9f61gu1a.skin Open in urlscan Pro
16.162.77.119 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://9f61gu1a.skin/
Submission: On August 11 via api (August 11th 2024, 5:49:46 pm UTC) from US — Scanned from DE

Summary HTTP 143 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 143 HTTP transactions. The main IP is 16.162.77.119, located in Hong Kong and belongs to AMAZON-02, US. The main domain is 9f61gu1a.skin.
TLS certificate: Issued by Amazon RSA 2048 M03 on May 28th 2024. Valid for: a year.

This is the only time 9f61gu1a.skin was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	16.162.77.119 16.162.77.119	16509 (AMAZON-02) (AMAZON-02)
46	240e:946:6004... 240e:946:6004:13::6e	58540 (CHINATELE...) (CHINATELECOM-SHANDONG-JINAN-IDC Jinan)
19	172.67.186.224 172.67.186.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	39.156.66.111 39.156.66.111	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
47	240e:978:902:... 240e:978:902:4000::c0	137697 (CHINATELE...) (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province)
6	2606:4700:303... 2606:4700:3037::ac43:b80c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	111.45.3.198 111.45.3.198	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
1	172.67.222.40 172.67.222.40	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3030::6815:452	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.145.181 172.67.145.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.67.131.207 172.67.131.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
143	13

7 16.162.77.119 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com

9f61gu1a.skin	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 240e:946:6004:13::6e (China)

ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN)

otc.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otc2.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 172.67.186.224 (United States)

ASN13335 (CLOUDFLARENET, US)

img.ptallenvery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amtk.ptallenvery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 39.156.66.111 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

libs.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 240e:978:902:4000::c0 (China)

ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN)

otc0.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otc1.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otc5.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otc4.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otc8.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otc3.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otc7.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::ac43:b80c (United States)

ASN13335 (CLOUDFLARENET, US)

res.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 111.45.3.198 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.222.40 (United States)

ASN13335 (CLOUDFLARENET, US)

tkapi3.352722.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::6815:452 (United States)

ASN13335 (CLOUDFLARENET, US)

ws2.servers01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.145.181 (United States)

ASN13335 (CLOUDFLARENET, US)

img.tpxiaoshimei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
res.tpxiaoshimei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

656499n81119.xn--at-pia4e.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.131.207 (United States)

ASN13335 (CLOUDFLARENET, US)

ws2.servers01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
99	bjhav.cn otc.bjhav.cn otc0.bjhav.cn otc1.bjhav.cn otc2.bjhav.cn otc5.bjhav.cn res.bjhav.cn otc4.bjhav.cn otc8.bjhav.cn otc3.bjhav.cn otc7.bjhav.cn	2 MB
19	ptallenvery.com img.ptallenvery.com amtk.ptallenvery.com	929 KB
7	9f61gu1a.skin 9f61gu1a.skin	102 KB
6	baidu.com libs.baidu.com — Cisco Umbrella Rank: 134886 hm.baidu.com — Cisco Umbrella Rank: 8226	57 KB
4	tpxiaoshimei.com img.tpxiaoshimei.com res.tpxiaoshimei.com	26 KB
4	servers01.com ws2.servers01.com	2 KB
1	xn--at-pia4e.cc 656499n81119.xn--at-pia4e.cc	231 KB
1	352722.com tkapi3.352722.com	725 B
143	8

	Domain	Requested by
39	otc.bjhav.cn	9f61gu1a.skin otc.bjhav.cn
16	img.ptallenvery.com	9f61gu1a.skin
13	otc0.bjhav.cn	otc.bjhav.cn otc1.bjhav.cn
10	otc1.bjhav.cn	otc.bjhav.cn otc1.bjhav.cn
9	otc4.bjhav.cn	9f61gu1a.skin otc1.bjhav.cn
9	otc5.bjhav.cn	otc.bjhav.cn otc1.bjhav.cn
7	otc2.bjhav.cn	otc.bjhav.cn otc1.bjhav.cn 9f61gu1a.skin
7	9f61gu1a.skin	9f61gu1a.skin
6	res.bjhav.cn	9f61gu1a.skin
4	ws2.servers01.com	libs.baidu.com
4	hm.baidu.com	9f61gu1a.skin
3	amtk.ptallenvery.com	9f61gu1a.skin
3	img.tpxiaoshimei.com	9f61gu1a.skin
3	otc8.bjhav.cn	otc1.bjhav.cn
2	otc3.bjhav.cn	otc1.bjhav.cn
2	libs.baidu.com	9f61gu1a.skin
1	otc7.bjhav.cn	otc1.bjhav.cn
1	res.tpxiaoshimei.com	9f61gu1a.skin
1	656499n81119.xn--at-pia4e.cc	9f61gu1a.skin
1	tkapi3.352722.com	libs.baidu.com
143	20

This site contains links to these domains. Also see Links.

Domain
656499n81119.xn--ume-8oa.cc
b656499hcw81119.3277772.cc
a656499hcw81119.3277773.cc
c656499hcw81119.3277768.cc
hcw31119.7588999.com
hcw668.xn--6-qtd7dsa3d9agdw8hxafcd3b.xn--h2brj9c
i656499hcw81119.3277771.cc
i656499wcw81119.28162022.com
i656499dcw81119.7999243.com
656499n81119.xn--amm-38a.cc
656499n81119.xn--m-cgaa4h.cc
656499n81119.xn--ak-oia04f.cc
656499n81119.xn--okk-e7a.cc
656499n81119.xn--u-rha88b3b.cc
656499n81119.xn--me-ejab.cc
656499n81119.xn--2ca9d7w1b.cc
656499n81119.xn--t-dga3a0d.cc
656499n81119.xn--etm-b7a.cc
656499n81119.xn--e-sha33ca.cc
656499n81119.xn--ko-pia97e.cc
656499n81119.xn--eo-jlab.cc
656499n81119.xn--mo-eja2h.cc
656499n81119.xn--etu-e7a.cc
656499n81119.xn--uu-oia8a.cc
656499r225.xn--aoa-b7a.cc
656499n81119.xn--o-xga13ca.cc
26333m656499n81119.xn--u-cga8e57a.cc
27333m656499n81119.xn--k-cgab4b.cc
656499n81119.xn--o-dga8ea.cc
656499n81119.xn--moe-ila.cc
656499n81119.xn--m-sha78ba.cc
tzam.4549pp.com
656499tz81119.xn--t-xga7ba.cc
656499tz81119.xn--keo-c7a.cc
656499tz81119.xn--ou-pia6e.cc
656499tz81119.xn--t-wfa7ca.cc
656499tz81119.xn--oea-e7a.cc
656499tz81119.xn--oam-28a.cc
656499tz81119.xn--oat-9oa.cc
656499tz81119.xn--mmu-9oa.cc
656499tz81119.xn--tto-c7a.cc
656499tz81119.xn--oum-38a.cc
656499tz81119.xn--uk-fja4b.cc
656499tz81119.xn--mm-oia77e.cc
656499tz81119.xn--aoe-18a.cc
656499tz81119.xn--um-1ya4d.cc
i656499fcw81119.zzhkgqw.com
i656499xcw81119.42999g.com
i656499mcw81119.54168k.com
i656499yl81119.3034504.com
i656499jcw81119.17789ee.com
i656499ycw81119.809199.com
656499n225.xn--moe-ila.cc

Subject Issuer	Validity	Valid
*.7jm7j75e8o.shop Amazon RSA 2048 M03	`2024-05-28` - `2025-06-26`	a year	crt.sh
otc.bjhav.cn TrustAsia RSA DV TLS CA G2	`2024-06-26` - `2024-09-24`	3 months	crt.sh
ptallenvery.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
otc0.bjhav.cn R11	`2024-06-30` - `2024-09-28`	3 months	crt.sh
bjhav.cn WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh
352722.com WE1	`2024-06-19` - `2024-09-17`	3 months	crt.sh
servers01.com WE1	`2024-07-02` - `2024-09-30`	3 months	crt.sh
tpxiaoshimei.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
xn--at-pia4e.cc Cloudflare Inc ECC CA-3	`2024-07-11` - `2024-12-31`	6 months	crt.sh

This page contains 6 frames:

Primary Page: https://9f61gu1a.skin/
Frame ID: 8222DE002D50E08F9721657A282A807A
Requests: 79 HTTP requests in this frame

Frame: https://9f61gu1a.skin/2.html
Frame ID: 9D0A845725824E903C62EA0B9C29C038
Requests: 13 HTTP requests in this frame

Frame: https://9f61gu1a.skin/1.html
Frame ID: 019AE6E8770A0CF689E1194E9C8D3E4F
Requests: 27 HTTP requests in this frame

Frame: https://9f61gu1a.skin/3.html
Frame ID: E2738B34990F9D96BFBE59E2E92A2A23
Requests: 13 HTTP requests in this frame

Frame: https://9f61gu1a.skin/4.html
Frame ID: F73970070833EDF03A54B0C29DD5A785
Requests: 15 HTTP requests in this frame

Frame: https://9f61gu1a.skin/5.html
Frame ID: A44EB16E6BC8A37669E9D9A2BD466F94
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

143
Requests

94 %
HTTPS

42 %
IPv6

8
Domains

20
Subdomains

13
IPs

3
Countries

3609 kB
Transfer

6860 kB
Size

7
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://656499n81119.xn--ume-8oa.cc/#656499.com
Title: 澳门开奖

Search URL Search Domain Scan URL

URL: https://b656499hcw81119.3277772.cc/wap/#/
Title: 48366

Search URL Search Domain Scan URL

URL: https://a656499hcw81119.3277773.cc/wap/#/
Title: 华彩网首选的彩票,棋牌,视讯,电子,体育投注平台!华彩网全网赔率最高,服务最好,正规的投注网站! 已在本站缴纳1亿押金, 放心投注,本站全程担保！全网赔率最高的正规网投60066华彩网.com下载 APP 连续充值 3天存款每笔即送188元赠送588元赠送5%彩票棋牌视讯电子返水0.8%无上限聊天室每天发放大额红包

Search URL Search Domain Scan URL

URL: https://c656499hcw81119.3277768.cc/wap/#/

Search URL Search Domain Scan URL

URL: https://hcw31119.7588999.com/huacai.apk
Title: Android下载

Search URL Search Domain Scan URL

URL: https://hcw668.xn--6-qtd7dsa3d9agdw8hxafcd3b.xn--h2brj9c/32777668.mobileconfig
Title: IOS下载

Search URL Search Domain Scan URL

URL: https://i656499hcw81119.3277771.cc/wap/#/
Title: 访问官网

Search URL Search Domain Scan URL

URL: https://i656499wcw81119.28162022.com/wap/#/

Search URL Search Domain Scan URL

URL: https://i656499dcw81119.7999243.com/wap/#/

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--amm-38a.cc/#UNSITES
Title: 225期：澳门金财神网三肖六码已经上料✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--m-cgaa4h.cc/#UNSITES
Title: 225期：澳门澳门全讯复试四连期期中奖✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--ak-oia04f.cc/#UNSITES
Title: 225期：澳门蛇蛋论坛六码中特已经公开✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--okk-e7a.cc/#UNSITES
Title: 225期：澳门聚彩论坛复试四期连续中奖✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--u-rha88b3b.cc/#UNSITES
Title: 225期：澳门曾道人网六码中特已经上料✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--me-ejab.cc/#UNSITES
Title: 225期：澳门天线宝宝三肖六码已经上料✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--2ca9d7w1b.cc/#UNSITES
Title: 225期：澳门老鼠报网网单双再连中11期✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--t-dga3a0d.cc/#UNSITES
Title: 225期：澳门澳彩霸王网三肖六码连连中✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--etm-b7a.cc/#UNSITES
Title: 225期：澳门红双喜网网单双再连中19期✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--e-sha33ca.cc/#UNSITES
Title: 225期：澳门金手指网三肖六码已经上料✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--ko-pia97e.cc/#UNSITES
Title: 225期：澳门红姐论坛④肖④码期期中奖✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--eo-jlab.cc/#UNSITES
Title: 225期：澳门淘码论坛①高手资料已公开✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--mo-eja2h.cc/#UNSITES
Title: 225期：澳门西游降庄①肖连连中十八期✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--etu-e7a.cc/#UNSITES
Title: 225期：澳门澳摇钱树①高手资料已公开✔

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--uu-oia8a.cc/#UNSITES
Title: 225期：澳门澳高手网④肖④码期期中奖✔

Search URL Search Domain Scan URL

URL: https://656499r225.xn--aoa-b7a.cc/?type=ma
Title: 开奖记录

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--o-xga13ca.cc/#UN
Title: 225期:导航联盟7307.com为华彩网担保

Search URL Search Domain Scan URL

URL: https://26333m656499n81119.xn--u-cga8e57a.cc/#dh
Title: 225期:26333澳门玄机内幕三连肖必中

Search URL Search Domain Scan URL

URL: https://27333m656499n81119.xn--k-cgab4b.cc/#27333
Title: 090期:27333香港必發二十年准确95%

