shaoguan.theperfectgathering.com Open in urlscan Pro
2606:4700:3033::6815:3173 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://shaoguan.theperfectgathering.com/
Submission: On January 03 via api (January 3rd 2024, 6:01:31 pm UTC) from US — Scanned from US

Summary HTTP 232 Redirects Behaviour Indicators

Summary

This website contacted 41 IPs in 8 countries across 53 domains to perform 232 HTTP transactions. The main IP is 2606:4700:3033::6815:3173, located in United States and belongs to CLOUDFLARENET, US. The main domain is shaoguan.theperfectgathering.com.
TLS certificate: Issued by GTS CA 1P5 on November 17th 2023. Valid for: 3 months.

This is the only time shaoguan.theperfectgathering.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3033::6815:3173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
58	113.105.134.36 113.105.134.36	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
4	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	203.205.235.28 203.205.235.28	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
23	23.224.130.221 23.224.130.221	40065 (CNSERVERS) (CNSERVERS)
2	4.34.42.108 4.34.42.108	3356 (LEVEL3) (LEVEL3)
20	116.153.39.134 116.153.39.134	4837 (CHINA169-...) (CHINA169-BACKBONE CHINA UNICOM China169 Backbone)
2	43.152.182.26 43.152.182.26	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	2606:4700:10:... 2606:4700:10::6814:5063	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	23.224.137.68 23.224.137.68	40065 (CNSERVERS) (CNSERVERS)
1	158.69.254.144 158.69.254.144	16276 (OVH) (OVH)
3	2606:4700:21:... 2606:4700:21::8d65:780b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.238.55.87 18.238.55.87	16509 (AMAZON-02) (AMAZON-02)
3	18.189.215.189 18.189.215.189	16509 (AMAZON-02) (AMAZON-02)
1	18.173.132.7 18.173.132.7	16509 (AMAZON-02) (AMAZON-02)
4	23.196.3.202 23.196.3.202	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.157.162.49 108.157.162.49	16509 (AMAZON-02) (AMAZON-02)
3	18.160.46.85 18.160.46.85	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:c3c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
3 10	50.16.174.192 50.16.174.192	14618 (AMAZON-AES) (AMAZON-AES)
4 6	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
7 7	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	3.130.26.161 3.130.26.161	16509 (AMAZON-02) (AMAZON-02)
3 3	35.244.154.8 35.244.154.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	107.178.254.65 107.178.254.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 6	23.47.69.85 23.47.69.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.7.64.229 23.7.64.229	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	63.251.86.49 63.251.86.49	10913 (INTERNAP-BLK) (INTERNAP-BLK)
1	54.166.243.239 54.166.243.239	14618 (AMAZON-AES) (AMAZON-AES)
1	18.173.132.127 18.173.132.127	16509 (AMAZON-02) (AMAZON-02)
3 4	18.211.201.194 18.211.201.194	14618 (AMAZON-AES) (AMAZON-AES)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
2 15	52.20.53.186 52.20.53.186	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.150.170.96 34.150.170.96	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	63.251.86.51 63.251.86.51	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
5 6	54.85.146.200 54.85.146.200	14618 (AMAZON-AES) (AMAZON-AES)
4 4	68.67.178.10 68.67.178.10	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	15.235.42.103 15.235.42.103	16276 (OVH) (OVH)
1 2	2606:4700:1::... 2606:4700:1::6813:844c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
2 2	8.28.7.81 8.28.7.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:ed:... 2600:1f18:ed:550f:9eb9:354c:5ca7:7a69	14618 (AMAZON-AES) (AMAZON-AES)
3 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	104.17.216.204 104.17.216.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	40.71.11.141 40.71.11.141	() ()
1 1	69.169.86.38 69.169.86.38	29838 (AMC) (AMC)
1	64.58.232.180 64.58.232.180	13649 (ASN-FLEXE...) (ASN-FLEXENTIAL)
1 1	54.146.35.99 54.146.35.99	14618 (AMAZON-AES) (AMAZON-AES)
4 4	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
2 2	207.198.113.88 207.198.113.88	13768 (COGECO-PEER1) (COGECO-PEER1)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
2 2	35.175.29.179 35.175.29.179	() ()
1	52.203.70.213 52.203.70.213	() ()
232	41

3 2606:4700:3033::6815:3173 (United States)

ASN13335 (CLOUDFLARENET, US)

shaoguan.theperfectgathering.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 113.105.134.36 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

www.szmys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 203.205.235.28 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

qt.gtimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 23.224.130.221 (United States)

ASN40065 (CNSERVERS, US)

683jb.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 4.34.42.108 (Plant City, United States)

ASN3356 (LEVEL3, US)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 116.153.39.134 (China)

ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN)

ubb.bbb.byjykj.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.152.182.26 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

p0.meituan.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:5063 (United States)

ASN13335 (CLOUDFLARENET, US)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 23.224.137.68 (United States)

ASN40065 (CNSERVERS, US)

992i2333.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.254.144 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns548341.ip-158-69-254.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:21::8d65:780b (United States)

ASN13335 (CLOUDFLARENET, US)

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.238.55.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-87.jfk52.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.189.215.189 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-215-189.us-east-2.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-7.jfk52.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.196.3.202 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-202.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.162.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-162-49.mia3.r.cloudfront.net

data-beacons.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.160.46.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-85.iad55.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c3c (United States)

ASN13335 (CLOUDFLARENET, US)

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 50.16.174.192 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-174-192.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.40.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.223.40.198 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.130.26.161 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-26-161.us-east-2.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.154.8 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.47.69.85 (Secaucus, United States) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-69-85.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.7.64.229 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-64-229.deploy.static.akamaitechnologies.com

tags.bkrtx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.49 (United States) 1 redirects

ASN10913 (INTERNAP-BLK, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.166.243.239 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-243-239.compute-1.amazonaws.com

track2.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-127.jfk52.r.cloudfront.net

api.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.211.201.194 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-201-194.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.20.53.186 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-53-186.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.150.170.96 (Washington, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.86.51 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.85.146.200 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-146-200.compute-1.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.178.10 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.235.42.103 (Terrebonne, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: haproxy-ca-002.roqad.pl

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:1::6813:844c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.81 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550f:9eb9:354c:5ca7:7a69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.216.204 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.71.11.141 (None, )

ASN- ()

c.cintnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.169.86.38 (Commack, United States) 1 redirects

ASN29838 (AMC, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.180 (United States)

ASN13649 (ASN-FLEXENTIAL, US)

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.35.99 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-35-99.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.225.218.10 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.198.113.88 (Herndon, United States) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.175.29.179 (None, ) 2 redirects

ASN- ()

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.203.70.213 (None, )

ASN- ()

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	szmys.com www.szmys.com	2 MB
45	992i2333.com 992i2333.com	1 MB
23	683jb.xyz 683jb.xyz	197 KB
20	byjykj.xyz ubb.bbb.byjykj.xyz — Cisco Umbrella Rank: 590358	2 MB
18	crwdcntrl.net 2 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1411 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431 sync.crwdcntrl.net — Cisco Umbrella Rank: 1419	30 KB
10	eyeota.net 3 redirects ps.eyeota.net — Cisco Umbrella Rank: 1645	5 KB
10	sharethis.com pd.sharethis.com — Cisco Umbrella Rank: 20639 t.sharethis.com — Cisco Umbrella Rank: 7726 sync.sharethis.com — Cisco Umbrella Rank: 4415	17 KB
7	adsrvr.org 7 redirects match.adsrvr.org — Cisco Umbrella Rank: 594	3 KB
6	mediawallahscript.com 5 redirects partner.mediawallahscript.com — Cisco Umbrella Rank: 4532	4 KB
6	bluekai.com 3 redirects tags.bluekai.com — Cisco Umbrella Rank: 1261 stags.bluekai.com — Cisco Umbrella Rank: 1624	2 KB
6	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 338	2 KB
5	liadm.com 3 redirects i.liadm.com — Cisco Umbrella Rank: 979 i6.liadm.com — Cisco Umbrella Rank: 4366	3 KB
5	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 5297 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 6989 data-beacons.s-onetag.com — Cisco Umbrella Rank: 9474	15 KB
4	yahoo.com 4 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2418 ups.analytics.yahoo.com — Cisco Umbrella Rank: 505	1 KB
4	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 793 ib.adnxs.com	3 KB
4	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 998 ce.lijit.com — Cisco Umbrella Rank: 1432	3 KB
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8615	24 KB
3	everesttech.net 3 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 1396	777 B
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 845	2 KB
3	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 3210	616 B
3	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 778	1 KB
3	rlcdn.com 3 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 764	1 KB
3	dtscout.com e.dtscout.com — Cisco Umbrella Rank: 9697 t.dtscout.com — Cisco Umbrella Rank: 8357	5 KB
3	theperfectgathering.com shaoguan.theperfectgathering.com	11 KB
2	thrtle.com 2 redirects thrtle.com	952 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 1321	958 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1215	550 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 1001	1 KB
2	mgid.com 1 redirects cm.mgid.com — Cisco Umbrella Rank: 2182	737 B
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3785	797 B
2	histats.com s10.histats.com — Cisco Umbrella Rank: 8421 s4.histats.com — Cisco Umbrella Rank: 7990	5 KB
2	meituan.net p0.meituan.net — Cisco Umbrella Rank: 13232 p1.meituan.net Failed	391 B
2	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 43361	87 KB
1	adentifi.com rtb.adentifi.com	35 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 2160	418 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 744	674 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 1274	1 KB
1	mookie1.com ib.mookie1.com — Cisco Umbrella Rank: 6137	983 B
1	ib-ibi.com 1 redirects global.ib-ibi.com — Cisco Umbrella Rank: 3432	512 B
1	cintnetworks.com c.cintnetworks.com	543 B
1	truoptik.com 1 redirects dmp.truoptik.com — Cisco Umbrella Rank: 3545	549 B
1	rqtrk.eu 1 redirects ws.rqtrk.eu — Cisco Umbrella Rank: 6313	413 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 1428	602 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 943	363 B
1	intentiq.com api.intentiq.com — Cisco Umbrella Rank: 2042
1	securedvisit.com track2.securedvisit.com — Cisco Umbrella Rank: 7102	178 B
1	bkrtx.com tags.bkrtx.com — Cisco Umbrella Rank: 9143	16 KB
1	pippio.com 1 redirects pippio.com — Cisco Umbrella Rank: 1480	634 B
1	dtscdn.com t.dtscdn.com — Cisco Umbrella Rank: 8870	596 B
1	gtimg.cn qt.gtimg.cn — Cisco Umbrella Rank: 704641	466 B
0	exelator.com Failed loadus.exelator.com Failed
0	afdiancdn.com Failed pic1.afdiancdn.com Failed
0	qq.com Failed tajs.qq.com Failed
232	53

	Domain	Requested by
58	www.szmys.com	shaoguan.theperfectgathering.com www.szmys.com
45	992i2333.com	683jb.xyz
23	683jb.xyz	shaoguan.theperfectgathering.com 683jb.xyz
20	ubb.bbb.byjykj.xyz	683jb.xyz
12	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
10	ps.eyeota.net	3 redirects 683jb.xyz bcp.crwdcntrl.net data-beacons.s-onetag.com
7	match.adsrvr.org	7 redirects
6	partner.mediawallahscript.com	5 redirects bcp.crwdcntrl.net
6	cm.g.doubleclick.net	4 redirects bcp.crwdcntrl.net
5	tags.bluekai.com	2 redirects tags.bkrtx.com bcp.crwdcntrl.net
4	i.liadm.com	3 redirects
4	t.sharethis.com	pd.sharethis.com t.sharethis.com
4	hm.baidu.com	shaoguan.theperfectgathering.com
3	sync-tm.everesttech.net	3 redirects
3	pixel.tapad.com	3 redirects
3	secure.adnxs.com	3 redirects
3	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
3	ml314.com	1 redirects 683jb.xyz bcp.crwdcntrl.net
3	px.ads.linkedin.com	1 redirects 683jb.xyz
3	idsync.rlcdn.com	3 redirects
3	sync.sharethis.com	683jb.xyz
3	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
3	pd.sharethis.com	e.dtscout.com 683jb.xyz t.sharethis.com
3	get.s-onetag.com	e.dtscout.com get.s-onetag.com
3	shaoguan.theperfectgathering.com	shaoguan.theperfectgathering.com www.szmys.com
2	thrtle.com	2 redirects
2	pixel-sync.sitescout.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	cms.analytics.yahoo.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	c1.adform.net	2 redirects
2	cm.mgid.com	1 redirects bcp.crwdcntrl.net
2	ce.lijit.com
2	ap.lijit.com	1 redirects 683jb.xyz
2	pixel.onaudience.com	2 redirects
2	t.dtscout.com	e.dtscout.com
2	p0.meituan.net	683jb.xyz
2	cdn.staticfile.org	683jb.xyz
1	rtb.adentifi.com
1	ib.adnxs.com	1 redirects
1	d.turn.com	1 redirects
1	token.rubiconproject.com	bcp.crwdcntrl.net
1	sync.srv.stackadapt.com	1 redirects
1	ib.mookie1.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	1 redirects
1	c.cintnetworks.com	bcp.crwdcntrl.net
1	dmp.truoptik.com	1 redirects
1	i6.liadm.com	bcp.crwdcntrl.net
1	ws.rqtrk.eu	1 redirects
1	um.simpli.fi	1 redirects
1	dis.criteo.com	683jb.xyz
1	api.intentiq.com	data-beacons.s-onetag.com
1	track2.securedvisit.com	data-beacons.s-onetag.com
1	stags.bluekai.com	1 redirects
1	tags.bkrtx.com	pd.sharethis.com
1	pippio.com	1 redirects
1	t.dtscdn.com	e.dtscout.com
1	data-beacons.s-onetag.com	get.s-onetag.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	e.dtscout.com	s4.histats.com
1	s4.histats.com	s10.histats.com
1	s10.histats.com	683jb.xyz
1	qt.gtimg.cn	shaoguan.theperfectgathering.com
0	loadus.exelator.com Failed	bcp.crwdcntrl.net
0	p1.meituan.net Failed	683jb.xyz
0	pic1.afdiancdn.com Failed	683jb.xyz
0	tajs.qq.com Failed	shaoguan.theperfectgathering.com
232	67

This site contains no links.

