h1&@i1&@j1731468563134&@k0&@l1&@m&@n0&@ohttps%3A%2F%2F1mav.cc%2F&@q0&@r0&@s100&@ten-US&@u1600&@b1:-131981272&@b3:1731468563&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2F1mav.cc%2Fanyalytics%3Fv%3D_0f4d82b07b4&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ed1c5f2088e2afab47ad2653f28212403ee6e9a3dafee365bd046e6f50b58fa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8QsZSenIyWkbTb3RTHN8Qv%2BS79g41sL2ZHWrh7fd8ErZ4q%2FAc1jnhTcw%2FZYdoHoQ2Mfyh%2FWig0hsa9Qoq3pQa9Dq05w7Kd6MluMBtXX40d6jIHM7oNEyh8UXNm%2FACzxbPjIVWFv62118N0Y%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.265
cf-ray
8e1bad5c1b34e661-DEN
expires
Wed, 13 Nov 2024 03:29:22 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=120950&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3980&recv_bytes=2228&delivery_rate=32137&cwnd=33&unsent_bytes=0&cid=582326fb5e26be75&ts=235&x=0"
date
Wed, 13 Nov 2024 03:29:23 GMT
content-type
application/javascript
x-s
mtl2
server
cloudflare
push.js
zz.bdstatic.com/linksubmit/ 		308 B
563 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zz.bdstatic.com/linksubmit/push.js
Requested by
Host: xewl.xyz
URL: https://xewl.xyz/1mav/js/t.1mav.js?30fbb5b366df1fafe1f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
58.254.150.48 Guangzhou, China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

tracecode
18771134430253925130111212
cache-control
max-age=86400
content-encoding
br
etag
"66ecb9b9-134"
age
70785
ohc-cache-hit
gz3un51 [2], zhuzuncache63 [2]
accept-ranges
bytes
ohc-global-saved-time
Tue, 12 Nov 2024 04:31:17 GMT
date
Wed, 13 Nov 2024 03:29:28 GMT
content-type
application/x-javascript
last-modified
Thu, 19 Sep 2024 23:54:33 GMT
server
JSP3/2.0.14
ohc-response-time
1 0 0 0 0 0
truncated
/ Frame 950F 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
598e98c808eb1447c57f0165047c4b19b5eaae1d7d036adf528a09669c42da0c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
65ca75ad79ad299bfc209b3f7daeab49.gif
lan.trans711.top/ 		398 KB
395 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lan.trans711.top/65ca75ad79ad299bfc209b3f7daeab49.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.99.67.51 Aachen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.51.67.99.88.clients.your-server.de
Software
cloudflare /
Resource Hash
fb5876c39fa59a4bb89683896804647c2fd9d25e58d528bbadba075a03a533c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"66efb525-63780"
age
4677
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jnTELWtbhIPnBCqcn7NEiyivjepm5AYgSK3AWquj4SMi2xVPRqCnNOMsXITDkgS%2Fkws9uN4wRam8QhpWBMIv44e6U6JkXDKg%2FV1Hhtzc4y9mm6JWQFkc5s7kGiRDTi2zKdNFIXsg8GE%2FixiPYg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Mon, 09 Dec 2024 05:38:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server-timing
cfL4;desc="?proto=TCP&rtt=5337&sent=5&recv=6&lost=0&retrans=0&sent_bytes=3097&recv_bytes=798&delivery_rate=752512&cwnd=252&unsent_bytes=0&cid=98e085054049c92d&ts=19&x=0"
x-cache
HIT, server, disk
date
Sat, 09 Nov 2024 06:56:34 GMT
content-type
image/gif
last-modified
Sat, 09 Nov 2024 06:56:35 GMT
vary
Accept-Encoding
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8dfbe759f9f79226-FRA
server
cloudflare
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?2846cf6c2be594808103eb137368b82f
Requested by
Host: hongosi.xn--b0tp7pc6a827b.cc
URL: https://hongosi.xn--b0tp7pc6a827b.cc/jquery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
09b2b0ed63fb9bec21017e5a65ef53b36c80927141b2336bedd50def31a3a65b
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
max-age=0, must-revalidate
Content-Encoding
gzip
Etag
b0eaa326d6edff52444a7717d902881c
Content-Length
11292
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Wed, 13 Nov 2024 03:29:28 GMT
Content-Type
application/javascript
Server
apache
/
t.dtscout.com/idg/ Frame 2658 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=1040173146856351791A465A947147DD
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2Fanyalytics%3Fv%3D_0f4d82b07b4&j=https%3A%2F%2F1mav.cc%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://1mav.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8e1bad5eec137c28-DEN
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Nov 2024 03:29:24 GMT
expires
Wed, 13 Nov 2024 03:29:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zaGbEOTv0l7%2F1s%2BYy9u07mVBt%2BFA7DbDubUsv%2BbLgj1c1dReJ0z4sv0JjP8pU7niJj3QQmEH3jGiY27%2FZT8NgB2vBAtPGYZ7WMrLhkJI3HC50j9mCfYHyn%2F9TJ70AGcReD2YMRJ650RtmpE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=102356&sent=6&recv=11&lost=0&retrans=0&sent_bytes=3980&recv_bytes=2423&delivery_rate=37977&cwnd=34&unsent_bytes=0&cid=e88455043fd986e6&ts=246&x=0"
vary
accept-encoding
t.dhj
pxdrop.lijit.com/1/d/ Frame 950F 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=1mav.cc&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2Fanyalytics%3Fv%3D_0f4d82b07b4&j=https%3A%2F%2F1mav.cc%2F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.181 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
537ea11b1d430598014c3a5b94061316a45de4d1c55c883823a521bd5ea3879c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
Connection
keep-alive
X-Content-Type-Options
nosniff
Expires
Wed, 13 Nov 2024 04:29:24 GMT
Content-Length
1398
Date
Wed, 13 Nov 2024 03:29:24 GMT
Content-Type
text/javascript
afwu.js
cdn.tynt.com/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2Fanyalytics%3Fv%3D_0f4d82b07b4&j=https%3A%2F%2F1mav.cc%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"651ed18d-4c00"
age
152022
cf-ray
8e1bad753ab52b8e-LAX
expires
Sat, 16 Nov 2024 03:29:27 GMT
date
Wed, 13 Nov 2024 03:29:27 GMT
content-type
application/javascript
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
vary
Accept-Encoding
server
cloudflare
/
t.dtscout.com/pv/ Frame 950F 		51 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=1mav.cc&_ss=4rvy4x8qlv&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=iu3h&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2Fanyalytics%3Fv%3D_0f4d82b07b4&j=https%3A%2F%2F1mav.cc%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8e1659422f3ba38e75798f4c28fc12553ff404dcc0772d11e2c4323cb2ae06a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

x-c
0
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnrYNwmIwgeO82P%2FEb7hdebov6WrwSVNkb6NMgMeJhKTYGCAZq59vEY43N2MIiAXna2xHa3vw5iuuTMqTB173LAdPdvQzMGvFK64lGNBrghjOFa7wnWo11I%2BmbA1oKxWXDXB%2Fzf2nsAVrX0%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.169
cf-ray
8e1bad5d9839e661-DEN
expires
Wed, 13 Nov 2024 03:29:23 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=120968&sent=14&recv=14&lost=0&retrans=0&sent_bytes=8178&recv_bytes=2436&delivery_rate=33678&cwnd=36&unsent_bytes=0&cid=582326fb5e26be75&ts=475&x=0"
date
Wed, 13 Nov 2024 03:29:24 GMT
content-type
application/javascript
server
cloudflare
jnc80.gif
img88.szapaqi.cn/8888/jnc/ 		717 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img88.szapaqi.cn/8888/jnc/jnc80.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:7600:1c:fa01:b800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b2fc68b321375f3d006bf2cb0b7838d1d7f9d6a767ac50f8f6adba3b32133150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

etag
"664dc89d-b334b"
age
2146053
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 07:21:43 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
emvhNVeOLIJvZdkyUZmPu5Got3j1S2OIPzTyoTFYFOCRJe8Xkfr3GA==
date
Sat, 19 Oct 2024 07:21:43 GMT
content-type
image/gif
last-modified
Wed, 22 May 2024 10:27:41 GMT
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
cache-control
max-age=2592000
referrer-policy
strict-origin-when-cross-origin
via
1.1 35c803afef083002d824403342d4c62e.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
734027
x-xss-protection
1; mode=block
x-amz-cf-pop
EWR53-P1
server
nginx
1960x80.gif
768guanggaot.oss-cn-hangzhou.aliyuncs.com/ 		197 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://768guanggaot.oss-cn-hangzhou.aliyuncs.com/1960x80.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.178.60.162 Hangzhou, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c8c41978318135faaf588755a3899a3400f071d817b2d4f59c2f9eb6b4fe16cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Content-MD5
xsVKfuFcB74442E/POh4PQ==
x-oss-storage-class
Standard
ETag
"C6C54A7EE15C07BE38E3613F3CE8783D"
x-oss-object-type
Normal
Date
Wed, 13 Nov 2024 03:29:23 GMT
x-oss-server-time
3
Content-Disposition
attachment
Content-Type
image/gif
Last-Modified
Sun, 05 May 2024 06:09:13 GMT
x-oss-ec
0048-00000105
x-oss-hash-crc64ecma
7084945504932346765
Accept-Ranges
bytes
Content-Length
201726
x-oss-request-id
67341D13AF96A13438776E91
x-oss-force-download
true
Server
AliyunOSS
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ Frame 950F 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2Fanyalytics%3Fv%3D_0f4d82b07b4&j=https%3A%2F%2F1mav.cc%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3029a59a3eb78e1675c02962b4c2efa72c770b73c3336f95f14b4c73b7465397

