urlscan.io logo urlscan.io
SecurityTrails logo

www.hg5588rrrrr.com Open in urlscan Pro
103.242.144.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1hg5588.com/
Effective URL: https://www.hg5588rrrrr.com:6899/
Submission: On October 02 via manual from DK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 6 countries across 16 domains to perform 127 HTTP transactions. The main IP is 103.242.144.36, located in Thailand and belongs to EAGLENET-AP 60 Market Square,P.O. Box 364, PH. The main domain is www.hg5588rrrrr.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on August 12th 2021. Valid for: a year.
This is the only time www.hg5588rrrrr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23.224.70.154 40065 (CNSERVERS)
1 19 103.242.144.36 55303 (EAGLENET-...)
3 142.250.186.40 15169 (GOOGLE)
2 216.58.212.174 15169 (GOOGLE)
80 104.18.8.66 13335 (CLOUDFLAR...)
1 47.246.43.252 24429 (TAOBAO Zh...)
1 203.205.235.65 132203 (TENCENT-N...)
1 59.63.188.66 ()
1 163.171.133.124 54994 (QUANTILNE...)
1 13.224.193.108 ()
1 13.225.87.127 16509 (AMAZON-02)
4 52.197.168.193 ()
1 163.171.128.148 ()
3 203.205.137.235 ()
1 129.226.103.219 ()
1 101.33.10.108 ()
3 203.205.235.61 ()
1 122.228.91.87 ()
1 103.16.121.244 ()
127 20
1    23.224.70.154 (United States)

ASN40065 (CNSERVERS, US)
1hg5588.com
19    103.242.144.36 (Thailand)

ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH)
www.hg5588rrrrr.com
3    142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net
www.googletagmanager.com
2    216.58.212.174 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f14.1e100.net
www.google-analytics.com
80    104.18.8.66 (None, )

ASN13335 (CLOUDFLARENET, US)
p1.cfvn66.com
cdn.cfvn66.com
1    47.246.43.252 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
g.alicdn.com
1    203.205.235.65 (China)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
ssl.captcha.qq.com
1    59.63.188.66 (None, )

ASN- ()
v.vaptcha.com
1    163.171.133.124 (France)

ASN54994 (QUANTILNETWORKS, US)
cstaticdun.126.net
1    13.224.193.108 (None, )

ASN- ()
js.agilenavi.com
1    13.225.87.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-127.fra2.r.cloudfront.net
fly.rodyou.com
4    52.197.168.193 (None, )

ASN- ()
analytics.agilenavi.com
1    163.171.128.148 (None, )

ASN- ()
m1.hnsbjjc.com
3    203.205.137.235 (None, )

ASN- ()
captcha.gtimg.com
1    129.226.103.219 (None, )

ASN- ()
t.captcha.qq.com
1    101.33.10.108 (None, )

ASN- ()
cdn-go.cn
3    203.205.235.61 (None, )

ASN- ()
aegis.qq.com
1    122.228.91.87 (None, )

ASN- ()
m1.dgybjz.com
1    103.16.121.244 (None, )

ASN- ()
mf2.agilenavi.com
Domain Requested by
45 p1.cfvn66.com www.hg5588rrrrr.com
p1.cfvn66.com
35 cdn.cfvn66.com www.hg5588rrrrr.com
19 www.hg5588rrrrr.com 1 redirects www.hg5588rrrrr.com
p1.cfvn66.com
4 analytics.agilenavi.com js.agilenavi.com
3 aegis.qq.com cdn-go.cn
3 captcha.gtimg.com ssl.captcha.qq.com
t.captcha.qq.com
3 www.googletagmanager.com www.hg5588rrrrr.com
2 www.google-analytics.com www.googletagmanager.com
1 mf2.agilenavi.com js.agilenavi.com
1 m1.dgybjz.com js.agilenavi.com
1 cdn-go.cn t.captcha.qq.com
1 t.captcha.qq.com captcha.gtimg.com
1 m1.hnsbjjc.com js.agilenavi.com
1 fly.rodyou.com www.hg5588rrrrr.com
1 js.agilenavi.com www.hg5588rrrrr.com
1 cstaticdun.126.net www.hg5588rrrrr.com
1 v.vaptcha.com www.hg5588rrrrr.com
1 ssl.captcha.qq.com www.hg5588rrrrr.com
1 g.alicdn.com www.hg5588rrrrr.com
1 1hg5588.com
0 m1.cisy427.cn Failed js.agilenavi.com
0 mlupqnqjmkhpw.agilenavi.com Failed js.agilenavi.com
127 22

This site contains no links.

Subject Issuer Validity Valid
*.hg5588rrrrr.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-12 -
2022-08-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.cfvn66.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-04 -
2022-09-04		 a year crt.sh
*.alicdn.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-07-03 -
2022-08-04		 a year crt.sh
*.captcha.qq.com
DigiCert Secure Site CN CA G3		 2020-11-12 -
2021-12-10		 a year crt.sh
*.vaptcha.com
AlphaSSL CA - SHA256 - G2		 2020-11-18 -
2021-12-20		 a year crt.sh
*.126.net
GeoTrust CN RSA CA G1		 2019-09-05 -
2021-12-04		 2 years crt.sh
*.agilenavi.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-22 -
2022-08-22		 a year crt.sh
*.rodyou.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-07 -
2021-12-09		 a year crt.sh
*.hnsbjjc.com
Sectigo RSA Domain Validation Secure Server CA		 2021-08-24 -
2022-08-26		 a year crt.sh
d3g.qq.com
DigiCert Secure Site CN CA G3		 2021-07-05 -
2022-08-05		 a year crt.sh
weixin.qq.com
DigiCert Secure Site CN CA G3		 2021-08-16 -
2022-09-16		 a year crt.sh
aegis.qq.com
DigiCert Secure Site CN CA G3		 2021-03-04 -
2022-04-04		 a year crt.sh
*.dgybjz.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-16 -
2022-05-17		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.hg5588rrrrr.com:6899/
Frame ID: A1C4E44B837659737C0E4A9A1D198F53
Requests: 5 HTTP requests in this frame

Frame: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Frame ID: D46932321AFC8FCAF5D4E2854462DA93
Requests: 110 HTTP requests in this frame

Frame: https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
Frame ID: 602DDAD4023B05B060FB7ABC7C9CA2D5
Requests: 6 HTTP requests in this frame

Frame: https://t.captcha.qq.com/template/drag_ele.html?t=1633204331814
Frame ID: B2B4EE386621FA2E8EB04D035F18F97D
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

皇冠现金网 crown sport hg5588.com

Page URL History Show full URLs

  1. http://1hg5588.com/ Page URL
  2. https://www.hg5588rrrrr.com/ HTTP 301
    https://www.hg5588rrrrr.com:6899/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /TCaptcha\.js
  • captcha\.qq\.com/.*
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • TweenMax(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

127
Requests

98 %
HTTPS

0 %
IPv6

16
Domains

22
Subdomains

20
IPs

6
Countries

6983 kB
Transfer

8318 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1hg5588.com/ Page URL
  2. https://www.hg5588rrrrr.com/ HTTP 301
    https://www.hg5588rrrrr.com:6899/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

127 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
1hg5588.com/ 		106 B
496 B 		Document
General
Check archive.org
Download Go to
Full URL
http://1hg5588.com/
Protocol
HTTP/1.1
Server
23.224.70.154 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
27212de999d7107ffbc774d6f2f267fa7dec7952de1160fdf3e580d880897294

Request headers

Host
1hg5588.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Thu, 12 Aug 2021 22:05:29 GMT
Accept-Ranges
bytes
ETag
"b4a0c229c68fd71:0"
Vary
Accept-Encoding
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Date
Sat, 02 Oct 2021 19:52:05 GMT
Content-Length
202
Primary Request /
www.hg5588rrrrr.com/
Redirect Chain
  • https://www.hg5588rrrrr.com/
  • https://www.hg5588rrrrr.com:6899/
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
f18aaf2cdae4364c10952e9de0f54f2627040690c6a930f2e95e9badd676e722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
www.hg5588rrrrr.com:6899
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://1hg5588.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://1hg5588.com/

Response headers

date
Sat, 02 Oct 2021 19:52:07 GMT
set-cookie
lang=zh-cn; path=/ lang=zh-cn; path=/ langx=zh-cn; path=/ IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; expires=Sat, 02-Oct-2021 19:53:07 GMT; Max-Age=60; path=/; domain=hg5588rrrrr.com; HttpOnly SESSION_ID=guest; path=/; domain=hg5588rrrrr.com ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; path=/; domain=hg5588rrrrr.com page_site=first; path=/ page_site=first; path=/
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
server
CK6u06Vu4
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload

Redirect headers

location
https://www.hg5588rrrrr.com:6899/
server
CK6u06Vu4
content-length
0
js
www.googletagmanager.com/gtag/ 		81 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bbdcc8b19e604c07aee68bc3b2be2046cd078bd09818de92892e83d696a179d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32886
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Oct 2021 19:52:07 GMT
gtm.js
www.googletagmanager.com/ 		196 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNTWRH2
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c911cc667b438cf83824ee11c819ca31848ffc8b2ef1b7b557023df3973399dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:07 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54224
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Oct 2021 19:52:07 GMT
soya
www.hg5588rrrrr.com/entrance/page/ Frame D469 		194 KB
67 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
91003c3b07d939cbc6e7053176bc725c2e669a62e8b0656021b57ef3df531f79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
www.hg5588rrrrr.com:6899
:scheme
https
:path
/entrance/page/soya?ni=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hg5588rrrrr.com:6899/
accept-encoding
gzip, deflate, br
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/

Response headers

date
Sat, 02 Oct 2021 19:52:07 GMT
set-cookie
page_site=first; path=/
cache-control
no-store, no-cache, must-revalidate
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
server
CK6u06Vu4
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
upupFlash.php
www.hg5588rrrrr.com/app/member/ Frame 602D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
266c5c79104a2096f95f80b22b4e3a1703ba5663d77298d0c673f670ca3bc428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
www.hg5588rrrrr.com:6899
:scheme
https
:path
/app/member/upupFlash.php?uid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.hg5588rrrrr.com:6899/
accept-encoding
gzip, deflate, br
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/