Subject Issuer	Validity	Valid
theperfectgathering.com GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.szmys.com Encryption Everywhere DV TLS CA - G1	`2023-05-22` - `2024-05-21`	a year	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2023-07-06` - `2024-08-06`	a year	crt.sh
v.qq.com DigiCert Secure Site CN CA G3	`2023-12-04` - `2024-12-03`	a year	crt.sh
761jb.xyz R3	`2023-10-21` - `2024-01-19`	3 months	crt.sh
*.staticfile.org GeoTrust RSA CN CA G2	`2023-09-08` - `2024-10-04`	a year	crt.sh
ubb.bbb.byjykj.xyz Buypass Class 2 CA 5	`2023-11-05` - `2024-05-02`	6 months	crt.sh
*.meituan.net GlobalSign RSA OV SSL CA 2018	`2023-06-08` - `2024-07-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-13` - `2024-05-11`	a year	crt.sh
992i2333.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
histats.com R3	`2023-11-23` - `2024-02-21`	3 months	crt.sh
dtscout.com GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-22` - `2024-06-19`	a year	crt.sh
cert1-prod.aut.a24365.net R3	`2024-01-03` - `2024-04-02`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
dtscdn.com GTS CA 1P5	`2023-11-15` - `2024-02-13`	3 months	crt.sh
*.bkrtx.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-06` - `2024-12-05`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
securedvisit.com Amazon RSA 2048 M03	`2023-08-16` - `2024-09-13`	a year	crt.sh
*.intentiq.com Amazon RSA 2048 M02	`2023-04-11` - `2024-05-08`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
c.cintnetworks.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-12-26` - `2024-06-26`	6 months	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-01-01` - `2024-03-31`	3 months	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.liadm.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-28`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://shaoguan.theperfectgathering.com/
Frame ID: 338BF5ABB0BE0B4234F9ED35CCE2ABCC
Requests: 67 HTTP requests in this frame

Frame: https://683jb.xyz/index.html
Frame ID: 98A81A7740BDB5C0477B396DBF4E501E
Requests: 125 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A01704304884CE506932A27445C4B8
Frame ID: 47DA1E4F016244D4DD188C298EAD32F2
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
Frame ID: 0D62EFF64144AE558F55C0397F86DA65
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C
Frame ID: 6447742C716CC1D1F0D0EE8C8C199372
Requests: 7 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: B34057B1C671D06AD25FDD577B4F59F2
Requests: 2 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEC9t86l4B6dVQOFIFHAkVqk&google_cver=1
Frame ID: 277A10008E72E05B2EC6BFA7EA537228
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=11857
Frame ID: E11EAAE2EB5862934789081316F7DCF2
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 008C991C90553CFF10703C6494D6609B
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 976FF26652612E83764EAAEF847FC656
Requests: 24 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: 19C013E6772D39FCC0BD0C111F753CFE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

九一麻豆制片厂国产剧情~百度百科

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

232
Requests

84 %
HTTPS

14 %
IPv6

53
Domains

67
Subdomains

41
IPs

8
Countries

5116 kB
Transfer

6085 kB
Size

81
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 174

https://pixel.onaudience.com/?partner=137085098&mapped=51A01704304884CE506932A27445C4B8 HTTP 302
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=a5e9af1fd702c85b HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MngwaEpMYlg2MUV2U1lQZEpQdTFRcGIyLXQ0WUltdXMxRVE0VUR4R1N5clU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MngwaEpMYlg2MUV2U1lQZEpQdTFRcGIyLXQ0WUltdXMxRVE0VUR4R1N5clU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEB0nJ0FBx4YoMDKGn8vCewg&google_cver=1

Request Chain 178

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&gdpr=0&gdpr_consent=

Request Chain 179

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGYABmWVoPQAAAAIW56WAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdZQUJtV1ZvUFFBQUFBSVc1NldBdz09EAAaDQj0wdasBhIFCOgHEABCAEoA HTTP 307
https://pippio.com/api/sync?pid=5324&it=1&iv=1e8e13f0e13d45ebb25b685d3bec14270625819466106182b277dc5bf326f324791426b5417dce21&_=2 HTTP 307
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=1e8e13f0e13d45ebb25b685d3bec14270625819466106182b277dc5bf326f324791426b5417dce21&rand=04135806 HTTP 302
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=1e8e13f0e13d45ebb25b685d3bec14270625819466106182b277dc5bf326f324791426b5417dce21&rand=04135806&expected_cookie=4d9e7eeb-0d2f-4189-b507-c2477e20db82

Request Chain 180

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2DngNud5gGwo3ibCVwgodT5LEcX3x8Kx06gHvNdsbbRY&gdpr=0&gdpr_consent=

Request Chain 181

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGYABmWVoPQAAAAIW56WAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3641095699338100789 HTTP 307
https://ml314.com/csync.ashx?fp=d3b53317c5f66ae234ecab74e588bad6a6fa21f86b831775504806b137df5289f4cb09cee1a4f8eb&person_id=3641095699338100789&eid=50082

Request Chain 182

https://tags.bluekai.com/site/59574?id=ZGYABmWVoPQAAAAIW56WAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Request Chain 185

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 186

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGYABmWVoPQAAAAIW56WAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=20882557 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=SFJBQldDd005OU94MzhQaw%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=SFJBQldDd005OU94MzhQaw%3D%3D&google_tc= HTTP 302
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEC9t86l4B6dVQOFIFHAkVqk&google_cver=1

Request Chain 189

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7kZhSZHXC2ZxH6LT9isXLi_&rnd=3432 HTTP 303
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7kZhSZHXC2ZxH6LT9isXLi_&rnd=3432&_li_chk=true&previous_uuid=c1c48d9a4c8c445abe8008cf0b71b6e8 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 193

https://um.simpli.fi/lj_match?r=87989 HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=4FC4B8C31488426F99925AF4C040B05C

Request Chain 197

https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=f9e3751cabd25ed4f513b265902ccc03&custom=&tag_format=img&tag_action=sync HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=f9e3751cabd25ed4f513b265902ccc03&custom=&tag_format=img&tag_action=sync&final=true&reqid=1dfa8ba0-aa62-11ee-81a5-53ee200cd2e4&timestamp=2024-01-03T18%3A01%3A28.154Z HTTP 302
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2016%26partner_id%3D2087%26uid%3D%24UID%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3035946598938582926&tag_format=img&tag_action=sync HTTP 302
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=1e011b50-aa62-11ee-ad6a-a517d8de15c4?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=f9e3751cabd25ed4f513b265902ccc03&tag_format=img&tag_action=sync&cb=541668457 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&tag_format=img&tag_action=sync&cb= HTTP 302
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=1e011b50-aa62-11ee-ad6a-a517d8de15c4&cb=1704304888633&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2099%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1704304888633 HTTP 302
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=be7c6e94-a646-4986-a166-db691d6d4ded&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704304888633

Request Chain 198

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=f9e3751cabd25ed4f513b265902ccc03 HTTP 307
https://cm.mgid.com/m?c=f9e3751cabd25ed4f513b265902ccc03&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Request Chain 199

https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1040 HTTP 302
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=382015151928465879/gdpr=/gdpr_consent=

Request Chain 200

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=716E2271-600D-40B3-9405-C4C2B47A63EA&gdpr=0

Request Chain 201

https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=f9e3751cabd25ed4f513b265902ccc03 HTTP 303
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=f9e3751cabd25ed4f513b265902ccc03

Request Chain 202

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a/gdpr=0/gdpr_consent=

Request Chain 203

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=f9e3751cabd25ed4f513b265902ccc03&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=f9e3751cabd25ed4f513b265902ccc03&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D&ch=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5836799e-713c-463f-bf95-000978e3c876%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D5836799e-713c-463f-bf95-000978e3c876%252C%25257B%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&ttd_puid=5836799e-713c-463f-bf95-000978e3c876%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D5836799e-713c-463f-bf95-000978e3c876%2C%257B%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5836799e-713c-463f-bf95-000978e3c876

Request Chain 204

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP HTTP 302
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=6c528503eb5bd7597adfc0d10d140f58

Request Chain 207

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=f9e3751cabd25ed4f513b265902ccc03 HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=f9e3751cabd25ed4f513b265902ccc03

Request Chain 209

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&gdpr=0&gdpr_consent=

Request Chain 211

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-JCM.TVBE2pyuv_JZ88GjfDCYqrv6SZEGuGg-~A&gdpr=0

Request Chain 212

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=38ea971b-e4e3-44df-a373-e86e43944a53-6595a0f8-5553/gdpr=0

Request Chain 214

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZZWg_AAL06dTSQBH HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZWg_AAL06dTSQBH/gdpr=0&_test=ZZWg_AAL06dTSQBH

Request Chain 218

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/f9e3751cabd25ed4f513b265902ccc03/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8550189643272942068/gdpr=0

Request Chain 219

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=245830629 HTTP 302
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3035946598938582926/gdpr=0/rand=245830629

Request Chain 223

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=H7kZhSZHXC2ZxH6LT9isXLi_/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
https://ce.lijit.com/merge?pid=5001&3pid=f9e3751cabd25ed4f513b265902ccc03

Request Chain 225

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/match?uid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&bid=1e2n4ou

Request Chain 226

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Oujynb5E2pVHcNXTOtqmGwXFV.ELqXjbYXM-~A

Request Chain 227

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=ZZWg_AAL06dTSQBH&bid=0rijhbu&referrer_pid=51md42u

Request Chain 228

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
https://ps.eyeota.net/match?uid=3035946598938582926&bid=2cr76e1&referrer_pid=51md42u

Request Chain 229

https://tags.bluekai.com/site/39798?limit=1&id=2WMkvWFJkKt6KtOIWxU2F9BN08J0UNVBO2_46UJFj4zo HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
https://tags.bluekai.com/site/5386?id=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&gdpr=0&gdpr_consent=

Request Chain 230

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7kZhSZHXC2ZxH6LT9isXLi_ HTTP 302
https://thrtle.com/sync?_reach=1&vxii_pdid=H7kZhSZHXC2ZxH6LT9isXLi_&vxii_pid=12&vxii_pid1=7002&vxii_rcid=fa6d9362-773f-4d4f-96be-b36114982a50&vxii_rmax=1 HTTP 302
https://rtb.adentifi.com/CookieSyncThrotle

232 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
shaoguan.theperfectgathering.com/ 28 KB
8 KB 308ms
203ms Document
text/html 2606:4700:3033::6815:3173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50987574de3f635dc3e9db817ba8d44dffbfe2e0146c6b93e0aba6c6f2fd4af3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83fd258879ba4bbb-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 18:01:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCRQvGz0AN9LctQKaRpBDu3bpn7FXnfb7cO%2F52OkyD5g6CX21WFkhya1ef1tRsx4jbfHZJ26ktgwjbBEs4Zy4pfNupI9CxoUyPsyFM2bLW1tkElDN3Ckr7MRWfPthYPrljE11MkjA%2FfIlBnZYu0nO3HdhuMuMobQUros7JqnrA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 js.js Show response
shaoguan.theperfectgathering.com/js/ 5 KB
2 KB 204ms
200ms Script
application/javascript 2606:4700:3033::6815:3173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shaoguan.theperfectgathering.com/js/js.js
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f4835386e27dc5f9acc51d32c2d96992bf06f2d73c6c32a85db878101be2bc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 15 Jun 2023 15:32:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"648b2efe-13e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bfEkoZlduqTJNjlBMa2W7bZLfc8J0HLyJsDkmwbNDyv%2FglZeSdt6ycSoon2N%2B3xdCu77YylggR6q7pwPlNFEWPeAlWhwVnhJsHuc3i%2BrmEdbPP8cfjwF%2BD9I%2B5iUFuSygu5kLuQ5gIwNq7xfFeSyM%2Fl4FwvlKYvP9xTWF%2FM9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 83fd258a2a5e4bbb-BUF
alt-svc: h3=":443"; ma=86400
expires: Thu, 04 Jan 2024 06:01:22 GMT

GET
H2 200 common.css
www.szmys.com/css/ 32 KB
8 KB 1485ms
239ms Stylesheet
text/css 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.szmys.com/css/common.css
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: b8ca84bb8c4e1cfa7a372390753dbd7cf325af6e61196572fa0ea1217e106eaf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Thu, 25 Jul 2019 05:59:36 GMT
server: Nginx / 1.8.8
etag: "a3a3c523ae42d51:0"
x-powered-by: 85686916
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 7528

GET
H2 200 index3.css
www.szmys.com/css/ 27 KB
6 KB 1717ms
472ms Stylesheet
text/css 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.szmys.com/css/index3.css
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: ba971a3d83dc2506b5eba84214d992a4903aa5b2931712b70105b17f9e96463c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Fri, 28 Aug 2020 08:31:25 GMT
server: Nginx / 1.8.8
etag: "b8dce19d157dd61:0"
x-powered-by: 85686916
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
content-length: 6437

GET
H2 200 jquery-1.11.3.js Show response
www.szmys.com/Scripts/ 278 KB
110 KB 2183ms
938ms Script
application/javascript 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.szmys.com/Scripts/jquery-1.11.3.js
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2016 05:13:30 GMT
server: Nginx / 1.8.8
etag: "0f99c25a49d11:0"
x-powered-by: 85686916
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 jquery-ui.min.js Show response
www.szmys.com/Scripts/jqueryui/ 235 KB
84 KB 1950ms
705ms Script
application/javascript 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.szmys.com/Scripts/jqueryui/jquery-ui.min.js
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2015 00:49:34 GMT
server: Nginx / 1.8.8
etag: "0a3de3d955bd01:0"
x-powered-by: 85686916
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes

GET
H2 200 index2.js Show response
www.szmys.com/ 69 KB
20 KB 1718ms
474ms Script
application/javascript 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.szmys.com/index2.js
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 45f62ec968112fc7b4990c80fade55b51ea311fc8731978ed02a880bf721e68c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Wed, 11 Apr 2018 07:58:42 GMT
server: Nginx / 1.8.8
etag: "772fbe86ad1d31:0"
x-powered-by: 85686916
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 20549

GET
H2 200 me.js Show response
www.szmys.com/js/ 55 KB
13 KB 1715ms
471ms Script
application/javascript 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.szmys.com/js/me.js
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 9e053641c7e902d2d8283e064f8534f047f56bec7e5a4382f0d2d2f643c178ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Fri, 04 Jan 2019 07:45:53 GMT
server: Nginx / 1.8.8
etag: "f1be1e851a4d41:0"
x-powered-by: 85686916
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 13284

GET
H2 400 font-awesome.css
www.szmys.com/fonts/font-awesome-4.6.3http://www.szmys.com/css/ 0
0 1948ms
704ms Stylesheet
text/html 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.szmys.com/fonts/font-awesome-4.6.3http://www.szmys.com/css/font-awesome.css
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 wxqrcode.png
www.szmys.com/ 40 KB
40 KB 1039ms
1036ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/wxqrcode.png
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 0527c6a6bd613a2e4cea74d7629b2b17fcae742e1fe40b467c2d2b1ea65b11fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Sat, 21 May 2016 03:21:39 GMT
server: Nginx / 1.8.8
etag: "558d87e3fb3d11:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 40559

GET
H2 200 sz002303.gif
www.szmys.com/index5/Content/img/ 8 KB
8 KB 1042ms
1038ms Image
image/gif 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/index5/Content/img/sz002303.gif
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: bfcdee330811ac61df7b2b77773d2296dfb73b6a4a34e600405e70ec1ccca01d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Sat, 07 May 2016 03:22:53 GMT
server: Nginx / 1.8.8
etag: "4ca42befa8d11:0"
x-powered-by: 85686916
content-type: image/gif
accept-ranges: bytes
content-length: 8583

GET
H2 200 1654046772.jpg
www.szmys.com/upload/20171124/ 196 KB
196 KB 1043ms
1040ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20171124/1654046772.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 9e52eab5b1b51a90076321420312342c45d3ff9fcb1ce214d583f78ad97b00a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 20 Oct 2022 09:01:12 GMT
server: Nginx / 1.8.8
etag: "1a22ff8062e4d81:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 200676