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--o-dga8ea.cc/

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--moe-ila.cc/

Search URL Search Domain Scan URL

URL: https://656499n81119.xn--m-sha78ba.cc/

Search URL Search Domain Scan URL

URL: https://tzam.4549pp.com/

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--t-xga7ba.cc/gsb/33.html#toutiao
Title: 225期〖北船余香〗🌷平特一尾🌷【11中11】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--keo-c7a.cc/gbs/30.html#toutiao
Title: 225期〖配角而已〗🌷七肖中特🌷【15中14】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--ou-pia6e.cc/gsb/28.html#toutiao
Title: 225期〖东张西望〗🌷单双中特🌷【10中10】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--t-wfa7ca.cc/gsb/02.html#toutiao
Title: 225期〖凤凰沙漠〗🌷左右中特🌷【16中15】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--oea-e7a.cc/gsb/04.html#toutiao
Title: 225期〖至尊宝宝〗🌷家禽野兽🌷【14中13】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--oam-28a.cc/gsb/12.html#toutiao
Title: 225期〖今日热点〗🌷24码中特🌷【11中10】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--oat-9oa.cc/gsb/02.html#toutiao
Title: 225期〖大禹治水〗🌷六肖中特🌷【18中16】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--mmu-9oa.cc/gsb/21.html#toutiao
Title: 225期〖春阳和煦〗🌷男女中特🌷【18中16】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--tto-c7a.cc/gsb/22.html#toutiao
Title: 225期〖心锁了雾〗🌷阴阳中特🌷【16中14】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--oum-38a.cc/gsb/55.html#toutiao
Title: 225期〖咸宁羊队〗🌷胆大胆小🌷【16中14】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--oea-e7a.cc/gsb/02.html#toutiao
Title: 225期〖浪子回头〗🌷前后中特🌷【14中12】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--uk-fja4b.cc/bbs/24.html#toutiao
Title: 225期〖各取所需〗🌷免费六尾🌷【12中10】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--mm-oia77e.cc/gsb/06.html#toutiao
Title: 225期〖风雨英雄〗🌷合数单双🌷【12中10】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--aoe-18a.cc/gsb/11.html#toutiao
Title: 225期〖码道精神〗🌷必中大小🌷【22中19】

Search URL Search Domain Scan URL

URL: https://656499tz81119.xn--um-1ya4d.cc/gsb/19.html#toutiao
Title: 225期〖笔底烟花〗🌷合数大小🌷【21中18】

Search URL Search Domain Scan URL

URL: https://i656499fcw81119.zzhkgqw.com/wap/#/

Search URL Search Domain Scan URL

URL: https://i656499xcw81119.42999g.com/wap/#/

Search URL Search Domain Scan URL

URL: https://i656499mcw81119.54168k.com/wap/#/

Search URL Search Domain Scan URL

URL: https://i656499yl81119.3034504.com/wap/#/

Search URL Search Domain Scan URL

URL: https://i656499jcw81119.17789ee.com/wap/#/

Search URL Search Domain Scan URL

URL: https://i656499ycw81119.809199.com/wap/#/

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423907
Title: 码头诗

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423528
Title: 八仙过海

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423749
Title: 新版跑狗图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423960
Title: 六合王生肖报

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423893
Title: 管家婆

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423527
Title: 挂牌天机

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=424714
Title: 高清跑狗图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423525
Title: 正版四不像图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423947
Title: 九肖10码

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423750
Title: 老版跑狗图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423945
Title: 小黄人玄机诗

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423923
Title: 红虎报

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423937
Title: 美腿新报

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423949
Title: 九肖三十码

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423529
Title: 四不像中特图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423885
Title: 红财神

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423871
Title: 马会传真

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423910
Title: 金多宝传真

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=424158
Title: 黄大仙发财符

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423880
Title: 猛虎报

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423892
Title: 幽默猜测

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423927
Title: 别版跑狗图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423873
Title: 熊出没玄机图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423746
Title: 花仙子

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=424798
Title: 香港马经

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=424794
Title: 香港特码王

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423935
Title: 新生活幽默图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423799
Title: 赢战图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=424877
Title: 挂牌天书

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423745
Title: 正版蛇蛋图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423787
Title: 马会生活幽默

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423782
Title: 小黄人

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423894
Title: 周公解梦

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=424748
Title: 广州传真猜特

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423785
Title: 为赢报

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423912
Title: 天线宝宝

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=424371
Title: 美女六肖图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423775
Title: 金陵十二金钗

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423771
Title: 港报图

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423842
Title: 透密玄机

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423844
Title: 美女报码一

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=424767
Title: 广州传真中特

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423764
Title: 财神到

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423837
Title: 一码中特

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423810
Title: 七彩幸运奖

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423509
Title: 赌王投注解密

Search URL Search Domain Scan URL

URL: https://656499n225.xn--moe-ila.cc/#/pages/detail/detail?id=423590
Title: 钱多多

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

143 HTTP transactions
19 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
9f61gu1a.skin/ 25 KB
25 KB 1939ms
588ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f5e202336ea8a14947c859e072100644b06041ec2ccc33f50ad632fcf57127b0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=300
content-length: 25094
content-type: text/html
date: Sun, 11 Aug 2024 17:49:29 GMT
etag: "66b63b58-6206"
last-modified: Fri, 09 Aug 2024 15:52:56 GMT
server: nginx/1.24.0

GET
H2 200 com.js Show response
otc.bjhav.cn/ 993 B
1 KB 1430ms
348ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-TNA-01rFO39 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27456
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H3 200 style.css
img.ptallenvery.com/656499/css/ 53 KB
8 KB 779ms
633ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/656499/css/style.css
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2ed87f95600f53444acfa5a3c7a58850fb0407741858b544dd92babbaf4cc84

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:31 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Aug 2024 11:07:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ae0f5c-d3f7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YqCtXH8vc%2B0l0kz%2Fb6P2SVnq%2F6ofhonVecJz5bPhzOHTDbcpjcMc89B%2BgE7%2FI8FXxNjl%2Bmn339K2r6g6KAF%2F9g9QM3B8BvAToDGpQz0QDl9sy7saJnxVRVuFWgrlORzClxYhDEBD"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b1a10092af63677-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK jquery.min.js Show response
libs.baidu.com/jquery/1.11.1/ 94 KB
33 KB 3764ms
2137ms Script
application/x-javascript 39.156.66.111
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.baidu.com/jquery/1.11.1/jquery.min.js

Requested by

Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),

Reverse DNS

Software

Apache /

Resource Hash

91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=87600

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 17:49:33 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=87600
Last-Modified: Tue, 08 Jul 2014 03:05:51 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 10 Sep 2024 17:49:33 GMT

GET
H2 200 layer.min.js Show response
otc.bjhav.cn/assets/ 3 KB
2 KB 1450ms
371ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/layer.min.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 9aeba8c3b288c850c42a6f2233bbbef39234f1855e7b8ed346b1f9f1ccc70b51

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:21:24 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: policy=overwrite
etag: W/"6677ffc7-bfd"
x-cache-status: HIT
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27457
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:09 GMT

GET
H2 200 qqface.js Show response
otc.bjhav.cn/assets/ 4 KB
2 KB 1477ms
398ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/qqface.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 7d3ea645ab82c37a6788f353eb9afc118295ad07749ff61c0e41669b6fec7edb

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:20:59 GMT
content-encoding: gzip
last-modified: Wed, 26 Jun 2024 08:47:33 GMT
server: nginx
age: policy=overwrite
etag: W/"667bd5a5-e73"
x-cache-status: HIT
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27458
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:04 GMT

GET
H2 200 common_am4.js Show response
otc.bjhav.cn/assets/ 28 KB
8 KB 1482ms
403ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/common_am4.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 3bebc274d555408140025b328b95203ea791b655b5a0282179588e3cc44ecccc

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:19:55 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2024 06:25:39 GMT
server: nginx
age: policy=overwrite
etag: W/"66ab2a63-7174"
x-cache-status: HIT
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27462
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:06 GMT

GET
H2 200 common.css
otc.bjhav.cn/assets/ 9 KB
3 KB 1433ms
354ms Stylesheet
text/css 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/common.css
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: f68cf3ef03d3a7c1858c58f92c2475be7b7efea477e2cc591502d5ba5996144f

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:44:42 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2024 13:12:33 GMT
server: nginx
age: policy=overwrite
etag: W/"66acdb41-23e8"
x-cache-status: HIT
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27455
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:05 GMT

GET
H2 200 jquery.cookie.js Show response
otc.bjhav.cn/assets/ 2 KB
1 KB 1482ms
403ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/jquery.cookie.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: b20d3c9c8dc843952a44096596d53c5f548a26ad431d144146aa7336fedde27b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:45:45 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: policy=overwrite
etag: W/"6677ffc8-793"
x-cache-status: HIT
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27461
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:05 GMT

GET
H2 200 amtop4.js Show response
otc.bjhav.cn/assets/ 18 KB
7 KB 1298ms
402ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/amtop4.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e773ac9b0dd82ed644ece4ad8eea9f57dc6b76bfecd2c3b5d929402b9010423

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:25:34 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2024 06:25:38 GMT
server: nginx
age: policy=overwrite
etag: W/"66ab2a62-47d0"
x-cache-status: HIT
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27459
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:04 GMT

GET
H2 200 tuku.js Show response
otc.bjhav.cn/hk/ 49 KB
14 KB 1307ms
418ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/hk/tuku.js?3
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 6ca50aaa5964884a2b34d9b669e841eb730bd30acfcda7d5cbde8181822059e1

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:41:30 GMT
content-encoding: gzip
last-modified: Sun, 28 Jul 2024 11:06:58 GMT
server: nginx
age: policy=overwrite
etag: W/"66a62652-c46c"
x-cache-status: HIT
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27460
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 28 Jul 2024 11:23:48 GMT

GET
H2 200 amgg4.js Show response
otc.bjhav.cn/assets/ 30 KB
6 KB 1571ms
682ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/amgg4.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 9ba35a7ccba77bcee2523da129a0cbbf39eed185e08027313910c1e128d2a7ef

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:44:41 GMT
content-encoding: gzip
last-modified: Sun, 04 Aug 2024 08:58:39 GMT
server: nginx
age: policy=overwrite
etag: W/"66af42bf-786c"
x-cache-status: HIT
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27465
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:04 GMT

GET
H2 200 comment_v2.js Show response
otc.bjhav.cn/assets/ 38 KB
10 KB 368ms
366ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/comment_v2.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: eca9f4c2751b97f93e4730130eb25185af8b3550adee40005e63a2f4a8c1d588

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:38:16 GMT
content-encoding: gzip
last-modified: Tue, 09 Jul 2024 05:14:23 GMT
server: nginx
age: policy=overwrite
etag: W/"668cc72f-9864"
x-cache-status: HIT
x-ws-request-id: 66b8f9ae_PS-TNA-01rFO39_34878-27479
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:04 GMT

GET
H3 200 sx.js Show response
img.ptallenvery.com/36296/js/ 5 KB
2 KB 660ms
659ms Script
application/javascript 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/36296/js/sx.js?7
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e2077015715f5d6e18f527dc76e380cdd4f5be54285379bba5cdf6582edb940

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:31 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Aug 2024 11:25:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ae13b9-144d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mabhImCPvZ9bsqAvMTQTYjhAmJ%2BXDUqK7eQw62VXqZuPaUUaxbk%2BZZcdgpjwcsNAxyuUMDF5T%2FuLCuM7hE7TcJkBELk5hH4BlTbJXHgbI4311UTzeLjkFk7mvIVzIqbQBzkdSb9O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8b1a10097b713677-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ 8 KB
4 KB 1219ms
293ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 11 Aug 2024 17:20:54 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1718
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2937
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01UOw48 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 30 Jul 2024 15:39:18 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ 6 KB
3 KB 1258ms
309ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 11 Aug 2024 17:40:03 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 569
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-016h450_46446-61947
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ 2 KB
1 KB 1292ms
341ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 11 Aug 2024 17:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 982
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-TNA-01rFO39_35244-19493
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ 94 KB
37 KB 1258ms
308ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 11 Aug 2024 17:21:01 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1711
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01hIv46_30050-7116
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js Show response
otc0.bjhav.cn/assets/ 18 KB
7 KB 2591ms
1667ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?11.8.20241949
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: b6844b96e24a1a917921d708f96c2eed7d83199db64d796ee423b793102928f9

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 11 Aug 2024 17:49:33 GMT
content-encoding: gzip
last-modified: Sat, 10 Aug 2024 11:15:16 GMT
server: nginx
etag: W/"66b74bc4-47cc"
x-cache-status: MISS
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2936
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-014CW250 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:33 GMT

GET
H2 200 no.js Show response
res.bjhav.cn/assets/ 82 B
680 B 962ms
626ms Script
text/html 2606:4700:3037::ac43:b80c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.bjhav.cn/assets/no.js?v=11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b80c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5150780b1460a792dc8163f237d090c49b6f032a62ccdb7c19febe462ab062b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 11 Aug 2024 17:49:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1hL3zx4oeEWQjYKDI7VUEVpw%2B8gZT%2FZLS5bNgThQ2JhVKYNghbnLyB2%2BiCERow1ws7d10qcX%2B3GFpiG5mXFVfx6MhVJ7c9MnZiGczVu2eU6FRLK%2BxDRPhOVMP%2BRn1dCmq5uBC%2F2uYLiJnY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 8b1a10241eff2c6f-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET
H2 200 popMore.js Show response
otc4.bjhav.cn/hk/ 6 KB
2 KB 555ms
522ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc4.bjhav.cn/hk/popMore.js?11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 212a4dcbf6fe014c6d55624b813e4fdbed173460d5e63588b80a276d4a746312

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 11 Aug 2024 17:49:34 GMT
content-encoding: gzip
last-modified: Sun, 11 Aug 2024 14:01:11 GMT
server: nginx
etag: W/"66b8c427-16d4"
x-cache-status: MISS
x-ws-request-id: 66b8f9ae_PS-000-01UOw48_39174-2968
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-HYN-01mLR49 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:34 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1062ms
327ms Script
application/javascript 111.45.3.198
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?acc734b3e85c999250703dbb1884525b

Requested by

Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

d9236fb3c313079c6c1b75bd820be644ed6fb83ca1cdb799ceb003f03920801c

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 17:49:36 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: d4d5415729b885e02355229962627eaa
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11294