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2afd7a7856345176e1c9c378191ae043"
age
73218
via
1.1 0afec277ba3e75e96fa6b4c76d8e130c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Ay3astAc8elxZqdBA8Nb5vxMVomQywgY_jxB8zhaxiVwte62CCHjjg==
date
Tue, 12 Nov 2024 07:09:07 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 17:49:20 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
/
t.dtscdn.com/widget/ Frame 950F 		0
738 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=1040173146856351791A465A947147DD&nid=300&p=2114454483&t=600&s=1600x1200x24&u=https%3A%2F%2F1mav.cc%2Fanyalytics%3Fv%3D_0f4d82b07b4&r=https%3A%2F%2F1mav.cc%2F
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2Fanyalytics%3Fv%3D_0f4d82b07b4&j=https%3A%2F%2F1mav.cc%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tJkAHsffYJHYhS3N4omMU1l4B7GZN8dcCnF3d8zt7qDoW3xKWZNFtS6MKm8R8IvTFkrJwT%2FaX%2FwvDewAVt1sPAIii63WpM7r9zVWxjN2fjOk3ddvFfeMipDqYTlVnyE2dtc%2F5b7nUE5SvA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.8
cf-ray
8e1bad615bbe5355-LAX
expires
Wed, 13 Nov 2024 00:42:05 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=70360&sent=9&recv=11&lost=0&retrans=0&sent_bytes=3983&recv_bytes=2302&delivery_rate=55187&cwnd=253&unsent_bytes=0&cid=ed02b3bf19128e82&ts=178&x=0"
date
Wed, 13 Nov 2024 03:29:24 GMT
content-type
application/javascript; charset=UTF-8
x-server
web14.ny1.dtscdn.com
server
cloudflare
cms
ups.analytics.yahoo.com/ups/58679/ Frame 950F
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=1040173146856351791A465A947147DD
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=8129210f3ccc5b9ee7d4f3805e4442fa&gdpr=1
  • https://cms.analytics.yahoo.com/cms?partner_id=DELI&gdpr=1
  • https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1
0
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1
Requested by
Host: 1mav.cc
URL: https://1mav.cc/anyalytics?v=_0f4d82b07b4
Protocol
H2
Server
2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Wed, 13 Nov 2024 03:29:26 GMT
age
0
content-type
text/html
server
ATS
referrer-policy
no-referrer-when-downgrade

Redirect headers

strict-transport-security
max-age=31536000
cache-control
no-store
location
https://ups.analytics.yahoo.com/ups/58679/cms?partner_id=DELI&gdpr=1
content-length
257
date
Wed, 13 Nov 2024 03:29:26 GMT
content-type
text/html
content-language
en
server
ATS
t_.htm
pxdrop.lijit.com/a/ Frame 5520 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/a/t_.htm?ver=1.1587.855&cid=c026&cls=sync
Requested by
Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=1mav.cc&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.181 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://1mav.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Wed, 13 Nov 2024 03:29:25 GMT
Expires
Wed, 20 Nov 2024 03:29:25 GMT
X-Robots-Tag
noindex, nofollow
362bff3977c919c19f00532c76c72498284bb42d.gif
images.1031.academy/i/2024/11/11/ 		392 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.1031.academy/i/2024/11/11/362bff3977c919c19f00532c76c72498284bb42d.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.104.32.60 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
nginx/onex /
Resource Hash
812f749bebf24708919bb1838993d3387cc44bfbab5bb298ce71049e117ecc9b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Content-Encoding
gzip
ETag
W/"6731ccb2-6209f"
X-One-Cache
HIT
Date
Wed, 13 Nov 2024 03:29:24 GMT
Content-Type
image/gif
Last-Modified
Mon, 11 Nov 2024 09:21:54 GMT
Server
nginx/onex
Vary
Accept-Encoding
JS2XW7c7x4nfyo1yvP5jaBeXQ9Uhxu.gif
bpyyllqqj7.kmqianneng66.com/ 		231 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpyyllqqj7.kmqianneng66.com:9988/JS2XW7c7x4nfyo1yvP5jaBeXQ9Uhxu.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
142.0.133.121 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
openresty /
Resource Hash
c80d7badb5f81716f759b1091d8da8fef332379d859de82769f6f6d946c654f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Cache-Control
max-age=2592000
ETag
"66ed79fa-39daf"
Via
mycdn
Expires
Thu, 31 Oct 2024 06:46:10 GMT
Accept-Ranges
bytes
Content-Length
236975
Date
Wed, 13 Nov 2024 03:29:24 GMT
Content-Type
image/gif
Last-Modified
Fri, 20 Sep 2024 13:34:50 GMT
Server
openresty
CDN-Cache
HIT
4d9c96_7c7212f3511e4ebb9a33319b957429b3~mv2.gif
static.wixstatic.com/media/ 		152 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/4d9c96_7c7212f3511e4ebb9a33319b957429b3~mv2.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:d200:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.25.3.2 /
Resource Hash
b5a315d7e2a6996c7f8d996676fe4bca879f10d35c9a9390b7e7fc080570b0cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

access-control-expose-headers
Content-Length
etag
"6111dc0e5c6d64c05c716720dbd72e2b"
age
1710428
expires
Thu, 24 Oct 2024 09:22:16 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
FgvkIIWeUNwiCTkBjc9qrHao4k5g-DmU60qym06aI_eGGKW9WEkerA==
date
Thu, 24 Oct 2024 08:22:16 GMT
content-type
image/gif
last-modified
Thu, 24 Oct 2024 07:45:04 GMT
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
via
1.1 google, 1.1 9ff0b6c9de3fbfb51f9f14244e2651a4.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-seen-by
gcp.us-central-1.media-router-56f88799f9-4s984
content-length
155249
x-amz-cf-pop
JFK52-P4
server
openresty/1.25.3.2
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ Frame 950F 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://1mav.cc/

Response headers

content-encoding
gzip
etag
W/"f16e89fd08a708a6bd2e69be50fd30ab"
age
73885
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
XG33mC22Gx139_T4QlLWXiNQ_lv2Jl8BOgiPTIAIxKGQDVOac9skBQ==
date
Tue, 12 Nov 2024 06:58:02 GMT
content-type
application/json
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
last-modified
Tue, 20 Aug 2024 17:49:20 GMT
cache-control
public, max-age=86400
via
1.1 e23983892b1c8fb4d47f943c0ee29028.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
KYKY960x80.gif
kysz.oss-cn-shenzhen.aliyuncs.com/kkykhk/ 		336 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kysz.oss-cn-shenzhen.aliyuncs.com/kkykhk/KYKY960x80.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.78.115.72 Shenzhen, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
0ac4ab90c2edc1de1a904b997c4d5df60990df149dc65e84e04bbf3918dd2c14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Content-MD5
iq9X0CEkE3Ov+V8MORkgUQ==
x-oss-storage-class
Standard
ETag
"8AAF57D021241373AFF95F0C39192051"
x-oss-object-type
Normal
Date
Wed, 13 Nov 2024 03:29:25 GMT
x-oss-server-time
3
Content-Disposition
attachment
Content-Type
image/gif
Last-Modified
Wed, 07 Feb 2024 14:40:15 GMT
x-oss-ec
0048-00000103
x-oss-hash-crc64ecma
8590035710478461481
Accept-Ranges
bytes
Content-Length
344435
x-oss-request-id
67341D157C440B303683C8EA
x-oss-force-download
true
Server
AliyunOSS
data
bcp.crwdcntrl.net/6/ Frame 950F 		538 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.89.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-89-70.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
4c37394d721c3b2818ea6f910cc712a4db53ae39278f34cbd4a658ac13585f76