GET
H2 200 1654261554.jpg
www.szmys.com/upload/20171124/ 72 KB
72 KB 1054ms
1051ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20171124/1654261554.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: ab1b199b5cc3c03655d797fd757000ca2e9be0a03e8258f8f1f352c21dd7ab0d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Sat, 09 Dec 2017 05:55:23 GMT
server: Nginx / 1.8.8
etag: "6821a14db270d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 73760

GET
H2 200 1655059297.jpg
www.szmys.com/upload/20171124/ 147 KB
147 KB 1272ms
1268ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20171124/1655059297.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 5fc84b2e8c4f8057caa5771f2c9b711e337764d2c0bd7241e4602f701d49f86b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 25 Jul 2019 07:27:59 GMT
server: Nginx / 1.8.8
etag: "b271a37cba42d51:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 150238

GET
H2 200 1503324866.jpg
www.szmys.com/upload/20171222/ 76 KB
77 KB 1278ms
1275ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20171222/1503324866.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 7e0ede9ebc898f160aa2359b39b008a1e1b3a20bcad822f2a2b18bfab5687f00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Fri, 22 Dec 2017 07:03:32 GMT
server: Nginx / 1.8.8
etag: "cfe162faf27ad31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 78279

GET
H2 200 1522488231.jpg
www.szmys.com/upload/20171222/ 97 KB
97 KB 1297ms
1294ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20171222/1522488231.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 7d2aa0078c831eec4f2c2e8e77e5ec3e8d6b75dc5db5b4c87c27a6a7e8e0aa31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Fri, 22 Dec 2017 07:22:48 GMT
server: Nginx / 1.8.8
etag: "a5d19dabf57ad31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 99674

GET
H2 200 1347019269.jpg
www.szmys.com/upload/20171225/ 83 KB
83 KB 1303ms
1300ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20171225/1347019269.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: b5a7f32f9a83753fdc696e112383b1b7ace4526b5146923fb94ff7a9e88fa130

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Mon, 25 Dec 2017 05:47:01 GMT
server: Nginx / 1.8.8
etag: "1f2b69c9437dd31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 84501

GET
H2 200 videobgb.jpg
www.szmys.com/css/ 40 KB
40 KB 1309ms
1306ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/css/videobgb.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 80ba0d497544140c7114cf38804dbe1419d0a34588254a4dc0ba99c7e3206cbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Tue, 15 Aug 2017 07:44:54 GMT
server: Nginx / 1.8.8
etag: "9c66a629a15d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 41068

GET
H2 200 mp4.png
www.szmys.com/bg/index/ 0
76 B 1315ms
1313ms Image
text/html 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/bg/index/mp4.png
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Tue, 18 Sep 2018 06:27:10 GMT
server: Nginx / 1.8.8
etag: "38909ba1184fd41:0"
x-powered-by: 85686916
content-type: text/html
accept-ranges: bytes
content-length: 0

GET
H2 200 p4.png
www.szmys.com/index5/Content/img/ 35 KB
35 KB 1317ms
1314ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/index5/Content/img/p4.png
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 8d1377dea8269dc9c6d0a141401f8b87113ee1783cbe20ad546e4c1f5c29bc3b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Wed, 26 Jul 2017 06:56:09 GMT
server: Nginx / 1.8.8
etag: "2bac9142dc5d31:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 35389

GET
H2 200 p2.png
www.szmys.com/index5/Content/img/ 71 KB
71 KB 1504ms
1502ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/index5/Content/img/p2.png
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 39357fac08813fc12c20184a952eeed02cdb691ea6736e265d172047fc21f885

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Wed, 26 Jul 2017 06:29:07 GMT
server: Nginx / 1.8.8
etag: "b869ba7bd85d31:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 72875

GET
H2 200 p3.png
www.szmys.com/index5/Content/img/ 47 KB
47 KB 1515ms
1513ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/index5/Content/img/p3.png
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: df97830866c67199399d905c82a524a67727f479f4636bd3be262a648e388f84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Wed, 26 Jul 2017 06:28:07 GMT
server: Nginx / 1.8.8
etag: "f0935958d85d31:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 47772

GET
H2 200 ico001.png
www.szmys.com/user/img/index/ 5 KB
5 KB 1519ms
1517ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/user/img/index/ico001.png
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: f44a3ab8f018db4152666d580eb1c871216e215b4a7a5dcf293aeb66931b293a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Mon, 19 Dec 2016 01:46:42 GMT
server: Nginx / 1.8.8
etag: "ae4a87bf9959d21:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 5231

GET
H2 200 ico002.png
www.szmys.com/user/img/index/ 6 KB
6 KB 1520ms
1517ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/user/img/index/ico002.png
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 01f0553d33acaf579ba0f637338a889b5edfe429d7fe9e25d4f7c5aff171e2d0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Mon, 19 Dec 2016 01:46:13 GMT
server: Nginx / 1.8.8
etag: "55b9edad9959d21:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 5716

GET
H2 200 ico003.png
www.szmys.com/user/img/index/ 6 KB
6 KB 1520ms
1518ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/user/img/index/ico003.png
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 98a96acccd681770e0e6fdc74440d56b1ae01ed7fd33f3e2427920dc0725c86f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Mon, 19 Dec 2016 01:45:44 GMT
server: Nginx / 1.8.8
etag: "3f7edd9c9959d21:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 6226

GET
H2 200 ico004.png
www.szmys.com/user/img/index/ 7 KB
7 KB 1521ms
1519ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/user/img/index/ico004.png
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: c5922f65819c5007e54951699aa25e8733672c30a0f37c4afbac8fce9a97cca8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Mon, 19 Dec 2016 01:45:10 GMT
server: Nginx / 1.8.8
etag: "d65cc889959d21:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 7076

GET
H2 200 1105072272.jpg
www.szmys.com/upload/20170727/ 17 KB
17 KB 1522ms
1520ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1105072272.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 2755ab7f75e604cb47987f3da8ddeb66879a7c629029f06026001c6f1bbbb35f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 27 Jul 2017 03:05:07 GMT
server: Nginx / 1.8.8
etag: "b05f9f26856d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 16966

GET
H2 200 1029451187.jpg
www.szmys.com/upload/20170727/ 20 KB
20 KB 1524ms
1521ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1029451187.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: ddae935381c3cd4839647edc08f0dceef5ffedbd149e4b201dedc23727cb5c00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 27 Jul 2017 02:29:45 GMT
server: Nginx / 1.8.8
etag: "8a51bf35806d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 20474

GET
H2 200 1032049164.jpg
www.szmys.com/upload/20170727/ 24 KB
24 KB 1525ms
1523ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1032049164.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: ffd61df61ff69c61cad8672ab24818ebb153fe8c989493ad4d85b7125052b4ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 27 Jul 2017 02:32:04 GMT
server: Nginx / 1.8.8
etag: "7cc21289806d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 24259

GET
H2 200 1035316208.jpg
www.szmys.com/upload/20170727/ 14 KB
14 KB 1527ms
1525ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1035316208.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: d75fe97d9ac97329e36abe76e3979893d3772ecfd203a9b8ff83f86154f4f561

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 27 Jul 2017 02:35:31 GMT
server: Nginx / 1.8.8
etag: "5ccd474816d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 13943

GET
H2 200 1039005498.jpg
www.szmys.com/upload/20170727/ 18 KB
18 KB 1528ms
1526ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1039005498.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 7af3f601671174c94b58fbdfe7aa5c66fd9824da85e87cbba9b372a7ccf29945

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 27 Jul 2017 02:39:00 GMT
server: Nginx / 1.8.8
etag: "6c62cf80816d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 18572

GET
H2 200 1051288370.jpg
www.szmys.com/upload/20170727/ 35 KB
36 KB 1530ms
1528ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1051288370.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: a36079e5d5309aa8c229f582a2da11e4ba4105e507dcaa4dfe0542ed48be0d84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 27 Jul 2017 02:51:28 GMT
server: Nginx / 1.8.8
etag: "d616d33e836d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 36266

GET
H2 200 1055418777.jpg
www.szmys.com/upload/20170727/ 14 KB
14 KB 1533ms
1531ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1055418777.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: a53c71a6f77cad5eb8606c7e086551808ae4a590cedc1a869211ba16c5213ea3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 27 Jul 2017 02:55:41 GMT
server: Nginx / 1.8.8
etag: "6e5a5d5836d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 14194

GET
H2 200 1111030505.jpg
www.szmys.com/upload/20170727/ 16 KB
16 KB 1534ms
1532ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1111030505.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: dd5528ee4e69b99af96c18f5041f04f1d008050971a574284788eecd3a21fc7c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 27 Jul 2017 03:11:03 GMT
server: Nginx / 1.8.8
etag: "a8b2b5fa856d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 16160

GET
H2 200 1113302492.jpg
www.szmys.com/upload/20170727/ 26 KB
26 KB 1535ms
1534ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1113302492.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 996a10a6942561c31271619fd667320bb2f5a4654e4e13cd3bfd57e59cd9cec3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 27 Jul 2017 03:13:30 GMT
server: Nginx / 1.8.8
etag: "33987252866d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 26209

GET
H2 200 1119062662.jpg
www.szmys.com/upload/20170727/ 19 KB
19 KB 1538ms
1536ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1119062662.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 69656f544d710f6f1cd28b4b2f36ec11d2b8d14319db5b48a84f1a5792e47d12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 27 Jul 2017 03:19:06 GMT
server: Nginx / 1.8.8
etag: "17b8ba1a876d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 19503

GET
H2 200 1027165693.jpg
www.szmys.com/upload/20170727/ 15 KB
15 KB 1539ms
1538ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1027165693.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: ba7dedb3f556f4336b15b3d7dbbc7d6358f02947d606241c7e957b429ecc4a66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Thu, 27 Jul 2017 02:27:16 GMT
server: Nginx / 1.8.8
etag: "63c834dd7f6d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 15357

GET
H2 200 jzcqrcode.png
www.szmys.com/ 15 KB
15 KB 1541ms
1539ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/jzcqrcode.png
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: db20ac463c8e34514c134b78729a9eda875817a736ff9d8a800484e0809ca67c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Tue, 07 Mar 2017 09:14:10 GMT
server: Nginx / 1.8.8
etag: "7ffd462e2397d21:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 15699

GET
H2 200 govIcon.jpg
www.szmys.com/ 2 KB
2 KB 1541ms
1540ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/govIcon.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 0bb221bd5e47c0610d56a03f1d580f9ee857777c8875adc633a8122be8b79dcd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
last-modified: Tue, 09 Jan 2018 08:37:52 GMT
server: Nginx / 1.8.8
etag: "633d7b232589d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 2318

GET stats
tajs.qq.com/ 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1144ms
336ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?3133194f251bbc230fc36b806b812f58

Requested by

Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

8a0cc1e4fe32aeed10d1c9923b53a73956e8eedf09b16f947b0417215923b3b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: ff96172854b0213882546660d636f77b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11257

GET
H2 200 respond.js Show response
www.szmys.com/ 10 KB
5 KB 1276ms
1273ms Script
application/javascript 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.szmys.com/respond.js
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 937652bde6c565d551385784641f9b4eaadbfe627651534e1f62828426ba0350

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Wed, 17 May 2017 03:10:07 GMT
server: Nginx / 1.8.8
etag: "6aad5b16bbced21:0"
x-powered-by: 85686916
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 4631

GET
H2 200 foot.js Show response
www.szmys.com/js/ 4 KB
2 KB 1277ms
1274ms Script
application/javascript 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.szmys.com/js/foot.js
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 64f878aadc9c96742983e36e684fbe7b70c90d79ab907b0e998362e841e79bbf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
content-encoding: gzip
last-modified: Tue, 03 Mar 2020 01:52:54 GMT
server: Nginx / 1.8.8
etag: "38877674fef0d51:0"
x-powered-by: 85686916
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1606

GET
H2 200 q=sz002303 Show response
qt.gtimg.cn/ 475 B
466 B 1372ms
272ms Script
text/html 203.205.235.28
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://qt.gtimg.cn/q=sz002303
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.205.235.28 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: openresty/1.11.2.1 /
Resource Hash: bcd156856662c359446ce5d18f694bf7f3607625149b8bea9b434ad8c4923041

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 03 Jan 2024 18:01:23 GMT
cache-control: max-age=0
content-encoding: gzip
expires: Wed, 03 Jan 2024 18:01:23 GMT
server: openresty/1.11.2.1
content-type: text/html; charset=GBK

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 943ms
334ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?29b1db81c93c28a26e06c8b1d898ba60

Requested by

Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/js/js.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

7679c7f023311f2d7093c4ab01d25a121ade00088cbaa36e055f15762f6e6f51

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 3729d034466bdfcd92f975ac8cc15cb8
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11260

GET
H2 200 index.html Show response
683jb.xyz/ Frame 98A8 52 KB
6 KB 350ms
75ms Document
text/html 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/index.html

Requested by

Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

2821073c78d6ce4a8376006cd2248354eea3b56060fc7c4b79b33b05c033bf56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://shaoguan.theperfectgathering.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 03 Jan 2024 18:01:22 GMT
etag: W/"65958935-d19f"
last-modified: Wed, 03 Jan 2024 16:20:05 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubdomains;
vary: Accept-Encoding

GET
H2 200 huanyuan.js Show response
683jb.xyz/js/ Frame 98A8 6 KB
2 KB 160ms
155ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/huanyuan.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

18b0ce86190047070a14bfc871001d8b54c7923bd32be46d078187ada3fa372a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: W/"658be42d-17d3"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 get_ym.js Show response
683jb.xyz/js/ Frame 98A8 2 KB
2 KB 165ms
160ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/get_ym.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

30f1b44517adbb594b56f713e1f0234ad58fee51bb2d785b911157ff73a9a7f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Thu, 28 Dec 2023 01:55:05 GMT
server: nginx
etag: "658cd579-79f"
content-type: application/javascript
accept-ranges: bytes
content-length: 1951

GET
H2 200 cfg.js Show response
683jb.xyz/js/ Frame 98A8 3 KB
3 KB 170ms
165ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/cfg.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ec645e33634c4a7577f2520eeb0338db278b165d8ba79bf30ddb8261fd381424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: "658be42d-a4e"
content-type: application/javascript
accept-ranges: bytes
content-length: 2638

GET
H2 200 1e3.css
683jb.xyz/Tpl/x1/ Frame 98A8 109 KB
29 KB 110ms
106ms Stylesheet
text/css 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/Tpl/x1/1e3.css?v=9

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

e950953a25e4236f77e1c71a5609a9570ad543e148fd2c9d646e665fe04191f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
last-modified: Wed, 27 Dec 2023 08:44:44 GMT
server: nginx
etag: W/"658be3fc-1b5c5"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.js Show response
683jb.xyz/js/ Frame 98A8 5 KB
3 KB 174ms
170ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/jquery.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

bebc9b64d531b6d8b669ff59d07338641cb5cd6f3fb66feffc31012dcfb6faa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: W/"658be42d-1560"
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK jquery.js Show response
cdn.staticfile.org/jquery/2.1.0/ Frame 98A8 239 KB
83 KB 745ms
609ms Script
text/javascript 4.34.42.108
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery/2.1.0/jquery.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.34.42.108 Plant City, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fa7752926a95e3ab6b5f67a21ef40628ce4447c81ddf4f6cacf663b6fb85af7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:23 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"3bce3-D+PlZ+B3YibumDJrqMrnaAaDwRI"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Max-Age: 31104000
Access-Control-Allow-Origin: *
Cache-Control: max-age=2
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
Access-Control-Allow-Methods: GET, POST
X-Ser: BC74_dx-lt-yd-hubei-xiangyang-14-cache-4, BC72_dx-lt-yd-hubei-xiangyang-14-cache-4, BC162_lt-obgp-fujian-xiamen-33-cache-1, BC8_US-Georgia-atlanta-1-cache-2, BC109_US-Colorado-Denver-1-cache-2