Response headers

date
Sat, 02 Oct 2021 19:52:07 GMT
set-cookie
PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
server
CK6u06Vu4
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTWRH2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3607
date
Sat, 02 Oct 2021 18:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 02 Oct 2021 20:52:00 GMT
jquery-1.7.2.min.js
www.hg5588rrrrr.com/cl/js/ Frame 602D 		93 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/cl/js/jquery-1.7.2.min.js
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/cl/js/jquery-1.7.2.min.js
pragma
no-cache
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2016 05:35:53 GMT
server
CK6u06Vu4
etag
"582d41b9-1727a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=432000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
expires
Thu, 07 Oct 2021 19:52:08 GMT
plugins.min.js
www.hg5588rrrrr.com/cl/js/plugin/ Frame 602D 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/cl/js/plugin/plugins.min.js
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
ee579cc67189366a57c0af1d87aa53450e83e2aebbbe12859ab301b2fb67935f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/cl/js/plugin/plugins.min.js
pragma
no-cache
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
gzip
last-modified
Thu, 25 Mar 2021 06:11:08 GMT
server
CK6u06Vu4
etag
"605c297c-399a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=432000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
7330
expires
Thu, 07 Oct 2021 19:52:08 GMT
FigLeaf.js
www.hg5588rrrrr.com/ipl/app/flash/publicbmw/ball/ Frame 602D 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/ipl/app/flash/publicbmw/ball/FigLeaf.js?site=member
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
610959508837b1fed34a90c085517b2aec1bd260c5d09be5b7fd41b7380de26e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/ipl/app/flash/publicbmw/ball/FigLeaf.js?site=member
pragma
no-cache
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
gzip
last-modified
Thu, 15 Aug 2019 07:31:22 GMT
server
CK6u06Vu4
etag
"5d550a4a-3735"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
5417
bootstrap-notify.js
www.hg5588rrrrr.com/cl/js/tools/ Frame 602D 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/cl/js/tools/bootstrap-notify.js?v=1633204327
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
79437aa18077eb7c9ad24fecc4cf7348afea4656f902005df39f4d8ce2becc02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/cl/js/tools/bootstrap-notify.js?v=1633204327
pragma
no-cache
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
gzip
last-modified
Thu, 10 Jun 2021 07:31:36 GMT
server
CK6u06Vu4
etag
"60c1bfd8-36c5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=432000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
5463
expires
Thu, 07 Oct 2021 19:52:08 GMT
common.min.css
p1.cfvn66.com/cl/tpl/template/style/ Frame D469 		2 KB
942 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/tpl/template/style/common.min.css?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37ce466abeb200225cab59f6820623e3cd3136bdd086c45d9dd0add0a23cd48
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
772070
cf-ray
6980782b983f4dca-FRA
last-modified
Mon, 26 Aug 2019 11:41:16 GMT
server
cloudflare
etag
W/"5d63c55c-83d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
crownsport.css
p1.cfvn66.com/cl/tpl/crownsport/ver1/css/ Frame D469 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
923fe5cd8abc8bbe3b9327e0eeab62010044a31b58842599d10190394088a15c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
152824
timing-allow-origin
*
last-modified
Thu, 05 Aug 2021 02:58:00 GMT
server
cloudflare
etag
W/"610b53b8-2a94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
cache-control
public, max-age=432000
cf-ray
6980782b98404dca-FRA
cf-bgj
minify
jquery-1.7.2.min.js
p1.cfvn66.com/cl/js/ Frame D469 		93 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/jquery-1.7.2.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1066374
cf-ray
6980782b98414dca-FRA
last-modified
Thu, 17 Nov 2016 05:35:53 GMT
server
cloudflare
etag
W/"582d41b9-1727a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
plugins.min.js
p1.cfvn66.com/cl/js/plugin/ Frame D469 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/plugin/plugins.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee579cc67189366a57c0af1d87aa53450e83e2aebbbe12859ab301b2fb67935f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1065553
cf-ray
6980782b98424dca-FRA
last-modified
Thu, 25 Mar 2021 06:11:08 GMT
server
cloudflare
etag
W/"605c297c-399a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
common.min.js
p1.cfvn66.com/cl/js/ Frame D469 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/common.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f71148aa2505321fb1dab563f1ce478eabb6ffae2a38204790626a5ce4b6f3c8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
228198
cf-ray
6980782b98434dca-FRA
last-modified
Tue, 15 Jun 2021 10:36:54 GMT
server
cloudflare
etag
W/"60c882c6-443e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
upup.min.js
p1.cfvn66.com/cl/js/tools/ Frame D469 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/tools/upup.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c807b957eee70e526264456458aef0723834a063542897522ed483629409d57
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1051623
cf-ray
6980782b98444dca-FRA
last-modified
Wed, 14 Aug 2019 08:50:13 GMT
server
cloudflare
etag
W/"5d53cb45-d30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
bg01.jpg
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/ Frame D469 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/bg01.jpg
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e5587c396f6a8ed9c3d5aa29a7ae41b283233c61414e7113bed853e3eec2ab8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
152823
strict-transport-security
max-age=15552000; includeSubDomains
content-length
283330
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-452c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
expires
Sat, 02 Oct 2021 23:52:08 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782bd8b34dca-FRA
cf-bgj
h2pri
lang_circle_b.png
p1.cfvn66.com/cl/tpl/template/images/element/ Frame D469 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/template/images/element/lang_circle_b.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3047ea91541e75405468ad97ebd35543ab8afceb8f3e1e98366b288aba6633e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
210886
content-length
3253
timing-allow-origin
*
last-modified
Wed, 24 Jan 2018 02:18:06 GMT
server
cloudflare
etag
"5a67ecde-cb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782bd8b44dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
162815029964.png
cdn.cfvn66.com/tpl/1842/1678503/images/ Frame D469 		586 KB
587 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1678503/images/162815029964.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4072646fd8dec4b99efbfbe0947d3bb67a41b9594ef0a22584c616c8f9a9df7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
72704
strict-transport-security
max-age=15552000; includeSubDomains
content-length
600315
timing-allow-origin
*
last-modified
Thu, 05 Aug 2021 07:58:19 GMT
server
cloudflare
etag
"610b9a1b-928fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782cca8f4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162815772370.png
cdn.cfvn66.com/tpl/1842/1678573/images/ Frame D469 		517 KB
518 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1678573/images/162815772370.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d790a7117ee7af599962b4afac361d00cfa268dfbe85281a079bda54acb3f33
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
72704
strict-transport-security
max-age=15552000; includeSubDomains
content-length
529659
timing-allow-origin
*
last-modified
Thu, 05 Aug 2021 10:02:03 GMT
server
cloudflare
etag
"610bb71b-814fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782cca8e4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162815023679.png
cdn.cfvn66.com/tpl/1842/1678503/images/ Frame D469 		495 KB
496 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1678503/images/162815023679.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18593e39a763f531ed9faaa40053e1489a9fe7882a1bd49ff12c0c9d75a8438a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
72703
strict-transport-security
max-age=15552000; includeSubDomains
content-length
506790
timing-allow-origin
*
last-modified
Thu, 05 Aug 2021 07:57:16 GMT
server
cloudflare
etag
"610b99dc-7bba6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782cca864dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162815011449.png
cdn.cfvn66.com/tpl/1842/1678503/images/ Frame D469 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1678503/images/162815011449.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34d3443c4d03ea442dad8462293ba6f5c1c2f9c76b85695c003c42591acff49
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
72703
strict-transport-security
max-age=15552000; includeSubDomains
content-length
1056258
timing-allow-origin
*
last-modified
Thu, 05 Aug 2021 07:55:14 GMT
server
cloudflare
etag
"610b9962-101e02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782cca8d4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162815002771.png
cdn.cfvn66.com/tpl/1842/1678503/images/ Frame D469 		532 KB
533 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1678503/images/162815002771.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e547048831fa3f357f782f62a6ee34b1777603dca078cb96066fcfeb072c47c9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
72703
strict-transport-security
max-age=15552000; includeSubDomains
content-length
544851
timing-allow-origin
*
last-modified
Thu, 05 Aug 2021 07:53:47 GMT
server
cloudflare
etag
"610b990b-85053"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782cca8b4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162815014183.png
cdn.cfvn66.com/tpl/1842/1678503/images/ Frame D469 		555 KB
555 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1678503/images/162815014183.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29821aaa7a6a4243dfdabad1414fc517347fb444ae9e05d559f513fbea915ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
72702
strict-transport-security
max-age=15552000; includeSubDomains
content-length
568059
timing-allow-origin
*
last-modified
Thu, 05 Aug 2021 07:55:41 GMT
server
cloudflare
etag
"610b997d-8aafb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782cca894dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162815026666.png
cdn.cfvn66.com/tpl/1842/1678503/images/ Frame D469 		589 KB
590 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1678503/images/162815026666.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25fca486d44381f3211bd34a136f14138c06009ce0d1319ffd362d68814b789f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
72701
strict-transport-security
max-age=15552000; includeSubDomains
content-length
603051
timing-allow-origin
*
last-modified
Thu, 05 Aug 2021 07:57:46 GMT
server
cloudflare
etag
"610b99fa-933ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782cca9f4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
TweenMax.min.js
p1.cfvn66.com/cl/js/slideshow/ Frame D469 		93 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/slideshow/TweenMax.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16b1ac67c28b1ef805e0d00afe87e6a0866f8e76024625b042c5b38940d92c16
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
227156
cf-ray
6980782cba674dca-FRA
last-modified
Thu, 17 Nov 2016 05:35:53 GMT
server
cloudflare
etag
W/"582d41b9-174dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
tween.slideshow.js
p1.cfvn66.com/cl/js/tools/ Frame D469 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/tools/tween.slideshow.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbb7859107d4ae223674b4e32aca255371b0d3a54863f1723a3d8e5b25da0752
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1028769
cf-polished
origSize=20100
timing-allow-origin
*
last-modified
Mon, 19 Apr 2021 01:29:25 GMT
server
cloudflare
etag
W/"607cdcf5-4e84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
cache-control
public, max-age=432000
cf-ray
6980782cba6a4dca-FRA
cf-bgj
minify
gray.png
p1.cfvn66.com/cl/tpl/commonFile/images/bbinlogo/ Frame D469 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/commonFile/images/bbinlogo/gray.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
699369d9574983fadac78560d207b35f8b38e896d0b33e1788de258a3006c24a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
152824
content-length
6054
timing-allow-origin
*
last-modified
Thu, 03 Aug 2017 04:08:43 GMT
server
cloudflare
etag
"5982a1cb-17a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782cba6b4dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
gray.png
p1.cfvn66.com/cl/tpl/commonFile/images/ubbrowser/ Frame D469 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/commonFile/images/ubbrowser/gray.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d0af98d949b48ec9f505f0a6163fbeb8cfbbf25bdaa04afa6e0360846eb6f8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1372530
content-length
5053
timing-allow-origin
*
last-modified
Thu, 12 Oct 2017 07:51:48 GMT
server
cloudflare
etag
"59df1f14-13bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782cba6d4dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
162832158884.png
cdn.cfvn66.com/tpl/1842/1679524/images/ Frame D469 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1679524/images/162832158884.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0554d985efabc06180c87196063b4a0700e18553a0645178b4815d0a3f8b2a3e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
72695
strict-transport-security
max-age=15552000; includeSubDomains
content-length
25138
timing-allow-origin
*
last-modified
Sat, 07 Aug 2021 07:33:08 GMT
server
cloudflare
etag
"610e3734-6232"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782ebdf44dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162832160752.png
cdn.cfvn66.com/tpl/1842/1679524/images/ Frame D469 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1679524/images/162832160752.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f3f9387841fe3302ea54575f12f17558b894e4e147870eab330c184f337a16
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
72695
strict-transport-security
max-age=15552000; includeSubDomains
content-length
5157
timing-allow-origin
*
last-modified
Sat, 07 Aug 2021 07:33:27 GMT
server
cloudflare
etag
"610e3747-1425"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782ebdf64dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162832161547.png
cdn.cfvn66.com/tpl/1842/1679524/images/ Frame D469 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1679524/images/162832161547.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fba6f1bc4276d0f20aebeadca9528e3019568be6b630d788d311a52434d1994d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
22029
strict-transport-security
max-age=15552000; includeSubDomains
content-length
13161
timing-allow-origin
*
last-modified
Sat, 07 Aug 2021 07:33:35 GMT
server
cloudflare
etag
"610e374f-3369"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782ebdf84dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162832162093.png
cdn.cfvn66.com/tpl/1842/1679524/images/ Frame D469 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1679524/images/162832162093.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0190dca58fbc5ca0a0a1d03ea249f4c4d4ff13d20e28878e29ffcceb409bd9a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
22028
strict-transport-security
max-age=15552000; includeSubDomains
content-length
2907
timing-allow-origin
*
last-modified
Sat, 07 Aug 2021 07:33:40 GMT
server
cloudflare
etag
"610e3754-b5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782ebdff4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162832180373.png
cdn.cfvn66.com/tpl/1842/1679524/images/ Frame D469 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1679524/images/162832180373.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ada936d22ea329a049d3af92f3f2c1ca0d9b6ffc47c8544436e4e5a8d724c90b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
22029
strict-transport-security
max-age=15552000; includeSubDomains
content-length
24540
timing-allow-origin
*
last-modified
Sat, 07 Aug 2021 07:36:43 GMT
server
cloudflare
etag
"610e380b-5fdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782ede2d4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162832182197.png
cdn.cfvn66.com/tpl/1842/1679524/images/ Frame D469 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1679524/images/162832182197.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34652d97b466f6f74e40d84308ae1c7c703eb37324939540989e1153e2c0b8c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
22029
strict-transport-security
max-age=15552000; includeSubDomains
content-length
5297
timing-allow-origin
*
last-modified
Sat, 07 Aug 2021 07:37:01 GMT
server
cloudflare
etag
"610e381d-14b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782ede2e4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162832183871.png
cdn.cfvn66.com/tpl/1842/1679524/images/ Frame D469 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1679524/images/162832183871.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306eb0c27e4c2b7ea15b0436f12a9951df1b6641dff2bd871597b4aac7edac72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
22029
strict-transport-security
max-age=15552000; includeSubDomains
content-length
5818
timing-allow-origin
*
last-modified
Sat, 07 Aug 2021 07:37:18 GMT
server
cloudflare
etag
"610e382e-16ba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782ede304dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162832190908.png
cdn.cfvn66.com/tpl/1842/1679524/images/ Frame D469 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1679524/images/162832190908.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b313ca3f39f18c232a34ad6d3f09f5f5a38b5d7f263f0bbddeac62fdf99ed6d0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
22029
strict-transport-security
max-age=15552000; includeSubDomains
content-length
5090
timing-allow-origin
*
last-modified
Sat, 07 Aug 2021 07:38:29 GMT
server
cloudflare
etag
"610e3875-13e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782ede384dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162832192887.png
cdn.cfvn66.com/tpl/1842/1679524/images/ Frame D469 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1679524/images/162832192887.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0190dca58fbc5ca0a0a1d03ea249f4c4d4ff13d20e28878e29ffcceb409bd9a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cf-cache-status
HIT
age
22028
strict-transport-security
max-age=15552000; includeSubDomains
content-length
2907
timing-allow-origin
*
last-modified
Sat, 07 Aug 2021 07:38:48 GMT
server
cloudflare
etag
"610e3888-b5b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782eee6d4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
jquery.easing.1.3.min.js
p1.cfvn66.com/cl/js/pluging/ Frame D469 		3 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/pluging/jquery.easing.1.3.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a55344c1b18579e6a41c3a8be3f18c4b1140bcc2ef26fa34045068ac36cc7fc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
772044
cf-ray
6980782cba734dca-FRA
last-modified
Thu, 17 Nov 2016 05:35:53 GMT
server
cloudflare
etag
W/"582d41b9-ce5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
common.min.js
p1.cfvn66.com/cl/js/tools/ Frame D469 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/tools/common.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0fcb6960beb25b31dd011f7ef8e23be383509127e0a090fd53842dd7579ef2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1065552
cf-ray
6980782cba744dca-FRA
last-modified
Mon, 19 Apr 2021 01:45:29 GMT
server
cloudflare
etag
W/"607ce0b9-19c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
sub.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/ Frame D469 		347 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/sub.png
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cea7ddf2a75b890f96723b6c1d8617a5fefcd67247ac39b138eeeb77c69d8dd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1372530
content-length
347
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-15b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782cca934dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