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://1mav.cc/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://1mav.cc
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
538
date
Wed, 13 Nov 2024 03:29:27 GMT
content-type
application/json;charset=utf-8
x-server
10.40.61.179
server
Jetty(9.4.38.v20210224)
xpj.gif
xx4848.jjcclt.com/
Redirect Chain
  • https://xpj46-xz.oss-accelerate.aliyuncs.com/xpj.gif
  • https://xx4848.jjcclt.com/xpj.gif
300 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx4848.jjcclt.com/xpj.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
203.107.47.192 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
NgxFence /
Resource Hash
410aa2b421123bb3e712216283a7f169b6d6e53307e2d93d74a6c03c97207a85

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
max-age=2592000
etag
"6610fb18-4b083"
expires
Mon, 16 Sep 2024 13:01:05 GMT
accept-ranges
bytes
x-cache
HIT
content-length
307331
date
Wed, 13 Nov 2024 03:29:25 GMT
content-type
image/gif
last-modified
Sat, 06 Apr 2024 07:34:48 GMT
server
NgxFence

Redirect headers

Location
https://xx4848.jjcclt.com/xpj.gif
Content-Length
0
x-oss-request-id
67341D14797B2A29D5D1D051
Date
Wed, 13 Nov 2024 03:29:24 GMT
Server
AliyunOSS
5845.gif
xx4848.jjcclt.com/
Redirect Chain
  • https://5845-xxpp.oss-accelerate.aliyuncs.com/5845.gif
  • https://xx4848.jjcclt.com/5845.gif
465 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx4848.jjcclt.com/5845.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
203.107.47.192 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
NgxFence /
Resource Hash
4cae409bb456a7e01557fb38a9e2490535d48158d0f6a5daf24fa2dd3de13646

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
max-age=2592000
etag
"66f13bd2-744ab"
expires
Wed, 23 Oct 2024 09:59:34 GMT
accept-ranges
bytes
x-cache
HIT
content-length
476331
date
Wed, 13 Nov 2024 03:29:25 GMT
content-type
image/gif
last-modified
Mon, 23 Sep 2024 09:58:42 GMT
server
NgxFence

Redirect headers

Location
https://xx4848.jjcclt.com/5845.gif
Content-Length
0
x-oss-request-id
67341D13B8FACD202B7670EF
Date
Wed, 13 Nov 2024 03:29:23 GMT
Server
AliyunOSS
1.gif
xx4848.jjcclt.com/
Redirect Chain
  • https://5454ylylgh.oss-accelerate.aliyuncs.com/1.gif
  • https://xx4848.jjcclt.com/1.gif
615 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx4848.jjcclt.com/1.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
203.107.47.192 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
NgxFence /
Resource Hash
4a8992f56d246e47398f2e8cf9857c26f04ae9f305ff49788d1da34088bcb6f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
max-age=2592000
etag
"66f131d4-99c89"
expires
Wed, 23 Oct 2024 09:16:47 GMT
accept-ranges
bytes
x-cache
HIT
content-length
629897
date
Wed, 13 Nov 2024 03:29:25 GMT
content-type
image/gif
last-modified
Mon, 23 Sep 2024 09:16:04 GMT
server
NgxFence

Redirect headers

Location
http://xx4848.jjcclt.com/1.gif
Content-Length
0
x-oss-request-id
67341D138BE59F813566675E
Date
Wed, 13 Nov 2024 03:29:23 GMT
Server
AliyunOSS
zepvuj.gif
cc777img.dqsldz.com/i/2024/10/28/ 		78 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc777img.dqsldz.com/i/2024/10/28/zepvuj.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.223.9.120 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
59c406011b6bc0e40cf0ffd0121ae38b5034bb54d745a15e483c4c3abc306444

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

ETag
"671f946f-13623"
Age
1341684
nginx-hit
1
Expires
Wed, 27 Nov 2024 14:17:51 GMT
X-CCDN-REQ-ID-46B1
540e43eb4bf0142a7874cada6f4ed87a
Date
Wed, 13 Nov 2024 03:29:26 GMT
Content-Type
image/gif
Last-Modified
Mon, 28 Oct 2024 13:41:03 GMT
Vary
Accept-Encoding
Cache-Control
max-age=2592000
X-CCDN-Expires
1258299
x-hcs-proxy-type
1
X-CCDN-CacheTTL
2592000
via
CHN-ZJwenzhou-AREACT1-CACHE16[3],CHN-ZJwenzhou-AREACT1-CACHE44[0,TCP_HIT,0],CHN-SH-GLOBAL4-CACHE69[19],CHN-SH-GLOBAL4-CACHE54[0,TCP_HIT,15]
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
79395
Server
openresty
zd4i70.gif
cc777img.dqsldz.com/i/2024/10/28/ 		92 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cc777img.dqsldz.com/i/2024/10/28/zd4i70.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
115.223.9.120 , China, ASN134771 (CHINATELECOM-ZHEJIANG-WENZHOU-IDC WENZHOU, ZHEJIANG Province, P.R.China., CN),
Reverse DNS
Software
openresty /
Resource Hash
2426d7c7f0b4642d2ff76822c538917cca6b4dc26aee76e52b6ddfca5442f90b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

ETag
"671f93dc-16f56"
Age
1344932
nginx-hit
1
Expires
Wed, 27 Nov 2024 13:46:19 GMT
X-CCDN-REQ-ID-46B1
628b4f333fde706b412487f6c306ca7e
Date
Wed, 13 Nov 2024 03:29:26 GMT
Content-Type
image/gif
Last-Modified
Mon, 28 Oct 2024 13:38:36 GMT
Vary
Accept-Encoding
Cache-Control
max-age=2592000
X-CCDN-Expires
1249156
x-hcs-proxy-type
1
X-CCDN-CacheTTL
2592000
via
CHN-ZJwenzhou-AREACT1-CACHE60[2],CHN-ZJwenzhou-AREACT1-CACHE53[0,TCP_HIT,0],CHN-SH-GLOBAL4-CACHE155[3],CHN-SH-GLOBAL4-CACHE5[0,TCP_HIT,0]
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
94038
Server
openresty
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 680E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-28.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://1mav.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
70554
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Tue, 12 Nov 2024 07:53:34 GMT
etag
W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified
Tue, 05 Sep 2023 17:36:56 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 dd80355363eac92e0372107558e579a8.cloudfront.net (CloudFront)
x-amz-cf-id
lBDDyjCH2XHh8dr4NjNVTvqYvgQyYJSx5taP9K2KrGplw1QOwiZujA==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
collect
www.google-analytics.com/j/ 		1 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1264678666&t=pageview&_s=1&dl=https%3A%2F%2F1mav.cc%2F&ul=en-us&de=UTF-8&dt=%E6%96%B0%E5%9E%8B%E7%9A%84%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%2C%E6%97%A5%E6%9C%ACAV%2C%E5%9B%BD%E4%BA%A7%E8%87%AA%E6%8B%8D%20-%201MAV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1665448480&gjid=1031968299&cid=1980478702.1731468563&tid=UA-145955828-3&_gid=919966816.1731468567&_r=1&gtm=457e4b70za200zb9186904304&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077854&jsscut=1&z=2041041625
Requested by
Host: xewl.xyz
URL: https://xewl.xyz/1mav/js/t.1mav.js?30fbb5b366df1fafe1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://1mav.cc/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 03:29:27 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://1mav.cc
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
ky96080a_new.gif
img3.tyqxzx.com/
Redirect Chain
  • https://gif.ssjljk.com/ky96080a_new.gif
  • https://img3.tyqxzx.com/ky96080a_new.gif
322 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img3.tyqxzx.com/ky96080a_new.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
123.6.18.18 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
hn.kd.ny.adsl
Software
NgxFence /
Resource Hash
3e43b986ad551e7bdc1d07df228bfa76788961d81f4bf814956d0ca3a99669ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

content-md5
OkGD5YEjgUesxj7k0Sfaag==
x-oss-storage-class
Standard
etag
"3A4183E581238147ACC63EE4D127DA6A"
x-oss-object-type
Normal
x-cache
HIT
date
Wed, 13 Nov 2024 03:29:26 GMT
x-oss-server-time
6
content-disposition
attachment
content-type
image/gif
last-modified
Tue, 29 Oct 2024 10:16:54 GMT
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
6711693292216280587
accept-ranges
bytes
content-length
329620
x-oss-request-id
6720B70D81C2E13EAD566585
x-oss-force-download
true
server
NgxFence

