mmhg.jcymh.pro Open in urlscan Pro
104.21.16.1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mmhg.jcymh.pro/
Submission: On April 15 via api (April 15th 2025, 7:58:57 pm UTC) from US — Scanned from US

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 15 domains to perform 59 HTTP transactions. The main IP is 104.21.16.1, located in and belongs to CLOUDFLARENET, US. The main domain is mmhg.jcymh.pro.
TLS certificate: Issued by WE1 on April 15th 2025. Valid for: 3 months.

This is the only time mmhg.jcymh.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.21.16.1 104.21.16.1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	172.67.218.248 172.67.218.248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
3	60.199.208.47 60.199.208.47	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
3	2600:9000:247... 2600:9000:247b:9400:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	2606:4700:20:... 2606:4700:20::ac43:45c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:247... 2600:9000:247b:4600:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.176.50.137 18.176.50.137	16509 (AMAZON-02) (AMAZON-02)
1	18.238.55.56 18.238.55.56	16509 (AMAZON-02) (AMAZON-02)
1	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
2	52.192.142.127 52.192.142.127	16509 (AMAZON-02) (AMAZON-02)
1	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.114.46.234 3.114.46.234	16509 (AMAZON-02) (AMAZON-02)
8	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 2	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
1	35.227.249.156 35.227.249.156	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
2	35.201.76.198 35.201.76.198	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	60.199.208.39 60.199.208.39	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
59	23

1 104.21.16.1 (None, )

ASN13335 (CLOUDFLARENET, US)

mmhg.jcymh.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.67.218.248 (United States)

ASN13335 (CLOUDFLARENET, US)

cf.mhgui.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 60.199.208.47 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)

rd.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssl.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:247b:9400:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.96.203.13 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:45c3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:247b:4600:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.176.50.137 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-50-137.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.55.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-56.jfk52.r.cloudfront.net

tracking-client.91app.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.192.142.127 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-142-127.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.46.234 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-46-234.ap-northeast-1.compute.amazonaws.com

fcm2.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.93 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.194 (Plainview, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.249.156 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.198 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 198.76.201.35.bc.googleusercontent.com

track.91app.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 60.199.208.39 (Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)

fsa-api.feebee.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 153779 ad.holmesmind.com — Cisco Umbrella Rank: 103534 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 176184 fcm.holmesmind.com — Cisco Umbrella Rank: 233261 fcm2.holmesmind.com — Cisco Umbrella Rank: 173246 c.holmesmind.com — Cisco Umbrella Rank: 113061 m.holmesmind.com — Cisco Umbrella Rank: 212153	67 KB
13	mhgui.com cf.mhgui.com — Cisco Umbrella Rank: 443374	446 KB
9	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 165601 rd.sitemaji.com — Cisco Umbrella Rank: 338599 ssl.sitemaji.com — Cisco Umbrella Rank: 286948	53 KB
8	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 77714 888d8d99-5e8f-4c5f-a533-580a32f400fe.t.ssp.hinet.net Failed	7 KB
2	feebee.tw fsa-api.feebee.tw — Cisco Umbrella Rank: 272606	2 KB
2	91app.io track.91app.io — Cisco Umbrella Rank: 117263	665 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 313	1 KB
2	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 20376	41 KB
2	aralego.com 1 redirects agent.aralego.com — Cisco Umbrella Rank: 509478 ads.aralego.com — Cisco Umbrella Rank: 120606	1006 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 217	68 KB
1	lndata.com cm.lndata.com — Cisco Umbrella Rank: 170051	470 B
1	91app.com tracking-client.91app.com — Cisco Umbrella Rank: 184989	17 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	121 KB
1	jcymh.pro mmhg.jcymh.pro	6 KB
59	15

	Domain	Requested by
13	cf.mhgui.com	mmhg.jcymh.pro cf.mhgui.com
8	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
6	ad.sitemaji.com	mmhg.jcymh.pro agent.aralego.com srcdoc ad.sitemaji.com
4	cdn.holmesmind.com	ad.sitemaji.com cdn.holmesmind.com
2	fsa-api.feebee.tw	ad.sitemaji.com mmhg.jcymh.pro
2	track.91app.io	tracking-client.91app.com
2	cm.g.doubleclick.net	2 redirects
2	c.holmesmind.com	1 redirects cdn.holmesmind.com
2	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
2	ad.holmesmind.com	cdn.holmesmind.com mmhg.jcymh.pro
2	cdn.aralego.net	mmhg.jcymh.pro agent.aralego.com
2	rd.sitemaji.com	ad.sitemaji.com
1	ssl.sitemaji.com	ad.sitemaji.com
1	connect.facebook.net	fcm2.holmesmind.com
1	m.holmesmind.com	cdn.holmesmind.com
1	fcm2.holmesmind.com	cdn.holmesmind.com
1	fcm.holmesmind.com	cdn.holmesmind.com
1	cm.lndata.com	cdn.holmesmind.com
1	tracking-client.91app.com	cdn.holmesmind.com
1	ads.aralego.com	agent.aralego.com
1	agent.aralego.com	1 redirects
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	mmhg.jcymh.pro
1	mmhg.jcymh.pro	mmhg.jcymh.pro
0	888d8d99-5e8f-4c5f-a533-580a32f400fe.t.ssp.hinet.net Failed	mmhg.jcymh.pro
59	25

This site contains no links.

Subject Issuer	Validity	Valid
jcymh.pro WE1	`2025-04-15` - `2025-07-14`	3 months	crt.sh
mhgui.com WE1	`2025-04-03` - `2025-07-02`	3 months	crt.sh
sitemaji.com ZeroSSL RSA Domain Secure Site CA	`2025-02-18` - `2025-05-19`	3 months	crt.sh
*.google-analytics.com WR2	`2025-03-20` - `2025-06-12`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2025-03-06` - `2026-04-07`	a year	crt.sh
aralego.net WE1	`2025-04-08` - `2025-07-07`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2024-12-02` - `2026-01-02`	a year	crt.sh
*.91app.com Amazon RSA 2048 M02	`2024-08-10` - `2025-09-07`	a year	crt.sh
*.lndata.com GeoTrust G5 TLS RSA4096 SHA384 2022 CA1	`2024-11-11` - `2025-12-12`	a year	crt.sh
*.t.ssp.hinet.net HiPKI OV TLS CA - G1	`2025-02-12` - `2026-02-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2025-01-23` - `2025-04-23`	3 months	crt.sh
track.91app.io WR3	`2025-03-10` - `2025-06-08`	3 months	crt.sh
feebee.com.tw ZeroSSL RSA Domain Secure Site CA	`2025-02-18` - `2025-05-19`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://mmhg.jcymh.pro/
Frame ID: 79F0526E584641A6098F4929BE075D1E
Requests: 24 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 114CD45157E2841CD1FDD41387D2F5DD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 5206E80C4F46DC5B4D5E75C8F93AD42E
Requests: 16 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 580E26363887F67C816BC5AAF7735F5F
Requests: 9 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 9C45F3F27F02B1F24B567545E21D2FBB
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 9B2F293D0B12728D023C579D472D97B3
Requests: 1 HTTP requests in this frame

Frame: https://ad.sitemaji.com/ysm_ikanman.js
Frame ID: 51AD883A2D50A81AFE8DC495212EBF29
Requests: 1 HTTP requests in this frame

Frame: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Frame ID: 74E137070E89A720D851CFB1BD440638
Requests: 4 HTTP requests in this frame

Frame: https://ad.sitemaji.com/ysm_ikanman.js
Frame ID: A56F683BCABED412965760B893E29D34
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