GET
H2 200 layer.css
otc.bjhav.cn/assets/need/ 5 KB
2 KB 795ms
795ms Stylesheet
text/css 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/need/layer.css?2.0
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/assets/layer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:20:48 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 04:46:55 GMT
server: nginx
age: policy=overwrite
etag: W/"60d019bf-148c"
x-cache-status: HIT
x-ws-request-id: 66b8f9b0_PS-TNA-01rFO39_34878-27489
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 03:01:33 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 858ms
351ms Script
application/javascript 111.45.3.198
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?6a8a05b726faef2e45174a3928c5cdca

Requested by

Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

5e2026529a7833f94648b92696fc1fb5e8ab46200f321c8112ce20bfafc9ecdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 17:49:36 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: c340b3c81f4aff539e3b118949325cb0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11294

GET
H2 200 impact.font.css
otc.bjhav.cn/image/ 269 KB
146 KB 1169ms
1166ms Stylesheet
text/css 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/image/impact.font.css
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: e04dbc0c22c6655dce965ab8853e5ea1c09b7a07121bd07d55c7b6b98f161a89

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:31:13 GMT
content-encoding: gzip
last-modified: Mon, 24 Jun 2024 13:22:14 GMT
server: nginx
age: policy=overwrite
etag: W/"66797306-4359b"
x-cache-status: HIT
x-ws-request-id: 66b8f9b0_PS-TNA-01rFO39_34878-27490
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 03:19:52 GMT

GET
H2 200 star.png
otc.bjhav.cn/assets/img/ 5 KB
5 KB 1891ms
1887ms Image
image/png 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otc.bjhav.cn/assets/img/star.png
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 02de150032a6bc397b93a5fc85cca8b7679a9a91be37df0758769f2ab507a668

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 05 Aug 2024 15:16:21 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 14:30:12 GMT
server: nginx
age: policy=overwrite
etag: W/"667ad474-13e3"
x-cache-status: HIT
x-ws-request-id: 66b8f9b0_PS-TNA-01rFO39_34878-27494
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 03:00:28 GMT

GET
H2 200 rz.png
otc.bjhav.cn/assets/img/ 5 KB
5 KB 1889ms
1885ms Image
image/png 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otc.bjhav.cn/assets/img/rz.png
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: dccc8e91b78ba7b840a47fbcedc06638b698a601da38c30014878c38a8cad35d

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 09 Aug 2024 22:30:29 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 14:30:12 GMT
server: nginx
age: policy=overwrite
etag: W/"667ad474-127d"
x-cache-status: HIT
x-ws-request-id: 66b8f9b0_PS-TNA-01rFO39_34878-27495
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 03:00:28 GMT

GET
H2 200 az.png
otc.bjhav.cn/assets/img/ 4 KB
4 KB 1891ms
1888ms Image
image/png 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otc.bjhav.cn/assets/img/az.png
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: f86361830013708a83bb8ae824db42b8b05dcd33c95d3d0394ee2ff1e4985d55

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 21:50:08 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 14:30:11 GMT
server: nginx
age: policy=overwrite
etag: W/"667ad473-fbb"
x-cache-status: HIT
x-ws-request-id: 66b8f9b0_PS-TNA-01rFO39_34878-27496
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 03:09:19 GMT

GET
H2 200 ios6b533a9.png
otc.bjhav.cn/assets/img/ 5 KB
5 KB 1890ms
1887ms Image
image/png 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otc.bjhav.cn/assets/img/ios6b533a9.png
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 3fe7c24791c3dcb0e27fb33b8970960b39e4fb40127f1d21ce642219b1c9dcc1

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 22:02:23 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 14:30:12 GMT
server: nginx
age: policy=overwrite
etag: W/"667ad474-14de"
x-cache-status: HIT
x-ws-request-id: 66b8f9b1_PS-TNA-01rFO39_34878-27499
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 03:00:27 GMT

GET
H2 200 web.png
otc.bjhav.cn/assets/img/ 3 KB
3 KB 1890ms
1887ms Image
image/png 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otc.bjhav.cn/assets/img/web.png
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 59563fd050c2c64916c411e9ffd48319f02ae4ca5e4024a649cc7e51d1062bc5

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 23:24:53 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 14:30:12 GMT
server: nginx
age: policy=overwrite
etag: W/"667ad474-b73"
x-cache-status: HIT
x-ws-request-id: 66b8f9b1_PS-TNA-01rFO39_34878-27500
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 03:08:59 GMT

GET
H2 200 amlinks2.js Show response
otc.bjhav.cn/assets/ 10 KB
4 KB 1889ms
1886ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/amlinks2.js?11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 532304f0d2f5037c19e44c7680faa4b702a5a0f772141fa57c6f339db79b53f6

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 11 Aug 2024 17:49:36 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2024 06:25:37 GMT
server: nginx
age: policy=overwrite
etag: W/"66ab2a61-2734"
x-cache-status: MISS
x-ws-request-id: 66b8f9b0_PS-TNA-01rFO39_34878-27491
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-HYN-01zYz48 [MISS], 2.0 PS-TNA-01rFO39 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:36 GMT

GET
H2 200 AnimalsHelper.js Show response
otc.bjhav.cn/assets/ 12 KB
4 KB 777ms
774ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/AnimalsHelper.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: a449b07ab1a2ac3f53e150e5d746c8d11ffb0dfb06abb57982a8ee7496aba2da

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 11 Aug 2024 17:24:44 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:14 GMT
server: nginx
age: policy=overwrite
etag: W/"6677ffc6-3100"
x-cache-status: HIT
x-ws-request-id: 66b8f9b0_PS-TNA-01rFO39_34878-27492
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:04 GMT

GET
H2 200 kj.js Show response
otc.bjhav.cn/assets/ 16 KB
5 KB 1889ms
1886ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/kj.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 4c21a322e36ae6ee32e4295d2c4a8088df455e8cbd3a56a9a0efa2a5ebcb2e2f

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 11 Aug 2024 17:30:27 GMT
content-encoding: gzip
last-modified: Thu, 18 Jul 2024 12:57:42 GMT
server: nginx
age: policy=overwrite
etag: W/"66991146-3e91"
x-cache-status: HIT
x-ws-request-id: 66b8f9b0_PS-TNA-01rFO39_34878-27493
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:04 GMT

GET
H3 200 bg.gif
img.ptallenvery.com/656499/images/ 420 KB
420 KB 1239ms
1238ms Image
image/gif 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/656499/images/bg.gif
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58c1c850d3622c779678e5dc511c112f4019ddfc8cf5d7dbc326025aab124a5b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:37 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Sat, 03 Aug 2024 11:14:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ae112d-69069"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qkj5lcq6aFv0TSv%2FbWHfaWLBG%2BVtKXP0yYtkJpvEQKZcnPiUrRY2Qx2Q%2B8KPjhQYygRG2QQMxES0sXBXcDcxJgxhMi96zco5kRTgIEkLqljaYAClWB3JBqupviUDVyJYysCQh67b"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 8b1a102cbfb83677-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 30-656499.jpg
img.ptallenvery.com/656499/images/ 133 KB
123 KB 605ms
605ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/656499/images/30-656499.jpg
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d1c6efb7fc03f0c531ec4385ac91b05e0efda495f4f51a51adad85ad02d450

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:36 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Aug 2024 11:07:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ae0f7b-21424"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTYRbDitzppVwHw8dLYLCjZ%2BDIVaOyvlDEd5sgU8tag9HDqDT1iPhXthPUnfxyEg2mjNWOy7Xbjwvww87AQEBhyKiT8yef7cGTjUATUnas7MrnLn6SmFwV3P4FE7Rno6ml16bhgt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b1a102ccfc03677-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 332ms
332ms Image
image/gif 111.45.3.198
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=E42B9BC8D3E19300&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=134068446&si=acc734b3e85c999250703dbb1884525b&v=1.3.2&lv=1&sn=24682&r=0&ww=1600&u=https%3A%2F%2F9f61gu1a.skin%2F&tt=%E8%AF%B8%E8%91%9B%E4%BA%AE%7C600%E5%9B%BE%E5%BA%93%7C%E5%85%AB%E7%99%BE%E5%9B%BE%E5%BA%93%7C%E5%BC%80%E5%A5%96%E6%9C%80%E5%BF%AB%7C%E6%BE%B3%E9%97%A8%E4%BB%8A%E6%99%9A%E5%BF%85%E4%B8%AD%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%7C%E6%B0%B8%E4%B9%85%E5%85%8D%E8%B4%B9%E8%B5%84%E6%96%99%7C%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81100%E5%87%86%E4%B8%AD%E5%A5%96%E6%BE%B3%E9%97%A82024%7C%E7%AE%A1%E5%AE%B6%E5%A9%86%E4%B8%89%E8%82%96%E4%B8%89%E6%9C%9F%E5%BF%85%E5%87%BA%E4%B8%80%E6%9C%9F%E5%BF%AB%E5%BC%80%E5%A5%96%E7%9B%B4%E6%92%AD

Requested by

Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Aug 2024 17:49:36 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 351ms
350ms Image
image/gif 111.45.3.198
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=E42B9BC8D3E19300&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1226079341&si=6a8a05b726faef2e45174a3928c5cdca&v=1.3.2&lv=1&sn=24682&r=0&ww=1600&u=https%3A%2F%2F9f61gu1a.skin%2F&tt=%E8%AF%B8%E8%91%9B%E4%BA%AE%7C600%E5%9B%BE%E5%BA%93%7C%E5%85%AB%E7%99%BE%E5%9B%BE%E5%BA%93%7C%E5%BC%80%E5%A5%96%E6%9C%80%E5%BF%AB%7C%E6%BE%B3%E9%97%A8%E4%BB%8A%E6%99%9A%E5%BF%85%E4%B8%AD%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81%7C%E6%B0%B8%E4%B9%85%E5%85%8D%E8%B4%B9%E8%B5%84%E6%96%99%7C%E4%B8%80%E8%82%96%E4%B8%80%E7%A0%81100%E5%87%86%E4%B8%AD%E5%A5%96%E6%BE%B3%E9%97%A82024%7C%E7%AE%A1%E5%AE%B6%E5%A9%86%E4%B8%89%E8%82%96%E4%B8%89%E6%9C%9F%E5%BF%85%E5%87%BA%E4%B8%80%E6%9C%9F%E5%BF%AB%E5%BC%80%E5%A5%96%E7%9B%B4%E6%92%AD

Requested by

Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

111.45.3.198 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Aug 2024 17:49:37 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 kj-style.css
otc.bjhav.cn/assets/ 5 KB
2 KB 746ms
745ms Stylesheet
text/css 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/kj-style.css?v=11.8.202419491
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/assets/kj.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 6486734c17f7f1a04edc6ea0ab76f59c8d44d8eca8c004dc0e7a901b0e4818f4

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:24:53 GMT
content-encoding: gzip
last-modified: Wed, 26 Jun 2024 05:19:56 GMT
server: nginx
age: policy=overwrite
etag: W/"667ba4fc-139b"
x-cache-status: HIT
x-ws-request-id: 66b8f9b2_PS-TNA-01rFO39_34878-27508
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:04 GMT

GET
H3 200 time.json Show response
tkapi3.352722.com/json/ 64 B
725 B 350ms
293ms XHR
application/json 172.67.222.40
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tkapi3.352722.com/json/time.json?1723398578098
Requested by: Host: libs.baidu.com
URL: https://libs.baidu.com/jquery/1.11.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.222.40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1577934429fe32f8e55ad159784335db0bdcef46df9c675441321caee32ce23b

Request headers

Accept: */*
Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 11 Aug 2024 17:49:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b8f9b1-40"
access-control-allow-methods: POST, GET, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lxJe94hDlfjd5ttQxLDtHtCKHITGSNQMtmT4ow0skD3JlFt4snKk3KmB9Ts9%2F0PHUoJX8qLe4VaXwAYPOO8PBUFcA9HTMB%2BeLJI01JAxHFk4dTH4Gg%2Bs4NdaFtA6EvenCfY5Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=60
cf-ray: 8b1a10399ac1361e-FRA
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Cache-Control, Connection, Authorization, Content-Type, lang, token, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
alt-svc: h3=":443"; ma=86400

GET
H2 200 am_kj.json Show response
ws2.servers01.com/ 75 B
697 B 357ms
237ms XHR
application/json 2606:4700:3030::6815:452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws2.servers01.com/am_kj.json?1723398578101
Requested by: Host: libs.baidu.com
URL: https://libs.baidu.com/jquery/1.11.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e76ce728d60060a9cf2210cf8e16f7e0969813d861ca0a3f4f73e4f7cd73deb8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 11 Aug 2024 17:49:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b8f9af-4b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rI2C5477fFPQsFatCRDIMhaPawug7HO7O3uGDZDKBZxDUvIrws%2BspTi3QqTwwyxwAxHJRldmG2%2FTvIEmt1Qx%2FT0yClbjH3QJhWxbBMMMV7hGNgTN%2ByaD1nnT%2Ftet%2Bfg9pWk1No3PTwG6gjxiTVvEXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b1a1039ffda904f-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET
H2 200 top_banner.png
otc.bjhav.cn/image/ 6 KB
7 KB 729ms
729ms Image
image/png 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otc.bjhav.cn/image/top_banner.png
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: c37e12eec8bbdcfc4ca8debc2103765b7c51eb550f569c90faa305cc88cd97fb

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 21:22:29 GMT
content-encoding: gzip
last-modified: Mon, 24 Jun 2024 13:22:48 GMT
server: nginx
age: policy=overwrite
etag: W/"66797328-19a7"
x-cache-status: HIT
x-ws-request-id: 66b8f9b2_PS-TNA-01rFO39_34878-27509
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 03:35:09 GMT

GET
DATA 200
OK truncated
/ 202 KB
202 KB Font
font/ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8bbdb72e3f930157824b2e59677d3a912d4512c14a948e6656a2e3fb0c935ad

Request headers

Referer
Origin: https://9f61gu1a.skin
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: font/ttf