Redirect headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
location
http://img3.tyqxzx.com/ky96080a_new.gif
content-length
0
date
Wed, 13 Nov 2024 03:29:27 GMT
content-type
text/html; charset=utf-8
x-cache
DYNAMIC
server
NgxFence
cc_601.js
s10.histats.com/counters/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_601.js
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
085b24f403c6482cd06aeaa36b22029e3891e51a33729712eb7a98e750d54af9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

x-request-id
198314321
content-encoding
br
etag
"-433514832"
x-cdn-pop
bhs
x-cacheable
Matched cache
accept-ranges
bytes
x-cdn-pop-ip
137.74.122.0/26
content-length
4289
date
Wed, 13 Nov 2024 03:28:10 GMT
last-modified
Thu, 16 Apr 2020 10:45:32 GMT
content-type
text/javascript
/
e.dtscout.com/e/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/4373586.php?4373586&@f16&@g1&@h1&@i1&@j1731468563131&@k0&@l1&@m%E6%96%B0%E5%9E%8B%E7%9A%84%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%2C%E6%97%A5%E6%9C%ACAV%2C%E5%9B%BD%E4%BA%A7%E8%87%AA%E6%8B%8D%20-%201MAV&@n0&@o1000&@q0&@r0&@s601&@ten-US&@u1600&@b1:189148454&@b3:1731468563&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2F1mav.cc%2F&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3b99370df5ece3493bdd06ed39af697a8b1ec315de55e4bbca08e77d4c94b97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SypZzyFtnL7kn6UJd3PM3V5q8H%2FwHwJaMPRZ9IIWAk80FmyY7nC1pxB2UfuE%2FxIwFATkg46qzgUiLsFFItnMfcgnLSo1TeqepkTTnC5FCadf00mf1MMXKlOsj4QVKsyyo6nVv4uqCAXSu4U%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.295
cf-ray
8e1bad747dc4e661-DEN
expires
Wed, 13 Nov 2024 03:29:26 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=120995&sent=17&recv=16&lost=0&retrans=0&sent_bytes=8765&recv_bytes=2528&delivery_rate=33678&cwnd=36&unsent_bytes=0&cid=582326fb5e26be75&ts=4107&x=0"
date
Wed, 13 Nov 2024 03:29:27 GMT
content-type
application/javascript
x-s
mtl2
server
cloudflare
/
t.dtscdn.com/widget/ 		0
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=1040173146856351791A465A947147DD&nid=300&p=2114454483&t=600&s=1600x1200x24&u=https%3A%2F%2F1mav.cc%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mFWOBGDa5HWNTNZGrTytIZPqsPfafrqqWjtOTcSNZjZrg32Xw32t0RxMNgIgkh%2FDkTZ1RVRRPxf%2Bp0IdtKHmca0n2LSF3Z93ZwAVhIILV2nzZ%2F6u8sTrXrLkajX3OCX%2Fa63USIDNebZTHw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-t
1.06
cf-ray
8e1bad75bc025355-LAX
expires
Wed, 13 Nov 2024 03:10:30 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=70403&sent=12&recv=13&lost=0&retrans=0&sent_bytes=4787&recv_bytes=2465&delivery_rate=55187&cwnd=255&unsent_bytes=0&cid=ed02b3bf19128e82&ts=3430&x=0"
date
Wed, 13 Nov 2024 03:29:28 GMT
content-type
application/javascript; charset=UTF-8
x-server
web3.ny1.dtscdn.com
server
cloudflare
t.dhj
pxdrop.lijit.com/1/d/ 		2 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=1mav.cc&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.181 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
537ea11b1d430598014c3a5b94061316a45de4d1c55c883823a521bd5ea3879c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

X-Robots-Tag
noindex, nofollow
Cache-Control
private, max-age=3600
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Expires
Wed, 13 Nov 2024 04:29:24 GMT
Content-Length
1398
Date
Wed, 13 Nov 2024 03:29:24 GMT
Content-Type
text/javascript
afwu.js
cdn.tynt.com/ 		19 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.173 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
public, max-age=259200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"651ed18d-4c00"
age
152022
cf-ray
8e1bad753ab52b8e-LAX
expires
Sat, 16 Nov 2024 03:29:27 GMT
date
Wed, 13 Nov 2024 03:29:27 GMT
content-type
application/javascript
last-modified
Thu, 05 Oct 2023 15:09:01 GMT
vary
Accept-Encoding
server
cloudflare
/
t.dtscout.com/pv/ 		0
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=1mav.cc&_ss=4rvy4x8qlv&_pv=2&_ls=4&_cc=us&_pl=d&_b=chrome%40130&_cbid=3piq&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F1mav.cc%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

x-c
0
cache-control
no-cache
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCQk6tCxFwJ37EhQbMdtjZ%2FKWBQgEqRIIpUO0LchfjHurICrZQEIr4mPBJYAKek6EfWdn65GvcONQIYWvJxt5R%2BNFZtRB3jHuueOhdUVfgBE9yqlbhv0b9w0QI6KtgdPuUiuhzl6Lo%2FmMpo%3D"}],"group":"cf-nel","max_age":604800}
x-t
0.101
cf-ray
8e1bad75daa3e661-DEN
expires
Wed, 13 Nov 2024 03:29:27 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=121451&sent=24&recv=20&lost=0&retrans=0&sent_bytes=12756&recv_bytes=2660&delivery_rate=62271&cwnd=36&unsent_bytes=0&cid=582326fb5e26be75&ts=4327&x=0"
date
Wed, 13 Nov 2024 03:29:28 GMT
content-type
application/javascript
server
cloudflare
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=1040173146856351791A465A947147DD
  • https://spl.zeotap.com/?zdid=1332&zcluid=710512ea322a0daf
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3c59277e-14eb-4e8e-520a-54dcf267e7c5&reqId=b0c9dd71-611e-49c3-4292-e463a7e70092&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3c59277e-14eb-4e8e-520a-54dcf267e7c5&reqId=b0c9dd71-611e-49c3-4292-e463a7e70092&zcluid=710512ea322...
95 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3c59277e-14eb-4e8e-520a-54dcf267e7c5&reqId=b0c9dd71-611e-49c3-4292-e463a7e70092&zcluid=710512ea322a0daf&zdid=1332&google_error=15
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
2606:4700:10::6816:3362 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains; preload
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 google
cf-ray
8e1bad7d5f472f38-LAX
access-control-allow-origin
https://1mav.cc
content-length
95
date
Wed, 13 Nov 2024 03:29:29 GMT
content-type
image/png
vary
Origin
server
cloudflare
access-control-allow-headers
*

Redirect headers

cache-control
no-cache, must-revalidate
location
https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=3c59277e-14eb-4e8e-520a-54dcf267e7c5&reqId=b0c9dd71-611e-49c3-4292-e463a7e70092&zcluid=710512ea322a0daf&zdid=1332&google_error=15
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
461
date
Wed, 13 Nov 2024 03:29:29 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
t_.htm
pxdrop.lijit.com/a/ Frame 7A79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/a/t_.htm?ver=1.1587.855&cid=c026&cls=sync
Requested by
Host: pxdrop.lijit.com
URL: https://pxdrop.lijit.com/1/d/t.dhj?cls=sync&dmn=1mav.cc&GDPR_v2=&us_privacy=&pubid=dt_scout&gpp=&gpp_sid=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.3.181 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-196-3-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://1mav.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control
max-age=604800
Content-Encoding
gzip
Content-Length
1190
Content-Type
text/html
Date
Wed, 13 Nov 2024 03:29:25 GMT
Expires
Wed, 20 Nov 2024 03:29:25 GMT
X-Robots-Tag
noindex, nofollow
p
ic.tynt.com/b/ 		35 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1731468568004&dn=AFWU&iso=0&pu=https%3A%2F%2F1mav.cc%2F&t=%E6%96%B0%E5%9E%8B%E7%9A%84%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%2C%E6%97%A5%E6%9C%ACAV%2C%E5%9B%BD%E4%BA%A7%E8%87%AA%E6%8B%8D%20-%201MAV&chmob=0
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
etag
"4bc8846c-23"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
accept-ranges
bytes
content-length
35
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Wed, 13 Nov 2024 03:29:28 GMT
content-type
image/gif
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
v2
de.tynt.com/deb/ 		909 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&chmob=0&r=&pu=https%3A%2F%2F1mav.cc%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
7fef23985e07a4fea61826648d8fbc6b2772e9c82e9298410e4c85645645e436