手机看漫画_飒漫乐画_妃夕妍雪 - 看漫画手机版首页

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

59
Requests

88 %
HTTPS

22 %
IPv6

15
Domains

25
Subdomains

23
IPs

4
Countries

829 kB
Transfer

1784 kB
Size

19
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 33

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 34

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=undefined&uu_m=undefined&google_tc= HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_error=15

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
mmhg.jcymh.pro/ 17 KB
6 KB 21149ms
21051ms Document
text/html 104.21.16.1
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.16.1 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

d3780eb1c971e228236701c482ec8c0a640a249bb46900156d4840233c649e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 930e04625ed7101f-LAX
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Tue, 15 Apr 2025 19:58:41 GMT
expires: Tue, 15 Apr 2025 20:58:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXWLOHGkCEHrNwcsnqOFpwQmwOt4W3vOIHlNKlyIsutMJ%2BSaFKEIUmcwlLbYx6AAG7m%2Fn30lpthJFMqpAy%2FX6sc1mHZoYTYgML6pCEF2k%2B45kjN5aT92q%2Fx3Ton2irQCeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=70183&min_rtt=69102&rtt_var=7030&sent=12&recv=13&lost=0&retrans=0&sent_bytes=3709&recv_bytes=4569&delivery_rate=294&cwnd=12000&unsent_bytes=0&cid=a71a92bae9f8a4ab&ts=21060&x=16"
strict-transport-security: max-age=31536000; includeSubDomains;preload
vary: accept-encoding
x-cache: EXPIRED
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: SEEMH.COM

GET
H3 200 main_8E630B7269C40DA4D14F38B99EB4018EAA70A0DB.css
cf.mhgui.com/css/ 26 KB
7 KB 449ms
293ms Stylesheet
text/css 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cf.mhgui.com/css/main_8E630B7269C40DA4D14F38B99EB4018EAA70A0DB.css

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

d63245c98c466091fa4a8bb7ca4de4c4a9d338833cea4a1baa2e8e4af68911ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"de1b9ce77a90d61:0"
age: 1697185
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7QHEAZCIFTwpuWIZRS6BdVZ5414fHRr4TKS1Kk71TPllxYE%2FamogvBLSp%2BQUsJsCo5KEVH9VxXsZkpPKbfTN8et2vViCUJE57KiLK0UvQKhp2OjvSS6rGa9CDGY6GPI%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 27 Mar 2026 04:32:16 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=137097&min_rtt=136599&rtt_var=38826&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3563&recv_bytes=5373&delivery_rate=22173&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=163&x=16"
date: Tue, 15 Apr 2025 19:58:41 GMT
content-type: text/css
last-modified: Tue, 22 Sep 2020 00:54:20 GMT
vary: Accept-Encoding
x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 930e04e72a4e19cb-EWR
x-powered-by: SEEMH.COM
server: cloudflare

GET logo_mini.gif
mmhg.jcymh.pro/images/ 0
0

GET
H3 200 3020373790.jpg
cf.mhgui.com/cpic/ 86 KB
86 KB 450ms
295ms Image
image/jpeg 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cf.mhgui.com/cpic/3020373790.jpg

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

ebe4455f17c3ef199c26084feecedb6f6fadc5e3c36b636ef38a0f44a59c218c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cf-cache-status: HIT
etag: "a94422ca49e7d31:0"
age: 307171
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2BGVH6%2BK%2BnojMGqZKIbMKZ7j72HUTngxLMlnWYm0MC01qTW2CrRVnHzV1juT3sUTQQVIYpVvNWWZ%2FODistQtwXO%2BPhApyK%2Bsk%2BawUy7OTQ%2BRvQLzbrpnZCqxuV114RM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 12 Apr 2026 06:39:10 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=137097&min_rtt=136599&rtt_var=38826&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3563&recv_bytes=5373&delivery_rate=22173&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=168&x=16"
date: Tue, 15 Apr 2025 19:58:41 GMT
content-type: image/jpeg
last-modified: Wed, 09 May 2018 03:57:03 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 930e04e72a4d19cb-EWR
accept-ranges: bytes
content-length: 87639
x-powered-by: SEEMH.COM
server: cloudflare

GET
H3 200 mlib_F75E197C3AB1286D0EBD7E956C9F3EDDE9585E83.js Show response
cf.mhgui.com/scripts/ 52 KB
19 KB 296ms
158ms Script
application/javascript 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cf.mhgui.com/scripts/mlib_F75E197C3AB1286D0EBD7E956C9F3EDDE9585E83.js

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

7dad698538dc819c2e79d44d6bbb4f63c52f5ed21101088d06b9d2a7f1ab4807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"cde2c711ca2fda1:0"
age: 314748
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vY%2BrLsQvrE0YvtQWgzTRhliYM8OHCDCGvuf0SunEjSeZVg1qXQ1Z09o1cYNPiyPUnyUr1oFKAICl2%2BCaRAacyy0hXXFQAxC2EnL96bpBtHvlwxe7FxkCM8oIc3NHoRE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 12 Apr 2026 04:32:53 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=333000&min_rtt=333000&rtt_var=166500&sent=0&recv=0&lost=0&retrans=0&sent_bytes=0&recv_bytes=0&delivery_rate=0&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=162&x=16"
date: Tue, 15 Apr 2025 19:58:41 GMT
content-type: application/javascript
last-modified: Sat, 16 Dec 2023 02:46:28 GMT
vary: Accept-Encoding
x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 930e04e72a4b19cb-EWR
x-powered-by: SEEMH.COM
server: cloudflare

GET
H3 200 mcore_C8C6580D848819529D775E4AC6A95FA228A7FD22.js Show response
cf.mhgui.com/scripts/ 24 KB
10 KB 430ms
292ms Script
application/javascript 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cf.mhgui.com/scripts/mcore_C8C6580D848819529D775E4AC6A95FA228A7FD22.js

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

5bc7fbe895f77adf9097b4c2d2860f2e8389d39d801bd7d0d39b8b0789f3cc4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"592877fa08ddb1:0"
age: 585021
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LF1t1SW8hhdE4dZ1B4dHyAlGyg4wmVkvqXfiQ3e3X9GLtIDaI5LevuW5wejtWsceW2ufCznUWezsBY4Wur1Sc7w%2FFoA8nxscwY2SDvksTUkvtO%2B9F5IIJAVSgnN3Fwo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 09 Apr 2026 01:28:20 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=137097&min_rtt=136599&rtt_var=38826&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3563&recv_bytes=5373&delivery_rate=22173&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=162&x=16"
date: Tue, 15 Apr 2025 19:58:41 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 07:30:40 GMT
vary: Accept-Encoding
x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 930e04e72a4c19cb-EWR
x-powered-by: SEEMH.COM
server: cloudflare

GET
H2 200 ysm_ikanman.js Show response
ad.sitemaji.com/ 100 KB
32 KB 230ms
72ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://ad.sitemaji.com/ysm_ikanman.js
Requested by: Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: Feebee Web Server /
Resource Hash: 7c467dd89f9e937b1de393b3facc84c6a1fa787bf9c9468d2526502dc7d7d299

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cache-control: max-age=86400,public
content-encoding: br
etag: W/"67f76a7b-18e1b"
age: 3779
via: 1.1 google
expires: Wed, 16 Apr 2025 18:55:42 GMT
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32743
date: Tue, 15 Apr 2025 18:55:42 GMT
last-modified: Thu, 10 Apr 2025 06:51:39 GMT
content-type: application/javascript
server: Feebee Web Server
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 360 KB
121 KB 458ms
181ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H5F270PE29