GET
H2 200 8ca71bedcbbdb869634a3a51c024a5 Show response
otc1.bjhav.cn/blob/a1/ 38 KB
38 KB 869ms
293ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/blob/a1/8ca71bedcbbdb869634a3a51c024a5
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 203c97516b5f119bd8e0aac54f3ce95c9a5cee0a0ef5c1f5ba3e45af3873646c

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:33:09 GMT
last-modified: Mon, 24 Jun 2024 05:54:44 GMT
server: nginx
age: 989
etag: "66790a24-960a"
x-cache-status: HIT
x-ws-request-id: 66b8f9b2_PS-000-016h450_46073-25331
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 38410

GET
H2 200 9eb7be3ed48e977d929fd30543146f Show response
otc2.bjhav.cn/blob/29/ 111 KB
112 KB 991ms
329ms XHR
application/octet-stream 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/blob/29/9eb7be3ed48e977d929fd30543146f
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: f7f1aabdf10f59b0b6549bce5322474fce07e07ffdc74a741594ad4b4ee25b74

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:25 GMT
last-modified: Sun, 07 Jul 2024 10:16:09 GMT
server: nginx
age: 13
etag: "668a6ae9-1bced"
x-cache-status: HIT
x-ws-request-id: 66b8f9b2_PS-TNA-01rFO39_35077-59168
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 113901

GET
H2 200 31376cfbeea523355b325b5c967dc3 Show response
otc8.bjhav.cn/blob/d8/ 103 KB
103 KB 1382ms
570ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc8.bjhav.cn/blob/d8/31376cfbeea523355b325b5c967dc3?v88
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 996af3b3c7e2d09d7832473e88e694890327017c805fafa1b8c3cc0d7a3e6650

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:30:32 GMT
last-modified: Thu, 08 Aug 2024 05:48:31 GMT
server: nginx
age: 1147
etag: "66b45c2f-19abd"
x-cache-status: HIT
x-ws-request-id: 66b8f9b3_PS-000-01hIv46_30179-20548
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 105149

GET
H2 200 a31a02c733b86fe0904619a6900ad4 Show response
otc8.bjhav.cn/blob/82/ 57 KB
57 KB 1379ms
568ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc8.bjhav.cn/blob/82/a31a02c733b86fe0904619a6900ad4
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: e1c4b73678732997fc2bc298d2b6eb04ac9885a1cdccf97f3584d88f61e0f5ec

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:37:33 GMT
last-modified: Wed, 26 Jun 2024 06:50:21 GMT
server: nginx
age: 726
etag: "667bba2d-e2fb"
x-cache-status: HIT
x-ws-request-id: 66b8f9b3_PS-000-01hIv46_30179-20547
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 58107

GET
H2 200 998281cadcd88c615a850a82eca558 Show response
otc5.bjhav.cn/blob/d5/ 213 KB
214 KB 873ms
298ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/blob/d5/998281cadcd88c615a850a82eca558?711
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: c572106dccae141703d722f0be0af879b87f7d79564b42423169fa297d961883

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:31:38 GMT
last-modified: Thu, 11 Jul 2024 13:24:17 GMT
server: nginx
age: 1080
etag: "668fdd01-3550f"
x-cache-status: HIT
x-ws-request-id: 66b8f9b2_PS-000-01hIv46_30235-36805
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 218383

GET
H2 200 04f416a22e6b1666b9b2406d35b1ae Show response
otc4.bjhav.cn/blob/84/ 52 KB
52 KB 1105ms
292ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc4.bjhav.cn/blob/84/04f416a22e6b1666b9b2406d35b1ae
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: b2fe2b6f52464f0f45d92b6cec3b9fa596fa97cae914085ec6833ac61af14e56

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:37:09 GMT
last-modified: Thu, 18 Jul 2024 07:33:14 GMT
server: nginx
age: 750
etag: "6698c53a-cebd"
x-cache-status: HIT
x-ws-request-id: 66b8f9b3_PS-000-016h450_45993-46715
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 52925

GET
H2 200 tz_am.js Show response
otc.bjhav.cn/file/ 11 KB
3 KB 1891ms
1890ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/file/tz_am.js?11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 3929b91b5daf90ba180176bc745ac3ff66b5941a0be300c2d8b431e3cf1e013e

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 11 Aug 2024 17:49:40 GMT
content-encoding: gzip
last-modified: Sun, 11 Aug 2024 13:38:23 GMT
server: nginx
age: policy=overwrite
etag: W/"66b8becf-2b34"
x-cache-status: MISS
x-ws-request-id: 66b8f9b4_PS-TNA-01rFO39_34878-27515
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-HYN-01zYz48 [MISS], 2.0 PS-TNA-01rFO39 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:40 GMT

GET
H2 200 2.html Show response
9f61gu1a.skin/ Frame 9D0A 40 KB
7 KB 292ms
291ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9f61gu1a.skin/2.html
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9ba63d443db768f2fe77ad5d98917c2b530b5659754740027300077d21b4d022

Request headers

Referer: https://9f61gu1a.skin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html
date: Sun, 11 Aug 2024 17:49:39 GMT
etag: W/"66b8c837-9eea"
last-modified: Sun, 11 Aug 2024 14:18:31 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 1.html Show response
9f61gu1a.skin/ Frame 019A 47 KB
8 KB 289ms
289ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9f61gu1a.skin/1.html
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 335e77391a7695e1721a07ca886ff8ba7d9d106db872ec61d9a96e33df2dfd53

Request headers

Referer: https://9f61gu1a.skin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html
date: Sun, 11 Aug 2024 17:49:39 GMT
etag: W/"66b8c838-bcd6"
last-modified: Sun, 11 Aug 2024 14:18:32 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 a5e1a9d31fcde0402ce31b60323862 Show response
otc3.bjhav.cn/blob/3f/ 187 KB
188 KB 1022ms
969ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc3.bjhav.cn/blob/3f/a5e1a9d31fcde0402ce31b60323862
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: a2016dd468070c19534cbbce3959e79c378c460087fc0868c09e18316b25ab6a

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:41:27 GMT
last-modified: Mon, 24 Jun 2024 05:59:31 GMT
server: nginx
age: 492
etag: "66790b43-2ed04"
x-cache-status: HIT
x-ws-request-id: 66b8f9b3_PS-000-016h450_46073-25341
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 191748

GET
H2 200 df32fe382b757d12832bef34f7b5fd Show response
otc3.bjhav.cn/blob/dc/ 298 KB
299 KB 1340ms
1288ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc3.bjhav.cn/blob/dc/df32fe382b757d12832bef34f7b5fd
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 8f38a6d88a6da8e3e3d2bf3fa9aa27a957939cf2c0a5a267842dfb9bc9dbc9b0

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:20:45 GMT
last-modified: Mon, 24 Jun 2024 06:00:17 GMT
server: nginx
age: 1734
etag: "66790b71-4a8fa"
x-cache-status: HIT
x-ws-request-id: 66b8f9b3_PS-000-016h450_46073-25342
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 305402

GET
H2 200 86e6b1267fd42dabd325b8886b6a53 Show response
otc1.bjhav.cn/blob/f1/ 43 KB
43 KB 1907ms
1905ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/blob/f1/86e6b1267fd42dabd325b8886b6a53?708v1
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: bdcb765ff9502a771c57515a19baf84c04826aa7afb61afeafa736c6d5677b34

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:30:21 GMT
last-modified: Sun, 07 Jul 2024 04:09:49 GMT
server: nginx
age: 1158
etag: "668a150d-aa39"
x-cache-status: HIT
x-ws-request-id: 66b8f9b3_PS-000-016h450_46073-25344
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 43577

GET
H2 200 606cb647fd33b57c34a34e434ed1f1 Show response
otc4.bjhav.cn/blob/49/ 438 KB
439 KB 786ms
785ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc4.bjhav.cn/blob/49/606cb647fd33b57c34a34e434ed1f1
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: c98c0a73648cb3d6f8e54367ee11bf00dadad59fc791d3ebb116e211bb5786b5

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:48:02 GMT
last-modified: Mon, 24 Jun 2024 06:09:58 GMT
server: nginx
age: 97
etag: "66790db6-6d8c9"
x-cache-status: HIT
x-ws-request-id: 66b8f9b3_PS-000-016h450_45993-46718
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 448713

GET
H2 200 208ed7d97d17187da77791a5af6b60 Show response
otc5.bjhav.cn/blob/50/ 55 KB
56 KB 1472ms
1471ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/blob/50/208ed7d97d17187da77791a5af6b60
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 54a24f4f804db679a76fd413736ee5a2095f820e6253f3c5f73512f6fed52ace

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:39:28 GMT
last-modified: Mon, 24 Jun 2024 06:10:27 GMT
server: nginx
age: 611
etag: "66790dd3-dc7d"
x-cache-status: HIT
x-ws-request-id: 66b8f9b3_PS-000-01hIv46_30235-36829
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 56445

GET
DATA 200
OK truncated
/ 38 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e37e676565f2fb06c9b50f7b53f097a28ff603a0b39c329b66c1d9a67c2975f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 5ece794143426c28b1361f1066a515 Show response
otc1.bjhav.cn/blob/a1/ 17 KB
17 KB 1846ms
1846ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/blob/a1/5ece794143426c28b1361f1066a515
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 8ba9b2d87370b3a1c83d88a084d081de0923607cf8cdcd3a5e0226d80403e1de

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:40:11 GMT
last-modified: Mon, 24 Jun 2024 05:59:09 GMT
server: nginx
age: 569
etag: "66790b2d-42ea"
x-cache-status: HIT
x-ws-request-id: 66b8f9b4_PS-000-016h450_46073-25364
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 17130

GET
H2 200 com.js Show response
otc.bjhav.cn/ Frame 019A 993 B
0 0ms
0ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-TNA-01rFO39 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27456
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H/1.1 200
OK jquery.min.js Show response
libs.baidu.com/jquery/1.11.1/ Frame 019A 94 KB
0 1ms
1ms Script
application/x-javascript 39.156.66.111
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL: https://libs.baidu.com/jquery/1.11.1/jquery.min.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/1.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Sun, 11 Aug 2024 17:49:33 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Jul 2014 03:05:51 GMT
Server: Apache
Vary: Accept-Encoding
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Expires: Tue, 10 Sep 2024 17:49:33 GMT

GET
H3 200 caitu.css
img.ptallenvery.com/1121666/img/ Frame 019A 2 KB
1 KB 634ms
632ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/1121666/img/caitu.css
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:39 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Aug 2024 11:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b74f71-965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CP%2FvVrLt9lVcSCYqQ9wo2sLUt9vRiVpVgnXIcl4BvNq7whf26paxM5fXBYx8tb7X%2Bz2BvuvyTanjrJXwoNiXONP2Ul%2BnH4IVMGFBnaPjaLkGardehelL%2FMSut3VYpykE8B1OJwj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b1a10408c6a3677-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 com.js Show response
otc.bjhav.cn/ Frame 9D0A 993 B
0 0ms
0ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-TNA-01rFO39 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27456
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H3 200 caitu.css
img.ptallenvery.com/1121666/img/ Frame 9D0A 2 KB
0 638ms
638ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/1121666/img/caitu.css
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:39 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Aug 2024 11:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b74f71-965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CP%2FvVrLt9lVcSCYqQ9wo2sLUt9vRiVpVgnXIcl4BvNq7whf26paxM5fXBYx8tb7X%2Bz2BvuvyTanjrJXwoNiXONP2Ul%2BnH4IVMGFBnaPjaLkGardehelL%2FMSut3VYpykE8B1OJwj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b1a10408c6a3677-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ Frame 019A 8 KB
0 1ms
1ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:20:54 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1718
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2937
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01UOw48 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 30 Jul 2024 15:39:18 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ Frame 019A 6 KB
0 4ms
4ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:40:03 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 569
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-016h450_46446-61947
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ Frame 019A 2 KB
0 5ms
5ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 982
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-TNA-01rFO39_35244-19493
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ Frame 019A 94 KB
0 7ms
7ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:21:01 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1711
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01hIv46_30050-7116
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js Show response
otc0.bjhav.cn/assets/ Frame 019A 18 KB
0 8ms
8ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?11.8.20241949
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: b6844b96e24a1a917921d708f96c2eed7d83199db64d796ee423b793102928f9

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:33 GMT
content-encoding: gzip
last-modified: Sat, 10 Aug 2024 11:15:16 GMT
server: nginx
etag: W/"66b74bc4-47cc"
x-cache-status: MISS
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2936
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-014CW250 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:33 GMT

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ Frame 9D0A 8 KB
0 7ms
7ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:20:54 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1718
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2937
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01UOw48 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 30 Jul 2024 15:39:18 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ Frame 9D0A 6 KB
0 9ms
9ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:40:03 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 569
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-016h450_46446-61947
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ Frame 9D0A 2 KB
0 11ms
11ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 982
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-TNA-01rFO39_35244-19493
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ Frame 9D0A 94 KB
0 12ms
12ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:21:01 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1711
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01hIv46_30050-7116
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js Show response
otc0.bjhav.cn/assets/ Frame 9D0A 18 KB
0 13ms
13ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?11.8.20241949
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: b6844b96e24a1a917921d708f96c2eed7d83199db64d796ee423b793102928f9

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:33 GMT
content-encoding: gzip
last-modified: Sat, 10 Aug 2024 11:15:16 GMT
server: nginx
etag: W/"66b74bc4-47cc"
x-cache-status: MISS
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2936
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-014CW250 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:33 GMT