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
909
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
date
Wed, 13 Nov 2024 03:29:28 GMT
content-type
application/javascript
v2
de.tynt.com/deb/ 		879 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=2&chmob=0&r=&pu=https%3A%2F%2F1mav.cc%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
c3c43c6da40ea62f6ee532f0bf6d608bb2a0d8ddb7fa2ea78670d1f96c89149d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
879
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
date
Wed, 13 Nov 2024 03:29:27 GMT
content-type
application/javascript
2.gif
xx4848.jjcclt.com/
Redirect Chain
  • https://646464xpj.oss-accelerate.aliyuncs.com/2.gif
  • https://xx4848.jjcclt.com/2.gif
324 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xx4848.jjcclt.com/2.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
203.107.47.192 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
NgxFence /
Resource Hash
9b1b7922ad169978b544306d16430f4b11a60ba9d00081d32c33533b9b008c7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
max-age=2592000
etag
"66445843-50f6f"
expires
Wed, 16 Oct 2024 08:08:06 GMT
accept-ranges
bytes
x-cache
HIT
content-length
331631
date
Wed, 13 Nov 2024 03:29:28 GMT
content-type
image/gif
last-modified
Wed, 15 May 2024 06:37:55 GMT
server
NgxFence

Redirect headers

Location
https://xx4848.jjcclt.com/2.gif
Content-Length
0
x-oss-request-id
67341D174C216D8BCBD52B0F
Date
Wed, 13 Nov 2024 03:29:27 GMT
Server
AliyunOSS
362358.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.1
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm=&google_tc=
  • https://idsync.rlcdn.com/362358.gif?google_error=15
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_error=15
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Wed, 13 Nov 2024 03:29:29 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://idsync.rlcdn.com/362358.gif?google_error=15
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
date
Wed, 13 Nov 2024 03:29:29 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
362588.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=be1716d1-54f3-4a21-b0cb-bc80c4a8a659
42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=be1716d1-54f3-4a21-b0cb-bc80c4a8a659
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Wed, 13 Nov 2024 03:29:29 GMT
content-type
image/gif

Redirect headers

location
https://idsync.rlcdn.com/362588.gif?partner_uid=be1716d1-54f3-4a21-b0cb-bc80c4a8a659
content-length
199
date
Wed, 13 Nov 2024 03:29:28 GMT
server
Kestrel
sync
pippio.com/api/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.3
  • https://pippio.com/api/sync?pid=5324&_=2
42 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=5324&_=2
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Wed, 13 Nov 2024 03:29:28 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://pippio.com/api/sync?pid=5324&_=2
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Wed, 13 Nov 2024 03:29:28 GMT
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.4
  • https://rc.rlcdn.com/1000.gif?memo=CP6JFhoNCJi60LkGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=96c10df8a2176de8d0a5cbdb94dfeb2ba11bd010125eb67e67c61fc42c3c3f50791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=96c10df8a2176de8d0a5cbdb94dfeb2ba11bd010125eb67e67c61fc42c3c3f50791426b5417dce21&rand=07460146
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=96c10df8a2176de8d0a5cbdb94dfeb2ba11bd010125eb67e67c61fc42c3c3f50791426b5417dce21&rand=07460146&expected_cookie=5fae4b18-57cb-47cf-8e1e-3d9d6b872577
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=96c10df8a2176de8d0a5cbdb94dfeb2ba11bd010125eb67e67c61fc42c3c3f50791426b5417dce21&rand=07460146&expected_cookie=5fae4b18-57cb-47cf-8e1e-3d9d6b872577
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D01581BA8E8B40EB9EDC96FEE6256741 Ref B: LAXEDGE1509 Ref C: 2024-11-13T03:29:29Z
x-li-fabric
prod-ltx1
x-li-uuid
AAYmwvEDwzv6AS4CBaxDxg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 13 Nov 2024 03:29:28 GMT

Redirect headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
location
/db_sync?pid=10339&puuid=96c10df8a2176de8d0a5cbdb94dfeb2ba11bd010125eb67e67c61fc42c3c3f50791426b5417dce21&rand=07460146&expected_cookie=5fae4b18-57cb-47cf-8e1e-3d9d6b872577
x-msedge-ref
Ref A: 88A11970AA0443A8A900319F399C3A30 Ref B: LAXEDGE1509 Ref C: 2024-11-13T03:29:29Z
x-li-fabric
prod-ltx1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-uuid
AAYmwvEBlK3oIRihkgCHQg==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Wed, 13 Nov 2024 03:29:28 GMT
396846.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.5
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e3c34895-91dc-4e2c-a0e5-0b49332071e3
42 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e3c34895-91dc-4e2c-a0e5-0b49332071e3
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Wed, 13 Nov 2024 03:29:29 GMT
content-type
image/gif

Redirect headers

location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e3c34895-91dc-4e2c-a0e5-0b49332071e3
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 13 Nov 2024 03:29:28 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
server
OXGW/0.0.0
396846.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568312.6
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e3c34895-91dc-4e2c-a0e5-0b49332071e3
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e3c34895-91dc-4e2c-a0e5-0b49332071e3
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Wed, 13 Nov 2024 03:29:29 GMT
content-type
image/gif

Redirect headers

location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=e3c34895-91dc-4e2c-a0e5-0b49332071e3
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Wed, 13 Nov 2024 03:29:28 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
server
OXGW/0.0.0
362358.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568311.1
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_error=15
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_error=15
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Wed, 13 Nov 2024 03:29:29 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://idsync.rlcdn.com/362358.gif?google_error=15
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
date
Wed, 13 Nov 2024 03:29:29 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
dpx
i.simpli.fi/ 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1731468568311.2&ref=
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.15.245.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
date
Wed, 13 Nov 2024 03:29:29 GMT
pragma
no-cache
server
openresty
362588.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568311.3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=be1716d1-54f3-4a21-b0cb-bc80c4a8a659
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=be1716d1-54f3-4a21-b0cb-bc80c4a8a659
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Wed, 13 Nov 2024 03:29:29 GMT
content-type
image/gif

Redirect headers

location
https://idsync.rlcdn.com/362588.gif?partner_uid=be1716d1-54f3-4a21-b0cb-bc80c4a8a659
content-length
199
date
Wed, 13 Nov 2024 03:29:29 GMT
server
Kestrel
dpx
i.simpli.fi/ 		0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1731468568311.4&ref=
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.245.15.98 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.15.245.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
date
Wed, 13 Nov 2024 03:29:29 GMT
pragma
no-cache
server
openresty
52154.gif
idsync.rlcdn.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568311.5
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fidsync.rlcdn.com%252F52154.gif%253Fserved_by%253Devergreen%2526partner_uid%253D%2524UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3182313418842172804
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3182313418842172804
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H3
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Wed, 13 Nov 2024 03:29:29 GMT
content-type
image/gif

Redirect headers

cache-control
no-store, no-cache, private
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=3182313418842172804
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
162.245.206.246; 162.245.206.246; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
7219a1a7-21cf-4c90-9781-0417ae80230f
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Wed, 13 Nov 2024 03:29:29 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
dcm
s.amazon-adsystem.com/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1731468568311.6
  • https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=56f80942dab190ea7eaf52f6114b429e7e832a21a3e4139db84206bbe712170ec0cb235b3774c97e&cb=07357081
  • https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=56f80942dab190ea7eaf52f6114b429e7e832a21a3e4139db84206bbe712170ec0cb235b3774c97e&cb=07357081&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=56f80942dab190ea7eaf52f6114b429e7e832a21a3e4139db84206bbe712170ec0cb235b3774c97e&cb=07357081&dcc=t
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
JJKS0S95VXF65KVBJ5JT
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Wed, 13 Nov 2024 03:29:29 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=56f80942dab190ea7eaf52f6114b429e7e832a21a3e4139db84206bbe712170ec0cb235b3774c97e&cb=07357081&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
6ANRWREC2AMH1M4HYAH9
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Wed, 13 Nov 2024 03:29:29 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 		0
0
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?hca=910A89F7C4E2E383&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1097295445&si=2846cf6c2be594808103eb137368b82f&v=1.3.2&lv=1&sn=33869&r=0&ww=1600&u=https%3A%2F%2F1mav.cc%2F&tt=%E6%96%B0%E5%9E%8B%E7%9A%84%E9%BB%84%E8%89%B2%E7%BD%91%E7%AB%99%2C%E6%97%A5%E6%9C%ACAV%2C%E5%9B%BD%E4%BA%A7%E8%87%AA%E6%8B%8D%20-%201MAV
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.240.98.228 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