GET
H2 200 index.js Show response
683jb.xyz/js/ Frame 98A8 431 B
607 B 175ms
171ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/index.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ef8d7e21aca81b46f571f1ab2e35adde599cff0a41980caa188806bcc2ee6d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: "658be42d-1af"
content-type: application/javascript
accept-ranges: bytes
content-length: 431

GET
H2 200 logo-s.png
683jb.xyz/Tpl/x1/ Frame 98A8 5 KB
5 KB 244ms
243ms Image
image/png 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://683jb.xyz/Tpl/x1/logo-s.png

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

13cd6986ae45bfba8251f6399310f8c4f94c5264a29321f4270b9c3f48c791db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:44:44 GMT
server: nginx
etag: "658be3fc-130e"
content-type: image/png
accept-ranges: bytes
content-length: 4878

GET
H2 200 menu.js Show response
683jb.xyz/js/ Frame 98A8 9 KB
2 KB 179ms
176ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/menu.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

b64bd3c776fc3778585810b72e613491302b4f82d1a790380ec9e2e5e8f538f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
last-modified: Tue, 02 Jan 2024 15:20:05 GMT
server: nginx
etag: W/"659429a5-22dd"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 shangshan_dasiqq315.js Show response
683jb.xyz/js/ Frame 98A8 4 KB
4 KB 184ms
181ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/shangshan_dasiqq315.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ef2da83e97ab92437eade35ec9a78cac9cf0fc905c9b375b4fa765a4516bd6c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Tue, 02 Jan 2024 15:20:05 GMT
server: nginx
etag: "659429a5-f9b"
content-type: application/javascript
accept-ranges: bytes
content-length: 3995

GET
H2 200 cat.png
683jb.xyz/Tpl/x1/ Frame 98A8 15 KB
15 KB 213ms
210ms Image
image/png 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://683jb.xyz/Tpl/x1/cat.png

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

ebe324c2c41a3d8d25b9a97a34fd22778ce993ef8fa50cd587f37b701da8c264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:44:44 GMT
server: nginx
etag: "658be3fc-3a90"
content-type: image/png
accept-ranges: bytes
content-length: 14992

GET
H2 200 xiashan_dasiqq315.js Show response
683jb.xyz/js/ Frame 98A8 7 KB
1 KB 216ms
214ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/xiashan_dasiqq315.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

609c771efb25dd6e3c0b08e001bee20e08a2198c66245677f87f8bbb90c37c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
last-modified: Tue, 02 Jan 2024 15:20:05 GMT
server: nginx
etag: W/"659429a5-1b9d"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 analysis.min.js Show response
683jb.xyz/js/ Frame 98A8 5 KB
2 KB 217ms
214ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/analysis.min.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

6107efd2c283c35f3dbcc7298163583a69c62ac066a5a235aa9768f1d2bd5a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: W/"658be42d-1259"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 cookie.js Show response
683jb.xyz/js/ Frame 98A8 2 KB
3 KB 220ms
217ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/cookie.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

24c7009e8cbd0e9ee4c82320cdfe3de0c42373ee9d603a9c242afb3e3f6692cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: "658be42d-97b"
content-type: application/javascript
accept-ranges: bytes
content-length: 2427

GET
H/1.1 200
OK jquery.lazyload.js Show response
cdn.staticfile.org/jquery_lazyload/1.9.3/ Frame 98A8 11 KB
4 KB 520ms
368ms Script
text/javascript 4.34.42.108
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/jquery_lazyload/1.9.3/jquery.lazyload.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 4.34.42.108 Plant City, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx /
Resource Hash: 50e1e0336e482c00a570bb2e9189b6fb88a96b6463ad377aaa0d81f9c705d80e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:23 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"2c18-LTieWsfvNrTdVxmJKDl17N/sWZU"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Max-Age: 31104000
Access-Control-Allow-Origin: *
Cache-Control: max-age=2
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
Access-Control-Allow-Methods: GET, POST
X-Ser: BC145_dx-lt-yd-hunan-loudi-17-cache-9, BC197_lt-obgp-fujian-xiamen-33-cache-1, BC34_US-Georgia-atlanta-1-cache-4, BC107_US-Colorado-Denver-1-cache-2

GET
H2 200 tj.js Show response
683jb.xyz/js/ Frame 98A8 1 KB
1 KB 224ms
222ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/tj.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

f3af26491e1b190106361db6d59a8d8f538071c3daa5b979c61dfa6ee6b3aded

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: "658be42d-49d"
content-type: application/javascript
accept-ranges: bytes
content-length: 1181

GET
H2 200 mobile.js Show response
683jb.xyz/js/ Frame 98A8 4 KB
4 KB 227ms
226ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/mobile.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

5b7de9a13c6c91059394808a063bd6aef0f71f939378e89ce83ccfbe71e1f1c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

Referer: https://683jb.xyz/index.html
Origin: https://683jb.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: "658be42d-ea6"
content-type: application/javascript
accept-ranges: bytes
content-length: 3750

GET
H2 200 pop_layer.js Show response
683jb.xyz/js/ Frame 98A8 12 KB
4 KB 235ms
233ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/pop_layer.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

0702c9bf07ee76f8a2ac6dfdf2dd26f289fd48b58013e86936a7bd14b4e81577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
last-modified: Mon, 01 Jan 2024 09:55:05 GMT
server: nginx
etag: W/"65928bf9-2e20"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 getIp2.php Show response
683jb.xyz/ Frame 98A8 72 B
258 B 82ms
82ms XHR
text/html 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/getIp2.php

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/js/huanyuan.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx / PHP/7.0.33

Resource Hash

e951ffa592d9e07bf5c59ea4029a598af426c3c7d381ad488778a54155cb9375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
content-encoding: gzip
server: nginx
x-powered-by: PHP/7.0.33
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 1rghg34sdl1dl8tq88sf66spc.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 107 KB
108 KB 1746ms
594ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/1rghg34sdl1dl8tq88sf66spc.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 51e8d061758d803eec026f03c92065dd0d5bdfa3dc1b7f1bdc7ca17c362b6e79

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[3],CHN-JXnanchang-AREACUCC1-CACHE6[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE63[1475],CHN-SH-GLOBAL1-CACHE146[1467,TCP_MISS,1474]
x-ccdn-cachettl: 259200
age: 96427
alt-svc: h3=":443"; ma=2592000
content-length: 109756
last-modified: Tue, 02 Jan 2024 15:13:54 GMT
server: openresty
etag: W/"65942832-1adcb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 463b5786504d810d9796eb519f957898
x-ccdn-expires: 162847
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 02_1973_960210_liv.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 83 KB
82 KB 2494ms
1344ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/02_1973_960210_liv.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 89787961896e4a79738a5edc58840c2572e0f5223751ccb81e7dabe68505e5ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[5],CHN-JXnanchang-AREACUCC1-CACHE34[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE67[3],CHN-SH-GLOBAL1-CACHE64[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 622562
alt-svc: h3=":443"; ma=2592000
content-length: 83819
last-modified: Wed, 27 Dec 2023 12:40:22 GMT
server: openresty
etag: W/"658c1b36-14dea"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: a06ebaa20741b757dbd15ac72d160b21
x-ccdn-expires: 177786
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 bdfkjrthiuydtjmkjgfdjk132456795752.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 83 KB
83 KB 2155ms
1004ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/bdfkjrthiuydtjmkjgfdjk132456795752.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 28f8659a8bcde8b7b4a886e15490150f01d0a0312c2dbd122de7e2b848214336

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[3],CHN-JXnanchang-AREACUCC1-CACHE7[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE163[4],CHN-SH-GLOBAL1-CACHE6[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 2346338
alt-svc: h3=":443"; ma=2592000
content-length: 84189
last-modified: Thu, 07 Dec 2023 13:40:28 GMT
server: openresty
etag: W/"6571cb4c-14d5b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 3331bd25c529a5ba492187b5bea71c0c
x-ccdn-expires: 259200
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 03_1973_960210_liv.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 127 KB
124 KB 1745ms
594ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/03_1973_960210_liv.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: a908e41c730617215405605071be546fc7f0e7ae384e55dd4acfe2adf9431752

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[4],CHN-JXnanchang-AREACUCC1-CACHE3[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE80[2],CHN-SH-GLOBAL1-CACHE121[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 622562
alt-svc: h3=":443"; ma=2592000
content-length: 126774
last-modified: Wed, 27 Dec 2023 12:40:34 GMT
server: openresty
etag: W/"658c1b42-1fd1a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 4471a4477265ff443e394e57296b9b51
x-ccdn-expires: 177786
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 fdfgryjnfkretkjfoirtkltjiuy2148254665.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 108 KB
107 KB 1398ms
247ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/fdfgryjnfkretkjfoirtkltjiuy2148254665.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 6469598e03c314a0191835fd4419f5cfa73ee39f246e999a1ddb75276a76a16d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[3],CHN-JXnanchang-AREACUCC1-CACHE8[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE55[6],CHN-SH-GLOBAL1-CACHE7[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 2346338
alt-svc: h3=":443"; ma=2592000
content-length: 108941
last-modified: Thu, 07 Dec 2023 13:38:17 GMT
server: openresty
etag: W/"6571cac9-1af08"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 2e0d9bcbf5dad6d198d16cd115197f1e
x-ccdn-expires: 259200
accept-ranges: bytes
x-hcs-proxy-type: 1

GET 27a9fc7d5dda787a3bbac00e47b75b6d_w720_h450_s74.jpg
pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/ Frame 98A8 0
0

GET
H2 200 xmrgyst8.jpeg.js
ubb.bbb.byjykj.xyz/ Frame 98A8 28 KB
28 KB 2496ms
1346ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/xmrgyst8.jpeg.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: da53226224e1d4be790551eaf4f5493168307ea552d389e33862e8b10d164ed6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[9],CHN-JXnanchang-AREACUCC1-CACHE33[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE64[6],CHN-SH-GLOBAL1-CACHE94[0,TCP_HIT,1]
x-ccdn-cachettl: 259200
age: 2537322
alt-svc: h3=":443"; ma=2592000
content-length: 28410
last-modified: Sat, 18 Nov 2023 07:48:17 GMT
server: openresty
etag: W/"65586c41-6f3d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 37cad6347ad7ba857b0b26c5fdc39fe9
x-ccdn-expires: 55011
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 404 818c1b8061ae219374da07bff6b8003376117.jpg
p0.meituan.net/csc/ Frame 98A8 0
141 B 724ms
301ms Image
text/plain 43.152.182.26
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p0.meituan.net/csc/818c1b8061ae219374da07bff6b8003376117.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.182.26 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:16 GMT
m-traceid: d8fjn84mawglcqqp9hzj
x-cache-lookup: Cache Hit, Hit From Inner Cluster, Cache Miss, Cache Miss
server: openresty
access-control-allow-private-network: true
age: 0
access-control-allow-methods: GET,POST
access-control-allow-origin: *
x-nws-log-uuid: 4902626684510953710
x-error-code: 30404
content-length: 0

GET 06d7d2f71b1c365e25e120c9bccf7580_w720_h450_s50.jpg
pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/ Frame 98A8 0
0

GET
H2 404 37e16cff8291d86688685ede653a4f1051736.jpg
p0.meituan.net/csc/ Frame 98A8 0
250 B 704ms
282ms Image
text/plain 43.152.182.26
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p0.meituan.net/csc/37e16cff8291d86688685ede653a4f1051736.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.182.26 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:18 GMT
m-traceid: kns96urvwntw1ps9290h
x-cache-lookup: Cache Hit, Cache Miss, Cache Miss
server: openresty
access-control-allow-private-network: true
age: 0
access-control-allow-methods: GET,POST
access-control-allow-origin: *
x-nws-log-uuid: 403592718490049351
x-error-code: 30404
content-length: 0

GET c56c46e0cb3f7d57da817eb1eff613a2_w720_h450_s67.jpg
pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/ Frame 98A8 0
0

GET
H2 200 xmrgyst5.jpeg.js
ubb.bbb.byjykj.xyz/ Frame 98A8 28 KB
28 KB 2449ms
1344ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/xmrgyst5.jpeg.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: a1d83c8b68fb1b7edbbc3300d0270e2eeaf4c1fb6645a3bcd6119b8bf3c78c03

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[5],CHN-JXnanchang-AREACUCC1-CACHE19[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE126[3],CHN-SH-GLOBAL1-CACHE163[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 2537322
alt-svc: h3=":443"; ma=2592000
content-length: 28456
last-modified: Sat, 18 Nov 2023 07:48:16 GMT
server: openresty
etag: W/"65586c40-6f6e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 69bf2d2fc78d58167203aca28582b99c
x-ccdn-expires: 80577
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 xmrgyst10.jpeg.js
ubb.bbb.byjykj.xyz/ Frame 98A8 21 KB
22 KB 1327ms
1326ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/xmrgyst10.jpeg.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 95fddd42898245b52ac0b45a8650fd195022e9bce753d1b09f0da35aabd9026f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[6],CHN-JXnanchang-AREACUCC1-CACHE22[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE132[20],CHN-SH-GLOBAL1-CACHE123[0,TCP_HIT,17]
x-ccdn-cachettl: 259200
age: 2537232
alt-svc: h3=":443"; ma=2592000
content-length: 21650
last-modified: Sat, 18 Nov 2023 07:48:17 GMT
server: openresty
etag: W/"65586c41-5508"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 189c1442a9a2776e2e1e9429ad462566
x-ccdn-expires: 55154
accept-ranges: bytes
x-hcs-proxy-type: 1

GET ee61c22b83198a257fe8fa1c51e4433d69054.jpg
p1.meituan.net/csc/ Frame 98A8 0
0

GET
H2 200 dfrtretmhriuewthkuye4jhniuy215757269882.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 139 KB
138 KB 1327ms
1325ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/dfrtretmhriuewthkuye4jhniuy215757269882.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: cbc4cd1a822546e46448b4dbe7258dadb014ec5dc31b5791ecedb2e577b82d31