GET
H2 200 no.js Show response
res.bjhav.cn/assets/ Frame 019A 82 B
0 0ms
0ms Script
text/html 2606:4700:3037::ac43:b80c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.bjhav.cn/assets/no.js?v=11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b80c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5150780b1460a792dc8163f237d090c49b6f032a62ccdb7c19febe462ab062b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1hL3zx4oeEWQjYKDI7VUEVpw%2B8gZT%2FZLS5bNgThQ2JhVKYNghbnLyB2%2BiCERow1ws7d10qcX%2B3GFpiG5mXFVfx6MhVJ7c9MnZiGczVu2eU6FRLK%2BxDRPhOVMP%2BRn1dCmq5uBC%2F2uYLiJnY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 8b1a10241eff2c6f-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET
H2 200 popMore.js Show response
otc4.bjhav.cn/hk/ Frame 019A 6 KB
0 2ms
2ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc4.bjhav.cn/hk/popMore.js?11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 212a4dcbf6fe014c6d55624b813e4fdbed173460d5e63588b80a276d4a746312

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:34 GMT
content-encoding: gzip
last-modified: Sun, 11 Aug 2024 14:01:11 GMT
server: nginx
etag: W/"66b8c427-16d4"
x-cache-status: MISS
x-ws-request-id: 66b8f9ae_PS-000-01UOw48_39174-2968
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-HYN-01mLR49 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:34 GMT

GET
H2 200 no.js Show response
res.bjhav.cn/assets/ Frame 9D0A 82 B
0 0ms
0ms Script
text/html 2606:4700:3037::ac43:b80c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.bjhav.cn/assets/no.js?v=11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b80c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5150780b1460a792dc8163f237d090c49b6f032a62ccdb7c19febe462ab062b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1hL3zx4oeEWQjYKDI7VUEVpw%2B8gZT%2FZLS5bNgThQ2JhVKYNghbnLyB2%2BiCERow1ws7d10qcX%2B3GFpiG5mXFVfx6MhVJ7c9MnZiGczVu2eU6FRLK%2BxDRPhOVMP%2BRn1dCmq5uBC%2F2uYLiJnY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 8b1a10241eff2c6f-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET
H2 200 popMore.js Show response
otc4.bjhav.cn/hk/ Frame 9D0A 6 KB
0 2ms
2ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc4.bjhav.cn/hk/popMore.js?11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 212a4dcbf6fe014c6d55624b813e4fdbed173460d5e63588b80a276d4a746312

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:34 GMT
content-encoding: gzip
last-modified: Sun, 11 Aug 2024 14:01:11 GMT
server: nginx
etag: W/"66b8c427-16d4"
x-cache-status: MISS
x-ws-request-id: 66b8f9ae_PS-000-01UOw48_39174-2968
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-HYN-01mLR49 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:34 GMT

GET
H2 200 redbag-cdown.js Show response
otc.bjhav.cn/assets/js/ Frame 9D0A 3 KB
2 KB 1516ms
1515ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/js/redbag-cdown.js?zone=ASIA/Hong_Kong&t=1723398579328
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: ffb70c04002962bb60b7bf16168d48732e5f05da7bf1a9289529999c28d5eef3

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:40 GMT
content-encoding: gzip
last-modified: Sat, 11 May 2024 05:04:08 GMT
server: nginx
age: policy=overwrite
etag: W/"663efc48-aab"
x-cache-status: MISS
x-ws-request-id: 66b8f9b4_PS-TNA-01rFO39_34878-27516
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-WNZ-01WSm43 [MISS], 2.0 PS-TNA-01rFO39 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:40 GMT

GET
DATA 200
OK truncated
/ 52 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b89ac071ace2478a5270725145ac004dc91caecbdd89c8ca849e6e673b1b3bc9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 57 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9f1eb6d7bfac9b86cf28449cec9297260e10f9645892dfcb5e49448debe150c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 redbag-cdown.js Show response
otc.bjhav.cn/assets/js/ Frame 019A 3 KB
2 KB 1569ms
1567ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/js/redbag-cdown.js?zone=ASIA/Hong_Kong&t=1723398579916
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: ffb70c04002962bb60b7bf16168d48732e5f05da7bf1a9289529999c28d5eef3

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:40 GMT
content-encoding: gzip
last-modified: Sat, 11 May 2024 05:04:08 GMT
server: nginx
age: policy=overwrite
etag: W/"663efc48-aab"
x-cache-status: MISS
x-ws-request-id: 66b8f9b4_PS-TNA-01rFO39_34878-27517
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-014CW250 [MISS], 2.0 PS-TNA-01rFO39 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:40 GMT

GET
DATA 200
OK truncated
/ 111 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8af694ca70fac0bf0f015a74ceaba6c1ceced3b0db6190514303652b3f299cb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 am_kj.json Show response
ws2.servers01.com/ 75 B
409 B 130ms
129ms XHR
application/json 2606:4700:3030::6815:452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws2.servers01.com/am_kj.json?1723398580108
Requested by: Host: libs.baidu.com
URL: https://libs.baidu.com/jquery/1.11.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:452 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e76ce728d60060a9cf2210cf8e16f7e0969813d861ca0a3f4f73e4f7cd73deb8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 11 Aug 2024 17:49:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b8f9b3-4b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IKEuQXehZmyBUqPIbsrVtE%2FlcUR60FsgWCo9m%2F17NNeP8PUvlmiSrkIn7E0y3YB4rfmGdf7%2BnfzOnlXS6oTx32q%2BrfXMFy6P9sh283wzWH3totdkOsPxGDcmCJiRmO4ogo1RIbzGuhd5Hc5vL1p64w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b1a1045c95f904f-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 103 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35592ccb9ff1c89d55c07f393bd7215b50ef78486e1d21c8a2f8cc924162fd36

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 213 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a914c137348f77812c464eeba1a4cac4e8fad7a204b2a15ac2bc358a13df5ad2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 55 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f84a8d60e875278ca4ee48dbd5eaa1d0fa85141ead03850a4fa62ba689484079

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 187 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bd142d63f1b9b3447bbf73d4a49e07568e25c922499d57150aab8cd3b9f213a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 3.html Show response
9f61gu1a.skin/ Frame E273 29 KB
29 KB 290ms
288ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9f61gu1a.skin/3.html
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: d6aea0d135c77aaeeb34c80786a2ab7a71d990ad93cf2eb2be536759b87e617b

Request headers

Referer: https://9f61gu1a.skin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=300
content-length: 29291
content-type: text/html
date: Sun, 11 Aug 2024 17:49:41 GMT
etag: "66b8da81-726b"
last-modified: Sun, 11 Aug 2024 15:36:33 GMT
server: nginx/1.24.0

GET
H2 200 4.html Show response
9f61gu1a.skin/ Frame F739 26 KB
27 KB 289ms
287ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9f61gu1a.skin/4.html
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 9ceb3479cd8b85b975756356de31e2b7e0de0905bf08c97dc10273f49b0d668a

Request headers

Referer: https://9f61gu1a.skin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=300
content-length: 26930
content-type: text/html
date: Sun, 11 Aug 2024 17:49:41 GMT
etag: "66b8da81-6932"
last-modified: Sun, 11 Aug 2024 15:36:33 GMT
server: nginx/1.24.0

GET
H2 200 5.html Show response
9f61gu1a.skin/ Frame A44E 31 KB
7 KB 573ms
572ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9f61gu1a.skin/5.html
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 80e4dde78750770f93b8f977b05901a239fce5116e91963111d0fecbc3c774c2

Request headers

Referer: https://9f61gu1a.skin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html
date: Sun, 11 Aug 2024 17:49:41 GMT
etag: W/"66b8da81-7bee"
last-modified: Sun, 11 Aug 2024 15:36:33 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 cbm.jpg
img.ptallenvery.com/656499/images/ 17 KB
9 KB 638ms
637ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/656499/images/cbm.jpg
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4461d89ab98c7b6e5b8df31d341f097becd1aa4c781d9a1e3b9f1a7b4e283091

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Aug 2024 11:10:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ae103c-449a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OR06dKGRI7FaR%2BHIEVHLzUS8wrFHTr4GVCboWnOxNlQuNieKi3v%2Fqoldot9FCWbqaZcBKlcVdHIXp%2FhdTo7bebzY9Rs2lMyFfW7LQGlyyyr289a1OyavJ8f7YUIqFHs3iFpAzZFs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b1a1049f9e13677-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 xg.jpg
img.tpxiaoshimei.com/193044/c105/ 4 KB
4 KB 736ms
656ms Image
image/jpeg 172.67.145.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tpxiaoshimei.com/193044/c105/xg.jpg
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 435247b071cfbf4ff29480042788ff32da9a315fcca2e6bf273f770461c04dae

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2024 08:53:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66af4190-105a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPepYzHW3mqPXtZp2v0bdgNuwOWfFkKwe%2BwYDNb2%2FUABMzvP4s7EUixc5zlJdjedb5i1BrgQPhd6RmUnodxRi2dztiDdaAISKyx5gbb5ptQQ%2Fq%2BhX1YJ1Dl7eDpRyKyOWVcMJ22uPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b1a104ac81d085b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 am.jpg
img.tpxiaoshimei.com/193044/c105/ 4 KB
4 KB 734ms
655ms Image
image/jpeg 172.67.145.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tpxiaoshimei.com/193044/c105/am.jpg
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 876cc03059490a2470000e13dea527404d25fcaed5c0313cdec18bfabfd3b1bf

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2024 08:53:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66af4194-fdd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tTWIM1xVB4mDeqYft%2FeLBe0zafNSX400uoi%2FSYqERPGKpwN4CNSy4SYpeEYQ94ojnGwVmWAMK8IK%2FoESaduzy2WC9DnPFMu%2BiG%2Fnd7rrZpK11n4JZ2n1RxzhQhDnOhHv0Yy1nvNyfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b1a104ac818085b-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 tw.png
img.tpxiaoshimei.com/193044/c105/ 13 KB
11 KB 702ms
624ms Image
image/png 172.67.145.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.tpxiaoshimei.com/193044/c105/tw.png
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da60c7e1e7c345c3784ca099e894f8fabd97e82b72c8b962757f99869a5744cb

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2024 08:56:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66af424e-353a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mhrSTO1nUB14NS3KbNlt22uRQm1r9b%2B3Ha19SJ5ljoD8USBtATVHiQUfPh%2FoBhNp0BPnLdsNuCEo%2F8Kzk3qndkNrgjQIMLVOopUBPkmMrSrJcPBXfX9tQqQJFJ3So8Ph2KEfCo8VVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 8b1a104ac81b085b-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 438 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e93a0e30589bdc46fa5bb2bf3f834aa70867bf903b47933767e9009b51d890e2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET gx.gif
otc2.bjhav.cn/assets/img/ 0
0

GET
H2 200 ios.png
otc.bjhav.cn/assets/img/ 5 KB
5 KB 535ms
535ms Image
image/png 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otc.bjhav.cn/assets/img/ios.png
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/assets/common.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 3fe7c24791c3dcb0e27fb33b8970960b39e4fb40127f1d21ce642219b1c9dcc1

Request headers

Referer: https://otc.bjhav.cn/assets/common.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 07 Aug 2024 23:06:12 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 14:30:12 GMT
server: nginx
age: policy=overwrite
etag: W/"667ad474-14de"
x-cache-status: HIT
x-ws-request-id: 66b8f9b5_PS-TNA-01rFO39_34878-27523
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 07:26:00 GMT

GET
H2 200 bag.png
otc.bjhav.cn/assets/img/ 6 KB
6 KB 398ms
398ms Image
image/png 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otc.bjhav.cn/assets/img/bag.png
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/assets/common.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: d361cc19ba56003bf13087c2981908ea3a90c0017244ac92d7a748b8ebc91c1b

Request headers

Referer: https://otc.bjhav.cn/assets/common.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 16 Jul 2024 12:12:11 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 14:30:11 GMT
server: nginx
age: policy=overwrite
etag: W/"667ad473-1617"
x-cache-status: HIT
x-ws-request-id: 66b8f9b5_PS-TNA-01rFO39_34878-27524
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=2592000, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 15 Aug 2024 12:12:11 GMT

GET
H2 200 bs16.jpg
656499n81119.xn--at-pia4e.cc/new/ Frame 9D0A 230 KB
231 KB 1679ms
1268ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://656499n81119.xn--at-pia4e.cc/new/bs16.jpg?2222-9910
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dd36fb603e870ca20f98c352beea6596bd263462ce26b1fb6ec68b2383f239a

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:42 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Aug 2024 04:01:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66b837a5-39954"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HJOpETzk6MRumAQX%2FsJOlo%2FDwsacjh4z7NKoOe8SkyPxMECM%2F8CdYQZGhgL2UZwhj7n7CJ4aLoyeDrqHOPQlChnwJ2hmdoZbVXYLvYZTTvQRAHXWNmZVo7v0AIEmPRz%2BHD96R0szNYwqSaFmM12SmMZCtu43FgrmTrv"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8b1a104dbcf83a8c-FRA
alt-svc: h3=":443"; ma=86400
content-length: 235860
expires: Tue, 10 Sep 2024 17:49:41 GMT

GET
H3 200 cbm.jpg
img.ptallenvery.com/656499/images/ Frame 9D0A 17 KB
0 447ms
447ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/656499/images/cbm.jpg
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4461d89ab98c7b6e5b8df31d341f097becd1aa4c781d9a1e3b9f1a7b4e283091

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Aug 2024 11:10:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ae103c-449a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OR06dKGRI7FaR%2BHIEVHLzUS8wrFHTr4GVCboWnOxNlQuNieKi3v%2Fqoldot9FCWbqaZcBKlcVdHIXp%2FhdTo7bebzY9Rs2lMyFfW7LQGlyyyr289a1OyavJ8f7YUIqFHs3iFpAzZFs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b1a1049f9e13677-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 43 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fa01a6acc4482bad27ed9e0257e8b29ab8e731aa4417eb2715dbf8df01dd935

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 298 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bb0b448a63b7bc9c0addc966791b1f05a7656940227036dcb3c8711de932896

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 17 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c39abd2de93524ccca5fcabe345d80edf88ddd9aec8a66d101920c5b66d3845