Strict-Transport-Security
max-age=172800
Cache-Control
private, max-age=0, no-cache
Pragma
no-cache
X-Content-Type-Options
nosniff
Content-Length
43
Date
Wed, 13 Nov 2024 03:29:29 GMT
Content-Type
image/gif
Server
apache
100.gif
az.tu2024020388.com/8888/xm/508/ 		376 KB
377 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://az.tu2024020388.com/8888/xm/508/100.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:fc00:17:c65c:dac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
69d1f8df797e2c0bac7668cbdd942e8c4dec7cae7c182d374278a34712944a27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

etag
"66b3688c-5e07e"
age
2512822
x-content-type-options
nosniff
expires
Thu, 14 Nov 2024 01:29:07 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
SWbUg_lgZXLsEYwImftzCR2VOwCY0Gbm3JlyCu6jDb1VeRYhSNP9qA==
date
Tue, 15 Oct 2024 01:29:07 GMT
content-type
image/gif
last-modified
Wed, 07 Aug 2024 12:29:00 GMT
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
max-age=2592000
referrer-policy
strict-origin-when-cross-origin
via
1.1 d2b8f634cf8ac5ec77dee366297223bc.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
385150
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P3
server
nginx
100.gif
az.tu2024020388.com/8888/pg1101/ 		493 KB
494 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://az.tu2024020388.com/8888/pg1101/100.gif
Requested by
Host: 1mav.cc
URL: https://1mav.cc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:261f:fc00:17:c65c:dac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b070365a25a68d78daaba381d75d10ea93b529e7f473184598ba018e66539d35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://1mav.cc/

Response headers

etag
"6728cb41-7b333"
age
736470
x-content-type-options
nosniff
expires
Wed, 04 Dec 2024 14:55:05 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
gvNrThaYBeuPJKbIs-sGhwtmaXKLfzlyereofLwQODRcIs86cZ4mMw==
date
Mon, 04 Nov 2024 14:55:05 GMT
content-type
image/gif
last-modified
Mon, 04 Nov 2024 13:25:21 GMT
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
max-age=2592000
referrer-policy
strict-origin-when-cross-origin
via
1.1 d2b8f634cf8ac5ec77dee366297223bc.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
504627
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK52-P3
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
txdy-xxxx1329.oss-cn-beijing.aliyuncs.com
URL
https://txdy-xxxx1329.oss-cn-beijing.aliyuncs.com/1329.gif
Domain
img88pg.img88391511.cc
URL
https://img88pg.img88391511.cc:8686/8888/pg1101/80.gif
Domain
img88ky.img00874478.cc
URL
https://img88ky.img00874478.cc:8686/8888/xm/508/80.gif
Domain
sp0.baidu.com
URL
https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://1mav.cc/

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| avshow object| isMobile function| updateQueryStringParameter function| update_view_nav_top object| xx object| myMixin function| randomString object| ADSOBJET object| ADSTEXT function| toThousands function| defaultCallback function| pingDomain string| encode_version string| opogh object| __0x1209ad function| _0x35a4 object| $g function| $ function| jQuery object| quasarConfig object| PlayerObject function| LazyLoad function| axios function| Vue object| EventBus object| UserObject function| _set_mount function| $m function| set_mount object| Quasar function| $$ object| Cookies boolean| ds_ object| Main function| Ctor object| M number| now_time boolean| is_show string| bottom_js_src function| gtag object| dataLayer object| _Hasync object| google_tag_manager object| google_tag_data object| d function| onYouTubeIframeAPIReady function| load function| on_mouseover_event function| on_mouseleave_event function| Toastify string| GoogleAnalyticsObject function| ga function| chfh function| chfh2 string| _HST_cntval object| Histats object| gaGlobal object| _hmt object| Tynt object| gaplugins object| gaData function| _HistatsCounterGraphics_601 function| histats_canvascounters_base.js object| a object| cv number| char object| _dtspv object| _33Across function| __uspapi boolean| _bdhm_loaded_2846cf6c2be594808103eb137368b82f