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[5],CHN-JXnanchang-AREACUCC1-CACHE1[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE138[2],CHN-SH-GLOBAL1-CACHE40[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 576216
alt-svc: h3=":443"; ma=2592000
content-length: 140304
last-modified: Thu, 28 Dec 2023 01:17:49 GMT
server: openresty
etag: W/"658cccbd-22d59"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 80462a33ae943b5459ecbbc074024e62
x-ccdn-expires: 224133
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 01_1973_960210_li.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 119 KB
108 KB 1329ms
1327ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/01_1973_960210_li.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: dde084677ab4764751181e556d225fdf7c66a7e7d5d41543c47d9c69cf6d126e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[8],CHN-JXnanchang-AREACUCC1-CACHE19[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE28[3],CHN-SH-GLOBAL1-CACHE135[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 622473
alt-svc: h3=":443"; ma=2592000
content-length: 110185
last-modified: Wed, 27 Dec 2023 12:38:42 GMT
server: openresty
etag: W/"658c1ad2-1dca7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: a78179c3da03bea4a1a40592451fd1ed
x-ccdn-expires: 177878
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 sgghjkhyretnhkyidftknuiotk21456767.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 143 KB
137 KB 1327ms
1326ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/sgghjkhyretnhkyidftknuiotk21456767.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 578e2ba0f1ebfb0df78dee76499c2720bbc7a873ac676d99048d7c6fddf4ab0b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[6],CHN-JXnanchang-AREACUCC1-CACHE16[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE102[4],CHN-SH-GLOBAL1-CACHE15[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 2346336
alt-svc: h3=":443"; ma=2592000
content-length: 139183
last-modified: Thu, 07 Dec 2023 13:39:32 GMT
server: openresty
etag: W/"6571cb14-23af5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: e4bb035e9a870b8994a17e95b049afaa
x-ccdn-expires: 259200
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 04_1973_150350_liv.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 53 KB
52 KB 2448ms
1344ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/04_1973_150350_liv.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 281d50911257108dcc478c88312b2d973e366bce8da824c429d0be568a8afa70

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[5],CHN-JXnanchang-AREACUCC1-CACHE42[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE82[5],CHN-SH-GLOBAL1-CACHE105[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 622229
alt-svc: h3=":443"; ma=2592000
content-length: 53085
last-modified: Wed, 27 Dec 2023 12:40:43 GMT
server: openresty
etag: W/"658c1b4b-d3d3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: deb5254044d55c1837ef40c4acb578ed
x-ccdn-expires: 155503
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 1rghg3sdl1dl8tq88sf66spc.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 343 KB
342 KB 1697ms
593ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/1rghg3sdl1dl8tq88sf66spc.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 998dcb369b33501feea6ebd607536b92785df1d242f5aa015f723aece804cd2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[4],CHN-JXnanchang-AREACUCC1-CACHE17[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE114[5],CHN-SH-GLOBAL1-CACHE16[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 1867272
alt-svc: h3=":443"; ma=2592000
content-length: 349451
last-modified: Wed, 13 Dec 2023 02:57:02 GMT
server: openresty
etag: W/"65791d7e-55a15"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 6e9150ce8cf77eef1fca9e88b5258c81
x-ccdn-expires: 229090
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 05_1973_150165_liv.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 20 KB
19 KB 1697ms
593ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/05_1973_150165_liv.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 0ca0556eeccf58ecf7041cb39f839af06405f4caaf660c5c963530e93c96fb57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[3],CHN-JXnanchang-AREACUCC1-CACHE28[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE78[3],CHN-SH-GLOBAL1-CACHE152[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 622473
alt-svc: h3=":443"; ma=2592000
content-length: 18804
last-modified: Wed, 27 Dec 2023 12:40:52 GMT
server: openresty
etag: W/"658c1b54-4f27"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: c309db5c4101a3c725d977c5a619213c
x-ccdn-expires: 177877
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 1rgjk3xdl2d6tkq78s66xpc22.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 59 KB
59 KB 2448ms
1344ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/1rgjk3xdl2d6tkq78s66xpc22.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 28f40a8c0cc4c778fb327ebda07be620b8e586baf15942312494b767270c8d60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[5],CHN-JXnanchang-AREACUCC1-CACHE16[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE12[8],CHN-SH-GLOBAL1-CACHE15[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 2537381
alt-svc: h3=":443"; ma=2592000
content-length: 59717
last-modified: Sun, 12 Nov 2023 12:52:09 GMT
server: openresty
etag: W/"6550ca79-eb97"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: db0c7f1c1c04ed5f2f4a6e42278f0a8f
x-ccdn-expires: 77376
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 logo-l.png
683jb.xyz/Tpl/x1/ Frame 98A8 4 KB
4 KB 76ms
76ms Image
image/png 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://683jb.xyz/Tpl/x1/logo-l.png

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/Tpl/x1/1e3.css?v=9

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

3ec583dd9e16bf9fcc009b2022b2f3e9893b66a61298c2ec20dd29842fdc6cf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/Tpl/x1/1e3.css?v=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:44:44 GMT
server: nginx
etag: "658be3fc-10c9"
content-type: image/png
accept-ranges: bytes
content-length: 4297

GET
H2 200 js15_as.js Show response
s10.histats.com/ Frame 98A8 11 KB
5 KB 148ms
36ms Script
text/javascript 2606:4700:10::6814:5063
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/js/tj.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:5063 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
server: cloudflare
age: 34139
etag: "-375139978"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=28800
accept-ranges: bytes
cf-ray: 83fd25949fc34bcf-BUF
content-length: 4547

GET
H2 200 notice.js Show response
683jb.xyz/js/ Frame 98A8 3 KB
3 KB 76ms
75ms Script
application/javascript 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://683jb.xyz/js/notice.js

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/js/tj.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

c03deced144f07e7a68ec2c67e3f5d6f0b709f6bad9d25ea01f706e55fe13ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: "658be42d-d45"
content-type: application/javascript
accept-ranges: bytes
content-length: 3397

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 325ms
324ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=889630068&si=29b1db81c93c28a26e06c8b1d898ba60&v=1.3.0&lv=1&sn=1674&r=0&ww=1600&u=https%3A%2F%2Fshaoguan.theperfectgathering.com%2F&tt=%E4%B9%9D%E4%B8%80%E9%BA%BB%E8%B1%86%E5%88%B6%E7%89%87%E5%8E%82%E5%9B%BD%E4%BA%A7%E5%89%A7%E6%83%85~%E7%99%BE%E5%BA%A6%E7%99%BE%E7%A7%91

Requested by

Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 18:01:24 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 live_weixin.png
683jb.xyz/images/ Frame 98A8 33 KB
33 KB 85ms
83ms Image
image/png 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://683jb.xyz/images/live_weixin.png

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

bffda8469c8c15ff94adcdcd32b5dc518441f9614c21dadff82ce29b63d744aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: "658be42d-8203"
content-type: image/png
accept-ranges: bytes
content-length: 33283

GET
H2 200 android.png
683jb.xyz/images/ Frame 98A8 38 KB
38 KB 116ms
115ms Image
image/png 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://683jb.xyz/images/android.png

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

3294e8ef217bfcb67ae649213c5db073c78f5048fc141f9fa10ecb3d7cd58db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: "658be42d-96c8"
content-type: image/png
accept-ranges: bytes
content-length: 38600

GET
H2 200 iphone.png
683jb.xyz/images/ Frame 98A8 32 KB
32 KB 128ms
128ms Image
image/png 23.224.130.221
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://683jb.xyz/images/iphone.png

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.224.130.221 , United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

cb0b2a98a02f4005c41361f4cc0a852f67efbfbe2d201ceb2a1357b3dd95e364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:23 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
last-modified: Wed, 27 Dec 2023 08:45:33 GMT
server: nginx
etag: "658be42d-7e4d"
content-type: image/png
accept-ranges: bytes
content-length: 32333

GET
H2 200 ddz5669gre56grr9yre5h48g.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 27 KB
20 KB 1327ms
1326ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/ddz5669gre56grr9yre5h48g.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 8ec78055e5c72524cf064557b6859fd6cae1a33d5cd3ca315528021fd4483a9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[5],CHN-JXnanchang-AREACUCC1-CACHE6[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE116[4],CHN-SH-GLOBAL1-CACHE128[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 2533239
alt-svc: h3=":443"; ma=2592000
content-length: 19710
last-modified: Mon, 20 Mar 2023 07:58:25 GMT
server: openresty
etag: W/"64181221-6c4b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 7ee41b80c2fc7d3dde6390dfa3729cd5
x-ccdn-expires: 60385
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 jc-02-h5-1.png
992i2333.com/game/ Frame 98A8 16 KB
17 KB 483ms
275ms Image
image/png 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/game/jc-02-h5-1.png?2
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 7e59e2f10f07e91a3c36556df6c75fdd555ddec2d5a41261888bdbed0040cd8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Mon, 29 Jun 2020 15:27:06 GMT
server: nginx
etag: "5efa084a-417e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 16766

GET
H2 200 dhfi4g5dfs6h2harh548darh.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 26 KB
19 KB 1328ms
1326ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/dhfi4g5dfs6h2harh548darh.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: 7aaad7c3082639a602cf05a65586238f22955559c97478bc09b113ec482112b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[6],CHN-JXnanchang-AREACUCC1-CACHE21[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE36[15],CHN-SH-GLOBAL1-CACHE20[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 2533238
alt-svc: h3=":443"; ma=2592000
content-length: 19367
last-modified: Mon, 20 Mar 2023 07:56:17 GMT
server: openresty
etag: W/"641811a1-67b3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 55cac386917ec12694afb412bbc0f7f8
x-ccdn-expires: 60385
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 jc_01-h5-12.png
992i2333.com/game/ Frame 98A8 42 KB
42 KB 355ms
148ms Image
image/png 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/game/jc_01-h5-12.png?2
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: ce3ec9e64e223762dacfdfb4e7b2028b4b52c719dc7e0af31017e8e89272f744

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Mon, 29 Jun 2020 15:27:21 GMT
server: nginx
etag: "5efa0859-a791"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 42897

GET
H2 200 nafewhfowhlfw784f54we2.png.js
ubb.bbb.byjykj.xyz/ Frame 98A8 44 KB
44 KB 1328ms
1327ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/nafewhfowhlfw784f54we2.png.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: b77b1629e669fed5ce998c25dfd15f3f2d9eb32bf5c461bf41ade609f88cbd62

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[6],CHN-JXnanchang-AREACUCC1-CACHE38[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE33[3],CHN-SH-GLOBAL1-CACHE84[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 2533239
alt-svc: h3=":443"; ma=2592000
content-length: 44637
last-modified: Sat, 20 May 2023 03:03:01 GMT
server: openresty
etag: W/"64683865-ae3c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 839b163f748b0f2dca069f23a3059729
x-ccdn-expires: 60017
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 jc_01-h5-10.png
992i2333.com/game/ Frame 98A8 36 KB
36 KB 438ms
231ms Image
image/png 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/game/jc_01-h5-10.png?2
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: d0f7ef85d1adb6dcb1c46851f694b9560bb5a359e7315449787f1a656efc75da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Mon, 29 Jun 2020 15:27:13 GMT
server: nginx
etag: "5efa0851-8e63"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 36451

GET
H2 200 gdfjhk68ard56gtrw546.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 26 KB
25 KB 1328ms
1327ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/gdfjhk68ard56gtrw546.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: da6d147f5f1080e8dca55e73059b113cf233f3223eba21f005c14767a059a27f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[6],CHN-JXnanchang-AREACUCC1-CACHE45[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE49[3],CHN-SH-GLOBAL1-CACHE44[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 2533239
alt-svc: h3=":443"; ma=2592000
content-length: 24993
last-modified: Mon, 20 Mar 2023 07:57:56 GMT
server: openresty
etag: W/"64181204-6767"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: 70971f53fe45321e375789842b12e6cf
x-ccdn-expires: 60385
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 sc288gdsagjhgserjoiesjgi.gif.js
ubb.bbb.byjykj.xyz/ Frame 98A8 23 KB
15 KB 1327ms
1326ms Image
application/javascript 116.153.39.134
CHINA169-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ubb.bbb.byjykj.xyz/sc288gdsagjhgserjoiesjgi.gif.js
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.153.39.134 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
Software: openresty /
Resource Hash: fd315b81e9d997f2818ab854839c29205fcdebac0f7d89972e67610c1fd7453b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

nginx-hit: 1
date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: gzip
via: CHN-JXnanchang-AREACUCC1-CACHE37[5],CHN-JXnanchang-AREACUCC1-CACHE35[0,TCP_HIT,0],CHN-SH-GLOBAL1-CACHE82[7],CHN-SH-GLOBAL1-CACHE113[0,TCP_HIT,0]
x-ccdn-cachettl: 259200
age: 2533239
alt-svc: h3=":443"; ma=2592000
content-length: 15094
last-modified: Mon, 20 Mar 2023 07:59:03 GMT
server: openresty
etag: W/"64181247-5b3a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ccdn-req-id-46b1: bd18cd86cf179a55d59392afe23c2002
x-ccdn-expires: 60385
accept-ranges: bytes
x-hcs-proxy-type: 1

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-20/ Frame 98A8 32 KB
33 KB 459ms
275ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-20/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f39162b33ae24108c369f9dfa9c29af7d8a1a8cc6d25d528f47f0dfe1461454

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Tue, 01 Aug 2023 16:05:49 GMT
server: nginx
etag: "64c92d5d-817d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 33149

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-17/ Frame 98A8 24 KB
24 KB 458ms
275ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-17/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 39feb7eccf1b9fd45b9b7754ab7ac9ed44475bf745dd86b12c98fd359ae10f40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Tue, 01 Aug 2023 16:05:28 GMT
server: nginx
etag: "64c92d48-5e47"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 24135

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-14/ Frame 98A8 33 KB
34 KB 458ms
275ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-14/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: eb0dff1466cbbfccd8ce7ff5cf776f5036a533d6a6865556dbcaa1f3be5be25c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sun, 30 Jul 2023 07:30:31 GMT
server: nginx
etag: "64c61197-850b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 34059

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-11/ Frame 98A8 38 KB
38 KB 158ms
154ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-11/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fbbb778c234d248b938c13358da8b2af62710154b8418e47bddb82a5b057c96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sun, 30 Jul 2023 07:30:20 GMT
server: nginx
etag: "64c6118c-96c9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 38601

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-08/ Frame 98A8 32 KB
32 KB 177ms
174ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-08/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 82f0e99f6c12b46f4731ab7952fcf1225145e74a5005c7e7eb921772bcdb074e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sun, 30 Jul 2023 07:30:09 GMT
server: nginx
etag: "64c61181-7f7f"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 32639

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-05/ Frame 98A8 33 KB
33 KB 192ms
189ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-05/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aaa4b0508f65eb9b2a90c0c74bcedf4b2cd0a18916c78a35c917905bfbe7a44

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sun, 30 Jul 2023 07:29:59 GMT
server: nginx
etag: "64c61177-827d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 33405

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-02/ Frame 98A8 47 KB
47 KB 203ms
200ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-02/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 94540a0995db7211e66280cbc010d24915cb391ea7ed3ecee822258396d19092

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sun, 30 Jul 2023 07:29:49 GMT
server: nginx
etag: "64c6116d-ba17"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 47639

GET
H2 200 912.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 19 KB
19 KB 219ms
216ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/912.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 00f05a602cdaa780164e7bd8ec3ac3a82fca42fce73ddfd99602ac19ef9ff42f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:40 GMT
server: nginx
etag: "65163964-4a5d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 19037

GET
H2 200 911.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 15 KB
16 KB 224ms
221ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/911.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: d752806b32ef559afc2976d573b8d7202be9331dd46d0bc8892cff7ca22a4839