logo.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/ Frame D469 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/logo.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11bcc84f12748534819096351295b5aaa2d8f22e19adbfa42583ed3e66993011
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
152823
content-length
17523
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-4473"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782cca944dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
plugin_fade.js
www.hg5588rrrrr.com/cl/js/slideshow/ Frame D469 		971 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/cl/js/slideshow/plugin_fade.js
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/js/jquery-1.7.2.min.js?v=ver12.221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
77b3b4767964c044c75e9640dc3c9a54d451d4eb42c6cfb82bb7fbab747fa4e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37
:path
/cl/js/slideshow/plugin_fade.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control
no-cache
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
gzip
last-modified
Mon, 19 Nov 2018 10:25:06 GMT
server
CK6u06Vu4
etag
"5bf28f82-3cb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=432000
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
420
expires
Thu, 07 Oct 2021 19:52:08 GMT
grey_light.png
p1.cfvn66.com/cl/tpl/template/images/element/password_icon/ Frame D469 		611 B
718 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/template/images/element/password_icon/grey_light.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ca101185a5f7639dfaa31fb304796a41f74b681a0959452cfe0ea8e4c00baaa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1513277
content-length
611
timing-allow-origin
*
last-modified
Mon, 20 Apr 2020 02:51:03 GMT
server
cloudflare
etag
"5e9d0e17-263"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d0b154dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
news_bg.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/ Frame D469 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/news_bg.png
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e8c7962f0bfcd035e6ddf8cae06c4ea66ee23836472d1f040c0ed17d946b092
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1372530
content-length
1783
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-6f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d0b174dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
162762922766.png
cdn.cfvn66.com/tpl/1842/1675519/images/ Frame D469 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1675519/images/162762922766.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffb7cfc02f16dc3c4fc75c34c06f89a6504af53eecc778ddb14ee46f35c5a4ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:10 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
15364
timing-allow-origin
*
last-modified
Fri, 30 Jul 2021 07:13:48 GMT
server
cloudflare
etag
"6103a6ac-3c04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d2b524dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:09 GMT
162762922443.png
cdn.cfvn66.com/tpl/1842/1675519/images/ Frame D469 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1675519/images/162762922443.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1720b07b62034ffc1cd4df232ad8dc32a7aafd285b6501574c92b2815e8ec74d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
12084
timing-allow-origin
*
last-modified
Fri, 30 Jul 2021 07:13:44 GMT
server
cloudflare
etag
"6103a6a8-2f34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d2b554dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162762933053.png
cdn.cfvn66.com/tpl/1842/1675519/images/ Frame D469 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1675519/images/162762933053.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a0fc7f663cb7bf06721a36ca37955301451f1045e3aba6e2b59c5e4b0acf041
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
19320
timing-allow-origin
*
last-modified
Fri, 30 Jul 2021 07:15:30 GMT
server
cloudflare
etag
"6103a712-4b78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d2b564dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162762932764.png
cdn.cfvn66.com/tpl/1842/1675519/images/ Frame D469 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1675519/images/162762932764.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7bd5df533a372f9f203187c16517b2a1427999759da11b0f88a926463130372
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
17747
timing-allow-origin
*
last-modified
Fri, 30 Jul 2021 07:15:27 GMT
server
cloudflare
etag
"6103a70f-4553"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d2b594dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162762939728.png
cdn.cfvn66.com/tpl/1842/1675519/images/ Frame D469 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1675519/images/162762939728.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6da17fc427e1a02deeaec898b0c4c8552534b93c3eb9321a1d2e6c020f87677
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
18931
timing-allow-origin
*
last-modified
Fri, 30 Jul 2021 07:16:37 GMT
server
cloudflare
etag
"6103a755-49f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d2b5b4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162762939428.png
cdn.cfvn66.com/tpl/1842/1675519/images/ Frame D469 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1675519/images/162762939428.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f34cf87ce5cff6634cf937d93c9cf81366e61807e95c07222d0adea92eccf94
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
16688
timing-allow-origin
*
last-modified
Fri, 30 Jul 2021 07:16:34 GMT
server
cloudflare
etag
"6103a752-4130"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d2b544dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162762950333.png
cdn.cfvn66.com/tpl/1842/1675519/images/ Frame D469 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1675519/images/162762950333.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
011d69c8bb7b48ead18084c369cbe74598dd39d8559bd22993edd159a15311f2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
16497
timing-allow-origin
*
last-modified
Fri, 30 Jul 2021 07:18:23 GMT
server
cloudflare
etag
"6103a7bf-4071"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d2b534dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:09 GMT
162762948118.png
cdn.cfvn66.com/tpl/1842/1675519/images/ Frame D469 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1675519/images/162762948118.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fae8e2422794f92b61fb64fb457900617171c8a9cb71844073ab0ceb7c247fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
14041
timing-allow-origin
*
last-modified
Fri, 30 Jul 2021 07:18:01 GMT
server
cloudflare
etag
"6103a7a9-36d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d2b584dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162762961437.png
cdn.cfvn66.com/tpl/1842/1675519/images/ Frame D469 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1675519/images/162762961437.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7b65bfb9dc5e944188694142d23f1053b209e4ff3fadc1103dd5b2531923c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
18434
timing-allow-origin
*
last-modified
Fri, 30 Jul 2021 07:20:14 GMT
server
cloudflare
etag
"6103a82e-4802"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d2b5a4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
162762961111.png
cdn.cfvn66.com/tpl/1842/1675519/images/ Frame D469 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1675519/images/162762961111.png?1342569
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e8ce23bd6ec124f5c055cd32457061230233749092f57ad23d813465d653a88
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
16268
timing-allow-origin
*
last-modified
Fri, 30 Jul 2021 07:20:11 GMT
server
cloudflare
etag
"6103a82b-3f8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d2b504dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:08 GMT
container_bg01.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/ Frame D469 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/container_bg01.png
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c2e61e967ecc0552d21f90be94820a717e87cd2076efc24c9da4e25ae9439bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
152824
content-length
145414
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-23806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d0b1f4dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
container_bg02.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/ Frame D469 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/container_bg02.png
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45fbe0b54d320967847c598f5a931d5c543157880478099028e1b4cd18fe9de7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
152824
content-length
16620
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-40ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d0b204dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
container_bg03.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/ Frame D469 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/container_bg03.png
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07fd3a2649f922ec8de2098c3f3fe312f1599e8c425d781c93ff487144f07e42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
2468108
content-length
16344
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-3fd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d0b214dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
first_content_title_bg.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/ Frame D469 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/first_content_title_bg.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bf90b13800d5b78134e23949588bced4d20fd80b4e24b22c6f955618082a945
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
7656
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-1de8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d0b224dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
first_btn_content_bg01.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/ Frame D469 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/first_btn_content_bg01.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c4801d634dd592575372804e4e5339524857efeba093451fa9489334fd01f9b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
3279
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-ccf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d0b234dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
first_btn_content_bg02.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/ Frame D469 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/first_btn_content_bg02.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8205d89ee4c91562737e80664405d86b1dc2b99f1be2b1c9a4e5a8ab15382dd0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
4808
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-12c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d0b244dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
first_btn_content_bg03.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/ Frame D469 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/first_btn_content_bg03.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89279fbd9c76c6df097ac41d900c181a3d4fc5a67f0941b9e5ce0599940c5e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
3648
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-e40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d1b254dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
first_btn_content_bg04.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/ Frame D469 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/first_btn_content_bg04.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6243b39072a10e97bde850edd6dde30c78d02b60599a645c947bacc6b7d62702
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
4182
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-1056"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d1b264dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
first_btn_content_bg05.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/ Frame D469 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/first_btn_content_bg05.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6988dfdab2a0492b37c3e183b4948a4c649d8768a17709395ad9a1f4b90418e6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
9080
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-2378"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d1b274dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
first_btn_content_bg06.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/ Frame D469 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/first_btn_content_bg06.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42724465cc26d9ed4b0e82f62a46d5a445fa9892de9a696ea50171686fdf1156
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
21650
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-5492"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d1b294dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
first_content_bg.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/ Frame D469 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/lang/zh-cn/first_content_bg.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c63122cc2e7906520abea218a241ef829b1273caca4743596a38b080e1a549d6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
20833
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-5161"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d1b2a4dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
bbin_close.png
p1.cfvn66.com/cl/tpl/template/images/BBinInfo/ Frame D469 		815 B
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/template/images/BBinInfo/bbin_close.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5af4d789bfcc94bbb24ba512b8624f2346308ad118865dee019cce86a60b8399
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1690418
content-length
815
timing-allow-origin
*
last-modified
Wed, 25 Mar 2015 02:33:58 GMT
server
cloudflare
etag
"55121e96-32f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782d2b5d4dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
login-agreement.min.js
p1.cfvn66.com/cl/js/tools/ Frame D469 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/tools/login-agreement.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fbbe0e82630052e2be5161609255b0ea1b6baecb24eb55583bbbd1b26c48ab6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
750022
cf-ray
6980782e1cd24dca-FRA
last-modified
Mon, 28 Dec 2020 04:24:42 GMT
server
cloudflare
etag
W/"5fe95e0a-b95"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
gtm.js
www.googletagmanager.com/ Frame D469 		196 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MNTWRH2
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
612ad348ae1ba30e9e3430b9cabf8e55c2c318b860095032a21a29cf9cee1c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54221
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Oct 2021 19:52:08 GMT
home.json
www.hg5588rrrrr.com/infe/rest/fig/advertise/ Frame D469 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/infe/rest/fig/advertise/home.json?mobile_open=1
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/js/jquery-1.7.2.min.js?v=ver12.221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
a64f5fdeb2bd347f2595a7ac888d9752572cc256af015b22a88c57da379074a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37
:path
/infe/rest/fig/advertise/home.json?mobile_open=1
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
gzip
vary
Accept-Encoding
server
CK6u06Vu4
content-length
2544
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
upperLeft.json
www.hg5588rrrrr.com/infe/rest/fig/advertise/ Frame D469 		946 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/infe/rest/fig/advertise/upperLeft.json?mobile_open=1
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/js/jquery-1.7.2.min.js?v=ver12.221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
e2a2c19f10aa734439ed96b1306a3bd30cb20a96178adca9d726bf99de66ca57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37
:path
/infe/rest/fig/advertise/upperLeft.json?mobile_open=1
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
gzip
vary
Accept-Encoding
server
CK6u06Vu4
content-length
491
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
notice.json
www.hg5588rrrrr.com/entrance/page/noticepop/ Frame D469 		17 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/entrance/page/noticepop/notice.json?is_mobile=N&page=first
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/js/jquery-1.7.2.min.js?v=ver12.221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
e40dec1b488f4519cbf480a51c876390e87b243508016bcf00009619ab2ca31f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37
:path
/entrance/page/noticepop/notice.json?is_mobile=N&page=first
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
cache-control
no-store, no-cache, must-revalidate
vary
Accept-Encoding
server
CK6u06Vu4
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html; charset=UTF-8
analytics.js
www.google-analytics.com/ Frame D469 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MNTWRH2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.174 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3608
date
Sat, 02 Oct 2021 18:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 02 Oct 2021 20:52:00 GMT
transparentNo.gif
p1.cfvn66.com/cl/tpl/commonFile/images/ Frame D469 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/commonFile/images/transparentNo.gif?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85c0faf37c252bff11abfca7b08fcb5c196e92ee3286f583b2c3c7d74ce18823
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
228198
content-length
1095
timing-allow-origin
*
last-modified
Fri, 20 Mar 2015 01:24:24 GMT
server
cloudflare
etag
"550b76c8-447"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980782e9dbf4dca-FRA
expires
Sat, 02 Oct 2021 23:52:08 GMT
spin.min.js
p1.cfvn66.com/cl/js/pluging/ Frame D469 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/pluging/spin.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55a0136d6018cd2bd9b7945585bb64f97cbdd303897b732958d3c9bf20aefcec
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
750021
cf-ray
6980782ede404dca-FRA
last-modified
Wed, 29 Nov 2017 00:46:16 GMT
server
cloudflare
etag
W/"5a1e0358-10b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
jquery.spin.min.js
p1.cfvn66.com/cl/js/pluging/ Frame D469 		658 B
544 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/pluging/jquery.spin.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5114374da04855c7763cb8cb4cf7ce45fe6712624b52d0048680607798bbcf27
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1028769
cf-ray
6980782ede444dca-FRA
last-modified
Fri, 16 Aug 2019 07:13:16 GMT
server
cloudflare
etag
W/"5d56578c-292"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
fingerprint2.min.js
p1.cfvn66.com/cl/js/tools/ Frame D469 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/tools/fingerprint2.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b92c88019f66634da2f07274f477f0d1120ab919652e29f36bca2b87aed0335
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2170500
cf-ray
6980782ede454dca-FRA
last-modified
Thu, 25 Mar 2021 06:11:08 GMT
server
cloudflare
etag
W/"605c297c-eb40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
jquery.qrcode.min.js
p1.cfvn66.com/cl/js/tools/ Frame D469 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/tools/jquery.qrcode.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1033507
cf-ray
6980782eee4d4dca-FRA
last-modified
Wed, 26 Jun 2019 00:31:32 GMT
server
cloudflare
etag
W/"5d12bce4-36ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
ubauthsdk.min.js
p1.cfvn66.com/cl/js/ Frame D469 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/js/ubauthsdk.min.js?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05205b9edf6f283d2b8f710a15494a99334e46ac317f58e72aadd4b8df2ceead
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
228198
cf-ray
6980782eee4e4dca-FRA
last-modified
Wed, 26 Jun 2019 00:31:32 GMT
server
cloudflare
etag
W/"5d12bce4-9f5f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:08 GMT
nc.js
g.alicdn.com/sd/ncpc/ Frame D469 		216 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.alicdn.com/sd/ncpc/nc.js
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.43.252 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
4c4070d1d803412ad8a54bbe5cec5281d1022c01aa4d7c2f8bb01f4c4c68b498