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

93482ec02c276afdc1c221934bff25b82f8231178fd31c523f90874872b5655c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

content-encoding: br
report-to: {"group":"ascgcycc:1052:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1052:0"}],}
expires: Tue, 15 Apr 2025 19:58:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 19:58:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1052:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1052:0
content-length: 123335
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 iconfont.woff
cf.mhgui.com/css/mobile/ 14 KB
14 KB 1140ms
934ms Font
font/x-woff 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cf.mhgui.com/css/mobile/iconfont.woff

Requested by

Host: cf.mhgui.com
URL: https://cf.mhgui.com/css/main_8E630B7269C40DA4D14F38B99EB4018EAA70A0DB.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

1b83424b581a2bbc489aed4c5528ac899b07de0f8a17cfe68b02b778d7674f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin: https://mmhg.jcymh.pro
Referer: https://cf.mhgui.com/css/main_8E630B7269C40DA4D14F38B99EB4018EAA70A0DB.css

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"95fa78704ee7d31:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VfBjjSFtobvKG%2ByQas5LRcD2MmD1gS11JFgkaIBMAVzToBDfjp29Y0TUFBzAx80GaJWCFC%2F5G%2FcQlnx4CzxqXPFMpswevafBVSIwGT%2BAz7vh7q45fJ8pr6mPRCrg6g4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 15 Apr 2026 19:58:43 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=203291&min_rtt=202881&rtt_var=24543&sent=10&recv=10&lost=0&retrans=0&sent_bytes=3641&recv_bytes=3252&delivery_rate=122&cwnd=12000&unsent_bytes=0&cid=daa11a613af73a37&ts=935&x=16"
date: Tue, 15 Apr 2025 19:58:43 GMT
content-type: font/x-woff
last-modified: Wed, 09 May 2018 04:30:20 GMT
vary: Accept-Encoding
x-frame-options: DENY
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 930e04eb9c6179ba-LHR
access-control-allow-origin: *
x-powered-by: SEEMH.COM
server: cloudflare

GET
H3 200 7620.jpg
cf.mhgui.com/cpic/g/ 36 KB
37 KB 220ms
219ms Image
image/jpeg 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cf.mhgui.com/cpic/g/7620.jpg

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

9493b54962b4b477b04c5815f58e7748a50227be9fe8855ec41b18194601851e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cf-cache-status: HIT
age: 3484983
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lWwtLD3YOF4x4hp0Hx%2F3clU251VrELv9pHczvMZD%2Bf52tr1jPygcJqI%2FpEae8PJTk0WrPWhz7j92DymEw7bbuSRWbN8%2BLrudNxgTKEC32z4Iu6YcjLWBlokPO%2FD%2B0PE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 06 Mar 2026 11:55:39 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=137097&min_rtt=136599&rtt_var=38826&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3563&recv_bytes=5373&delivery_rate=22173&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=659&x=16"
date: Tue, 15 Apr 2025 19:58:42 GMT
content-type: image/jpeg
last-modified: Fri, 10 Apr 2020 12:32:11 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 930e04ea3ab619cb-EWR
accept-ranges: bytes
content-length: 36817
x-powered-by: SEEMH.COM
server: cloudflare

GET
H3 200 7580.jpg
cf.mhgui.com/cpic/g/ 37 KB
38 KB 212ms
211ms Image
image/jpeg 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cf.mhgui.com/cpic/g/7580.jpg

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

77c8d2d07716506e589188a36f9aa7794954fec51ee66e12a0df497a8f234f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cf-cache-status: HIT
age: 310419
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxDtTrtZzUliqw6DKyEOmP24jK7hoPBHzlub6Ihrr%2Bj2ToZPIeIt%2FO1EQXEJOm5Ai%2Fa3cCvRILBfWntwY5GKBKlSYdYGbIV36LeHpID30y%2FVHVSkrHNec8jjZwWXimo%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 12 Apr 2026 05:45:03 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=137097&min_rtt=136599&rtt_var=38826&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3563&recv_bytes=5373&delivery_rate=22173&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=652&x=16"
date: Tue, 15 Apr 2025 19:58:42 GMT
content-type: image/jpeg
last-modified: Tue, 19 Dec 2023 22:15:33 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 930e04ea3ab719cb-EWR
accept-ranges: bytes
content-length: 37793
x-powered-by: SEEMH.COM
server: cloudflare

GET
H3 200 1128.jpg
cf.mhgui.com/cpic/g/ 53 KB
54 KB 217ms
216ms Image
image/jpeg 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cf.mhgui.com/cpic/g/1128.jpg

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

30ee78624f9d25255d3037c86de2b3e339d833589dd1c7966ba20e5358881740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cf-cache-status: HIT
age: 1697014
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FGmQaUZE6dY0vZncA8s5d3iF%2BFrVsPlo%2FvJOQqKmaTtPvun%2B2J25%2Fxw3LGaW9bBFe2EOnwyNIyUO9C0yiuz39%2F%2Bx4z11dzf4z%2FcoFx9xe6sFktb9CuLdGkv6v%2F9ILaM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 27 Mar 2026 04:35:08 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=137097&min_rtt=136599&rtt_var=38826&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3563&recv_bytes=5373&delivery_rate=22173&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=655&x=16"
date: Tue, 15 Apr 2025 19:58:42 GMT
content-type: image/jpeg
last-modified: Sat, 21 Aug 2021 13:32:23 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 930e04ea3ab819cb-EWR
accept-ranges: bytes
content-length: 54465
x-powered-by: SEEMH.COM
server: cloudflare

GET
H3 200 17023_24.jpg
cf.mhgui.com/cpic/g/ 31 KB
32 KB 148ms
146ms Image
image/jpeg 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cf.mhgui.com/cpic/g/17023_24.jpg

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

b28c33b03a012d0799f2f0c4cfa2f69ecb8321f51fbdd92e80948993b689bb71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cf-cache-status: HIT
age: 307647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wo71jFS2a7B7nRCAHs3bD5ULODz2prmnstNRFRWN0ZKuYFUyq97ekzU%2F%2FBqooJIOMFZs8CGpQNP%2Fwe0hyKpaeftRwTq3%2B5GxNbjIWLkUmYWHZBWLzxeaNV%2BsKmZYrA4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 12 Apr 2026 06:31:15 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=137097&min_rtt=136599&rtt_var=38826&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3563&recv_bytes=5373&delivery_rate=22173&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=647&x=16"
date: Tue, 15 Apr 2025 19:58:42 GMT
content-type: image/jpeg
last-modified: Tue, 19 Dec 2023 22:15:33 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 930e04ea3abb19cb-EWR
accept-ranges: bytes
content-length: 31957
x-powered-by: SEEMH.COM
server: cloudflare

GET
H3 200 23394.jpg
cf.mhgui.com/cpic/g/ 35 KB
35 KB 206ms
204ms Image
image/jpeg 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cf.mhgui.com/cpic/g/23394.jpg

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

79d73273d963b0a5e8bfaa0612ba368e00bfa744dc681f2326428ea326bcb685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cf-cache-status: HIT
age: 306531
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qGQWODp9zAEubmAdKNRodlKaXOLhlRHRox%2BSUbfpPN8Q3nUGRwvuxOp3brAa6a7kKl0rg5U0J2fmBnTjyQPS6qU9oqtm4Ia8XgIYkqEBMz6rsH58tyvgyGZxj8BiY0o%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 12 Apr 2026 06:49:51 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=137097&min_rtt=136599&rtt_var=38826&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3563&recv_bytes=5373&delivery_rate=22173&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=652&x=16"
date: Tue, 15 Apr 2025 19:58:42 GMT
content-type: image/jpeg
last-modified: Tue, 19 Dec 2023 17:40:58 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 930e04ea3ab919cb-EWR
accept-ranges: bytes
content-length: 35425
x-powered-by: SEEMH.COM
server: cloudflare