115 Cookies

Domain/Path Name / Value
1mav.cc/ Name: tguest
Value: guestb508248b54dc471d4c2f96c603255dd43e453435
1mav.cc/ Name: HstCfa4373586
Value: 1731468563131
1mav.cc/ Name: HstCla4373586
Value: 1731468563131
1mav.cc/ Name: HstCmu4373586
Value: 1731468563131
1mav.cc/ Name: HstPn4373586
Value: 1
1mav.cc/ Name: HstPt4373586
Value: 1
1mav.cc/ Name: HstCnv4373586
Value: 1
1mav.cc/ Name: HstCns4373586
Value: 1
1mav.cc/ Name: HstCfa4089347
Value: 1731468563134
1mav.cc/ Name: HstCla4089347
Value: 1731468563134
1mav.cc/ Name: HstCmu4089347
Value: 1731468563134
1mav.cc/ Name: HstPn4089347
Value: 1
1mav.cc/ Name: HstPt4089347
Value: 1
1mav.cc/ Name: HstCnv4089347
Value: 1
1mav.cc/ Name: HstCns4089347
Value: 1
.1mav.cc/ Name: _ga_H877EXKX7Z
Value: GS1.1.1731468563.1.0.1731468563.0.0.0
.dtscout.com/ Name: df
Value: 1731468563
.dtscout.com/ Name: l
Value: 1040173146856351791A465A947147DD
.1mav.cc/ Name: __dtsu
Value: 1040173146856351791A465A947147DD
.lijit.com/ Name: lijitAcc3PC
Value: 1
.dtscdn.com/ Name: uid
Value: 1040173146856351791A465A947147DD
.onaudience.com/ Name: cookie
Value: 710512ea322a0daf
.onaudience.com/ Name: done_redirects161
Value: 1
.onaudience.com/ Name: done_redirects252
Value: 1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 873eeb9a52b881cb7d93f05a0627de9a
.1mav.cc/ Name: _cc_id
Value: 873eeb9a52b881cb7d93f05a0627de9a
.1mav.cc/ Name: _cc_cc
Value: ACZ4nGNQsDA3Tk1Nskw0NUqysDBMTjJPsTROMzBNNDAzMk9JtUxkAIJ0E1lxBjjg%2FbVxCgvjR1mG%2F4yMDHc%2FWMKYn7u0YMxzRw8xw9i71rabwtiHF8%2BB6zyPxL5x6hEbjN3wXxPGvIQkfGP6ASYYe9OfQhjz6Nqn3DA2AN2OQLQ%3D
.1mav.cc/ Name: _cc_aud
Value: ABR4nGNgYGBIN5EVZ4ABZgYGrhlg1qJWEMn4sB5IAgA7JwP9
.1mav.cc/ Name: panoramaId_expiry
Value: 1731554967314
.1mav.cc/ Name: _ga
Value: GA1.2.1980478702.1731468563
.1mav.cc/ Name: _gid
Value: GA1.2.919966816.1731468567
.1mav.cc/ Name: _gat_gtag_UA_145955828_3
Value: 1
.dtscout.com/ Name: m
Value: 2
.tynt.com/ Name: uid
Value: RbTjAmc0HRiElRLxBhR/7w==
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%220c1ae001bf%22%2C%22f%22%3A4%2C%22ts%22%3A1731468568311%7D%2C%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A2%2C%22ts%22%3A1731468568311%7D%5D
.sitescout.com/ Name: ssi
Value: 55d15932-af91-4f56-8d01-089ef45b0a3e#1731468568465
.onaudience.com/ Name: done_redirects219
Value: 1
.adsrvr.org/ Name: TDID
Value: be1716d1-54f3-4a21-b0cb-bc80c4a8a659
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: esgo4fojx4xkjaipy4ddn2rd
.rubiconproject.com/ Name: audit_p
Value: 1|mXH+0nYQunC8KyBovKUnWZiW21YN/LeQ9BmdE2ZI2t+CZIg+tqclAailEMgVQkzqofrs+XqSz8nyUhTWCqUS/D1eMj+H8dOHXGVNbo9TZsRZUbLCpJEKirp41WtUGhjMzKRPNcwfRbySaCFsISbeGGDw8Z8vTu4Tk50LKQzdh9Q=
.rubiconproject.com/ Name: khaos
Value: M3FBOI0D-9-B5DG
.rubiconproject.com/ Name: khaos_p
Value: M3FBOI0D-9-B5DG
.rubiconproject.com/ Name: audit
Value: 1|mXH+0nYQunC8KyBovKUnWZiW21YN/LeQ9BmdE2ZI2t+CZIg+tqclAailEMgVQkzqofrs+XqSz8nyUhTWCqUS/D1eMj+H8dOHXGVNbo9TZsRZUbLCpJEKirp41WtUGhjMzKRPNcwfRbySaCFsISbeGGDw8Z8vTu4Tk50LKQzdh9Q=
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d99999
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.agkn.com/ Name: ab
Value: 0001%3A9bvD3VwBlLeUqx%2BDm9lrANe3XKC8yWAI
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.smartadserver.com/ Name: pid
Value: 3527208082512941388
.c.cintnetworks.com/ Name: TiPMix
Value: 53.359747503613356
.c.cintnetworks.com/ Name: x-ms-routing-name
Value: self
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 910A89F7C4E2E383
.1mav.cc/ Name: Hm_lvt_2846cf6c2be594808103eb137368b82f
Value: 1731468569
.1mav.cc/ Name: Hm_lpvt_2846cf6c2be594808103eb137368b82f
Value: 1731468569
.1mav.cc/ Name: HMACCOUNT
Value: 910A89F7C4E2E383
.openx.net/ Name: i
Value: 65a908aa-f51c-47bb-a54a-43526e9c23c6|1731468568
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: tfu4mpzzaywqgqsfyhsdtbvm
.ib.mookie1.com/ Name: ibkukiuno
Value: s=68cedab1-db1c-44c0-bf57-49c0a47d78da&h=&v=0&l=-8584701383165773473&op=&hl=0&vlu=0&tcs=1&dcc=-8584701383165773473
.ib.mookie1.com/ Name: ibkukinet
Value: 2734018294=-8584701383165773473
.pippio.com/ Name: didts
Value: 1731468568
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: did
Value: taSUSKENhWXVxw8l
.pippio.com/ Name: pxrc
Value: CJi60LkGEgYIgr0rEAA=
.zeotap.com/ Name: zc
Value: 3c59277e-14eb-4e8e-520a-54dcf267e7c5
.zeotap.com/ Name: zsc
Value: %A2%17%01%A6%18%B3%81%3F%DB%A6%13%07%2B%3C%A6n%06%5B%01%5C%D0%7C%5B%89%0D%B2%F9%A2W%C27%FB_%23O%BDj%ED%C9%BCO8%1E%0E%1F%C0%10%29%27%D4%E4%E8%D2%A9.sU%954Z%1Bc%8F%B1%9C%7F%B7yH%884%EB%AD6%60%94%09%FD%07%E9%90%C9%BA
.tapad.com/ Name: TapAd_TS
Value: 1731468569030
.tapad.com/ Name: TapAd_DID
Value: d340ae64-edde-4d5e-a1ec-4b4bed8c3e7e
.rlcdn.com/ Name: rlas3
Value: VCjTLy3qqoaymGkY7M1wslH8MGZ9TlDsx7asJ0ZiRpM=
.rlcdn.com/ Name: pxrc
Value: CJi60LkGEgUI6AcQABIFCOhHEAASBgjq3CoQAA==
.truoptik.com/ Name: to_master_s
Value: 5f79e4cec9bc37b393872ed416d953af
.truoptik.com/ Name: to_version_s
Value: b2
.linkedin.com/ Name: li_sugr
Value: 5fae4b18-57cb-47cf-8e1e-3d9d6b872577
.linkedin.com/ Name: bcookie
Value: "v=2&a6ff7d6d-5655-418a-89c6-1b6f2db00e17"
.linkedin.com/ Name: lidc
Value: "b=TGST00:s=T:r=T:a=T:p=T:g=3527:u=1:x=1:i=1731468569:t=1731554969:v=2:sig=AQEsP73WSfyqeF5i_9m45F_nC8sbLb3N"
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIbGl2ZXJhbXASCwi46rafrefBPRAFEhQKBXRhcGFkEgsIppiwoa3nwT0QBRgBIAEoAjILCM6Ns87D58E9EAU4AVoFdGFwYWRgAg..
.ipredictive.com/ Name: cu
Value: 40d5f5c6-2739-4daf-8133-cd56119e44d8|1731468569246
.bidr.io/ Name: bito
Value: AABUB07OaDoAABZc2-VIaA
.bidr.io/ Name: bitoIsSecure
Value: ok
.yahoo.com/ Name: A3
Value: d=AQABBBkdNGcCEBtJuqi_0kqPkMT6cHJCwHUFEgEBAQFuNWc-Z9wr0iMA_eMAAA&S=AQAAAjBzOz56joZQrp6Py71-KYg
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-69a24d62-ac98-536c-7761-d695e12b7d5e.A7N8SJWemWdMEcoGiKj7PZE0zDaF2EgF%2F5IEzujY4N4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-69a24d62-ac98-536c-7761-d695e12b7d5e.A7N8SJWemWdMEcoGiKj7PZE0zDaF2EgF%2F5IEzujY4N4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AaaJNYqyYU2x3YdaV4St9XqL1zvY.VyqQQJLn2gw5hQinVKknGXK99Dxa7SAM%2B5kpnSmlhz8
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AaaJNYqyYU2x3YdaV4St9XqL1zvY.VyqQQJLn2gw5hQinVKknGXK99Dxa7SAM%2B5kpnSmlhz8
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMr_KRexSqurK7Sx0Y_ecL2DkNjJ3o78qTkCIx0e8_b-EGcYBCCZutC5BjABOgRntaa9QgRyLSck.1dcp9mo8huBHnIDcnyo3OjZI781WAaQoDKMvb8JXIJg
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMr_KRexSqurK7Sx0Y_ecL2DkNjJ3o78qTkCIx0e8_b-EGcYBCCZutC5BjABOgRntaa9QgRyLSck.1dcp9mo8huBHnIDcnyo3OjZI781WAaQoDKMvb8JXIJg
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7635
.turn.com/ Name: uid
Value: 4298370554826457043
.adnxs.com/ Name: XANDR_PANID
Value: Ex1TImg5F6RW-2L6ZmHbwcBM7twkOST-RiwgifTYpxFUue9ku8dR-XjAARqsss5Q8DaWWkkz9x9RvOvg6WuZ0Azj-K1hbTi6WnglfLaIjbM.
.adnxs.com/ Name: uuid2
Value: 3182313418842172804
.analytics.yahoo.com/ Name: IDSYNC
Value: 19bk~2lsr
.demdex.net/ Name: demdex
Value: 74238820993446910684487444648490126938
.eyeota.net/ Name: mako_uid
Value: 1932391ab79-2cc90000010a4fd9
.eyeota.net/ Name: SERVERID
Value: 20441~DM
.amazon-adsystem.com/ Name: ad-id
Value: A5PW_I-haUaBs4byrxvAeCs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.dpm.demdex.net/ Name: dpm
Value: 74238820993446910684487444648490126938
.pxdrop.lijit.com/ Name: lijitPage_14day_c026_sync
Value: 0_1_1731468575329
.pxdrop.lijit.com/ Name: lijitPage_default_c026_sync
Value: 0_11_1731468575329
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQsDA3Tk1Nskw0NUqysDBMTjJPsTROMzBNNDAzMk9JtUxkAIJ0E1n5H%2F%2F%2F%2F%2BdngAH%2B6%2BsfyDCeZWT4z8jIsPb5GV0Y%2B9fGKSzMf4JA7D1aIPKjLFj87gdLbMKfu7SwCZ87eogZm%2Fiute2m2MQPL56D1dbzOMRvnHrEhk284b8mNuFLOJTfmH6ACZv4pj%2BF2ISPrn3KjU0cAKZvhEk%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGBIN5GVZ4ABNgYGrhlg1qJWEMmoNRtCzQJRfO4OYN7DeiAJAJxuBig%3D"
.media6degrees.com/ Name: clid
Value: 2smvdpb01170gef9wbl0qgr4000000018t011a01b01
.media6degrees.com/ Name: acs
Value: 012020k1smvdpbxzt10
.intentiq.com/ Name: IQver
Value: 1.9
.lijit.com/ Name: ljt_reader
Value: JqGRAQZHhp22grkgSAmCb9rK
.sitescout.com/ Name: _ssuma
Value: eyI1OCI6MTczMTQ2ODU3NTg4NywiNyI6MTczMTQ2ODU2ODU2MH0
.lijit.com/ Name: _ljtrtb_5001
Value: 873eeb9a52b881cb7d93f05a0627de9a
.thrtle.com/ Name: mc
Value: eyJpZCI6ImMyMzUyYzc1LWRiM2YtNDM0OC04MWNiLTVkMmYxNTg3NzU0NyIsImwiOjE3MzE0Njg1NzU5ODksInQiOjJ9
.thrtle.com/ Name: sc
Value: eyJpIjoiYzIzNTJjNzUtZGIzZi00MzQ4LTgxY2ItNWQyZjE1ODc3NTQ3Iiwic2lkIjoic2lkLTgxN2ZiMzE5LWExNmYtMTFlZi05ZDVmLTAyNDIwYWZmMDkzOCIsIm1zIjoyLCJ0cyI6MiwicHMiOjIsImxwIjo1MDQ3LCJzcCI6NTA0NywicHAiOjIsInRzZSI6MiwiaXIiOnRydWUsImx0c2UiOjE3MzE0Njg1NzU5ODl9
.intentiq.com/ Name: intentIQ
Value: obl8VP5taw
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6MTEzMDRfMCZVVHlUaDFx
.intentiq.com/ Name: IQadv
Value: 1731468576726
.intentiq.com/ Name: IQPData
Value: 2734018295#1731468576725#0#1731468576725
.intentiq.com/ Name: intentIQCDate
Value: 1731468576725