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:19:01 GMT
content-encoding
gzip
x-oss-request-id
6158B0A501FB553533289F94
content-md5
01coNzlpRLEDrJ7dWlgBxA==
age
1987
x-cache
HIT TCP_MEM_HIT dirn:10:381948311
x-swift-cachetime
3600
x-swift-savetime
Sat, 02 Oct 2021 19:19:01 GMT
content-length
57221
x-bucket-code
3
x-oss-object-type
Normal
access-control-allow-origin
*
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1633202341
content-type
application/javascript
via
cache2.l2de2[20,19,200-0,M], cache23.l2de2[21,0], cache23.l2de2[21,0], cache2.de2[0,0,200-0,H], cache1.de2[2,0]
cache-control
max-age=3600,s-maxage=3600
x-oss-storage-class
Standard
timing-allow-origin
*
x-oss-hash-crc64ecma
2924901392512384028
eagleid
2ff62b9516332043288838260e
x-oss-server-time
4
esabgnixob.js
www.hg5588rrrrr.com/ Frame D469 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/esabgnixob.js
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/esabgnixob.js
pragma
no-cache
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
gzip
vary
Accept-Encoding
server
CK6u06Vu4
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html; charset=utf-8
rajsquestd.js
www.hg5588rrrrr.com/ Frame D469 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/rajsquestd.js
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/rajsquestd.js
pragma
no-cache
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:08 GMT
content-encoding
gzip
vary
Accept-Encoding
server
CK6u06Vu4
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html; charset=utf-8
TCaptcha.js
ssl.captcha.qq.com/ Frame D469 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.captcha.qq.com/TCaptcha.js
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.235.65 , China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent http server /
Resource Hash
ddb0f22bc94f8c3d507f8fb712c94e4d72502f11e3d1fb4ac135799832f3f6bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 19:52:09 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Sep 2021 10:39:08 GMT
Server
tencent http server
Vary
Accept-Encoding
P3P
CP=CAO PSA OUR
Cache-Control
max-age=600
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
v3.js
v.vaptcha.com/ Frame D469 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v.vaptcha.com/v3.js
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
59.63.188.66 -, , ASN (),
Reverse DNS
Software
Tengine/2.3.2 /
Resource Hash
2e86bda5ce1bd2b0d68cb51fb7368d19a5b2d04ad6092d146703e120a6bb1bb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:10 GMT
content-encoding
gzip
last-modified
Mon, 13 Sep 2021 09:15:14 GMT
server
Tengine/2.3.2
age
835187
etag
W/"AQAAALcRj_B_WYAmGWjbLA1ltPVkEfsb"
vary
Accept-Encoding, Accept-Encoding,Origin
content-type
text/javascript
x-via-ucdn
HIT by 106.225.234.101, HIT by 180.97.190.62
cache-control
max-age=604800
content-length
5721
truncated
/ Frame D469 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
upperLeft_zh-cn_163170009715.png
cdn.cfvn66.com/tpl/advertise/normal/ Frame D469 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/advertise/normal/upperLeft_zh-cn_163170009715.png
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c782fecbcdbb16a037d00d20351db75acc1af3d755ea7018a0bf3d3db0ab5288
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
cf-cache-status
HIT
age
920765
strict-transport-security
max-age=15552000; includeSubDomains
content-length
18464
timing-allow-origin
*
last-modified
Wed, 15 Sep 2021 10:01:37 GMT
server
cloudflare
etag
"6141c481-4820"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078311a434dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:09 GMT
upperLeft_zh-cn_163170010396.gif
cdn.cfvn66.com/tpl/advertise/normal/ Frame D469 		552 KB
553 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/advertise/normal/upperLeft_zh-cn_163170010396.gif
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
757d1f56f4e2ae240d6b6b03513f92fee4f7ae20b84254503c8d44b1443f7d96
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
cf-cache-status
HIT
age
920765
strict-transport-security
max-age=15552000; includeSubDomains
content-length
565471
timing-allow-origin
*
last-modified
Wed, 15 Sep 2021 10:01:43 GMT
server
cloudflare
etag
"6141c487-8a0df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078311a444dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:09 GMT
icon_close_n.png
www.hg5588rrrrr.com/cl/tpl/template/images/element/topad/ Frame D469 		947 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hg5588rrrrr.com:6899/cl/tpl/template/images/element/topad/icon_close_n.png
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
9bf1094adef398af8d911eea687908e4e024d19d27d2fa68bd0ced46c9b88177
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/cl/tpl/template/images/element/topad/icon_close_n.png
pragma
no-cache
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
last-modified
Fri, 19 May 2017 05:40:53 GMT
server
CK6u06Vu4
etag
"591e8565-3b3"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
947
expires
Sat, 02 Oct 2021 20:22:09 GMT
icon02.png
p1.cfvn66.com/cl/tpl/template/images/event/ Frame D469 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/template/images/event/icon02.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65315399abbd50dc268cbdef77450ce5dbf2395db5a5e4673c88d110f701096f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
763443
content-length
1495
timing-allow-origin
*
last-modified
Fri, 20 Mar 2015 01:33:11 GMT
server
cloudflare
etag
"550b78d7-5d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078311a454dca-FRA
expires
Sat, 02 Oct 2021 23:52:09 GMT
special_zh-cn_163282480404.png
cdn.cfvn66.com/tpl/advertise/normal/ Frame D469 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/advertise/normal/special_zh-cn_163282480404.png
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e17db45e25b24e4f515a5b884571ad022bfccaa1b920e1b44130c21b49e54d01
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
cf-cache-status
HIT
age
306117
strict-transport-security
max-age=15552000; includeSubDomains
content-length
33966
timing-allow-origin
*
last-modified
Tue, 28 Sep 2021 10:26:44 GMT
server
cloudflare
etag
"6152ede4-84ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078311a4b4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:09 GMT
special_zh-cn_163282480729.png
cdn.cfvn66.com/tpl/advertise/normal/ Frame D469 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/advertise/normal/special_zh-cn_163282480729.png
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab83a734ef3038158c04af4af9850ba0f4622f55bc9d16fd609b321f38abb62a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
cf-cache-status
HIT
age
306116
strict-transport-security
max-age=15552000; includeSubDomains
content-length
31439
timing-allow-origin
*
last-modified
Tue, 28 Sep 2021 10:26:47 GMT
server
cloudflare
etag
"6152ede7-7acf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078311a4e4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:09 GMT
bg_gray.png
p1.cfvn66.com/cl/tpl/template/images/element/notice/ Frame D469 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/template/images/element/notice/bg_gray.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5080963c7a0d55c0dd5554bb619a6a46d61c408bd2511842f8fe12b11ec5120b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1998028
content-length
2802
timing-allow-origin
*
last-modified
Wed, 20 Sep 2017 00:46:00 GMT
server
cloudflare
etag
"59c1ba48-af2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078312a5f4dca-FRA
expires
Sat, 02 Oct 2021 23:52:09 GMT
list_icon.png
p1.cfvn66.com/cl/tpl/template/images/element/notice/ Frame D469 		503 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/template/images/element/notice/list_icon.png?v=ver12.221
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40303c53e2d8a04fed01e93b04e098dc55e510b9e7750e76b9625b1a31d50a0c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
1372530
content-length
503
timing-allow-origin
*
last-modified
Wed, 20 Sep 2017 00:46:00 GMT
server
cloudflare
etag
"59c1ba48-1f7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078312a614dca-FRA
expires
Sat, 02 Oct 2021 23:52:09 GMT
fontawesome-webfont.woff
p1.cfvn66.com/cl/tpl/template/style/element/fonts/ Frame D469 		64 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://p1.cfvn66.com/cl/tpl/template/style/element/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/tpl/template/style/common.min.css?v=ver12.221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://p1.cfvn66.com/cl/tpl/template/style/common.min.css?v=ver12.221
Origin
https://www.hg5588rrrrr.com:6899
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
MISS
cf-ray
6980783149ab4e32-FRA
last-modified
Fri, 20 Mar 2015 01:33:15 GMT
server
cloudflare
etag
W/"550b78db-ffac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=432000
timing-allow-origin
*
expires
Thu, 07 Oct 2021 19:52:09 GMT
163021870173.jpg
cdn.cfvn66.com/tpl/1842/1690682/images/ Frame D469 		286 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/1842/1690682/images/163021870173.jpg
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1c6182fb07c94a08981fe71901f8d3ed1dc98cb5f94e44cec1d87e58f7c192
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
292979
timing-allow-origin
*
last-modified
Sun, 29 Aug 2021 06:31:41 GMT
server
cloudflare
etag
"612b29cd-47873"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078314a9d4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:09 GMT
homeHotNews
www.hg5588rrrrr.com/infe/marquee/ Frame D469 		55 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/infe/marquee/homeHotNews?_=1633204329179
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/js/jquery-1.7.2.min.js?v=ver12.221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
0379a896a2a83a94395b480a6d88dd0395bed715311eb11a155594408103527e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37; NP_1342569=Y
:path
/infe/marquee/homeHotNews?_=1633204329179
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
content-encoding
gzip
vary
Accept-Encoding
server
CK6u06Vu4
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html; charset=UTF-8
common.json
www.hg5588rrrrr.com/infe/rest/fig/advertise/ Frame D469 		1 KB
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/infe/rest/fig/advertise/common.json?mobile_open=1
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/js/jquery-1.7.2.min.js?v=ver12.221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
749e43c344055f4255e106bd3f1c983260343e8ade8f365b7aaa3cc9ef57b23d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37; NP_1342569=Y
:path
/infe/rest/fig/advertise/common.json?mobile_open=1
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
content-encoding
gzip
vary
Accept-Encoding
server
CK6u06Vu4
content-length
583
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
getinfo
www.hg5588rrrrr.com/infe/common/basicinfocontroller/ Frame D469 		225 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/infe/common/basicinfocontroller/getinfo
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/js/jquery-1.7.2.min.js?v=ver12.221
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
81e6bde75baa26b3b75e545dfdbedc66451d21c11490bba7c256e91510a17697
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37; NP_1342569=Y
:path
/infe/common/basicinfocontroller/getinfo
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
vary
Accept-Encoding
server
CK6u06Vu4
content-length
225
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
load.min.js
cstaticdun.126.net/ Frame D469 		65 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstaticdun.126.net/load.min.js?t=1633204329325
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.133.124 , France, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software
nginx /
Resource Hash
d450040f16260695c90dab296630dabd7ad225cdbc39696f165b8cbb5fa9eedc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 19:52:09 GMT
Content-Encoding
gzip
Age
1
Transfer-Encoding
chunked
X-Via
1.1 PSzjnbsxsr217:9 (Cdn Cache Server V2.0), 1.1 PSelsmskMOW3cd100:14 (Cdn Cache Server V2.0), 1.1 PSfgblPAR2cm80:1 (Cdn Cache Server V2.0)
Connection
keep-alive
Last-Modified
Tue, 07 Sep 2021 11:01:05 GMT
Server
nginx
X-Ws-Request-Id
6158b869_PSfgblPAR2cm80_236678-697
Access-Control-Allow-Methods
GET,POST,OPTIONS,HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Cache-Control
max-age=300
Timing-Allow-Origin
*
Expires
Sat, 02 Oct 2021 18:21:29 GMT
slider_ctrl.png
p1.cfvn66.com/cl/tpl/crownsport/ver1/image/ Frame D469 		202 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/image/slider_ctrl.png
Requested by
Host: p1.cfvn66.com
URL: https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
487359603d83f0ffbcc83e8b4229347b9f9ac18ccefbc61e53dacc52e561394c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://p1.cfvn66.com/cl/tpl/crownsport/ver1/css/crownsport.css?v=ver12.221
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
vary
Accept-Encoding
cf-cache-status
MISS
content-length
202
timing-allow-origin
*
last-modified
Tue, 03 Aug 2021 01:47:38 GMT
server
cloudflare
etag
"6108a03a-ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078325c974dca-FRA
expires
Sat, 02 Oct 2021 23:52:09 GMT
na.js
js.agilenavi.com/ Frame D469 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.agilenavi.com/na.js
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.108 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f759a136a1e87ad9c8264863aca43436362f7226246c98be1c149c629f08431