GET
H3 200 29821.jpg
cf.mhgui.com/cpic/g/ 43 KB
44 KB 203ms
202ms Image
image/jpeg 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cf.mhgui.com/cpic/g/29821.jpg

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

ebff4bdabba89b14dfc3698fbbd41fd3468b9aec1a5415e33fa6c72e505670ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cf-cache-status: HIT
age: 314772
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wROXL7S%2BBiXQhrwpXwhfkhJxqGNOr0euaR1wcIOZeiauDBm%2B6LVemhbuKmPTR7PcQHhQfd9AvgnDsfKOn6VJkq9RTQF%2Bu3wg6K8ntNQusHGH%2FcTS67GYQTkzRzzGjyM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 12 Apr 2026 04:32:30 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=137097&min_rtt=136599&rtt_var=38826&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3563&recv_bytes=5373&delivery_rate=22173&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=650&x=16"
date: Tue, 15 Apr 2025 19:58:42 GMT
content-type: image/jpeg
last-modified: Wed, 09 Apr 2025 13:08:30 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 930e04ea3aba19cb-EWR
accept-ranges: bytes
content-length: 44372
x-powered-by: SEEMH.COM
server: cloudflare

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 435ms
150ms Fetch
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H5F270PE29&gtm=45je54e0v876684139za200&_p=1744747122194&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102509682~102665699~102803279~102813109~102887800~102926062~103027016~103051953~103055465~103077950&cid=264399479.1744747122&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1744747122&sct=1&seg=0&dl=https%3A%2F%2Fmmhg.jcymh.pro%2F&dt=%E6%89%8B%E6%9C%BA%E7%9C%8B%E6%BC%AB%E7%94%BB_%E9%A3%92%E6%BC%AB%E4%B9%90%E7%94%BB_%E5%A6%83%E5%A4%95%E5%A6%8D%E9%9B%AA%20-%20%E7%9C%8B%E6%BC%AB%E7%94%BB%E6%89%8B%E6%9C%BA%E7%89%88%E9%A6%96%E9%A1%B5&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=22031
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H5F270PE29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to: {"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://mmhg.jcymh.pro
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:97:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Apr 2025 19:58:42 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ask.php Show response
rd.sitemaji.com/ 58 B
258 B 757ms
249ms XHR
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Download Go to

Full URL: https://rd.sitemaji.com/ask.php?size=1x1,&hosthash=9cd53f683f7d&device=d&rtb=0
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: Feebee Web Server /
Resource Hash: 5bc239944d31c4d37485c831907fbf1e13711462d27912f906a09e7a72982f99

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

content-encoding: br
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Apr 2025 19:58:43 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Feebee Web Server

GET
H2 200 ask.php Show response
rd.sitemaji.com/ 56 B
258 B 762ms
255ms XHR
application/json 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Download Go to

Full URL: https://rd.sitemaji.com/ask.php?size=14x1,&hosthash=9cd53f683f7d&device=d&rtb=0
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: Feebee Web Server /
Resource Hash: cbcc1191b6f4eea1278e97cb961bcb6c77ba5a106d41ae78654d9fb35cb42a1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

content-encoding: br
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Apr 2025 19:58:43 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Feebee Web Server

GET
H2 200 close_circle.png
ad.sitemaji.com/static/ 3 KB
3 KB 72ms
71ms Image
image/png 35.186.215.140
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://ad.sitemaji.com/static/close_circle.png
Requested by: Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: Feebee Web Server /
Resource Hash: f45251ca5f051c72ad1fb169af736cc21c8a16f798f4b7583f8717c3ff0773d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cache-control: max-age=86400,public
etag: "5d0b4850-bd0"
age: 21208
via: 1.1 google
expires: Wed, 16 Apr 2025 14:05:15 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3024
date: Tue, 15 Apr 2025 14:05:15 GMT
last-modified: Thu, 20 Jun 2019 08:48:16 GMT
content-type: image/png
server: Feebee Web Server

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 114C 9 KB
10 KB 523ms
148ms Script
application/javascript 2600:9000:247b:9400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_ikanman.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

x-amz-version-id: 7tl34LxMadcrIfMWf8ToGVMtRuWCL8aK
etag: "2b18447e41c64d14195cefd72eb57400"
age: 55
via: 1.1 be85287d15abd3cfecdfa319493ba256.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 9645
x-amz-cf-id: PB1nOJiA9Dv6ZtuDk8h43vzOXjwrWn5sFXlaMsmP_0GAQovn_cc6gw==
date: Tue, 15 Apr 2025 19:57:50 GMT
content-type: application/javascript
last-modified: Fri, 14 Mar 2025 09:01:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

238ms
81ms

Script
application/octet-stream

2606:4700:20::ac43:45c3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/
Protocol: H2
Server: 2606:4700:20::ac43:45c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 390f65da383ba1a6c38ab9d25a4b520f0c13a8b12134cc244b4c861d0874fca9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cf-cache-status: HIT
etag: "677f760f-9d9e"
age: 2148199
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0brHFbsAJF%2B9EqoaAPs6EVuwfGnt481yRfbItABjQTK1eVFAerwbN5udH115pi7viQwGzdIqQ6JsJsWogMLvlNujTGHKeW55A%2BcKsxweNrT2FwKFN0MeCaVgyDY30mfRbQAPs%2F8B99LxKPzhVA%3D%3D"}],"group":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=TCP&rtt=68515&min_rtt=68082&rtt_var=14796&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3987&recv_bytes=2197&delivery_rate=57107&cwnd=242&unsent_bytes=0&cid=97ccf39020346fb6&ts=86&x=0"
date: Tue, 15 Apr 2025 19:58:44 GMT
content-type: application/octet-stream
last-modified: Thu, 09 Jan 2025 07:09:03 GMT
vary: Accept-Encoding
cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 930e04f89f7ccb93-LAX
accept-ranges: bytes
content-length: 40350
server: cloudflare

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
content-length: 0

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 5206 12 KB
12 KB 421ms
150ms Document
text/html 2600:9000:247b:4600:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:4600:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37cd16af9680e2eac2b065fe88fbc0ca6d80583c67a9d8c69969e5dcbe27b14d

Request headers

Referer: https://mmhg.jcymh.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 56
content-length: 12184
content-type: text/html
date: Tue, 15 Apr 2025 19:57:49 GMT
etag: "313c12f57383ae26248323c3b33af799"
last-modified: Mon, 17 Mar 2025 05:33:47 GMT
server: AmazonS3
via: 1.1 43504ac56caa49011c8a16d1cb156142.cloudfront.net (CloudFront)
x-amz-cf-id: Tdqq6BuVukhJZvyf0mD7CTKQ_VPdOmgj-g1AeiHBceOZqDX1oS2dfQ==
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: rSOjRFL3ruqyCRzzCV6Gk2MSJ9yPXZwf
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 580E 11 KB
11 KB 149ms
148ms Script
application/javascript 2600:9000:247b:9400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a871b13ede1754dec51e91e8f3ee35b98ff71fe42cf57d51cb574b004e3d4cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