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 com.js Show response
otc.bjhav.cn/ Frame F739 993 B
0 0ms
0ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/4.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-TNA-01rFO39 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27456
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H3 200 caitu.css
img.ptallenvery.com/1121666/img/ Frame F739 2 KB
0 638ms
638ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/1121666/img/caitu.css
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/4.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:39 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Aug 2024 11:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b74f71-965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CP%2FvVrLt9lVcSCYqQ9wo2sLUt9vRiVpVgnXIcl4BvNq7whf26paxM5fXBYx8tb7X%2Bz2BvuvyTanjrJXwoNiXONP2Ul%2BnH4IVMGFBnaPjaLkGardehelL%2FMSut3VYpykE8B1OJwj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b1a10408c6a3677-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 link4_am.js Show response
otc.bjhav.cn/assets/ Frame F739 19 KB
6 KB 351ms
350ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/link4_am.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/4.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 6e22899a977e84975d48a2169a662ea2ff3dd22c8e12c7f9d1738aa3a3a6d511

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:25:38 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2024 06:25:39 GMT
server: nginx
age: policy=overwrite
etag: W/"66ab2a63-4df8"
x-cache-status: HIT
x-ws-request-id: 66b8f9b5_PS-TNA-01rFO39_34878-27527
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:05 GMT

GET
H3 200 fcd.jpg
amtk.ptallenvery.com/images/49/O/2024/col/225/ Frame F739 173 KB
171 KB 731ms
717ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amtk.ptallenvery.com/images/49/O/2024/col/225/fcd.jpg?2.0.16?2.02.18
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/4.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5a130b01ab3d34e3cb142e7efc44d8571c8b3f1bc11a30bd423defaa558890e

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 11 Aug 2024 14:07:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b8c589-2b368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rm0uyzkzBJYi6G3yHIQh%2Fro1VgX7MnzldCVAVVo1FiIhS3FFBEZvZAMWcCjEkwdTe61FCsWy6yZaybEnQGE2XrY9ELhiT4dj6EqDMCDkLxCaMCqsrA83VTdiWpj048Lp9z5VaThDOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 8b1a104c2d543677-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 10 Sep 2024 17:49:41 GMT

GET
H2 200 com.js Show response
otc.bjhav.cn/ Frame E273 993 B
0 0ms
0ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-TNA-01rFO39 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27456
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H3 200 caitu.css
img.ptallenvery.com/1121666/img/ Frame E273 2 KB
0 638ms
638ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/1121666/img/caitu.css
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/3.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:39 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Aug 2024 11:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b74f71-965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CP%2FvVrLt9lVcSCYqQ9wo2sLUt9vRiVpVgnXIcl4BvNq7whf26paxM5fXBYx8tb7X%2Bz2BvuvyTanjrJXwoNiXONP2Ul%2BnH4IVMGFBnaPjaLkGardehelL%2FMSut3VYpykE8B1OJwj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b1a10408c6a3677-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 b6.jpg
amtk.ptallenvery.com/images/49/2024/col/224/ Frame E273 115 KB
114 KB 738ms
729ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amtk.ptallenvery.com/images/49/2024/col/224/b6.jpg
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/3.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d67faf06c0f18d9d2d0eb2a17507f88019872f096c6546d1d1a27a6090bf002c

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 11 Aug 2024 06:10:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b855c2-1cd53"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lgYcB%2BJGJwTqEYtoUpZpsLv7U%2FbvjHj58dmDnDAsSY782Q59CabfQPflDRNqKYUftwlOLqbDF%2FKNz0wVuJysuj8%2BT9tY9JniKOeZy3ix%2F78IX2xYPabSpI9DLuy0nFSbL13uQahGXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 8b1a104c2d503677-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 10 Sep 2024 17:49:41 GMT

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ Frame F739 8 KB
0 7ms
7ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:20:54 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1718
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2937
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01UOw48 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 30 Jul 2024 15:39:18 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ Frame F739 6 KB
0 9ms
9ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:40:03 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 569
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-016h450_46446-61947
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ Frame F739 2 KB
0 11ms
11ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 982
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-TNA-01rFO39_35244-19493
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ Frame F739 94 KB
0 12ms
12ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:21:01 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1711
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01hIv46_30050-7116
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js Show response
otc0.bjhav.cn/assets/ Frame F739 18 KB
0 13ms
13ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?11.8.20241949
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: b6844b96e24a1a917921d708f96c2eed7d83199db64d796ee423b793102928f9

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:33 GMT
content-encoding: gzip
last-modified: Sat, 10 Aug 2024 11:15:16 GMT
server: nginx
etag: W/"66b74bc4-47cc"
x-cache-status: MISS
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2936
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-014CW250 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:33 GMT

GET
H2 200 no.js Show response
res.bjhav.cn/assets/ Frame F739 82 B
0 0ms
0ms Script
text/html 2606:4700:3037::ac43:b80c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.bjhav.cn/assets/no.js?v=11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b80c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5150780b1460a792dc8163f237d090c49b6f032a62ccdb7c19febe462ab062b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1hL3zx4oeEWQjYKDI7VUEVpw%2B8gZT%2FZLS5bNgThQ2JhVKYNghbnLyB2%2BiCERow1ws7d10qcX%2B3GFpiG5mXFVfx6MhVJ7c9MnZiGczVu2eU6FRLK%2BxDRPhOVMP%2BRn1dCmq5uBC%2F2uYLiJnY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 8b1a10241eff2c6f-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET
H2 200 popMore.js Show response
otc4.bjhav.cn/hk/ Frame F739 6 KB
0 2ms
2ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc4.bjhav.cn/hk/popMore.js?11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 212a4dcbf6fe014c6d55624b813e4fdbed173460d5e63588b80a276d4a746312

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:34 GMT
content-encoding: gzip
last-modified: Sun, 11 Aug 2024 14:01:11 GMT
server: nginx
etag: W/"66b8c427-16d4"
x-cache-status: MISS
x-ws-request-id: 66b8f9ae_PS-000-01UOw48_39174-2968
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-HYN-01mLR49 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:34 GMT

GET
H2 200 redbag-cdown.js Show response
otc.bjhav.cn/assets/js/ Frame F739 3 KB
2 KB 582ms
582ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/js/redbag-cdown.js?zone=ASIA/Hong_Kong&t=1723398581137
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/4.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: ffb70c04002962bb60b7bf16168d48732e5f05da7bf1a9289529999c28d5eef3

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
last-modified: Sat, 11 May 2024 05:04:08 GMT
server: nginx
age: policy=overwrite
etag: W/"663efc48-aab"
x-cache-status: MISS
x-ws-request-id: 66b8f9b5_PS-TNA-01rFO39_34878-27528
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-WNZ-01WSm43 [MISS], 2.0 PS-TNA-01rFO39 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:41 GMT

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ Frame E273 8 KB
0 7ms
7ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:20:54 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1718
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2937
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01UOw48 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 30 Jul 2024 15:39:18 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ Frame E273 6 KB
0 9ms
9ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:40:03 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 569
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-016h450_46446-61947
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ Frame E273 2 KB
0 11ms
11ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 982
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-TNA-01rFO39_35244-19493
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ Frame E273 94 KB
0 12ms
12ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:21:01 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1711
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01hIv46_30050-7116
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js Show response
otc0.bjhav.cn/assets/ Frame E273 18 KB
0 13ms
13ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?11.8.20241949
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: b6844b96e24a1a917921d708f96c2eed7d83199db64d796ee423b793102928f9

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:33 GMT
content-encoding: gzip
last-modified: Sat, 10 Aug 2024 11:15:16 GMT
server: nginx
etag: W/"66b74bc4-47cc"
x-cache-status: MISS
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2936
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-014CW250 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:33 GMT

GET
H2 200 no.js Show response
res.bjhav.cn/assets/ Frame E273 82 B
0 0ms
0ms Script
text/html 2606:4700:3037::ac43:b80c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.bjhav.cn/assets/no.js?v=11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b80c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5150780b1460a792dc8163f237d090c49b6f032a62ccdb7c19febe462ab062b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1hL3zx4oeEWQjYKDI7VUEVpw%2B8gZT%2FZLS5bNgThQ2JhVKYNghbnLyB2%2BiCERow1ws7d10qcX%2B3GFpiG5mXFVfx6MhVJ7c9MnZiGczVu2eU6FRLK%2BxDRPhOVMP%2BRn1dCmq5uBC%2F2uYLiJnY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 8b1a10241eff2c6f-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET
H2 200 popMore.js Show response
otc4.bjhav.cn/hk/ Frame E273 6 KB
0 2ms
2ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc4.bjhav.cn/hk/popMore.js?11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 212a4dcbf6fe014c6d55624b813e4fdbed173460d5e63588b80a276d4a746312

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:34 GMT
content-encoding: gzip
last-modified: Sun, 11 Aug 2024 14:01:11 GMT
server: nginx
etag: W/"66b8c427-16d4"
x-cache-status: MISS
x-ws-request-id: 66b8f9ae_PS-000-01UOw48_39174-2968
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-HYN-01mLR49 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:34 GMT

GET
H2 200 redbag-cdown.js Show response
otc.bjhav.cn/assets/js/ Frame E273 3 KB
2 KB 660ms
660ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/js/redbag-cdown.js?zone=ASIA/Hong_Kong&t=1723398581144
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: ffb70c04002962bb60b7bf16168d48732e5f05da7bf1a9289529999c28d5eef3

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
last-modified: Sat, 11 May 2024 05:04:08 GMT
server: nginx
age: policy=overwrite
etag: W/"663efc48-aab"
x-cache-status: MISS
x-ws-request-id: 66b8f9b5_PS-TNA-01rFO39_34878-27529
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-014CW250 [MISS], 2.0 PS-TNA-01rFO39 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:41 GMT

GET
H2 200 com.js Show response
otc.bjhav.cn/ Frame A44E 993 B
0 0ms
0ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-TNA-01rFO39 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66b8f9ab_PS-TNA-01rFO39_34878-27456
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H3 200 caitu.css
img.ptallenvery.com/1121666/img/ Frame A44E 2 KB
0 638ms
638ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/1121666/img/caitu.css
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:39 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Aug 2024 11:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b74f71-965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5CP%2FvVrLt9lVcSCYqQ9wo2sLUt9vRiVpVgnXIcl4BvNq7whf26paxM5fXBYx8tb7X%2Bz2BvuvyTanjrJXwoNiXONP2Ul%2BnH4IVMGFBnaPjaLkGardehelL%2FMSut3VYpykE8B1OJwj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b1a10408c6a3677-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 c21.jpg
amtk.ptallenvery.com/images/49/2024/col/225/ Frame A44E 51 KB
45 KB 40ms
40ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amtk.ptallenvery.com/images/49/2024/col/225/c21.jpg?2.0.16?2.02.11
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 111a73a41a68f318088491c7852c26114539058a95ac81420d11c3f812071ba2

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4655
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 11 Aug 2024 15:10:59 GMT
server: cloudflare
etag: W/"66b8d483-ccc6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5sBxjLRxzFx2r9mCBfKi8Two5Wu8VPDrb%2Bd67iPJe5zHBN9PBql%2FJ8GxFISn7XPBuVVKBTnpxJGaHrIVxvTYqyJ1USReCl2dkT8z5tc9HtVtZU6UrY8WtNwjwgFWzoyQ31DeOcLQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cf-ray: 8b1a104dd8213677-FRA
expires: Tue, 10 Sep 2024 16:32:06 GMT

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ Frame A44E 8 KB
0 7ms
7ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:20:54 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1718
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2937
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01UOw48 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 30 Jul 2024 15:39:18 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ Frame A44E 6 KB
0 9ms
9ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:40:03 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 569
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-016h450_46446-61947
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ Frame A44E 2 KB
0 11ms
11ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 982
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-TNA-01rFO39_35244-19493
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01rFO39 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ Frame A44E 94 KB
0 12ms
12ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:21:01 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1711
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66b8f9ac_PS-000-01hIv46_30050-7116
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js Show response
otc0.bjhav.cn/assets/ Frame A44E 18 KB
0 13ms
13ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?11.8.20241949
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: b6844b96e24a1a917921d708f96c2eed7d83199db64d796ee423b793102928f9

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:33 GMT
content-encoding: gzip
last-modified: Sat, 10 Aug 2024 11:15:16 GMT
server: nginx
etag: W/"66b74bc4-47cc"
x-cache-status: MISS
x-ws-request-id: 66b8f9ac_PS-000-01UOw48_39174-2936
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-014CW250 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:33 GMT

GET
H2 200 no.js Show response
res.bjhav.cn/assets/ Frame A44E 82 B
0 0ms
0ms Script
text/html 2606:4700:3037::ac43:b80c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.bjhav.cn/assets/no.js?v=11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:b80c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5150780b1460a792dc8163f237d090c49b6f032a62ccdb7c19febe462ab062b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l1hL3zx4oeEWQjYKDI7VUEVpw%2B8gZT%2FZLS5bNgThQ2JhVKYNghbnLyB2%2BiCERow1ws7d10qcX%2B3GFpiG5mXFVfx6MhVJ7c9MnZiGczVu2eU6FRLK%2BxDRPhOVMP%2BRn1dCmq5uBC%2F2uYLiJnY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 8b1a10241eff2c6f-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET
H2 200 popMore.js Show response
otc4.bjhav.cn/hk/ Frame A44E 6 KB
0 2ms
2ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc4.bjhav.cn/hk/popMore.js?11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 212a4dcbf6fe014c6d55624b813e4fdbed173460d5e63588b80a276d4a746312

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:34 GMT
content-encoding: gzip
last-modified: Sun, 11 Aug 2024 14:01:11 GMT
server: nginx
etag: W/"66b8c427-16d4"
x-cache-status: MISS
x-ws-request-id: 66b8f9ae_PS-000-01UOw48_39174-2968
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-HYN-01mLR49 [MISS], 2.0 PS-000-01UOw48 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:34 GMT