3 Console Messages

Source Level URL
Text
network error URL: https://picx.zhimg.com/v2-c26316acdf7138cc40514fb1ebb4d1a3
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://img88ky.img00874478.cc:8686/8888/xm/508/80.gif
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://img88pg.img88391511.cc:8686/8888/pg1101/80.gif
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1mav.cc
1mav98.top
5454ylylgh.oss-accelerate.aliyuncs.com
5845-xxpp.oss-accelerate.aliyuncs.com
646464xpj.oss-accelerate.aliyuncs.com
768guanggaot.oss-cn-hangzhou.aliyuncs.com
az.tu2024020388.com
bcp.crwdcntrl.net
bpyyllqqj7.kmqianneng66.com
cc777img.dqsldz.com
cdn.tynt.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
de.tynt.com
e.dtscout.com
gif.ssjljk.com
hm.baidu.com
hongosi.xn--b0tp7pc6a827b.cc
i.simpli.fi
ib.adnxs.com
ic.tynt.com
idsync.rlcdn.com
images.1031.academy
img.539355.com
img3.tyqxzx.com
img88.szapaqi.cn
img88ky.img00874478.cc
img88pg.img88391511.cc
kysz.oss-cn-shenzhen.aliyuncs.com
lan.trans711.top
loada.exelator.com
match.adsrvr.org
mwzeom.zeotap.com
picx.zhimg.com
pippio.com
pixel.onaudience.com
px.ads.linkedin.com
pxdrop.lijit.com
rc.rlcdn.com
s.amazon-adsystem.com
s10.histats.com
s4.histats.com
sp0.baidu.com
spl.zeotap.com
static.wixstatic.com
t.dtscdn.com
t.dtscout.com
tags.crwdcntrl.net
timg190.top
txdy-xxxx1329.oss-cn-beijing.aliyuncs.com
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.googletagmanager.com
xewl.xyz
xpj46-xz.oss-accelerate.aliyuncs.com
xx4848.jjcclt.com
zz.bdstatic.com
img88ky.img00874478.cc
img88pg.img88391511.cc
sp0.baidu.com
txdy-xxxx1329.oss-cn-beijing.aliyuncs.com
107.178.254.65
108.138.128.28
115.223.9.120
118.178.60.162
120.78.115.72
123.6.18.18
142.0.133.121
149.104.32.60
149.56.240.128
154.91.91.19
172.253.122.156
172.64.153.173
172.67.130.204
172.67.159.154
183.240.98.228
2001:4998:14:800::1001
202.81.230.143
203.107.47.192
23.196.3.181
23.22.89.70
2600:9000:211c:d200:1e:5c56:d400:93a1
2600:9000:2209:7600:1c:fa01:b800:93a1
2600:9000:261f:fc00:17:c65c:dac0:93a1
2606:4700:10::6816:159d
2606:4700:10::6816:3362
2606:4700:20::681a:c3c
2606:4700:21::8d65:780b
2607:f8b0:4004:c06::8a
2607:f8b0:4004:c07::61
2620:1ec:21::14
34.229.3.43
35.244.154.8
35.244.159.8
35.245.15.98
35.71.131.137
43.152.182.31
46.105.201.240
47.246.24.242
47.252.96.15
47.252.96.7
47.89.140.69
47.89.140.74
54.38.113.8
58.254.150.48
67.202.105.32
68.67.160.75
88.99.67.51
98.82.156.207
98.96.229.29
085b24f403c6482cd06aeaa36b22029e3891e51a33729712eb7a98e750d54af9
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
09b2b0ed63fb9bec21017e5a65ef53b36c80927141b2336bedd50def31a3a65b
0ac4ab90c2edc1de1a904b997c4d5df60990df149dc65e84e04bbf3918dd2c14
11f3d7093daaa39c3f289eded330c5c09dce203952ef669eff37e17d82f49074
2426d7c7f0b4642d2ff76822c538917cca6b4dc26aee76e52b6ddfca5442f90b
24f9a3c63224546369e77d37850eeee9fa0d56e4465f9269cc81d5e79b9f091b
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2ed1c5f2088e2afab47ad2653f28212403ee6e9a3dafee365bd046e6f50b58fa
3029a59a3eb78e1675c02962b4c2efa72c770b73c3336f95f14b4c73b7465397
36cf8c6a69a612b6d2a5b2db27cd2e354d5795caadf76182755dc8be509daa32
3db5fc063868d3ca5fc3cc2695f483266cffea00bef68dffd7e4944b947aacc8
3e43b986ad551e7bdc1d07df228bfa76788961d81f4bf814956d0ca3a99669ba
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
410aa2b421123bb3e712216283a7f169b6d6e53307e2d93d74a6c03c97207a85
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
492320772d378aa654eadeed2fd8d0f5329c5727b5bb789d260bdfd44c252f73
4a8992f56d246e47398f2e8cf9857c26f04ae9f305ff49788d1da34088bcb6f0
4b9e1657bcd870320fd4ba5062cac29539f248c768b06fa5f06abc084d80b1b1
4c37394d721c3b2818ea6f910cc712a4db53ae39278f34cbd4a658ac13585f76
4cae409bb456a7e01557fb38a9e2490535d48158d0f6a5daf24fa2dd3de13646
50b13f6743b142be52c3b632565a06cb851b5e2cb586332009986c140a679d38
537ea11b1d430598014c3a5b94061316a45de4d1c55c883823a521bd5ea3879c
598e98c808eb1447c57f0165047c4b19b5eaae1d7d036adf528a09669c42da0c
59c406011b6bc0e40cf0ffd0121ae38b5034bb54d745a15e483c4c3abc306444
69d1f8df797e2c0bac7668cbdd942e8c4dec7cae7c182d374278a34712944a27
6a611b07812e26a4cf071555354dc13586a100c29dac1c0b93d70dea23155279
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d37875797a4f82170205894a71eb36b44d6084aed9101934f64ae1319cd9ab7
7246ae006f0a9d9c098ca6ee2e9827f9c144493ef67e3f1d52925cb8b3e0169c
7d0a60227422353ea1f40efb5758ef984daa42205fd25e6c6f26aa5f11f23c39
7fef23985e07a4fea61826648d8fbc6b2772e9c82e9298410e4c85645645e436
812f749bebf24708919bb1838993d3387cc44bfbab5bb298ce71049e117ecc9b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
881352a0c6a3e3d0190b2283987cd4cb421c5d75582114289a08a7cb63d1cba4
892d55861a7789eec2cad963b875d9ebf537ff3698f08d0349ce86395d224262
974f78ab5653a3543fdb60b7a5b129e763b76e1c0afc98af7e5390cad8fe2327
9a66cac0788d315c4909b62c9290287c0ff9db72ea53bed8754661ca423c2014
9b1b7922ad169978b544306d16430f4b11a60ba9d00081d32c33533b9b008c7f
9ceb2ce2e291025e6cc0a4ba6bc5611f04da3edc68655d1c4c1244af5ed99de4
a1ea4857909cf8d06f75c34948b24c2e8c59f9eeea5c75cf0cc8b11a2587d22c
a4f3b9e8bbc74953c9b160b0806edd5dd32de20bc2fb0ddd517d6adeb9ee3213
a6ad9f25b0c8652c06dd9d27c79ee44ae5b14a9bc3332e2d38b34a2cf3f580d9
b070365a25a68d78daaba381d75d10ea93b529e7f473184598ba018e66539d35
b13239e5718d92f27676db38d562be8156d2f2ada9ea0327af2225380038457d
b2fc68b321375f3d006bf2cb0b7838d1d7f9d6a767ac50f8f6adba3b32133150
b467ed69dbe8aa8aa035884cbe58f8e3bc5f2a23c2583011452a5eb206d9754c
b5a315d7e2a6996c7f8d996676fe4bca879f10d35c9a9390b7e7fc080570b0cb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
c3c43c6da40ea62f6ee532f0bf6d608bb2a0d8ddb7fa2ea78670d1f96c89149d
c80d7badb5f81716f759b1091d8da8fef332379d859de82769f6f6d946c654f0
c8c41978318135faaf588755a3899a3400f071d817b2d4f59c2f9eb6b4fe16cd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3b99370df5ece3493bdd06ed39af697a8b1ec315de55e4bbca08e77d4c94b97
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8e1659422f3ba38e75798f4c28fc12553ff404dcc0772d11e2c4323cb2ae06a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb5876c39fa59a4bb89683896804647c2fd9d25e58d528bbadba075a03a533c8