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:40 GMT
server: nginx
etag: "65163964-3d0e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 15630

GET
H2 200 901.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 20 KB
20 KB 228ms
226ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/901.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e5ec65136463a0873ff6e1fb739b4959da464143c8b1b3e130e5cea14038d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:40 GMT
server: nginx
etag: "65163964-4e1d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 19997

GET
H2 200 893.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 22 KB
22 KB 232ms
230ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/893.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b3c9d85b4fb9f612e671b1424fe9f1010edefdda5de95018e693ffd746251a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:40 GMT
server: nginx
etag: "65163964-584a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 22602

GET
H2 200 892.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 13 KB
13 KB 232ms
230ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/892.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d559a20fde994f702a120a15ac4aa7f336b1d183845e8c00f7ddcea1569ffdb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:40 GMT
server: nginx
etag: "65163964-348f"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 13455

GET
H2 200 891.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 17 KB
17 KB 232ms
230ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/891.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: bf7fd633e2c4d390977e72ad3c666908a6c7aedfd6ac5a089a81913d95b4f6de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:36 GMT
server: nginx
etag: "65163960-4296"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 17046

GET
H2 200 912.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-03/ Frame 98A8 15 KB
15 KB 233ms
230ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-03/912.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 015fd126f875a35f4356ef72764043b5db4543d218fa8a3a1f35e88029c7b111

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:34 GMT
server: nginx
etag: "6516395e-3cba"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 15546

GET
H2 200 1131.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 15 KB
15 KB 233ms
230ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/1131.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 98e79d33cd19ab9fdf5d88857027ecd3288712e7824b52860bf3b6466315aa32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:36 GMT
server: nginx
etag: "65163960-3c86"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 15494

GET
H2 200 1121.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 17 KB
18 KB 233ms
231ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/1121.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e2fdb533dfd96b59cc18b864dc9aff7973f8117e432e06bda61df68c0dc37a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:35 GMT
server: nginx
etag: "6516395f-44f3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 17651

GET
H2 200 1111.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 15 KB
15 KB 233ms
231ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/1111.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 095e6d5fa415e59e9c53b5c7ea9ced8f7d71eeb88f0da98d178ee0f13dbf8dc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:35 GMT
server: nginx
etag: "6516395f-3a75"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 14965

GET
H2 200 1141.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-03/ Frame 98A8 19 KB
19 KB 233ms
231ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-03/1141.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 27f44422692081c41230cf1d69590cf4f2413f341df699395989e7c05c1ceffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:31 GMT
server: nginx
etag: "6516395b-4bc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 19392

GET
H2 200 1002.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 14 KB
14 KB 233ms
231ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/1002.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: d1dc7ef43ed132a53309fa0437f6baa849ef413389bad1be3e56df447dc8b10e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:35 GMT
server: nginx
etag: "6516395f-36b4"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 14004

GET
H2 200 1001.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 24 KB
24 KB 266ms
264ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/1001.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 401c36ea0b1de2f1c7d300490187e693451193e86d021b1dd60a28ac5b606d08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:34 GMT
server: nginx
etag: "6516395e-600a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 24586

GET
H2 200 1002.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-03/ Frame 98A8 22 KB
22 KB 270ms
269ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-03/1002.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e1a61a06a55f2a3b531f393dbdd14402b804050dafdd5ab69689f7f7fa60e66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:30 GMT
server: nginx
etag: "6516395a-5655"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 22101

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ Frame 98A8 382 B
517 B 97ms
25ms Script
text/html 158.69.254.144
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4567502&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m992KP%E5%BF%AB%E6%A8%82%E7%9C%8B%E7%89%87&@n0&@ohttps%3A%2F%2Fshaoguan.theperfectgathering.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:91464140&@b3:1704304884&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2F683jb.xyz%2Findex.html&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 158.69.254.144 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns548341.ip-158-69-254.net
Software: /
Resource Hash: fba9021e24e429c0b63badc0dc9c82259ddab40efb7f8857c7a9512434e2f220

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:24 GMT
Connection: close
Content-Length: 382
Content-Type: text/html;charset=UTF-8

GET
H2 200 / Show response
e.dtscout.com/e/ Frame 98A8 7 KB
4 KB 340ms
242ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F683jb.xyz%2Findex.html&j=https%3A%2F%2Fshaoguan.theperfectgathering.com%2F
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4567502&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@m992KP%E5%BF%AB%E6%A8%82%E7%9C%8B%E7%89%87&@n0&@ohttps%3A%2F%2Fshaoguan.theperfectgathering.com%2F&@q0&@r0&@s0&@ten-US&@u1600&@b1:91464140&@b3:1704304884&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2F683jb.xyz%2Findex.html&@w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eff826dd7e86ec1a340bd2a5dcf7dd83bc5a46caaf2628d9bc3f863b9ab627f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
x-t: 0.227
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJcGweoryYyL7rU9LTGoaGLbouCneWLsXXbHB85D5fC8ysZN9BsWElPxQt4P0kV6vzYq65Uu2p2mDT9moiBcROwh%2BNyjq5uCX%2B39jjHFGk%2FkwJE26kmen6lewcvB%2BN4G8s8I%2FcJEDadSShE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache
x-s: ger1
cf-ray: 83fd25961dff4bc1-BUF
expires: Wed, 03 Jan 2024 18:01:23 GMT

GET
H2 200 / Show response
t.dtscout.com/idg/ Frame 47DA 1 KB
763 B 274ms
237ms Document
text/html 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=51A01704304884CE506932A27445C4B8
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F683jb.xyz%2Findex.html&j=https%3A%2F%2Fshaoguan.theperfectgathering.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a26f4d35b2931b5fd8ad4b2fadfa935294190e71bef7268c0be5964ca80a81

Request headers

Referer: https://683jb.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 83fd2597ef634bc1-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 03 Jan 2024 18:01:24 GMT
expires: Wed, 03 Jan 2024 18:01:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kSUWycJIiGi7PJTaTO%2BXhiQlToH6Rj4SRAnp8ZHZPZ5x%2FsNBztqIH9PaOJS5CD2MAPIdR7EZpYlK%2BVQTMv%2BdNtNhmd1OBG0s%2Fka5wh%2Ff8GvPhEFn4zosNYFDL9mQbTsBsgJ30KpSSEVe6qQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ Frame 98A8 33 KB
11 KB 104ms
27ms Script
text/javascript 18.238.55.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F683jb.xyz%2Findex.html&j=https%3A%2F%2Fshaoguan.theperfectgathering.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-87.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: qTL9I3PoQ0vLKAyf8R1sGpcCe8sbM7th
content-encoding: gzip
via: 1.1 a09be795efaa72bd6adbcee7b35c4d1c.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 12:29:02 GMT
last-modified: Thu, 01 Jun 2023 19:57:33 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 19942
x-amz-server-side-encryption: AES256
etag: W/"b338879bf41a826d9e1b316528a8409d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: kaMA-LtIlH31KJKciHZ18x6ZrbYcMLPpq8ACdan7hf1bAkm39gBzPw==

GET
H/1.1 200
OK dtscout Show response
pd.sharethis.com/pd/ Frame 98A8 2 KB
3 KB 173ms
37ms Script
application/javascript 18.189.215.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/dtscout

Requested by

Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F683jb.xyz%2Findex.html&j=https%3A%2F%2Fshaoguan.theperfectgathering.com%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.189.215.189 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-189-215-189.us-east-2.compute.amazonaws.com

Software

Resource Hash

d38556d28622a044dd8a041585e2964425d61b1d6eb75d6642bc77038b3a24bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 2444
Content-Type: application/javascript

GET
H2 200 / Show response
t.dtscout.com/pv/ Frame 98A8 51 B
348 B 298ms
262ms Script
application/javascript 2606:4700:21::8d65:780b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=683jb.xyz&_ss=rqof753gde&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=myl7&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F683jb.xyz%2Findex.html&j=https%3A%2F%2Fshaoguan.theperfectgathering.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6b31e533f93b75eeccba7c4d0fe710833ba6543322321aa1b571b453654480c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
x-t: 0.121
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OpUm4CYGX%2BjqgjNVeV3t19vm4i4GkJxBes%2F5U%2FFWcFA1CP4gxxLbdXOHz%2FcKI9Bt%2BKtHqHXqQ3DHu%2BssTa2iUx52TUgxJfVEal%2Fo814gFXngi%2FtiKhYSHh7WuFsr7mg0Q83JLZPJPZhEEs%3D"}],"group":"cf-nel","max_age":604800}
x-c: 0
content-type: application/javascript
cache-control: no-cache
cf-ray: 83fd2597ef644bc1-BUF
expires: Wed, 03 Jan 2024 18:01:23 GMT

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-17/ Frame 98A8 24 KB
24 KB 164ms
164ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-17/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 39feb7eccf1b9fd45b9b7754ab7ac9ed44475bf745dd86b12c98fd359ae10f40

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Tue, 01 Aug 2023 16:05:28 GMT
server: nginx
etag: "64c92d48-5e47"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 24135

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-14/ Frame 98A8 33 KB
34 KB 148ms
146ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-14/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: eb0dff1466cbbfccd8ce7ff5cf776f5036a533d6a6865556dbcaa1f3be5be25c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sun, 30 Jul 2023 07:30:31 GMT
server: nginx
etag: "64c61197-850b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 34059

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-20/ Frame 98A8 32 KB
33 KB 135ms
135ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-20/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 1f39162b33ae24108c369f9dfa9c29af7d8a1a8cc6d25d528f47f0dfe1461454

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Tue, 01 Aug 2023 16:05:49 GMT
server: nginx
etag: "64c92d5d-817d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 33149

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-11/ Frame 98A8 38 KB
38 KB 85ms
84ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-11/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fbbb778c234d248b938c13358da8b2af62710154b8418e47bddb82a5b057c96

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sun, 30 Jul 2023 07:30:20 GMT
server: nginx
etag: "64c6118c-96c9"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 38601

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-08/ Frame 98A8 32 KB
32 KB 90ms
89ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-08/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 82f0e99f6c12b46f4731ab7952fcf1225145e74a5005c7e7eb921772bcdb074e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sun, 30 Jul 2023 07:30:09 GMT
server: nginx
etag: "64c61181-7f7f"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 32639

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-05/ Frame 98A8 33 KB
33 KB 85ms
85ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-05/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 6aaa4b0508f65eb9b2a90c0c74bcedf4b2cd0a18916c78a35c917905bfbe7a44

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sun, 30 Jul 2023 07:29:59 GMT
server: nginx
etag: "64c61177-827d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 33405

GET
H2 200 301.mp4.gif.jpg
992i2333.com/Uploads/vod/2023-08-02/ Frame 98A8 47 KB
47 KB 86ms
84ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2023-08-02/301.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 94540a0995db7211e66280cbc010d24915cb391ea7ed3ecee822258396d19092

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sun, 30 Jul 2023 07:29:49 GMT
server: nginx
etag: "64c6116d-ba17"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 47639

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ Frame 98A8 50 B
464 B 100ms
33ms Fetch
application/json 18.173.132.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-7.jfk52.r.cloudfront.net
Software: /
Resource Hash: 851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:11:25 GMT
via: 1.1 c1ad0e11a95c9a5b3f4d80fde7d23fea.cloudfront.net (CloudFront), 1.1 82713ebbf03d41ed38c813ce60a18fea.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P4, JFK52-P2
age: 10199
x-amzn-requestid: de50f05b-eaa4-4883-b3d4-51d064c17ee0
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Q9_ctE9RiYcEAvg=
content-length: 50
x-amz-cf-id: qIQAWhSmhNuuFZUz44Tyjhwaw1BU3AOGI7veCZePXTdSYCoO8XGahg==

GET
H2 200 912.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 19 KB
19 KB 81ms
80ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/912.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 00f05a602cdaa780164e7bd8ec3ac3a82fca42fce73ddfd99602ac19ef9ff42f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:40 GMT
server: nginx
etag: "65163964-4a5d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 19037

GET
H2 200 911.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 15 KB
16 KB 82ms
82ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/911.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: d752806b32ef559afc2976d573b8d7202be9331dd46d0bc8892cff7ca22a4839

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:40 GMT
server: nginx
etag: "65163964-3d0e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 15630

GET
H2 200 901.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 20 KB
20 KB 81ms
80ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/901.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: c1e5ec65136463a0873ff6e1fb739b4959da464143c8b1b3e130e5cea14038d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:40 GMT
server: nginx
etag: "65163964-4e1d"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 19997

GET
H2 200 893.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 22 KB
22 KB 81ms
80ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/893.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b3c9d85b4fb9f612e671b1424fe9f1010edefdda5de95018e693ffd746251a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:40 GMT
server: nginx
etag: "65163964-584a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 22602

GET
H2 200 892.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 13 KB
13 KB 79ms
79ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/892.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d559a20fde994f702a120a15ac4aa7f336b1d183845e8c00f7ddcea1569ffdb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:40 GMT
server: nginx
etag: "65163964-348f"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 13455

GET
H2 200 891.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 17 KB
17 KB 77ms
77ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/891.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: bf7fd633e2c4d390977e72ad3c666908a6c7aedfd6ac5a089a81913d95b4f6de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:36 GMT
server: nginx
etag: "65163960-4296"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 17046

GET
H2 200 912.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-03/ Frame 98A8 15 KB
15 KB 78ms
75ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-03/912.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 015fd126f875a35f4356ef72764043b5db4543d218fa8a3a1f35e88029c7b111

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:34 GMT
server: nginx
etag: "6516395e-3cba"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 15546

GET
H2 200 1131.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 15 KB
15 KB 76ms
75ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/1131.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 98e79d33cd19ab9fdf5d88857027ecd3288712e7824b52860bf3b6466315aa32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:36 GMT
server: nginx
etag: "65163960-3c86"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 15494

GET
H2 200 1121.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 17 KB
18 KB 76ms
75ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/1121.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 6e2fdb533dfd96b59cc18b864dc9aff7973f8117e432e06bda61df68c0dc37a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:35 GMT
server: nginx
etag: "6516395f-44f3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 17651

GET
H2 200 1111.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 15 KB
15 KB 75ms
75ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/1111.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 095e6d5fa415e59e9c53b5c7ea9ced8f7d71eeb88f0da98d178ee0f13dbf8dc1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:35 GMT
server: nginx
etag: "6516395f-3a75"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 14965

GET
H2 200 1141.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-03/ Frame 98A8 19 KB
19 KB 76ms
75ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-03/1141.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 27f44422692081c41230cf1d69590cf4f2413f341df699395989e7c05c1ceffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:31 GMT
server: nginx
etag: "6516395b-4bc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 19392

GET
H2 200 1002.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 14 KB
14 KB 76ms
76ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/1002.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: d1dc7ef43ed132a53309fa0437f6baa849ef413389bad1be3e56df447dc8b10e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:35 GMT
server: nginx
etag: "6516395f-36b4"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 14004

GET
H2 200 1001.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-04/ Frame 98A8 24 KB
24 KB 75ms
75ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-04/1001.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 401c36ea0b1de2f1c7d300490187e693451193e86d021b1dd60a28ac5b606d08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:34 GMT
server: nginx
etag: "6516395e-600a"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 24586