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 12:47:34 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
last-modified
Fri, 27 Aug 2021 03:41:29 GMT
server
AmazonS3
age
25476
etag
"e07b25c23a5ad6a615cbfc557ea9fc25"
x-edge-origin-shield-skipped
0
x-amz-version-id
A2wwTJ4ev.sQUeE24ol5WOpNlWVVsDWK
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
content-length
30511
x-amz-cf-id
L55aOXVZScG06BbM2PVBDF1UEzZezVzzAtj0Vv0JA2D44kgjftky7Q==
a.js
fly.rodyou.com/ Frame D469 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fly.rodyou.com/a.js
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-127.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
Ncgc0dWmJVb99tkbCDMFMSBEq6iLhZ6w
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Dec 2020 08:31:49 GMT
server
AmazonS3
age
60529
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-edge-origin-shield-skipped
0
content-type
application/javascript
date
Sat, 02 Oct 2021 03:03:21 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
0
x-amz-cf-id
s0-Tkx_IuhPySTE95tdlG_7S6eKFERLgz-b1LJ0NWyELqkZflahbTw==
getServerIP.json
www.hg5588rrrrr.com/infe/rest/flash/ Frame 602D 		27 B
80 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hg5588rrrrr.com:6899/infe/rest/flash/getServerIP.json
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/ipl/app/flash/publicbmw/ball/FigLeaf.js?site=member
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.242.144.36 , Thailand, ASN55303 (EAGLENET-AP 60 Market Square,P.O. Box 364, PH),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
af41b5958436496a6df42f578b181b2141668724af5103809341eb1f66ab7cdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/infe/rest/flash/getServerIP.json
pragma
no-cache
cookie
lang=zh-cn; langx=zh-cn; IBCACHE=hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA; SESSION_ID=guest; ICCACHE=hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy; page_site=first; _ga=GA1.2.834036704.1633204328; _gid=GA1.2.5965141.1633204328; PHPSESSID=2jppq9amcfd7uo6lj1atsu8g37; NP_1342569=Y
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.hg5588rrrrr.com:6899
referer
https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/app/member/upupFlash.php?uid=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
vary
Accept-Encoding
server
CK6u06Vu4
content-length
27
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
brcorner_zh-cn_150043383207.png
cdn.cfvn66.com/tpl/advertise/normal/ Frame D469 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/advertise/normal/brcorner_zh-cn_150043383207.png
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5778bf532e71096453b20520d0a9b905b200d4cd64d5b8517decdc361526f4f4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
cf-cache-status
HIT
age
649984
strict-transport-security
max-age=15552000; includeSubDomains
content-length
21695
timing-allow-origin
*
last-modified
Wed, 19 Jul 2017 03:10:32 GMT
server
cloudflare
etag
"596ecda8-54bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078330dd74dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:09 GMT
common_zh-cn_160204036899.png
cdn.cfvn66.com/tpl/advertise/normal/ Frame D469 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/advertise/normal/common_zh-cn_160204036899.png
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b870d9f443645b9dbe52ad502745df31e68a9dc96a9591b7fa6a78a10ba3aeb0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:09 GMT
cf-cache-status
HIT
age
650340
strict-transport-security
max-age=15552000; includeSubDomains
content-length
17700
timing-allow-origin
*
last-modified
Wed, 07 Oct 2020 03:12:48 GMT
server
cloudflare
etag
"5f7d3230-4524"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078330ddc4dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:09 GMT
nav_time
analytics.agilenavi.com/api/ Frame D469 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.agilenavi.com/api/nav_time
Requested by
Host: js.agilenavi.com
URL: https://js.agilenavi.com/na.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.168.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hg5588rrrrr.com:6899/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 02 Oct 2021 19:52:10 GMT
monitor.txt
m1.hnsbjjc.com/monitor/ Frame D469 		14 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m1.hnsbjjc.com/monitor/monitor.txt
Requested by
Host: js.agilenavi.com
URL: https://js.agilenavi.com/na.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
163.171.128.148 -, , ASN (),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
26be99944b803918e44b6948e9287ed15b57f9edf38e7dca75c30b2d4aa0d5cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hg5588rrrrr.com:6899/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:10 GMT
content-encoding
gzip
last-modified
Thu, 04 Mar 2021 06:48:56 GMT
server
PWS/8.3.1.0.8
age
835564
x-ws-request-id
6158b86a_localhost_46599-6192
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
x-px
ht PSdgflkfFRA1vg90FRA
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
timing-allow-origin
*
via
1.1 PS-000-01LpH100:8 (W), 1.1 PSdgflkfFRA1vg90:11 (W)
tcaptcha-frame.85d7a77d.js
captcha.gtimg.com/1/ Frame D469 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/tcaptcha-frame.85d7a77d.js
Requested by
Host: ssl.captcha.qq.com
URL: https://ssl.captcha.qq.com/TCaptcha.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.235 -, , ASN (),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
dc12f7410831bdf160cbf7a84ac328f241a23b10dafd767a2ac7edd07503395c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 19:52:11 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Tue, 28 Sep 2021 08:31:55 GMT
server
NWS_UGC_HY
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
max-age=1800
x-nws-log-uuid
7b983d35-dcb6-4953-9525-2de65ade3fdd
content-type
application/javascript
content-length
31161
expires
Sat, 02 Oct 2021 20:22:10 GMT
a.gif
mlupqnqjmkhpw.agilenavi.com/ Frame D469 		0
0
fetch_time
analytics.agilenavi.com/api/ Frame D469 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.agilenavi.com/api/fetch_time
Requested by
Host: js.agilenavi.com
URL: https://js.agilenavi.com/na.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.168.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hg5588rrrrr.com:6899/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 02 Oct 2021 19:52:10 GMT
titlebg_repeat_x.png
p1.cfvn66.com/tpl/template/upupMsg/image/ Frame D469 		233 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/tpl/template/upupMsg/image/titlebg_repeat_x.png?v=0
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6842dbed1235778e780a06cfb6d907b55b13f1f23ea1b58495b4115367ffa9a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:10 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
756350
content-length
233
timing-allow-origin
*
last-modified
Mon, 08 Aug 2016 02:05:13 GMT
server
cloudflare
etag
"57a7e8d9-e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980783a2b3d4dca-FRA
expires
Sat, 02 Oct 2021 23:52:10 GMT
icon_announcement.png
p1.cfvn66.com/tpl/template/upupMsg/image/ Frame D469 		500 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/tpl/template/upupMsg/image/icon_announcement.png?v=0
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7af7918ac74d272878e49d8198f2d813bef99d45be3b701cc847c8067786ce2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:10 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
651912
content-length
500
timing-allow-origin
*
last-modified
Mon, 08 Aug 2016 02:05:13 GMT
server
cloudflare
etag
"57a7e8d9-1f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980783a2b3f4dca-FRA
expires
Sat, 02 Oct 2021 23:52:10 GMT
btn_close.png
p1.cfvn66.com/tpl/template/upupMsg/image/ Frame D469 		396 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.cfvn66.com/tpl/template/upupMsg/image/btn_close.png?v=0
Requested by
Host: www.hg5588rrrrr.com
URL: https://www.hg5588rrrrr.com:6899/entrance/page/soya?ni=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68b479600bcfdea295269b490e0db26b160aab0579d1a9c315f8ae864086ce3a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:10 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
651912
content-length
396
timing-allow-origin
*
last-modified
Mon, 08 Aug 2016 02:05:13 GMT
server
cloudflare
etag
"57a7e8d9-18c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
6980783a2b404dca-FRA
expires
Sat, 02 Oct 2021 23:52:10 GMT
drag_ele.html
t.captcha.qq.com/template/ Frame B2B4 		48 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.captcha.qq.com/template/drag_ele.html?t=1633204331814
Requested by
Host: captcha.gtimg.com
URL: https://captcha.gtimg.com/1/tcaptcha-frame.85d7a77d.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
129.226.103.219 -, , ASN (),
Reverse DNS
Software
tencent http server /
Resource Hash
c3a1471aa43221794ce96235b8d32b6d330e1326289e18a8a9de8048f8d58c42