x-amz-version-id: rmz9OdLbHPf__eUT0CPixnVBdq1QxTyB
etag: "1ff97ce94c5a1127f915e6bf2a02c6a9"
age: 55
via: 1.1 be85287d15abd3cfecdfa319493ba256.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 10957
x-amz-cf-id: eWM2ZY3ykbdYzOtgIRoVYB_3VG2z_RyJ3bv9gLpQVVnQZRYx90z19Q==
date: Tue, 15 Apr 2025 19:57:50 GMT
content-type: application/javascript
last-modified: Thu, 16 Jan 2025 06:05:08 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 1 KB
811 B 83ms
82ms Stylesheet
text/css 2606:4700:20::ac43:45c3
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:45c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21bfd9c7659cfb549c6c1457f1f63301d20a4985ea8222651dc55005c8446dc7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cache-control: max-age=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: HIT
etag: W/"5aab7012-4a7"
age: 752752
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KLc1NeUhBN8Wf10S3HFLPw1WfdjIOuXdppd13B%2B%2Ba7XQb9GE4LN2tj8jgIaAkOPk6Bj59ie2YU4tMaOvNHjYuvUwvYFlL3U2xjNzDc9%2F82tv0hrIQ7CgbB5Ck6r9r4hfweLceg9%2BcfdvpklfUg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 930e04f939dfcb93-LAX
server-timing: cfL4;desc="?proto=TCP&rtt=77865&min_rtt=68082&rtt_var=6206&sent=45&recv=30&lost=0&retrans=0&sent_bytes=45785&recv_bytes=2329&delivery_rate=500678&cwnd=247&unsent_bytes=0&cid=97ccf39020346fb6&ts=184&x=0"
date: Tue, 15 Apr 2025 19:58:44 GMT
content-type: text/css
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ad_request Show response
ads.aralego.com/ 374 B
942 B 432ms
424ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=mmhg.jcymh.pro&u=https%3A%2F%2Fmmhg.jcymh.pro%2F&adid=ad-9A22ADA67222DA49183D9A62DD27962&w=320&h=50&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.7747919013194493&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 40b7bdc735eb81f31f65384127965807b6cc9f9e6caa3eb770b1954bc89f6193

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

x-adstyle: banner
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adtype: html
x-height: 50
x-adsource: PSA
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,OPTIONS
x-width: 320
access-control-allow-origin: https://mmhg.jcymh.pro
content-length: 374
date: Tue, 15 Apr 2025 19:58:44 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame 580E 505 B
486 B 604ms
185ms Script
text/html 18.176.50.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=13904
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.50.137 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-50-137.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7e4a6bc3a0cdb16f49f99199a9c4aec01fa881d6d00df976ed2ae4f32ca486b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

access-control-allow-origin: https://mmhg.jcymh.pro
content-encoding: gzip
date: Tue, 15 Apr 2025 19:58:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: nginx/1.14.0 (Ubuntu)
access-control-allow-credentials: true

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame 580E 30 KB
30 KB 158ms
157ms Script
application/javascript 2600:9000:247b:9400:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:9400:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
age: 36
via: 1.1 be85287d15abd3cfecdfa319493ba256.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 30621
x-amz-cf-id: _VvAgEI4a848zZ-HRDnMCcc5ZOfd84re0OsnjzBGOd9UB_c05DxXYw==
date: Tue, 15 Apr 2025 19:58:20 GMT
content-type: application/javascript
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P2
x-amz-server-side-encryption: AES256

GET
H2 200 nineyi.tracking.client.iife.js Show response
tracking-client.91app.com/1.2.0/ Frame 5206 42 KB
17 KB 606ms
150ms Script
application/javascript 18.238.55.56
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tracking-client.91app.com/1.2.0/nineyi.tracking.client.iife.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-56.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b638cc2de9f4bf30cd980830ebfba0b586d5ce5da10903f126d0dd4350e5aea3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

vary: accept-encoding
cache-control: max-age=no-cache
content-encoding: gzip
etag: W/"3087e8bcd78cce0b2b4e3454c1fcd923"
age: 35318
via: 1.1 a5ec1cc448d0ca618712f253b7a7adba.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 2r1gxgbw2pHCmsoD1hi3n6vIDQqD7bxHEYfbBj9ZRuvTM5FS03wsTA==
date: Tue, 15 Apr 2025 17:00:56 GMT
content-type: application/javascript
last-modified: Mon, 20 Jan 2025 10:42:14 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 5206 35 B
470 B 932ms
237ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Date: Tue, 15 Apr 2025 19:58:45 GMT
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Type: image/gif
Connection: keep-alive
Server: TornadoServer/1.2.1

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 9C45 0
218 B 577ms
177ms Document
text/html 52.192.142.127
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.142.127 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-142-127.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 15 Apr 2025 19:58:45 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame 9B2F 39 B
191 B 291ms
136ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Tue, 15 Apr 2025 19:58:45 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame 5206 409 B
632 B 567ms
177ms Script
application/javascript 3.114.46.234
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.114.46.234 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-46-234.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

access-control-allow-origin: *
date: Tue, 15 Apr 2025 19:58:45 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 5206 5 KB
3 KB 1288ms
424ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

strict-transport-security: max-age=0
cache-control: max-age=600
content-encoding: gzip
etag: W/"65e6c0fa-15e4"
expires: Tue, 15 Apr 2025 20:08:46 GMT
date: Tue, 15 Apr 2025 19:58:46 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2024 06:51:38 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 5206 0
217 B 577ms
179ms Image
text/html 52.192.142.127
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.142.127 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-142-127.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

content-encoding: gzip
date: Tue, 15 Apr 2025 19:58:45 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.18.0 (Ubuntu)

GET
H2

200

cm
c.holmesmind.com/ Frame 5206
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
504 B

121ms
120ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 15 Apr 2025 19:58:45 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
server: nginx/1.10.3 (Ubuntu)

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 15 Apr 2025 19:58:45 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
server: nginx/1.10.3 (Ubuntu)

GET
H2

200

google
m.holmesmind.com/ml/ Frame 5206
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm=&cf_uid=undefined&uu_m=undefined&google_tc=
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_error=15

0
459 B

254ms
73ms

Image
image/png

35.227.249.156
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_error=15
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 2849
x-goog-stored-content-encoding: identity
expires: Tue, 15 Apr 2025 20:11:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 0
date: Tue, 15 Apr 2025 19:11:16 GMT
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
content-type: image/png
x-guploader-uploadid: AKDAyItXRM1LJodSBhaIsDx4fslvDZNm85K909XZCSpfkNi13gUw7wnJzW6FSLtVkZLEzusRiweZjko
cache-control: public, max-age=3600
x-goog-storage-class: REGIONAL
accept-ranges: bytes
x-goog-generation: 1519198601160228
content-length: 0
server: UploadServer

Redirect headers

cache-control: no-cache, must-revalidate
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_error=15
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 287
date: Tue, 15 Apr 2025 19:58:45 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 ysm_ikanman.js Show response
ad.sitemaji.com/ Frame 51AD 100 KB
0 0ms
0ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://ad.sitemaji.com/ysm_ikanman.js
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: Feebee Web Server /
Resource Hash: 7c467dd89f9e937b1de393b3facc84c6a1fa787bf9c9468d2526502dc7d7d299

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cache-control: max-age=86400,public
content-encoding: br
etag: W/"67f76a7b-18e1b"
age: 3779
via: 1.1 google
expires: Wed, 16 Apr 2025 18:55:42 GMT
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32743
date: Tue, 15 Apr 2025 18:55:42 GMT
last-modified: Thu, 10 Apr 2025 06:51:39 GMT
content-type: application/javascript
server: Feebee Web Server
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 580E 0
219 B 189ms
189ms Script
text/html 18.176.50.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=13904&rf=https%3A%2F%2Fmmhg.jcymh.pro%2F&n=844&o=4&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=6339-natzo7AyzJDnaM14OtudwdIc46fgcF47&fp_uuid=6339-ff0169d179805828c3bac585e745c998&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.176.50.137 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-50-137.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

access-control-allow-origin: https://mmhg.jcymh.pro
content-encoding: gzip
date: Tue, 15 Apr 2025 19:58:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
server: nginx/1.14.0 (Ubuntu)
access-control-allow-credentials: true