GET
H2 200 1002.mp4.gif.jpg
992i2333.com/Uploads/vod/2024-01-03/ Frame 98A8 22 KB
22 KB 76ms
75ms Image
image/jpeg 23.224.137.68
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://992i2333.com/Uploads/vod/2024-01-03/1002.mp4.gif.jpg
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.224.137.68 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e1a61a06a55f2a3b531f393dbdd14402b804050dafdd5ab69689f7f7fa60e66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Fri, 29 Sep 2023 02:41:30 GMT
server: nginx
etag: "6516395a-5655"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 22101

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 98A8 2 KB
2 KB 147ms
29ms Script
application/javascript 23.196.3.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.765604464034809&stid=ZGYABmWVoPQAAAAIW56WAw%3D%3D

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1365
Expires: Wed, 03 Jan 2024 19:01:24 GMT

GET
H/1.1 200
OK dtscout
pd.sharethis.com/pd/ Frame 98A8 42 B
265 B 38ms
38ms Image
image/gif 18.189.215.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fshaoguan.theperfectgathering.com%2F&event_source=dtscout&rnd=0.765604464034809&exptid=ZGYABmWVoPQAAAAIW56WAw%3D%3D&fcmp=false

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.189.215.189 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-189-215-189.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

GET
H2 200 logo.png
www.szmys.com/Content/img/ 3 KB
3 KB 480ms
479ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/Content/img/logo.png
Requested by: Host: www.szmys.com
URL: https://www.szmys.com/css/common.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: bcbaafe88d044538df020a117fac73be5a274660befbf48d79cfc2d684bbde16

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.szmys.com/css/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Wed, 24 Jul 2019 08:40:55 GMT
server: Nginx / 1.8.8
etag: "8a681282fb41d51:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 2714

GET
H2 200 search.jpg
www.szmys.com/css/ 1 KB
1 KB 480ms
478ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/css/search.jpg
Requested by: Host: www.szmys.com
URL: https://www.szmys.com/css/common.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 78a713f6e0548ac987cec8705ffd921ecf19d2f98b4671eebba82ba210a283ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.szmys.com/css/common.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sat, 17 Dec 2016 08:12:59 GMT
server: Nginx / 1.8.8
etag: "2b3436613d58d21:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 1381

GET
H2 200 left.png
www.szmys.com/Content/img/slide/ 786 B
866 B 480ms
479ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/Content/img/slide/left.png
Requested by: Host: www.szmys.com
URL: https://www.szmys.com/css/index3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 00fe8a99636a1da3f0f5f079780d8f56b42de706a0a7286557a411034e522f66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.szmys.com/css/index3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Mon, 11 Apr 2016 03:43:31 GMT
server: Nginx / 1.8.8
etag: "045fa50a493d11:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 786

GET
H2 200 right.png
www.szmys.com/Content/img/slide/ 853 B
932 B 481ms
480ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/Content/img/slide/right.png
Requested by: Host: www.szmys.com
URL: https://www.szmys.com/css/index3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 611da9220eff25c4037f674123ba3ff4b24d41721b4a7ce533bfc886dd64ec3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.szmys.com/css/index3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Mon, 11 Apr 2016 03:43:58 GMT
server: Nginx / 1.8.8
etag: "90fa5d61a493d11:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 853

GET
H2 200 arrow2.png
www.szmys.com/Content/img/slide/ 3 KB
4 KB 480ms
480ms Image
image/png 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/Content/img/slide/arrow2.png
Requested by: Host: www.szmys.com
URL: https://www.szmys.com/css/index3.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 776691f41e8255e73c1b9bcc5fd646b228c3f6cb4d76b422bed50cfe0961e203

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.szmys.com/css/index3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Wed, 13 Apr 2016 02:46:52 GMT
server: Nginx / 1.8.8
etag: "2ef7e2bb2e95d11:0"
x-powered-by: 85686916
content-type: image/png
accept-ranges: bytes
content-length: 3522

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 327ms
326ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=174595314&si=3133194f251bbc230fc36b806b812f58&v=1.3.0&lv=1&sn=1675&r=0&ww=1600&u=https%3A%2F%2Fshaoguan.theperfectgathering.com%2F&tt=%E4%B9%9D%E4%B8%80%E9%BA%BB%E8%B1%86%E5%88%B6%E7%89%87%E5%8E%82%E5%9B%BD%E4%BA%A7%E5%89%A7%E6%83%85~%E7%99%BE%E5%BA%A6%E7%99%BE%E7%A7%91

Requested by

Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 18:01:24 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 1654046772.jpg
www.szmys.com/upload/20171124/ 196 KB
196 KB 456ms
451ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20171124/1654046772.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 9e52eab5b1b51a90076321420312342c45d3ff9fcb1ce214d583f78ad97b00a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 20 Oct 2022 09:01:12 GMT
server: Nginx / 1.8.8
etag: "1a22ff8062e4d81:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 200676

GET
H2 200 1654261554.jpg
www.szmys.com/upload/20171124/ 72 KB
72 KB 454ms
449ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20171124/1654261554.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: ab1b199b5cc3c03655d797fd757000ca2e9be0a03e8258f8f1f352c21dd7ab0d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Sat, 09 Dec 2017 05:55:23 GMT
server: Nginx / 1.8.8
etag: "6821a14db270d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 73760

GET
H2 200 1655059297.jpg
www.szmys.com/upload/20171124/ 147 KB
147 KB 492ms
488ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20171124/1655059297.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 5fc84b2e8c4f8057caa5771f2c9b711e337764d2c0bd7241e4602f701d49f86b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 25 Jul 2019 07:27:59 GMT
server: Nginx / 1.8.8
etag: "b271a37cba42d51:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 150238

GET
H2 200 1105072272.jpg
www.szmys.com/upload/20170727/ 17 KB
17 KB 474ms
470ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1105072272.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 2755ab7f75e604cb47987f3da8ddeb66879a7c629029f06026001c6f1bbbb35f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 27 Jul 2017 03:05:07 GMT
server: Nginx / 1.8.8
etag: "b05f9f26856d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 16966

GET
H2 200 1029451187.jpg
www.szmys.com/upload/20170727/ 20 KB
20 KB 488ms
485ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1029451187.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: ddae935381c3cd4839647edc08f0dceef5ffedbd149e4b201dedc23727cb5c00

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 27 Jul 2017 02:29:45 GMT
server: Nginx / 1.8.8
etag: "8a51bf35806d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 20474

GET
H2 200 1032049164.jpg
www.szmys.com/upload/20170727/ 24 KB
24 KB 475ms
472ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1032049164.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: ffd61df61ff69c61cad8672ab24818ebb153fe8c989493ad4d85b7125052b4ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 27 Jul 2017 02:32:04 GMT
server: Nginx / 1.8.8
etag: "7cc21289806d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 24259

GET
H2 200 1035316208.jpg
www.szmys.com/upload/20170727/ 14 KB
14 KB 477ms
474ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1035316208.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: d75fe97d9ac97329e36abe76e3979893d3772ecfd203a9b8ff83f86154f4f561

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 27 Jul 2017 02:35:31 GMT
server: Nginx / 1.8.8
etag: "5ccd474816d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 13943

GET
H2 200 1039005498.jpg
www.szmys.com/upload/20170727/ 18 KB
18 KB 481ms
478ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1039005498.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 7af3f601671174c94b58fbdfe7aa5c66fd9824da85e87cbba9b372a7ccf29945

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 27 Jul 2017 02:39:00 GMT
server: Nginx / 1.8.8
etag: "6c62cf80816d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 18572

GET
H2 200 1051288370.jpg
www.szmys.com/upload/20170727/ 35 KB
35 KB 478ms
475ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1051288370.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: a36079e5d5309aa8c229f582a2da11e4ba4105e507dcaa4dfe0542ed48be0d84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 27 Jul 2017 02:51:28 GMT
server: Nginx / 1.8.8
etag: "d616d33e836d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 36266

GET
H2 200 1055418777.jpg
www.szmys.com/upload/20170727/ 14 KB
14 KB 482ms
480ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1055418777.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: a53c71a6f77cad5eb8606c7e086551808ae4a590cedc1a869211ba16c5213ea3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 27 Jul 2017 02:55:41 GMT
server: Nginx / 1.8.8
etag: "6e5a5d5836d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 14194

GET
H2 200 1111030505.jpg
www.szmys.com/upload/20170727/ 16 KB
16 KB 486ms
484ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1111030505.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: dd5528ee4e69b99af96c18f5041f04f1d008050971a574284788eecd3a21fc7c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 27 Jul 2017 03:11:03 GMT
server: Nginx / 1.8.8
etag: "a8b2b5fa856d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 16160

GET
H2 200 1113302492.jpg
www.szmys.com/upload/20170727/ 26 KB
26 KB 484ms
483ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1113302492.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 996a10a6942561c31271619fd667320bb2f5a4654e4e13cd3bfd57e59cd9cec3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 27 Jul 2017 03:13:30 GMT
server: Nginx / 1.8.8
etag: "33987252866d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 26209

GET
H2 200 1119062662.jpg
www.szmys.com/upload/20170727/ 19 KB
19 KB 648ms
647ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1119062662.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: 69656f544d710f6f1cd28b4b2f36ec11d2b8d14319db5b48a84f1a5792e47d12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 27 Jul 2017 03:19:06 GMT
server: Nginx / 1.8.8
etag: "17b8ba1a876d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 19503

GET
H2 200 1027165693.jpg
www.szmys.com/upload/20170727/ 15 KB
15 KB 488ms
486ms Image
image/jpeg 113.105.134.36
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.szmys.com/upload/20170727/1027165693.jpg
Requested by: Host: shaoguan.theperfectgathering.com
URL: https://shaoguan.theperfectgathering.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 113.105.134.36 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: Nginx / 1.8.8 / 85686916
Resource Hash: ba7dedb3f556f4336b15b3d7dbbc7d6358f02947d606241c7e957b429ecc4a66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
last-modified: Thu, 27 Jul 2017 02:27:16 GMT
server: Nginx / 1.8.8
etag: "63c834dd7f6d31:0"
x-powered-by: 85686916
content-type: image/jpeg
accept-ranges: bytes
content-length: 15357

GET
H2 200 dataBeacons.min.js Show response
data-beacons.s-onetag.com/ Frame 98A8 5 KB
2 KB 235ms
58ms Script
text/javascript 108.157.162.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.162.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-162-49.mia3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: E.1OJV_drBwSGrjBvy4_U_vW0RbzSmb0
content-encoding: gzip
via: 1.1 27e533b5f5d5eefbbe949ec8ddb9a9e6.cloudfront.net (CloudFront)
date: Wed, 03 Jan 2024 17:48:55 GMT
last-modified: Wed, 04 Oct 2023 13:49:44 GMT
server: AmazonS3
x-amz-cf-pop: MIA3-P3
age: 750
etag: W/"934c7ce138a53a973baa02a2dbd8c23a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: SnYe9VQ-SxV-Ut1zWOGHF5O1N1PkmW0XKfebSEVqsU2ORAc4hbURRw==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 98A8 58 KB
18 KB 135ms
35ms Script
text/javascript 18.160.46.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F683jb.xyz%2Findex.html&j=https%3A%2F%2Fshaoguan.theperfectgathering.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-85.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:36:30 GMT
content-encoding: gzip
via: 1.1 640e1fde1214554c9f15c8cb85df826a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P2
age: 5095
x-amz-server-side-encryption: AES256
etag: W/"eb52f900499b46d1088df97dad487c73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: pgyGPgQ4j_jVJi_jPuR0J86sw21TXPEbRURkwFwiF2wQgV2zrO9-6Q==

GET
H2 200 / Show response
t.dtscdn.com/widget/ Frame 98A8 0
596 B 187ms
102ms Script
application/javascript 2606:4700:20::681a:c3c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=51A01704304884CE506932A27445C4B8&nid=300&p=836148727&t=600&s=1600x1200x24&u=https%3A%2F%2F683jb.xyz%2Findex.html&r=https%3A%2F%2Fshaoguan.theperfectgathering.com%2F
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F683jb.xyz%2Findex.html&j=https%3A%2F%2Fshaoguan.theperfectgathering.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c3c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
x-t: 2.47
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jw6IFcQ%2FOJlcXLxcrcPRHOgjx9wQdKEswzAd9IBqnkLuOkf0G8nUPnTFCnHolgFVEHSWQogHeHwRfwUfp49pU6lh0eajuOgmfUCf6sA07kLmFVty58UZDNipM9fV3wxTIJZNUeuqvBS14A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
x-server: web12.ny1.dtscdn.com
cf-ray: 83fd259a4dbf4bc0-BUF
expires: Wed, 03 Jan 2024 17:07:56 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 98A8
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=51A01704304884CE506932A27445C4B8
https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=a5e9af1fd702c85b
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MngwaEpMYlg2MUV2U1lQZEpQdTFRcGIyLXQ0WUltdXMxRVE0VUR4R1N5clU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MngwaEpMYlg2MUV2U1lQZEpQdTFRcGIyLXQ0WUltdXMxRVE0VUR4R1N5clU&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referr...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEB0nJ0FBx4YoMDKGn8vCewg&google_cver=1

70 B
440 B

40ms
40ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEB0nJ0FBx4YoMDKGn8vCewg&google_cver=1
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 03 Jan 2024 18:01:25 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESEB0nJ0FBx4YoMDKGn8vCewg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t_.htm Show response
t.sharethis.com/a/ Frame 0D62 2 KB
1 KB 29ms
29ms Document
text/html 23.196.3.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.765604464034809&stid=ZGYABmWVoPQAAAAIW56WAw%3D%3D

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: https://683jb.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Wed, 03 Jan 2024 18:01:24 GMT
Expires: Wed, 10 Jan 2024 18:01:24 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1268.23366/a/US/ Frame 6447 19 KB
9 KB 33ms
32ms Script
text/javascript 23.196.3.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1268.23366/a/US/t_.js?cid=c010&cls=C

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:24 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 8535
Expires: Wed, 10 Jan 2024 18:01:24 GMT

GET
H/1.1 200
OK test_oracle Show response
pd.sharethis.com/pd/ Frame B340 438 B
675 B 37ms
37ms Script
application/javascript 18.189.215.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pd.sharethis.com/pd/test_oracle

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.189.215.189 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-189-215-189.us-east-2.compute.amazonaws.com

Software

Resource Hash

1ebe598e3d8fd17c1283dc67f20b87a69a597df94d4801dcb7206de4e0596a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:24 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 438
Content-Type: application/javascript

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 6447
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&gdpr=0&gdpr_consent=

42 B
297 B

179ms
36ms

Image
image/gif

3.130.26.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&gdpr=0&gdpr_consent=

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

HTTP/1.1

Server

3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-26-161.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGYABmWVoPQAAAAIW56WAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/ttd?uid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&gdpr=0&gdpr_consent=
date: Wed, 03 Jan 2024 18:01:24 GMT
server: Kestrel
content-length: 215