Request headers

Host
t.captcha.qq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.hg5588rrrrr.com:6899/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/

Response headers

Date
Sat, 02 Oct 2021 19:52:14 GMT
Content-Type
text/html
Content-Length
49029
Connection
keep-alive
Server
tencent http server
Accept-Ranges
bytes
Pragma
No-cache
P3P
CP=CAO PSA OUR
special_zh-cn_163031186930.png
cdn.cfvn66.com/tpl/advertise/normal/ Frame D469 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/advertise/normal/special_zh-cn_163031186930.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
055656220f2c37bb26348fb3c9a180bab154032d4d148ee2c3f16281e9be4d9a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:14 GMT
cf-cache-status
HIT
age
224621
strict-transport-security
max-age=15552000; includeSubDomains
content-length
37832
timing-allow-origin
*
last-modified
Mon, 30 Aug 2021 08:24:29 GMT
server
cloudflare
etag
"612c95bd-93c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078506c574dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:14 GMT
special_zh-cn_163031186288.png
cdn.cfvn66.com/tpl/advertise/normal/ Frame D469 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cfvn66.com/tpl/advertise/normal/special_zh-cn_163031186288.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.8.66 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321295f3d67aba7ccfafe7e3f79a4bfa894e8c7feb0b6b43425dec0426af3de1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.hg5588rrrrr.com:6899/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:14 GMT
cf-cache-status
HIT
age
224607
strict-transport-security
max-age=15552000; includeSubDomains
content-length
38707
timing-allow-origin
*
last-modified
Mon, 30 Aug 2021 08:24:22 GMT
server
cloudflare
etag
"612c95b6-9733"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
698078506c594dca-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
Sat, 02 Oct 2021 23:52:14 GMT
aegis.min.js
cdn-go.cn/aegis/aegis-sdk/1.34.60/ Frame B2B4 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-go.cn/aegis/aegis-sdk/1.34.60/aegis.min.js
Requested by
Host: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html?t=1633204331814
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
101.33.10.108 -, , ASN (),
Reverse DNS
Software
NWSs /
Resource Hash
0ba1ec6af17f6bb2f5cea338aeab4e4a3731e65843317298d330203f2e07f5f7

Request headers

Referer
https://t.captcha.qq.com/
Origin
https://t.captcha.qq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:14 GMT
content-encoding
gzip
x-cache-lookup
Hit From MemCache Gz
last-modified
Fri, 27 Aug 2021 13:19:32 GMT
server
NWSs
vary
Origin
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-nws-log-uuid
7ab0cec0-ca7f-4db8-a2fd-e76cc6f3a0f2
timing-allow-origin
*
content-length
15368
is-immutable-in-the-future
true
expires
Mon, 01 Nov 2021 19:52:14 GMT
dy-jy.js
captcha.gtimg.com/1/ Frame B2B4 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/dy-jy.js
Requested by
Host: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html?t=1633204331814
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.235 -, , ASN (),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
91068663fee39b77cfb4474d80593b810fd77151f9b74758a77b5e1fcbbfa33a