GET
H2 200 redbag-cdown.js Show response
otc.bjhav.cn/assets/js/ Frame A44E 3 KB
2 KB 479ms
479ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/js/redbag-cdown.js?zone=ASIA/Hong_Kong&t=1723398581411
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: ffb70c04002962bb60b7bf16168d48732e5f05da7bf1a9289529999c28d5eef3

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
last-modified: Sat, 11 May 2024 05:04:08 GMT
server: nginx
age: policy=overwrite
etag: W/"663efc48-aab"
x-cache-status: MISS
x-ws-request-id: 66b8f9b5_PS-TNA-01rFO39_34878-27531
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-HYN-01zYz48 [MISS], 2.0 PS-TNA-01rFO39 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:41 GMT

GET
H2 200 redbag-cdown.js Show response
otc.bjhav.cn/assets/js/ Frame 019A 3 KB
2 KB 467ms
467ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/js/redbag-cdown.js?zone=ASIA/Hong_Kong&t=1723398581651
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: ffb70c04002962bb60b7bf16168d48732e5f05da7bf1a9289529999c28d5eef3

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
last-modified: Sat, 11 May 2024 05:04:08 GMT
server: nginx
age: policy=overwrite
etag: W/"663efc48-aab"
x-cache-status: MISS
x-ws-request-id: 66b8f9b5_PS-TNA-01rFO39_34878-27532
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-WNZ-01WSm43 [MISS], 2.0 PS-TNA-01rFO39 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:41 GMT

GET
H2 200 redbag-cdown.js Show response
otc.bjhav.cn/assets/js/ Frame F739 3 KB
2 KB 477ms
476ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/js/redbag-cdown.js?zone=ASIA/Hong_Kong&t=1723398581724
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/4.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: ffb70c04002962bb60b7bf16168d48732e5f05da7bf1a9289529999c28d5eef3

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
last-modified: Sat, 11 May 2024 05:04:08 GMT
server: nginx
age: policy=overwrite
etag: W/"663efc48-aab"
x-cache-status: MISS
x-ws-request-id: 66b8f9b5_PS-TNA-01rFO39_34878-27533
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-WNZ-01WSm43 [MISS], 2.0 PS-TNA-01rFO39 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:41 GMT

GET
H2 200 redbag-cdown.js Show response
otc.bjhav.cn/assets/js/ Frame A44E 3 KB
2 KB 478ms
478ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/js/redbag-cdown.js?zone=ASIA/Hong_Kong&t=1723398581894
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: ffb70c04002962bb60b7bf16168d48732e5f05da7bf1a9289529999c28d5eef3

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:42 GMT
content-encoding: gzip
last-modified: Sat, 11 May 2024 05:04:08 GMT
server: nginx
age: policy=overwrite
etag: W/"663efc48-aab"
x-cache-status: MISS
x-ws-request-id: 66b8f9b6_PS-TNA-01rFO39_34878-27534
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-HYN-01zYz48 [MISS], 2.0 PS-TNA-01rFO39 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:42 GMT

GET
H3 200 am_kj.json Show response
ws2.servers01.com/ 75 B
629 B 222ms
222ms XHR
application/json 172.67.131.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws2.servers01.com/am_kj.json?1723398582102
Requested by: Host: libs.baidu.com
URL: https://libs.baidu.com/jquery/1.11.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e76ce728d60060a9cf2210cf8e16f7e0969813d861ca0a3f4f73e4f7cd73deb8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 11 Aug 2024 17:49:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b8f9b3-4b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4VSuOAGTxV9dxJHhT96Y%2FYi1NJ9DmsaZRs5qrGVbPo6jJsGQbqUtzzn2nn0r5dNcbs2T7f1thTOWQF2lsnCwxZlN5QDeiV9mTd5zYSD9fdQSR4K22mSKFyHJhyJnc1BTUtYvFw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b1a10523e6f37d4-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET
H3 200 dian.gif
img.ptallenvery.com/656499/images/ Frame 019A 35 KB
34 KB 898ms
897ms Image
image/gif 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/656499/images/dian.gif
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cd0f712cc2bf478ec58c43a018fcd76b05012921eec3d2feb2d249d5a28a1ee

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 03 Aug 2024 11:07:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ae0f5f-8b1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7MPOLGh%2BKnJTgr5kMF1crzqtOY5U1j6KuwjI7PMC6KDGCtjsO1XcauOzWULEcbmTDRJJpgNaQkv7txiK1uS3pzMFz06RIK7GF6LQOKJTAtHsa7%2FJ0pPGIu9TMX3Yr9gNbtFN%2F2Y1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 8b1a1052595f3677-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cbm.jpg
img.ptallenvery.com/656499/images/ Frame 019A 17 KB
0 447ms
447ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/656499/images/cbm.jpg
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4461d89ab98c7b6e5b8df31d341f097becd1aa4c781d9a1e3b9f1a7b4e283091

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Aug 2024 11:10:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ae103c-449a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OR06dKGRI7FaR%2BHIEVHLzUS8wrFHTr4GVCboWnOxNlQuNieKi3v%2Fqoldot9FCWbqaZcBKlcVdHIXp%2FhdTo7bebzY9Rs2lMyFfW7LQGlyyyr289a1OyavJ8f7YUIqFHs3iFpAzZFs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b1a1049f9e13677-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cbm.jpg
img.ptallenvery.com/656499/images/ Frame F739 17 KB
0 447ms
447ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/656499/images/cbm.jpg
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/4.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4461d89ab98c7b6e5b8df31d341f097becd1aa4c781d9a1e3b9f1a7b4e283091

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Aug 2024 11:10:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ae103c-449a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OR06dKGRI7FaR%2BHIEVHLzUS8wrFHTr4GVCboWnOxNlQuNieKi3v%2Fqoldot9FCWbqaZcBKlcVdHIXp%2FhdTo7bebzY9Rs2lMyFfW7LQGlyyyr289a1OyavJ8f7YUIqFHs3iFpAzZFs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b1a1049f9e13677-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 wzzl.js Show response
res.tpxiaoshimei.com/am/ Frame A44E 40 KB
6 KB 627ms
611ms Script
application/javascript 172.67.145.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.tpxiaoshimei.com/am/wzzl.js?11.8.20241949
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec096f3b67143caeadc9bda917a90fb7407056ce1a6c5c35f33d6abedc274c61

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:42 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Aug 2024 13:08:13 GMT
server: cloudflare
etag: W/"66ab88bd-9e13"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1suZznGqXhw12mLfXQBEdaPkFbXHipXgC3xf6YVuYJRX%2BkVdlnaVkVgzWOlmdYWJR6rb4cTADRqAQ8VsRdxn5vYmAXN0472t%2B7T1KiTuGq%2Ff0HtYpJS%2BthEuytJaCBmDv%2ByQSczOPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8b1a10540b2b085b-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 11 Aug 2024 17:59:42 GMT

GET
H3 200 cbm.jpg
img.ptallenvery.com/656499/images/ Frame A44E 17 KB
0 447ms
447ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/656499/images/cbm.jpg
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4461d89ab98c7b6e5b8df31d341f097becd1aa4c781d9a1e3b9f1a7b4e283091

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Aug 2024 11:10:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ae103c-449a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OR06dKGRI7FaR%2BHIEVHLzUS8wrFHTr4GVCboWnOxNlQuNieKi3v%2Fqoldot9FCWbqaZcBKlcVdHIXp%2FhdTo7bebzY9Rs2lMyFfW7LQGlyyyr289a1OyavJ8f7YUIqFHs3iFpAzZFs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b1a1049f9e13677-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 2b435ca61345e8ac0f8f179d3da477 Show response
otc8.bjhav.cn/blob/81/ Frame 019A 26 KB
27 KB 342ms
341ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc8.bjhav.cn/blob/81/2b435ca61345e8ac0f8f179d3da477
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 5ef796de9511a5e7f789ea493e8b76b8eff02fca919f271c3d1a66b01a948f55

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:47:29 GMT
last-modified: Wed, 26 Jun 2024 06:50:41 GMT
server: nginx
age: 134
etag: "667bba41-6858"
x-cache-status: HIT
x-ws-request-id: 66b8f9b7_PS-000-01hIv46_30179-20932
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 26712

GET
H2 200 60c01da513609014d2f27838d38973 Show response
otc4.bjhav.cn/blob/c4/ Frame 019A 17 KB
17 KB 341ms
339ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc4.bjhav.cn/blob/c4/60c01da513609014d2f27838d38973
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 134604aabd5e530ba383c4742e9f093abc633fab77d7b74b12a34479ee962ae6

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:26:28 GMT
last-modified: Fri, 19 Jul 2024 08:49:43 GMT
server: nginx
age: 1395
etag: "669a28a7-4346"
x-cache-status: HIT
x-ws-request-id: 66b8f9b7_PS-000-016h450_45993-46895
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 17222

GET
H2 200 49bfddd4d8eb60f222a6678aeb3e70 Show response
otc0.bjhav.cn/blob/0e/ Frame 019A 25 KB
25 KB 339ms
338ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/blob/0e/49bfddd4d8eb60f222a6678aeb3e70
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 6b56abff646e52ec3901aa4aca6a6d4f7eb06ac56dbc3bf6937426bad92f5cd3

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:34:10 GMT
last-modified: Mon, 24 Jun 2024 06:16:35 GMT
server: nginx
age: 933
etag: "66790f43-62fb"
x-cache-status: HIT
x-ws-request-id: 66b8f9b7_PS-000-016h450_46073-25420
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 25339

GET
H2 200 71375a896560049b58bb86d62d7715 Show response
otc5.bjhav.cn/blob/b5/ Frame 019A 18 KB
19 KB 337ms
336ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/blob/b5/71375a896560049b58bb86d62d7715
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: e7da1bfbbe81cf12292f4990b72dc0fe509cd9f86b26789d285f0918a6201c7b

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:26:15 GMT
last-modified: Wed, 26 Jun 2024 06:49:17 GMT
server: nginx
age: 1408
etag: "667bb9ed-4958"
x-cache-status: HIT
x-ws-request-id: 66b8f9b7_PS-000-01hIv46_30235-37062
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-01hIv46 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 18776

GET
H2 200 08a08762e86d49e0a9c6c8ccf8f623 Show response
otc7.bjhav.cn/blob/d7/ Frame 019A 11 KB
11 KB 357ms
280ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc7.bjhav.cn/blob/d7/08a08762e86d49e0a9c6c8ccf8f623
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: b250d4d4cb91e840b7a036947d89aba624e11b68d36420103e30c8a412308ddb

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:26:52 GMT
last-modified: Mon, 24 Jun 2024 06:17:00 GMT
server: nginx
age: 1371
etag: "66790f5c-2c29"
x-cache-status: HIT
x-ws-request-id: 66b8f9b7_PS-000-016h450_46073-25423
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 11305

GET
H2 200 4a32e1d5dc590a5d55af45b840a4e6 Show response
otc1.bjhav.cn/blob/71/ Frame 019A 7 KB
7 KB 335ms
334ms XHR
application/octet-stream 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/blob/71/4a32e1d5dc590a5d55af45b840a4e6
Requested by: Host: otc1.bjhav.cn
URL: https://otc1.bjhav.cn/assets/label-com4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 51bede5ac2a4d857afb1dda73ba0fadcd65c9b25589652ce96eb609261b0ddb7

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:33:10 GMT
last-modified: Mon, 24 Jun 2024 06:17:21 GMT
server: nginx
age: 993
etag: "66790f71-1a50"
x-cache-status: HIT
x-ws-request-id: 66b8f9b7_PS-000-016h450_46073-25419
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-via: 2.0 PS-000-016h450 [HIT]
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 6736

GET
DATA 200
OK truncated
/ Frame 019A 7 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ff8b1f51fb6596e1e28d4bdcb4289a18307c2655b4616b458ec6ec552b6ae68

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 019A 18 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eab3f0c441c4759258e91b847cb7a6b2f7c531c91052aee2fc99684b73853135

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 019A 25 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32b85c637d10cb8efead63600d7f0c609e5a8478de101498bde30e947ce58271

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 019A 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 096bf031e994c7468630de74614aa76f02983745a13d575fe9cdf17d2119a03d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 019A 17 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4892a3f84d4f45e4ec3bd8bc0d4de29c4d22c2f0b4de8c3f2cc93e0105b6616a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 cbm.jpg
img.ptallenvery.com/656499/images/ Frame E273 17 KB
0 447ms
447ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/656499/images/cbm.jpg
Requested by: Host: 9f61gu1a.skin
URL: https://9f61gu1a.skin/3.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4461d89ab98c7b6e5b8df31d341f097becd1aa4c781d9a1e3b9f1a7b4e283091

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:41 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 03 Aug 2024 11:10:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66ae103c-449a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OR06dKGRI7FaR%2BHIEVHLzUS8wrFHTr4GVCboWnOxNlQuNieKi3v%2Fqoldot9FCWbqaZcBKlcVdHIXp%2FhdTo7bebzY9Rs2lMyFfW7LQGlyyyr289a1OyavJ8f7YUIqFHs3iFpAzZFs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b1a1049f9e13677-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 404 favicon.ico
9f61gu1a.skin/ 555 B
638 B 287ms
286ms Other
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://9f61gu1a.skin/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:43 GMT
server: nginx/1.24.0
content-length: 555
content-type: text/html