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 580E 5 KB
3 KB 1274ms
422ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

strict-transport-security: max-age=0
cache-control: max-age=600
content-encoding: gzip
etag: W/"65e6c0fa-15e4"
expires: Tue, 15 Apr 2025 20:08:46 GMT
date: Tue, 15 Apr 2025 19:58:46 GMT
content-type: application/javascript
last-modified: Tue, 05 Mar 2024 06:51:38 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 5206 270 KB
68 KB 276ms
136ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

1ed02456619b0f3c03e7de3dc1b897d33b32a82be972a5d71984e704fa00f312

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src 'nonce-Oi2efedW' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Apr 2025 19:58:45 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src 'nonce-Oi2efedW' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=134, rtx=0, c=24, mss=1232, tbw=8545, tp=13, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: DrRYDAR5UbHgTpkphNisD6RVtMcWDcF/gBHKt0ysf1Xof6d2CbyP8QZ8dDp3R3qKIA3h58V+azD/Cu6GCYkS8g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 69040
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 collect Show response
track.91app.io/ext/v1/ Frame 5206 46 B
237 B 397ms
208ms Fetch
application/json 35.201.76.198
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://track.91app.io/ext/v1/collect?v=1&ch=web&ul=en-US&ht=1744747126043&evtid=8b4c87e2-c4b7-4b96-8d18-7bdc29543b98&tid=5&cid=269004-VGIK5FR8UYFX8Yle4paoQEkEGpfxovFJ&evtn=pixel
Requested by: Host: tracking-client.91app.com
URL: https://tracking-client.91app.com/1.2.0/nineyi.tracking.client.iife.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.198 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 198.76.201.35.bc.googleusercontent.com
Software: Google Frontend / Express
Resource Hash: ea6409b9d1f7248c554bac5e0a03f7f8fec5809d167aab12145fd9feac8c25f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://cdn.holmesmind.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
date: Tue, 15 Apr 2025 19:58:46 GMT
x-cloud-trace-context: 09a334de5c8c18a01323955696e5328a
content-type: application/json; charset=utf-8
x-powered-by: Express
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 did Show response
track.91app.io/ext/v1/ Frame 5206 46 B
428 B 373ms
206ms Fetch
application/json 35.201.76.198
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://track.91app.io/ext/v1/did
Requested by: Host: tracking-client.91app.com
URL: https://tracking-client.91app.com/1.2.0/nineyi.tracking.client.iife.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.198 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 198.76.201.35.bc.googleusercontent.com
Software: Google Frontend / Express
Resource Hash: cb514855d7e99853d97680587a2c573512168df183606583477fcdfb7dde7314

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

cache-control: no-cache
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://cdn.holmesmind.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46
date: Tue, 15 Apr 2025 19:58:46 GMT
x-cloud-trace-context: 3346a349f534a9b61323955696e53b0b
content-type: application/json; charset=utf-8
x-powered-by: Express
server: Google Frontend
vary: Accept-Encoding

GET
H3 200 fsa-sdk.min.js Show response
ad.sitemaji.com/fsa/ Frame 74E1 156 KB
14 KB 75ms
74ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: Feebee Web Server /
Resource Hash: 15d22ae546347960ebcc50003428bed49f50a26903027a264f03f1a901216a90

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cache-control: max-age=86400,public
content-encoding: br
etag: W/"67e364af-26ea5"
age: 9421
via: 1.1 google
expires: Wed, 16 Apr 2025 17:21:45 GMT
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14639
date: Tue, 15 Apr 2025 17:21:45 GMT
last-modified: Wed, 26 Mar 2025 02:21:35 GMT
content-type: application/javascript
server: Feebee Web Server
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 / Show response
ssl.sitemaji.com/geo/ Frame 74E1 17 B
175 B 762ms
248ms Script
text/plain 60.199.208.47
TFN-TW Taiwan Fix...

General

Check archive.org

Download Go to

Full URL: https://ssl.sitemaji.com/geo/?callback=geocallback
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 60.199.208.47 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS
Software: Feebee Web Server /
Resource Hash: a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

expires: Wed, 16 Apr 2025 19:58:46 GMT
cache-control: max-age=86400, public
content-length: 17
date: Tue, 15 Apr 2025 19:58:46 GMT
content-type: text/plain; charset=utf-8
server: Feebee Web Server

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 5206 37 B
409 B 427ms
426ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

983098d213ee019a62c5d7b577348f09ed9b76761478755d97069491c406fd13

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

strict-transport-security: max-age=0
cache-control: no-cache, private
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://cdn.holmesmind.com
date: Tue, 15 Apr 2025 19:58:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Origin
server: nginx

GET cm
ad.holmesmind.com/adserver/ Frame 5206 0
0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 5206 30 B
278 B 427ms
427ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=888d8d99-5e8f-4c5f-a533-580a32f400fe

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

strict-transport-security: max-age=0
cache-control: no-cache, private
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://cdn.holmesmind.com
date: Tue, 15 Apr 2025 19:58:46 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: nginx

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 5206 0
194 B 427ms
426ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=888d8d99-5e8f-4c5f-a533-580a32f400fe

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://cdn.holmesmind.com/

Response headers

strict-transport-security: max-age=0
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-origin: https://cdn.holmesmind.com
date: Tue, 15 Apr 2025 19:58:46 GMT
content-type: image/png
vary: Origin
server: nginx

GET pixel
888d8d99-5e8f-4c5f-a533-580a32f400fe.t.ssp.hinet.net/ Frame 5206 0
0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 580E 36 B
406 B 425ms
424ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

1088109369450108e941fde1d37c4c4d0604e2467d4f28416747be726bb641cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

strict-transport-security: max-age=0
cache-control: no-cache, private
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://mmhg.jcymh.pro
date: Tue, 15 Apr 2025 19:58:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Origin
server: nginx

GET
H2 200 campaign.php Show response
fsa-api.feebee.tw/maji/v2/ Frame 74E1 644 B
878 B 796ms
254ms Fetch
application/json 60.199.208.39
TFN-TW Taiwan Fix...

General

Check archive.org

Download Go to

Full URL

https://fsa-api.feebee.tw/maji/v2/campaign.php?source_site=ypa_mhq&device=pc&n=1&position=promo2&fhash=eXBhX21ocQ%3D%3D&size=320x50&slot=320x50&cate=&q=&host=&sort=&is_tw=0&country=us

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

60.199.208.39 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),

Reverse DNS

Software

Feebee Web Server /

Resource Hash

4b908e015882b4db6abe7583302c271c11bc6ab4c4548dc3ef62b28847e16ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
x-robots-tag: noindex
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: *
x-content-type-options: nosniff
access-control-allow-origin: https://mmhg.jcymh.pro
date: Tue, 15 Apr 2025 19:58:47 GMT
content-type: application/json
vary: Accept-Encoding
server: Feebee Web Server
access-control-allow-headers: Origin, Methods, Content-Type, Authorization

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 580E 30 B
276 B 425ms
424ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=888d8d99-5e8f-4c5f-a533-580a32f400fe

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

strict-transport-security: max-age=0
cache-control: no-cache, private
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://mmhg.jcymh.pro
date: Tue, 15 Apr 2025 19:58:47 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: nginx

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 580E 0
192 B 449ms
447ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=6339-natzo7AyzJDnaM14OtudwdIc46fgcF47&mp=888d8d99-5e8f-4c5f-a533-580a32f400fe

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

strict-transport-security: max-age=0
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-origin: https://mmhg.jcymh.pro
date: Tue, 15 Apr 2025 19:58:47 GMT
content-type: image/png
vary: Origin
server: nginx