Request headers

Referer
https://t.captcha.qq.com/
Origin
https://t.captcha.qq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 19:52:14 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Wed, 30 Jun 2021 03:39:07 GMT
server
NWS_UGC_HY
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
max-age=1800
x-nws-log-uuid
0b47577a-85e3-470f-b38e-ad2500555fa7
content-type
application/javascript
content-length
33841
expires
Sat, 02 Oct 2021 20:22:13 GMT
dy-ele.ede7fdae.js
captcha.gtimg.com/1/ Frame B2B4 		138 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/dy-ele.ede7fdae.js
Requested by
Host: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html?t=1633204331814
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.235 -, , ASN (),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
a151dbd5afd4ec0523dfb26a6724c60a2a0cf528a9c743924f1d97dd860793db

Request headers

Referer
https://t.captcha.qq.com/
Origin
https://t.captcha.qq.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 19:52:14 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Tue, 28 Sep 2021 08:31:47 GMT
server
NWS_UGC_HY
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
max-age=1800
x-nws-log-uuid
bd324d2f-fa0f-42c8-aae0-24b753d490ea
content-type
application/javascript
content-length
35730
expires
Sat, 02 Oct 2021 20:22:13 GMT
truncated
/ Frame B2B4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5364fa6823567959a41816ee2c4d6574173a5c7f959dee316c3986377f5f034d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B2B4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df8beb4ef505f691e502f07b2c2912e13f8c4e1d31c3a34bdbe2b1bd4ecec9e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B2B4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42d681b5f02d2dabf923cbae61fc345c20de79978e81facb76bff8ce48be9b0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B2B4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a27081a215b719163e28a0a91f27baa4f92b00db98a61759be6d96fe34467fbe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B2B4 		96 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B2B4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B2B4 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aee3757d527819580fb523a50c93fa9bda00f8238844a4d79c1c5c37ce2a4104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B2B4 		396 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
559420983d3f31a375b730af639621b5cc42ce839627f5eda62bc4981ed0d7c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
pv
aegis.qq.com/collect/ Frame B2B4 		0
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aegis.qq.com/collect/pv?id=AhPIQNzsNIpuLYoVxk&uin=&version=1.34.60&aid=9a9f80f2-7dca-4bba-97b6-fc06b559809c&platform=3&netType=4&sessionId=session-1633204335003&from=https%3A%2F%2Ft.captcha.qq.com%2Ftemplate%2Fdrag_ele.html%3Ft%3D1633204331814&referer=https%3A%2F%2Fwww.hg5588rrrrr.com%3A6899%2F
Requested by
Host: cdn-go.cn
URL: https://cdn-go.cn/aegis/aegis-sdk/1.34.60/aegis.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.235.61 -, , ASN (),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 02 Oct 2021 19:52:15 GMT
x-powered-by
Express
monitor.txt
m1.dgybjz.com/monitor/ Frame D469 		14 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m1.dgybjz.com/monitor/monitor.txt
Requested by
Host: js.agilenavi.com
URL: https://js.agilenavi.com/na.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
122.228.91.87 -, , ASN (),
Reverse DNS
Software
CK6u06Vu4 /
Resource Hash
26be99944b803918e44b6948e9287ed15b57f9edf38e7dca75c30b2d4aa0d5cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hg5588rrrrr.com:6899/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 19:52:16 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Thu, 04 Mar 2021 06:48:56 GMT
server
CK6u06Vu4
age
14648247
x-ws-request-id
6158b870_ianxin164_24888-52886
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
timing-allow-origin
*
x-via
1.1 tb112:2 (Cdn Cache Server V2.0)[28 200 0], 1.1 PS-FOC-01BuH93:4 (Cdn Cache Server V2.0)[395 200 2], 1.1 ianxin164:3 (Cdn Cache Server V2.0)[0 200 0]
speed
aegis.qq.com/ Frame B2B4 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aegis.qq.com/speed?id=AhPIQNzsNIpuLYoVxk&uin=&version=1.34.60&aid=9a9f80f2-7dca-4bba-97b6-fc06b559809c&platform=3&netType=4&sessionId=session-1633204335003&from=https%3A%2F%2Ft.captcha.qq.com%2Ftemplate%2Fdrag_ele.html%3Ft%3D1633204331814&referer=https%3A%2F%2Fwww.hg5588rrrrr.com%3A6899%2F
Requested by
Host: cdn-go.cn
URL: https://cdn-go.cn/aegis/aegis-sdk/1.34.60/aegis.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.235.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t.captcha.qq.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryzxXQaDl27l3iunMx

Response headers

access-control-allow-origin
https://t.captcha.qq.com
date
Sat, 02 Oct 2021 19:52:15 GMT
vary
Origin
r20.gif
mf2.agilenavi.com/ Frame D469 		43 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mf2.agilenavi.com/r20.gif
Requested by
Host: js.agilenavi.com
URL: https://js.agilenavi.com/na.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.16.121.244 -, , ASN (),
Reverse DNS
Software
mf2.agilenavi.com /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hg5588rrrrr.com:6899/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Server
mf2.agilenavi.com
Connection
close
Timing-Allow-Origin
*
Content-Length
43
Content-Type
image/gif
fetch_time
analytics.agilenavi.com/api/ Frame D469 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.agilenavi.com/api/fetch_time
Requested by
Host: js.agilenavi.com
URL: https://js.agilenavi.com/na.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.168.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hg5588rrrrr.com:6899/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 02 Oct 2021 19:52:16 GMT
r20.gif
m1.cisy427.cn/ Frame D469 		0
0
fetch_time
analytics.agilenavi.com/api/ Frame D469 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.agilenavi.com/api/fetch_time
Requested by
Host: js.agilenavi.com
URL: https://js.agilenavi.com/na.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.168.193 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hg5588rrrrr.com:6899/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 02 Oct 2021 19:52:18 GMT
performance
aegis.qq.com/speed/ Frame B2B4 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aegis.qq.com/speed/performance?dnsLookup=1723&tcp=409&ssl=206&ttfb=211&contentDownload=406&domParse=897&resourceDownload=1&firstScreenTiming=3215&id=AhPIQNzsNIpuLYoVxk&uin=&version=1.34.60&aid=9a9f80f2-7dca-4bba-97b6-fc06b559809c&platform=3&netType=4&sessionId=session-1633204335003&from=https%3A%2F%2Ft.captcha.qq.com%2Ftemplate%2Fdrag_ele.html%3Ft%3D1633204331814&referer=https%3A%2F%2Fwww.hg5588rrrrr.com%3A6899%2F
Requested by
Host: cdn-go.cn
URL: https://cdn-go.cn/aegis/aegis-sdk/1.34.60/aegis.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.235.61 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://t.captcha.qq.com
date
Sat, 02 Oct 2021 19:52:17 GMT
vary
Origin

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mlupqnqjmkhpw.agilenavi.com
URL
https://mlupqnqjmkhpw.agilenavi.com/a.gif
Domain
m1.cisy427.cn
URL
https://m1.cisy427.cn/r20.gif

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| dataLayer object| serverPushData object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

11 Cookies

Domain/Path Name / Value
www.hg5588rrrrr.com/entrance/page Name: _uab_collina
Value: 163320432894525927578072
www.hg5588rrrrr.com/ Name: lang
Value: zh-cn
www.hg5588rrrrr.com/ Name: langx
Value: zh-cn
.hg5588rrrrr.com/ Name: IBCACHE
Value: hVTTBufiP4HS2sw8Qg5WiPNfOGNhJwCLw-NyTA47vqMgD-hwAjsGCRRG6ptpKur0Y3IxZGc5Y0w1ZWdvOThwWjUtS0lfMUJYd20wSldYN1JWMDdFR0lzMk9QNA
.hg5588rrrrr.com/ Name: SESSION_ID
Value: guest
.hg5588rrrrr.com/ Name: ICCACHE
Value: hCNfIE55DYIgybjv7FjqRafI51fD%2FwL%2Fit5uT2A61BczaUpwQ0daMDZLU1k1aUIy
www.hg5588rrrrr.com/ Name: page_site
Value: first
.hg5588rrrrr.com/ Name: _ga
Value: GA1.2.834036704.1633204328
.hg5588rrrrr.com/ Name: _gid
Value: GA1.2.5965141.1633204328
www.hg5588rrrrr.com/ Name: PHPSESSID
Value: 2jppq9amcfd7uo6lj1atsu8g37
www.hg5588rrrrr.com/ Name: NP_1342569
Value: Y