GET
H3 200 am_kj.json Show response
ws2.servers01.com/ 75 B
600 B 126ms
125ms XHR
application/json 172.67.131.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws2.servers01.com/am_kj.json?1723398584102
Requested by: Host: libs.baidu.com
URL: https://libs.baidu.com/jquery/1.11.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.131.207 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e76ce728d60060a9cf2210cf8e16f7e0969813d861ca0a3f4f73e4f7cd73deb8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://9f61gu1a.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sun, 11 Aug 2024 17:49:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 11 Aug 2024 17:49:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b8f9b7-4b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ckn6JHluAJM74PgDx6lzHIgfzXyKtJGsUrXeQmIbgOAWv0C24n%2FUBf1d%2FQRYbqp39GKkgQO8GK%2BAbDRm1ZJdENnkPlVNBUvlmeaU%2BKDr6%2FVHr7YVbSj5m0VtwdPDN5Z2yBjaOA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8b1a105eb9ec37d4-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ Frame 019A 26 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ff7475b033934a0bf29db1a19061de380b7e4b26fb3313c387b8d0107bb83bf

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/jpeg

GET am_kj.json
ws2.servers01.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: otc2.bjhav.cn
URL: https://otc2.bjhav.cn/assets/img/gx.gif

Domain: ws2.servers01.com
URL: https://ws2.servers01.com/am_kj.json?1723398586102

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baidu.com/	1970-01-21 08:19:18	Name: BAIDUID_BFESS Value: B9514C9B252E471B2832D5765230CDBB:FG=1
.9f61gu1a.skin/	1970-01-21 07:28:54	Name: Hm_lvt_acc734b3e85c999250703dbb1884525b Value: 1723398577
.9f61gu1a.skin/	1969-12-31 23:59:59	Name: Hm_lpvt_acc734b3e85c999250703dbb1884525b Value: 1723398577
.9f61gu1a.skin/	1969-12-31 23:59:59	Name: HMACCOUNT Value: E42B9BC8D3E19300
.hm.baidu.com/	1970-01-21 08:19:18	Name: HMACCOUNT_BFESS Value: E3B7CCC71E207719
.9f61gu1a.skin/	1970-01-21 07:28:54	Name: Hm_lvt_6a8a05b726faef2e45174a3928c5cdca Value: 1723398577
.9f61gu1a.skin/	1969-12-31 23:59:59	Name: Hm_lpvt_6a8a05b726faef2e45174a3928c5cdca Value: 1723398577

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc0.bjhav.cn/assets/lazysizes-umd.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc0.bjhav.cn/assets/lazysizes-umd.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc1.bjhav.cn/assets/label-com4.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc5.bjhav.cn/assets/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc0.bjhav.cn/assets/base_code.js?11.8.20241949, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 10) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://res.bjhav.cn/assets/no.js?v=11.8.20241949, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 10) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://res.bjhav.cn/assets/no.js?v=11.8.20241949, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 224) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc4.bjhav.cn/hk/popMore.js?11.8.20241949, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 28) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc.bjhav.cn/assets/amlinks2.js?11.8.20241949, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 29) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc.bjhav.cn/assets/AnimalsHelper.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 30) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc.bjhav.cn/assets/kj.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://9f61gu1a.skin/(Line 150) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc.bjhav.cn/file/tz_am.js?11.8.20241949, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://9f61gu1a.skin/(Line 150) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc.bjhav.cn/file/tz_am.js?11.8.20241949, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://9f61gu1a.skin/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

656499n81119.xn--at-pia4e.cc
9f61gu1a.skin
amtk.ptallenvery.com
hm.baidu.com
img.ptallenvery.com
img.tpxiaoshimei.com
libs.baidu.com
otc.bjhav.cn
otc0.bjhav.cn
otc1.bjhav.cn
otc2.bjhav.cn
otc3.bjhav.cn
otc4.bjhav.cn
otc5.bjhav.cn
otc7.bjhav.cn
otc8.bjhav.cn
res.bjhav.cn
res.tpxiaoshimei.com
tkapi3.352722.com
ws2.servers01.com
otc2.bjhav.cn
ws2.servers01.com
111.45.3.198
16.162.77.119
172.67.131.207
172.67.145.181
172.67.186.224
172.67.222.40
240e:946:6004:13::6e
240e:978:902:4000::c0
2606:4700:3030::6815:452
2606:4700:3037::ac43:b80c
2a06:98c1:3120::3
39.156.66.111
02de150032a6bc397b93a5fc85cca8b7679a9a91be37df0758769f2ab507a668
096bf031e994c7468630de74614aa76f02983745a13d575fe9cdf17d2119a03d
0bb0b448a63b7bc9c0addc966791b1f05a7656940227036dcb3c8711de932896
0e37e676565f2fb06c9b50f7b53f097a28ff603a0b39c329b66c1d9a67c2975f
111a73a41a68f318088491c7852c26114539058a95ac81420d11c3f812071ba2
134604aabd5e530ba383c4742e9f093abc633fab77d7b74b12a34479ee962ae6
1577934429fe32f8e55ad159784335db0bdcef46df9c675441321caee32ce23b
203c97516b5f119bd8e0aac54f3ce95c9a5cee0a0ef5c1f5ba3e45af3873646c
212a4dcbf6fe014c6d55624b813e4fdbed173460d5e63588b80a276d4a746312
27d1c6efb7fc03f0c531ec4385ac91b05e0efda495f4f51a51adad85ad02d450
2e773ac9b0dd82ed644ece4ad8eea9f57dc6b76bfecd2c3b5d929402b9010423
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
2ff7475b033934a0bf29db1a19061de380b7e4b26fb3313c387b8d0107bb83bf
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab
32b85c637d10cb8efead63600d7f0c609e5a8478de101498bde30e947ce58271
335e77391a7695e1721a07ca886ff8ba7d9d106db872ec61d9a96e33df2dfd53
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf
35592ccb9ff1c89d55c07f393bd7215b50ef78486e1d21c8a2f8cc924162fd36
3929b91b5daf90ba180176bc745ac3ff66b5941a0be300c2d8b431e3cf1e013e
3bebc274d555408140025b328b95203ea791b655b5a0282179588e3cc44ecccc
3cd0f712cc2bf478ec58c43a018fcd76b05012921eec3d2feb2d249d5a28a1ee
3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747
3fe7c24791c3dcb0e27fb33b8970960b39e4fb40127f1d21ce642219b1c9dcc1
435247b071cfbf4ff29480042788ff32da9a315fcca2e6bf273f770461c04dae
4461d89ab98c7b6e5b8df31d341f097becd1aa4c781d9a1e3b9f1a7b4e283091
4892a3f84d4f45e4ec3bd8bc0d4de29c4d22c2f0b4de8c3f2cc93e0105b6616a
4c21a322e36ae6ee32e4295d2c4a8088df455e8cbd3a56a9a0efa2a5ebcb2e2f
4dd36fb603e870ca20f98c352beea6596bd263462ce26b1fb6ec68b2383f239a
4e2077015715f5d6e18f527dc76e380cdd4f5be54285379bba5cdf6582edb940
51bede5ac2a4d857afb1dda73ba0fadcd65c9b25589652ce96eb609261b0ddb7
532304f0d2f5037c19e44c7680faa4b702a5a0f772141fa57c6f339db79b53f6
54a24f4f804db679a76fd413736ee5a2095f820e6253f3c5f73512f6fed52ace
58c1c850d3622c779678e5dc511c112f4019ddfc8cf5d7dbc326025aab124a5b
59563fd050c2c64916c411e9ffd48319f02ae4ca5e4024a649cc7e51d1062bc5
5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b
5e2026529a7833f94648b92696fc1fb5e8ab46200f321c8112ce20bfafc9ecdf
5ef796de9511a5e7f789ea493e8b76b8eff02fca919f271c3d1a66b01a948f55
6486734c17f7f1a04edc6ea0ab76f59c8d44d8eca8c004dc0e7a901b0e4818f4
6b56abff646e52ec3901aa4aca6a6d4f7eb06ac56dbc3bf6937426bad92f5cd3
6ca50aaa5964884a2b34d9b669e841eb730bd30acfcda7d5cbde8181822059e1
6e22899a977e84975d48a2169a662ea2ff3dd22c8e12c7f9d1738aa3a3a6d511
7d3ea645ab82c37a6788f353eb9afc118295ad07749ff61c0e41669b6fec7edb
80e4dde78750770f93b8f977b05901a239fce5116e91963111d0fecbc3c774c2
876cc03059490a2470000e13dea527404d25fcaed5c0313cdec18bfabfd3b1bf
8ba9b2d87370b3a1c83d88a084d081de0923607cf8cdcd3a5e0226d80403e1de
8bd142d63f1b9b3447bbf73d4a49e07568e25c922499d57150aab8cd3b9f213a
8c39abd2de93524ccca5fcabe345d80edf88ddd9aec8a66d101920c5b66d3845
8f38a6d88a6da8e3e3d2bf3fa9aa27a957939cf2c0a5a267842dfb9bc9dbc9b0
8fa01a6acc4482bad27ed9e0257e8b29ab8e731aa4417eb2715dbf8df01dd935
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
996af3b3c7e2d09d7832473e88e694890327017c805fafa1b8c3cc0d7a3e6650
9aeba8c3b288c850c42a6f2233bbbef39234f1855e7b8ed346b1f9f1ccc70b51
9ba35a7ccba77bcee2523da129a0cbbf39eed185e08027313910c1e128d2a7ef
9ba63d443db768f2fe77ad5d98917c2b530b5659754740027300077d21b4d022
9ceb3479cd8b85b975756356de31e2b7e0de0905bf08c97dc10273f49b0d668a
9ff8b1f51fb6596e1e28d4bdcb4289a18307c2655b4616b458ec6ec552b6ae68
a2016dd468070c19534cbbce3959e79c378c460087fc0868c09e18316b25ab6a
a2ed87f95600f53444acfa5a3c7a58850fb0407741858b544dd92babbaf4cc84
a449b07ab1a2ac3f53e150e5d746c8d11ffb0dfb06abb57982a8ee7496aba2da
a914c137348f77812c464eeba1a4cac4e8fad7a204b2a15ac2bc358a13df5ad2
b20d3c9c8dc843952a44096596d53c5f548a26ad431d144146aa7336fedde27b
b250d4d4cb91e840b7a036947d89aba624e11b68d36420103e30c8a412308ddb
b2fe2b6f52464f0f45d92b6cec3b9fa596fa97cae914085ec6833ac61af14e56
b5a130b01ab3d34e3cb142e7efc44d8571c8b3f1bc11a30bd423defaa558890e
b6844b96e24a1a917921d708f96c2eed7d83199db64d796ee423b793102928f9
b89ac071ace2478a5270725145ac004dc91caecbdd89c8ca849e6e673b1b3bc9
b9f1eb6d7bfac9b86cf28449cec9297260e10f9645892dfcb5e49448debe150c
bdcb765ff9502a771c57515a19baf84c04826aa7afb61afeafa736c6d5677b34
c37e12eec8bbdcfc4ca8debc2103765b7c51eb550f569c90faa305cc88cd97fb
c572106dccae141703d722f0be0af879b87f7d79564b42423169fa297d961883
c8af694ca70fac0bf0f015a74ceaba6c1ceced3b0db6190514303652b3f299cb
c98c0a73648cb3d6f8e54367ee11bf00dadad59fc791d3ebb116e211bb5786b5
cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d361cc19ba56003bf13087c2981908ea3a90c0017244ac92d7a748b8ebc91c1b
d5150780b1460a792dc8163f237d090c49b6f032a62ccdb7c19febe462ab062b
d67faf06c0f18d9d2d0eb2a17507f88019872f096c6546d1d1a27a6090bf002c
d6aea0d135c77aaeeb34c80786a2ab7a71d990ad93cf2eb2be536759b87e617b
d8bbdb72e3f930157824b2e59677d3a912d4512c14a948e6656a2e3fb0c935ad
d9236fb3c313079c6c1b75bd820be644ed6fb83ca1cdb799ceb003f03920801c
da60c7e1e7c345c3784ca099e894f8fabd97e82b72c8b962757f99869a5744cb
dccc8e91b78ba7b840a47fbcedc06638b698a601da38c30014878c38a8cad35d
e04dbc0c22c6655dce965ab8853e5ea1c09b7a07121bd07d55c7b6b98f161a89
e1c4b73678732997fc2bc298d2b6eb04ac9885a1cdccf97f3584d88f61e0f5ec
e76ce728d60060a9cf2210cf8e16f7e0969813d861ca0a3f4f73e4f7cd73deb8
e7da1bfbbe81cf12292f4990b72dc0fe509cd9f86b26789d285f0918a6201c7b
e93a0e30589bdc46fa5bb2bf3f834aa70867bf903b47933767e9009b51d890e2
eab3f0c441c4759258e91b847cb7a6b2f7c531c91052aee2fc99684b73853135
ec096f3b67143caeadc9bda917a90fb7407056ce1a6c5c35f33d6abedc274c61
eca9f4c2751b97f93e4730130eb25185af8b3550adee40005e63a2f4a8c1d588
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
f5e202336ea8a14947c859e072100644b06041ec2ccc33f50ad632fcf57127b0
f68cf3ef03d3a7c1858c58f92c2475be7b7efea477e2cc591502d5ba5996144f
f7f1aabdf10f59b0b6549bce5322474fce07e07ffdc74a741594ad4b4ee25b74
f84a8d60e875278ca4ee48dbd5eaa1d0fa85141ead03850a4fa62ba689484079
f86361830013708a83bb8ae824db42b8b05dcd33c95d3d0394ee2ff1e4985d55
ffb70c04002962bb60b7bf16168d48732e5f05da7bf1a9289529999c28d5eef3

9f61gu1a.skin Open in urlscan Pro 16.162.77.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

143 Requests

94 %HTTPS

42 %IPv6

8 Domains

20 Subdomains

13 IPs

3 Countries

3609 kBTransfer

6860 kBSize

7 Cookies

100 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

9f61gu1a.skin Open in urlscan Pro
16.162.77.119 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

94 %
HTTPS

42 %
IPv6

8
Domains

20
Subdomains

13
IPs

3
Countries

3609 kB
Transfer

6860 kB
Size

7
Cookies

143 HTTP transactions
19 data transactions