GET pixel
888d8d99-5e8f-4c5f-a533-580a32f400fe.t.ssp.hinet.net/ Frame 580E 0
0

GET
H3 200 3020252450.jpg
cf.mhgui.com/cpic/ 9 KB
0 173ms
173ms Image
image/jpeg 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cf.mhgui.com/cpic/3020252450.jpg

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cf-cache-status: HIT
etag: "9d9d39ca49e7d31:0"
age: 3986293
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z3FYDZD71D3t2PCBkVWIpc%2FHGNcIPb2xmLi5PzszaBD15WPd97hfNbCTRQmPLTkmrpNxxfwp7zQeqzBvnjD76yM74U12oVhXvCFXxPxelqXURjN9j%2BYxINbYu8dEpQk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sat, 28 Feb 2026 16:40:34 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=137097&min_rtt=136599&rtt_var=38826&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3563&recv_bytes=5373&delivery_rate=22173&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=5950&x=16"
date: Tue, 15 Apr 2025 19:58:47 GMT
content-type: image/jpeg
last-modified: Wed, 09 May 2018 03:57:03 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 930e050b5cb919cb-EWR
accept-ranges: bytes
content-length: 61224
x-powered-by: SEEMH.COM
server: cloudflare

GET
H2 200 ysm_ikanman.js Show response
ad.sitemaji.com/ Frame A56F 100 KB
0 1ms
1ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://ad.sitemaji.com/ysm_ikanman.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: Feebee Web Server /
Resource Hash: 7c467dd89f9e937b1de393b3facc84c6a1fa787bf9c9468d2526502dc7d7d299

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=86400,public
content-encoding: br
etag: W/"67f76a7b-18e1b"
age: 3779
via: 1.1 google
expires: Wed, 16 Apr 2025 18:55:42 GMT
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32743
date: Tue, 15 Apr 2025 18:55:42 GMT
last-modified: Thu, 10 Apr 2025 06:51:39 GMT
content-type: application/javascript
server: Feebee Web Server
vary: Accept-Encoding,Accept-Encoding

GET
H3 200 fsa-core.min.js Show response
ad.sitemaji.com/fsa/ Frame A56F 7 KB
3 KB 89ms
86ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://ad.sitemaji.com/fsa/fsa-core.min.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/fsa/fsa-sdk.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: Feebee Web Server /
Resource Hash: d3c82d14e123ec846f7a8deff595f5eba1f8f2ef7b64460b3570cd08e84c47d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=86400,public
content-encoding: br
etag: W/"67457d86-1c12"
age: 16134
via: 1.1 google
expires: Wed, 16 Apr 2025 15:29:53 GMT
alt-svc: h3=":443"; ma=86400, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2651
date: Tue, 15 Apr 2025 15:29:53 GMT
last-modified: Tue, 26 Nov 2024 07:49:26 GMT
content-type: application/javascript
server: Feebee Web Server
vary: Accept-Encoding,Accept-Encoding

GET
H2 200 uZ1z63ciuvX7C2t9NvBeo4PeGwqSj8GsPXOAfhKGOjr6WR_Eekl_Jla4FEaEZ2vAbtda2YU2ozUnbiEPxnZcFOFxWGCWpZ8bq3c9NUJEo0eccg11mXbCZSDEMDZ4C9rwHrEWndqKw-Qd8LacOlOSGWzzRgaFVAiAH_OkbuWfQXg-6R4BZnxTHYh2um_kQ8misz3Z-...
fsa-api.feebee.tw/maji/v2/view/ Frame 74E1 842 B
1013 B 272ms
269ms Image
image/gif 60.199.208.39
TFN-TW Taiwan Fix...

General

Check archive.org

Download Go to Show image

Full URL

https://fsa-api.feebee.tw/maji/v2/view/uZ1z63ciuvX7C2t9NvBeo4PeGwqSj8GsPXOAfhKGOjr6WR_Eekl_Jla4FEaEZ2vAbtda2YU2ozUnbiEPxnZcFOFxWGCWpZ8bq3c9NUJEo0eccg11mXbCZSDEMDZ4C9rwHrEWndqKw-Qd8LacOlOSGWzzRgaFVAiAH_OkbuWfQXg-6R4BZnxTHYh2um_kQ8misz3Z-CSKI65xzVKwSdfNtaqpDEtMkqBHCeb89GsODidZHI2wsmjxw_0lvDz6Cf5Yp6oryVfHe2AEsqjK2YjvoDrlg.gif

Requested by

Host: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

60.199.208.39 , Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),

Reverse DNS

Software

Feebee Web Server /

Resource Hash

6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
x-robots-tag: noindex
content-length: 842
date: Tue, 15 Apr 2025 19:58:47 GMT
content-type: image/gif
server: Feebee Web Server
x-content-type-options: nosniff

GET
H3 200 3021512953.jpg
cf.mhgui.com/cpic/ 70 KB
70 KB 149ms
148ms Image
image/jpeg 172.67.218.248
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL

https://cf.mhgui.com/cpic/3021512953.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.218.248 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / SEEMH.COM

Resource Hash

311b61f049c78b8f3589dd4dc1b076ea41e7f4cf1904378f15f083509248515d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer: https://mmhg.jcymh.pro/

Response headers

cf-cache-status: HIT
etag: "31af5c949e7d31:0"
age: 3446076
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QtWWHBmNYJMHxaiucmto%2FWFnvr8tOyAUhtbmFns1mLXvuUHYRPQkkmflzTzjSxrzNLW7%2Bxt20%2BybgUX%2FpNCwSgNwURk65UDcbyumDtEWWw8YIsvrpZDspR4JFmdKNZM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 06 Mar 2026 22:44:16 GMT
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=137097&min_rtt=136599&rtt_var=38826&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3563&recv_bytes=5373&delivery_rate=22173&cwnd=12000&unsent_bytes=0&cid=aca32116756862d1&ts=11243&x=16"
date: Tue, 15 Apr 2025 19:58:52 GMT
content-type: image/jpeg
last-modified: Wed, 09 May 2018 03:57:03 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 930e052c7f4c19cb-EWR
accept-ranges: bytes
content-length: 71312
x-powered-by: SEEMH.COM
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mmhg.jcymh.pro
URL: https://mmhg.jcymh.pro/images/logo_mini.gif

Domain: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/cm?app=91app&P=269004-VGIK5FR8UYFX8Yle4paoQEkEGpfxovFJ&uid=a404a408-aabe-49c4-bb86-96b34ea20c7b

Domain: 888d8d99-5e8f-4c5f-a533-580a32f400fe.t.ssp.hinet.net
URL: https://888d8d99-5e8f-4c5f-a533-580a32f400fe.t.ssp.hinet.net/pixel?bd=888d8d99-5e8f-4c5f-a533-580a32f400fe&t=cf&referrer=https%3A%2F%2Fmmhg.jcymh.pro

Domain: 888d8d99-5e8f-4c5f-a533-580a32f400fe.t.ssp.hinet.net
URL: https://888d8d99-5e8f-4c5f-a533-580a32f400fe.t.ssp.hinet.net/pixel?bd=888d8d99-5e8f-4c5f-a533-580a32f400fe&t=50ef57&referrer=