2 Console Messages

Source Level URL
Text
network error URL: https://www.hg5588rrrrr.com:6899/rajsquestd.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.hg5588rrrrr.com:6899/esabgnixob.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1hg5588.com
aegis.qq.com
analytics.agilenavi.com
captcha.gtimg.com
cdn-go.cn
cdn.cfvn66.com
cstaticdun.126.net
fly.rodyou.com
g.alicdn.com
js.agilenavi.com
m1.cisy427.cn
m1.dgybjz.com
m1.hnsbjjc.com
mf2.agilenavi.com
mlupqnqjmkhpw.agilenavi.com
p1.cfvn66.com
ssl.captcha.qq.com
t.captcha.qq.com
v.vaptcha.com
www.google-analytics.com
www.googletagmanager.com
www.hg5588rrrrr.com
m1.cisy427.cn
mlupqnqjmkhpw.agilenavi.com
101.33.10.108
103.16.121.244
103.242.144.36
104.18.8.66
122.228.91.87
129.226.103.219
13.224.193.108
13.225.87.127
142.250.186.40
163.171.128.148
163.171.133.124
203.205.137.235
203.205.235.61
203.205.235.65
216.58.212.174
23.224.70.154
47.246.43.252
52.197.168.193
59.63.188.66
011d69c8bb7b48ead18084c369cbe74598dd39d8559bd22993edd159a15311f2
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7
0379a896a2a83a94395b480a6d88dd0395bed715311eb11a155594408103527e
05205b9edf6f283d2b8f710a15494a99334e46ac317f58e72aadd4b8df2ceead
0554d985efabc06180c87196063b4a0700e18553a0645178b4815d0a3f8b2a3e
055656220f2c37bb26348fb3c9a180bab154032d4d148ee2c3f16281e9be4d9a
07fd3a2649f922ec8de2098c3f3fe312f1599e8c425d781c93ff487144f07e42
0b92c88019f66634da2f07274f477f0d1120ab919652e29f36bca2b87aed0335
0ba1ec6af17f6bb2f5cea338aeab4e4a3731e65843317298d330203f2e07f5f7
0c0fcb6960beb25b31dd011f7ef8e23be383509127e0a090fd53842dd7579ef2
11bcc84f12748534819096351295b5aaa2d8f22e19adbfa42583ed3e66993011
16b1ac67c28b1ef805e0d00afe87e6a0866f8e76024625b042c5b38940d92c16
1720b07b62034ffc1cd4df232ad8dc32a7aafd285b6501574c92b2815e8ec74d
18593e39a763f531ed9faaa40053e1489a9fe7882a1bd49ff12c0c9d75a8438a
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
1ca101185a5f7639dfaa31fb304796a41f74b681a0959452cfe0ea8e4c00baaa
1e5587c396f6a8ed9c3d5aa29a7ae41b283233c61414e7113bed853e3eec2ab8
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1e8c7962f0bfcd035e6ddf8cae06c4ea66ee23836472d1f040c0ed17d946b092
1f759a136a1e87ad9c8264863aca43436362f7226246c98be1c149c629f08431
25fca486d44381f3211bd34a136f14138c06009ce0d1319ffd362d68814b789f
266c5c79104a2096f95f80b22b4e3a1703ba5663d77298d0c673f670ca3bc428
26be99944b803918e44b6948e9287ed15b57f9edf38e7dca75c30b2d4aa0d5cc
27212de999d7107ffbc774d6f2f267fa7dec7952de1160fdf3e580d880897294
29821aaa7a6a4243dfdabad1414fc517347fb444ae9e05d559f513fbea915ce2
2e86bda5ce1bd2b0d68cb51fb7368d19a5b2d04ad6092d146703e120a6bb1bb8
306eb0c27e4c2b7ea15b0436f12a9951df1b6641dff2bd871597b4aac7edac72
321295f3d67aba7ccfafe7e3f79a4bfa894e8c7feb0b6b43425dec0426af3de1
3c4801d634dd592575372804e4e5339524857efeba093451fa9489334fd01f9b
3d790a7117ee7af599962b4afac361d00cfa268dfbe85281a079bda54acb3f33
3e8ce23bd6ec124f5c055cd32457061230233749092f57ad23d813465d653a88
40303c53e2d8a04fed01e93b04e098dc55e510b9e7750e76b9625b1a31d50a0c
42724465cc26d9ed4b0e82f62a46d5a445fa9892de9a696ea50171686fdf1156
42d681b5f02d2dabf923cbae61fc345c20de79978e81facb76bff8ce48be9b0f
4332316d0fe4e2c7a9e213afa4d9cbf983ad5bf80cb47d98c9cacd5470e35889
45fbe0b54d320967847c598f5a931d5c543157880478099028e1b4cd18fe9de7
487359603d83f0ffbcc83e8b4229347b9f9ac18ccefbc61e53dacc52e561394c
4c4070d1d803412ad8a54bbe5cec5281d1022c01aa4d7c2f8bb01f4c4c68b498
4c807b957eee70e526264456458aef0723834a063542897522ed483629409d57
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5080963c7a0d55c0dd5554bb619a6a46d61c408bd2511842f8fe12b11ec5120b
5114374da04855c7763cb8cb4cf7ce45fe6712624b52d0048680607798bbcf27
5364fa6823567959a41816ee2c4d6574173a5c7f959dee316c3986377f5f034d
559420983d3f31a375b730af639621b5cc42ce839627f5eda62bc4981ed0d7c5
55a0136d6018cd2bd9b7945585bb64f97cbdd303897b732958d3c9bf20aefcec
5778bf532e71096453b20520d0a9b905b200d4cd64d5b8517decdc361526f4f4
5af4d789bfcc94bbb24ba512b8624f2346308ad118865dee019cce86a60b8399
5fae8e2422794f92b61fb64fb457900617171c8a9cb71844073ab0ceb7c247fe
610959508837b1fed34a90c085517b2aec1bd260c5d09be5b7fd41b7380de26e
612ad348ae1ba30e9e3430b9cabf8e55c2c318b860095032a21a29cf9cee1c52
6243b39072a10e97bde850edd6dde30c78d02b60599a645c947bacc6b7d62702
65315399abbd50dc268cbdef77450ce5dbf2395db5a5e4673c88d110f701096f
65f3f9387841fe3302ea54575f12f17558b894e4e147870eab330c184f337a16
68b479600bcfdea295269b490e0db26b160aab0579d1a9c315f8ae864086ce3a
6988dfdab2a0492b37c3e183b4948a4c649d8768a17709395ad9a1f4b90418e6
699369d9574983fadac78560d207b35f8b38e896d0b33e1788de258a3006c24a
6c2e61e967ecc0552d21f90be94820a717e87cd2076efc24c9da4e25ae9439bb
6f34cf87ce5cff6634cf937d93c9cf81366e61807e95c07222d0adea92eccf94
749e43c344055f4255e106bd3f1c983260343e8ade8f365b7aaa3cc9ef57b23d
757d1f56f4e2ae240d6b6b03513f92fee4f7ae20b84254503c8d44b1443f7d96
77b3b4767964c044c75e9640dc3c9a54d451d4eb42c6cfb82bb7fbab747fa4e9
79437aa18077eb7c9ad24fecc4cf7348afea4656f902005df39f4d8ce2becc02
7a0fc7f663cb7bf06721a36ca37955301451f1045e3aba6e2b59c5e4b0acf041
7bf90b13800d5b78134e23949588bced4d20fd80b4e24b22c6f955618082a945
7fbbe0e82630052e2be5161609255b0ea1b6baecb24eb55583bbbd1b26c48ab6
81e6bde75baa26b3b75e545dfdbedc66451d21c11490bba7c256e91510a17697
8205d89ee4c91562737e80664405d86b1dc2b99f1be2b1c9a4e5a8ab15382dd0
85c0faf37c252bff11abfca7b08fcb5c196e92ee3286f583b2c3c7d74ce18823
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17
8a55344c1b18579e6a41c3a8be3f18c4b1140bcc2ef26fa34045068ac36cc7fc
91003c3b07d939cbc6e7053176bc725c2e669a62e8b0656021b57ef3df531f79
91068663fee39b77cfb4474d80593b810fd77151f9b74758a77b5e1fcbbfa33a
923fe5cd8abc8bbe3b9327e0eeab62010044a31b58842599d10190394088a15c
9bf1094adef398af8d911eea687908e4e024d19d27d2fa68bd0ced46c9b88177
9cea7ddf2a75b890f96723b6c1d8617a5fefcd67247ac39b138eeeb77c69d8dd
a151dbd5afd4ec0523dfb26a6724c60a2a0cf528a9c743924f1d97dd860793db
a27081a215b719163e28a0a91f27baa4f92b00db98a61759be6d96fe34467fbe
a34652d97b466f6f74e40d84308ae1c7c703eb37324939540989e1153e2c0b8c
a4072646fd8dec4b99efbfbe0947d3bb67a41b9594ef0a22584c616c8f9a9df7
a64f5fdeb2bd347f2595a7ac888d9752572cc256af015b22a88c57da379074a8
a7bd5df533a372f9f203187c16517b2a1427999759da11b0f88a926463130372
ab83a734ef3038158c04af4af9850ba0f4622f55bc9d16fd609b321f38abb62a
ada936d22ea329a049d3af92f3f2c1ca0d9b6ffc47c8544436e4e5a8d724c90b
aee3757d527819580fb523a50c93fa9bda00f8238844a4d79c1c5c37ce2a4104
af1c6182fb07c94a08981fe71901f8d3ed1dc98cb5f94e44cec1d87e58f7c192
af41b5958436496a6df42f578b181b2141668724af5103809341eb1f66ab7cdf
b3047ea91541e75405468ad97ebd35543ab8afceb8f3e1e98366b288aba6633e
b313ca3f39f18c232a34ad6d3f09f5f5a38b5d7f263f0bbddeac62fdf99ed6d0
b34d3443c4d03ea442dad8462293ba6f5c1c2f9c76b85695c003c42591acff49
b6da17fc427e1a02deeaec898b0c4c8552534b93c3eb9321a1d2e6c020f87677
b870d9f443645b9dbe52ad502745df31e68a9dc96a9591b7fa6a78a10ba3aeb0
bbdcc8b19e604c07aee68bc3b2be2046cd078bd09818de92892e83d696a179d5
c0190dca58fbc5ca0a0a1d03ea249f4c4d4ff13d20e28878e29ffcceb409bd9a
c37ce466abeb200225cab59f6820623e3cd3136bdd086c45d9dd0add0a23cd48
c3a1471aa43221794ce96235b8d32b6d330e1326289e18a8a9de8048f8d58c42
c63122cc2e7906520abea218a241ef829b1273caca4743596a38b080e1a549d6
c782fecbcdbb16a037d00d20351db75acc1af3d755ea7018a0bf3d3db0ab5288
c911cc667b438cf83824ee11c819ca31848ffc8b2ef1b7b557023df3973399dc
d450040f16260695c90dab296630dabd7ad225cdbc39696f165b8cbb5fa9eedc
da7b65bfb9dc5e944188694142d23f1053b209e4ff3fadc1103dd5b2531923c7
dc12f7410831bdf160cbf7a84ac328f241a23b10dafd767a2ac7edd07503395c
ddb0f22bc94f8c3d507f8fb712c94e4d72502f11e3d1fb4ac135799832f3f6bd
df8beb4ef505f691e502f07b2c2912e13f8c4e1d31c3a34bdbe2b1bd4ecec9e0
e17db45e25b24e4f515a5b884571ad022bfccaa1b920e1b44130c21b49e54d01
e2a2c19f10aa734439ed96b1306a3bd30cb20a96178adca9d726bf99de66ca57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dec1b488f4519cbf480a51c876390e87b243508016bcf00009619ab2ca31f
e547048831fa3f357f782f62a6ee34b1777603dca078cb96066fcfeb072c47c9
e6842dbed1235778e780a06cfb6d907b55b13f1f23ea1b58495b4115367ffa9a
e89279fbd9c76c6df097ac41d900c181a3d4fc5a67f0941b9e5ce0599940c5e9
ee579cc67189366a57c0af1d87aa53450e83e2aebbbe12859ab301b2fb67935f
f18aaf2cdae4364c10952e9de0f54f2627040690c6a930f2e95e9badd676e722
f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d
f71148aa2505321fb1dab563f1ce478eabb6ffae2a38204790626a5ce4b6f3c8
f7af7918ac74d272878e49d8198f2d813bef99d45be3b701cc847c8067786ce2
f8d0af98d949b48ec9f505f0a6163fbeb8cfbbf25bdaa04afa6e0360846eb6f8
fba6f1bc4276d0f20aebeadca9528e3019568be6b630d788d311a52434d1994d
fbb7859107d4ae223674b4e32aca255371b0d3a54863f1723a3d8e5b25da0752
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffb7cfc02f16dc3c4fc75c34c06f89a6504af53eecc778ddb14ee46f35c5a4ca