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jcymh.pro/	1970-01-21 14:15:07	Name: _ga_H5F270PE29 Value: GS1.1.1744747122.1.0.1744747122.0.0.0
.jcymh.pro/	1970-01-21 14:15:07	Name: _ga Value: GA1.1.264399479.1744747122
.jcymh.pro/	1970-01-21 05:22:19	Name: ISMD5VERSION Value: 1
.aralego.com/	1970-01-21 13:24:43	Name: sspid Value: 7849a69f-3390-3269-b34f-4075102066b5
.jcymh.pro/	1970-01-21 05:22:19	Name: CFFPCKUUID Value: 8108-shHaLnoRr1rKoeed8uAXm2Q94uJp5qQ2
.jcymh.pro/	1970-01-21 05:22:19	Name: CFFPCKUUIDMAIN Value: 6339-natzo7AyzJDnaM14OtudwdIc46fgcF47
.jcymh.pro/	1970-01-21 05:22:19	Name: FPUUID Value: 6339-ff0169d179805828c3bac585e745c998
.holmesmind.com/	1970-01-21 14:15:07	Name: P Value: 269004-VGIK5FR8UYFX8Yle4paoQEkEGpfxovFJ
.holmesmind.com/	1970-01-21 05:00:14	Name: Vision Value: 20250416-23:59,20250416-06,20250416-06,20250416-23:59
.holmesmind.com/	1970-01-21 05:00:14	Name: C Value: null
.holmesmind.com/	1970-01-21 07:04:04	Name: RK Value: null
.doubleclick.net/	1970-01-21 04:39:08	Name: test_cookie Value: CheckForPermission
.holmesmind.com/	1970-01-21 04:40:33	Name: fcm Value: 1
.lndata.com/	1970-01-21 13:25:11	Name: admckid Value: 2504160358451843854
track.91app.io/	1970-01-21 14:15:07	Name: deviceid Value: 717b999c-2885-45d7-9ca1-f3a0dac7ffbe
.hinet.net/	1970-01-21 14:15:07	Name: uuid Value: 888d8d99-5e8f-4c5f-a533-580a32f400fe
.jcymh.pro/	1970-01-21 13:24:43	Name: __htid Value: 888d8d99-5e8f-4c5f-a533-580a32f400fe
.jcymh.pro/	1970-01-21 04:39:10	Name: _ht_em Value: 1
.jcymh.pro/	1970-01-21 04:40:33	Name: _ht_50ef57 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://cdn.holmesmind.com/js/capmapping.htm Message: [GroupMarkerNotSet(crbug.com/242999)!:A0B073036C3F0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

888d8d99-5e8f-4c5f-a533-580a32f400fe.t.ssp.hinet.net
ad.holmesmind.com
ad.sitemaji.com
ads.aralego.com
agent.aralego.com
c.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cf.mhgui.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
connect.facebook.net
fcm.holmesmind.com
fcm2.holmesmind.com
fsa-api.feebee.tw
m.holmesmind.com
mmhg.jcymh.pro
rd.sitemaji.com
ssl.sitemaji.com
t.ssp.hinet.net
track.91app.io
tracking-client.91app.com
www.google-analytics.com
www.googletagmanager.com
888d8d99-5e8f-4c5f-a533-580a32f400fe.t.ssp.hinet.net
ad.holmesmind.com
mmhg.jcymh.pro
104.21.16.1
116.50.36.71
142.250.65.194
157.240.241.1
172.67.218.248
18.176.50.137
18.238.55.56
192.96.203.13
203.75.214.136
2600:9000:247b:4600:0:e06c:e940:93a1
2600:9000:247b:9400:0:e06c:e940:93a1
2606:4700:20::ac43:45c3
2607:f8b0:4006:809::2008
2607:f8b0:4006:80d::200e
3.114.46.234
34.95.67.231
35.186.215.140
35.201.76.198
35.201.76.93
35.227.249.156
52.192.142.127
60.199.208.39
60.199.208.47
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
1088109369450108e941fde1d37c4c4d0604e2467d4f28416747be726bb641cb
15d22ae546347960ebcc50003428bed49f50a26903027a264f03f1a901216a90
1b83424b581a2bbc489aed4c5528ac899b07de0f8a17cfe68b02b778d7674f96
1ed02456619b0f3c03e7de3dc1b897d33b32a82be972a5d71984e704fa00f312
21bfd9c7659cfb549c6c1457f1f63301d20a4985ea8222651dc55005c8446dc7
30ee78624f9d25255d3037c86de2b3e339d833589dd1c7966ba20e5358881740
311b61f049c78b8f3589dd4dc1b076ea41e7f4cf1904378f15f083509248515d
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
37cd16af9680e2eac2b065fe88fbc0ca6d80583c67a9d8c69969e5dcbe27b14d
390f65da383ba1a6c38ab9d25a4b520f0c13a8b12134cc244b4c861d0874fca9
40b7bdc735eb81f31f65384127965807b6cc9f9e6caa3eb770b1954bc89f6193
4b908e015882b4db6abe7583302c271c11bc6ab4c4548dc3ef62b28847e16ff5
5a871b13ede1754dec51e91e8f3ee35b98ff71fe42cf57d51cb574b004e3d4cd
5bc239944d31c4d37485c831907fbf1e13711462d27912f906a09e7a72982f99
5bc7fbe895f77adf9097b4c2d2860f2e8389d39d801bd7d0d39b8b0789f3cc4e
6fbf9cc36bbd0c5efce36d2e650d406da61d42361355492e9204a2b919397804
73ae392d3e6fd2a480cd5e6eb0077f17af084abfda5e3bb5487f76c0277be87c
77c8d2d07716506e589188a36f9aa7794954fec51ee66e12a0df497a8f234f2d
79d73273d963b0a5e8bfaa0612ba368e00bfa744dc681f2326428ea326bcb685
7c467dd89f9e937b1de393b3facc84c6a1fa787bf9c9468d2526502dc7d7d299
7dad698538dc819c2e79d44d6bbb4f63c52f5ed21101088d06b9d2a7f1ab4807
7e4a6bc3a0cdb16f49f99199a9c4aec01fa881d6d00df976ed2ae4f32ca486b4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
93482ec02c276afdc1c221934bff25b82f8231178fd31c523f90874872b5655c
9493b54962b4b477b04c5815f58e7748a50227be9fe8855ec41b18194601851e
983098d213ee019a62c5d7b577348f09ed9b76761478755d97069491c406fd13
a736a221af11c68451960f6fd70f968edb1886c9e9c9065750a0beec942819b7
b28c33b03a012d0799f2f0c4cfa2f69ecb8321f51fbdd92e80948993b689bb71
b638cc2de9f4bf30cd980830ebfba0b586d5ce5da10903f126d0dd4350e5aea3
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
cb514855d7e99853d97680587a2c573512168df183606583477fcdfb7dde7314
cbcc1191b6f4eea1278e97cb961bcb6c77ba5a106d41ae78654d9fb35cb42a1f
d3780eb1c971e228236701c482ec8c0a640a249bb46900156d4840233c649e12
d3c82d14e123ec846f7a8deff595f5eba1f8f2ef7b64460b3570cd08e84c47d5
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d63245c98c466091fa4a8bb7ca4de4c4a9d338833cea4a1baa2e8e4af68911ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6409b9d1f7248c554bac5e0a03f7f8fec5809d167aab12145fd9feac8c25f9
ebe4455f17c3ef199c26084feecedb6f6fadc5e3c36b636ef38a0f44a59c218c
ebff4bdabba89b14dfc3698fbbd41fd3468b9aec1a5415e33fa6c72e505670ed
f45251ca5f051c72ad1fb169af736cc21c8a16f798f4b7583f8717c3ff0773d6

mmhg.jcymh.pro Open in urlscan Pro 104.21.16.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

88 %HTTPS

22 %IPv6

15 Domains

25 Subdomains

23 IPs

4 Countries

829 kBTransfer

1784 kBSize

19 Cookies

0 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mmhg.jcymh.pro Open in urlscan Pro
104.21.16.1 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

88 %
HTTPS

22 %
IPv6

15
Domains

25
Subdomains

23
IPs

4
Countries

829 kB
Transfer

1784 kB
Size

19
Cookies

59 HTTP transactions
0 data transactions