GET
H2

200

db_sync
px.ads.linkedin.com/ Frame 6447
Redirect Chain

https://idsync.rlcdn.com/386076.gif?partner_uid=ZGYABmWVoPQAAAAIW56WAw%3D%3D&gdpr=0&gdpr_consent=
https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkdZQUJtV1ZvUFFBQUFBSVc1NldBdz09EAAaDQj0wdasBhIFCOgHEABCAEoA
https://pippio.com/api/sync?pid=5324&it=1&iv=1e8e13f0e13d45ebb25b685d3bec14270625819466106182b277dc5bf326f324791426b5417dce21&_=2
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=1e8e13f0e13d45ebb25b685d3bec14270625819466106182b277dc5bf326f324791426b5417dce21&rand=04135806
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=1e8e13f0e13d45ebb25b685d3bec14270625819466106182b277dc5bf326f324791426b5417dce21&rand=04135806&expected_cookie=4d9e7eeb-0d2f-4189-b507-c2477e20db82

0
143 B

54ms
54ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=10339&puuid=1e8e13f0e13d45ebb25b685d3bec14270625819466106182b277dc5bf326f324791426b5417dce21&rand=04135806&expected_cookie=4d9e7eeb-0d2f-4189-b507-c2477e20db82
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 7160E81F5B904D87B2CB031A33BB785A Ref B: EWR311000103031 Ref C: 2024-01-03T18:01:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYODmdG3TN8PQ9PE0Cu3g==

Redirect headers

date: Wed, 03 Jan 2024 18:01:24 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 97E6954F58F543DAB4F10F90CEDFD4BC Ref B: EWR311000103031 Ref C: 2024-01-03T18:01:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: /db_sync?pid=10339&puuid=1e8e13f0e13d45ebb25b685d3bec14270625819466106182b277dc5bf326f324791426b5417dce21&rand=04135806&expected_cookie=4d9e7eeb-0d2f-4189-b507-c2477e20db82
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYODmdF/yIGUzDaYWmT3A==

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 6447
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2DngNud5gGwo3ibCVwgodT5LEcX3x8Kx06gHvNdsbbRY&gdpr=0&gdpr_consent=

42 B
297 B

140ms
37ms

Image
image/gif

3.130.26.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2DngNud5gGwo3ibCVwgodT5LEcX3x8Kx06gHvNdsbbRY&gdpr=0&gdpr_consent=

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

HTTP/1.1

Server

3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-26-161.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGYABmWVoPQAAAAIW56WAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2DngNud5gGwo3ibCVwgodT5LEcX3x8Kx06gHvNdsbbRY&gdpr=0&gdpr_consent=
Date: Wed, 03 Jan 2024 18:01:25 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame 6447
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZGYABmWVoPQAAAAIW56WAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3641095699338100789
https://ml314.com/csync.ashx?fp=d3b53317c5f66ae234ecab74e588bad6a6fa21f86b831775504806b137df5289f4cb09cee1a4f8eb&person_id=3641095699338100789&eid=50082

43 B
124 B

47ms
46ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=d3b53317c5f66ae234ecab74e588bad6a6fa21f86b831775504806b137df5289f4cb09cee1a4f8eb&person_id=3641095699338100789&eid=50082
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 04 Jan 2024 18:01:25 GMT
date: Wed, 03 Jan 2024 18:01:25 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Wed, 03 Jan 2024 18:01:25 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=d3b53317c5f66ae234ecab74e588bad6a6fa21f86b831775504806b137df5289f4cb09cee1a4f8eb&person_id=3641095699338100789&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

oracle
sync.sharethis.com/ Frame 6447
Redirect Chain

https://tags.bluekai.com/site/59574?id=ZGYABmWVoPQAAAAIW56WAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

42 B
297 B

138ms
36ms

Image
image/gif

3.130.26.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

HTTP/1.1

Server

3.130.26.161 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-26-161.us-east-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:25 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZGYABmWVoPQAAAAIW56WAw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date: Wed, 03 Jan 2024 18:01:25 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 bk-coretag.js Show response
tags.bkrtx.com/js/ Frame B340 51 KB
16 KB 168ms
42ms Script
application/javascript 23.7.64.229
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.bkrtx.com/js/bk-coretag.js

Requested by

Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.7.64.229 Minneapolis, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-7-64-229.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Wed, 03 Jan 2024 18:01:25 GMT
last-modified: Fri, 21 May 2021 19:14:21 GMT
server: nginx/1.15.8
etag: W/"60a8068d-cbc2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
content-length: 16078
expires: Wed, 10 Jan 2024 18:01:25 GMT

GET
H3 404 lastNews.ashx Show response
shaoguan.theperfectgathering.com/js/ajax/ 481 B
743 B 198ms
197ms XHR
text/html 2606:4700:3033::6815:3173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shaoguan.theperfectgathering.com/js/ajax/lastNews.ashx?&0.8642635454006851
Requested by: Host: www.szmys.com
URL: https://www.szmys.com/js/me.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb7ea487656759eadfd624a7c41dfe79e833e9aaf9d24bc57741ab180272924

Request headers

accept-language: en-US,en;q=0.9
Referer: https://shaoguan.theperfectgathering.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EakT0T8o0XXFQ28TOc3qE5tb3XnA7rMEysk%2FQAYsGQ%2BoiGVVgaUFQkSI%2FNqPCO0e8oycSBOl%2BxDirjL4oyDENv6dMSve5arlDbJnAxUUpQOawHsXkK2cXFvzq9ckFf9oboZpeeNwHyK%2BJABad1QvypE3njVRk2f%2BOx7JNiAkkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 83fd259ac9964bbb-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/ Frame 98A8
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
457 B

31ms
30ms

Fetch
application/json

63.251.86.49
INTERNAP-BLK

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: HTTP/1.1
Server: 63.251.86.49 , United States, ASN10913 (INTERNAP-BLK, US),
Reverse DNS
Software: /
Resource Hash: 9b77a91a35b7dbb12b4c874861a2abe8dc77bb16a10ed31ebff569d38199ebb2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://683jb.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Wed, 03 Jan 2024 18:01:25 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://683jb.xyz
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1dca1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

2981 Show response
tags.bluekai.com/site/ Frame 277A
Redirect Chain

https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZGYABmWVoPQAAAAIW56WAw%3D%3D&phint=__bk_k%3D&phint=__bk_pr%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1268.23366%26cid%3Dc010%26...
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=SFJBQldDd005OU94MzhQaw%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm=&google_sc=&google_hm=SFJBQldDd005OU94MzhQaw%3D%3D&google_tc=
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEC9t86l4B6dVQOFIFHAkVqk&google_cver=1

62 B
306 B

155ms
154ms

Document
image/gif

23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEC9t86l4B6dVQOFIFHAkVqk&google_cver=1
Requested by: Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://t.sharethis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-length: 62
content-type: image/gif
date: Wed, 03 Jan 2024 18:01:25 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 296
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 18:01:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://tags.bluekai.com/site/2981?id=&google_gid=CAESEC9t86l4B6dVQOFIFHAkVqk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 1540_03681 Show response
track2.securedvisit.com/sync/ Frame 98A8 43 B
178 B 163ms
49ms Script
image/gif 54.166.243.239
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track2.securedvisit.com/sync/1540_03681?id=H7kZhSZHXC2ZxH6LT9isXLi_
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.243.239 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-166-243-239.compute-1.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:25 GMT
cache-control: private, no-cache, proxy-revalidate
server: nginx/1.24.0
content-length: 43
content-type: image/gif

GET
H2 204 ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame E11E 0
0 106ms
33ms Document
text/plain 18.173.132.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=15052&maxed=1&rnd=11857
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-127.jfk52.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://683jb.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
date: Wed, 03 Jan 2024 18:01:26 GMT
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
via: 1.1 c28d583393bad4965b8efa4ef27ccc9e.cloudfront.net (CloudFront)
x-amz-cf-id: Vmkc9gHZwYentj8qEeT2y-ocIEoCESMJSPdbPkx4QI6QHgGnQvK9Rg==
x-amz-cf-pop: JFK52-P2
x-cache: Miss from cloudfront

GET
H2

200

usersync.aspx
dis.criteo.com/dis/ Frame 98A8
Redirect Chain

https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7kZhSZHXC2ZxH6LT9isXLi_&rnd=3432
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=H7kZhSZHXC2ZxH6LT9isXLi_&rnd=3432&_li_chk=true&previous_uuid=c1c48d9a4c8c445abe8008cf0b71b6e8
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
363 B

103ms
29ms

Image
image/gif

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: 683jb.xyz
URL: https://683jb.xyz/index.html

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 414177
expires: Wed, 03 Jan 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Wed, 03 Jan 2024 18:01:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2 200 db_sync
px.ads.linkedin.com/ Frame 98A8 0
142 B 64ms
64ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/db_sync?pid=15697&puuid=H7kZhSZHXC2ZxH6LT9isXLi_&rand=63138&pu=https://shaoguan.theperfectgathering.com/
Requested by: Host: 683jb.xyz
URL: https://683jb.xyz/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:26 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: E19A88A32D9749AC807527D77E319D59 Ref B: EWR311000103031 Ref C: 2024-01-03T18:01:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYODmdjcWGSnciuG3DM2w==

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ Frame 98A8 4 KB
1 KB 137ms
72ms XHR
application/json 18.160.46.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-85.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6

Request headers

Referer: https://683jb.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 18:01:28 GMT
content-encoding: gzip
via: 1.1 c378d79f6d61c9af35c366d426990acc.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 14:23:53 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P2
etag: W/"f16e89fd08a708a6bd2e69be50fd30ab"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: public, max-age=86400
x-amz-cf-id: wb86klhWbf-E6cwKSKBX0pYgyCpGFwV-Fo1l_yVk8DVbpj43Eabi4g==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ Frame 98A8 562 B
1 KB 393ms
109ms XHR
application/json 52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 105b113eff39c40b75eefac9a75dd96c094fc919b09afed98debcbb76865cb02

Request headers

Referer: https://683jb.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:27 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://683jb.xyz
cache-control: no-cache
x-server: 10.40.1.71
access-control-allow-credentials: true
content-length: 562
expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 98A8
Redirect Chain

https://um.simpli.fi/lj_match?r=87989
https://ce.lijit.com/merge?pid=2&3pid=4FC4B8C31488426F99925AF4C040B05C

43 B
679 B

246ms
31ms

Image
image/gif

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=4FC4B8C31488426F99925AF4C040B05C
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 18:01:27 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Wed, 03 Jan 2024 18:01:27 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=4FC4B8C31488426F99925AF4C040B05C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 02 Jan 2024 18:01:27 GMT

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 008C 2 KB
1 KB 32ms
31ms Document
text/html 18.160.46.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.160.46.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-160-46-85.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275

Request headers

Referer: https://683jb.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 53675
cache-control: public, max-age=86400
content-encoding: gzip
content-type: text/html
date: Wed, 03 Jan 2024 03:06:53 GMT
etag: W/"43b17c7b81b6281ca01991a2e5cae3a7"
last-modified: Tue, 05 Sep 2023 17:36:56 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 640e1fde1214554c9f15c8cb85df826a.cloudfront.net (CloudFront)
x-amz-cf-id: PuysxXOztXonJmal9cZsVN673oxRirb-0G0uKropYp3BekCtA3TpXQ==
x-amz-cf-pop: IAD55-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 976F 3 KB
4 KB 37ms
36ms Document
text/html 52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 38bb40a58d3a9da94b045cc1ff3e3c49d54a5b70cec7842715376d069bcc7c60

Request headers

Referer: https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-length: 3535
content-type: text/html
date: Wed, 03 Jan 2024 18:01:28 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.40.3.28

GET
H/1.1 204
No Content a.gif
t.sharethis.com/d/ Frame 6447 0
289 B 119ms
118ms Image
text/plain 23.196.3.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZGYABmWVoPQAAAAIW56WAw%253D%253D&tt=t.dhj&dhjLcy=1704304884745&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1268.23366&ell=d&cck=__stid&dmn=shaoguan.theperfectgathering.com&pn=%2F&qs=na&cc=US&cont=NA&evid=gxLfQzYAu0y24SdU80io&urls=!1!334!b-13j,!0!493!b-13l,!1!371!b-14s,!1!0!b-14t,!1!229!b-150,!1!361!b-16f&rnd=1704304887848&cid=c010&version=1.1268.23366&cc=US&cont=NA&cls=C&repeat=0&htmLcy=36

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.196.3.202 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-196-3-202.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1268.23366&cid=c010&cls=C
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 18:01:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Expires: Wed, 03 Jan 2024 18:01:27 GMT

GET
H2

204

/
partner.mediawallahscript.com/ Frame 976F
Redirect Chain

https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=f9e3751cabd25ed4f513b265902ccc03&custom=&tag_format=img&tag_action=sync
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2045&uid=f9e3751cabd25ed4f513b265902ccc03&custom=&tag_format=img&tag_action=sync&final=true&reqid=1dfa8ba0-aa62-11ee-81a5-53ee200cd...
https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2016%26partner_id%3D2087%26uid%3D%24UID%26tag_format%3Dimg%26tag_action%3Dsync
https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3035946598938582926&tag_format=img&tag_action=sync
https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=1e011b50-aa62-11ee-ad6a-a517d8de15c4?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile...
https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=f9e3751cabd25ed4f513b265902ccc03&tag_format=img&tag_action=sync&cb=541668457
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1
https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&tag_format=img&tag_action=sync&cb=
https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=1e011b50-aa62-11ee-ad6a-a517d8de15c4&cb=1704304888633&rmn=y&redirect=https%3A%2F%2Fpartner.me...
https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=be7c6e94-a646-4986-a166-db691d6d4ded&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704304888633

0
405 B

46ms
45ms

Image
text/plain

54.85.146.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=be7c6e94-a646-4986-a166-db691d6d4ded&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704304888633
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 54.85.146.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-146-200.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 03 Jan 2024 18:01:28 GMT
cache-control: private, no-cache, must-revalidate, no-store, max-age=0
server: nginx
expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: istio-envoy
p3p: CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
location: https://partner.mediawallahscript.com/?account_id=2041&partner_id=2099&uid=be7c6e94-a646-4986-a166-db691d6d4ded&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1704304888633
cache-control: no-cache,private
x-envoy-upstream-service-time: 0
content-length: 0
expires: Wed, 03 Jan 2024 18:01:27 GMT

GET
H2

200

m
cm.mgid.com/ Frame 976F
Redirect Chain

https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=f9e3751cabd25ed4f513b265902ccc03
https://cm.mgid.com/m?c=f9e3751cabd25ed4f513b265902ccc03&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

43 B
158 B

59ms
56ms

Image
image/gif

2606:4700:1::6813:844c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.mgid.com/m?c=f9e3751cabd25ed4f513b265902ccc03&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D

Protocol

Server

2606:4700:1::6813:844c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 83fd25af3ab84bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/gif
location: https://cm.mgid.com/m?c=f9e3751cabd25ed4f513b265902ccc03&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 83fd25aeca794bd2-BUF
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=382015151928465879/gdpr=/ Frame 976F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1040
https://c1.adform.net/serving/cookie/match?CC=1&party=1040
https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=382015151928465879/gdpr=/gdpr_consent=

49 B
265 B

42ms
42ms

Image
image/gif

52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=382015151928465879/gdpr=/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.15.114
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=382015151928465879/gdpr=/gdpr_consent=
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 976F
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=716E2271-600D-40B3-9405-C4C2B47A63EA&gdpr=0

49 B
265 B

72ms
71ms

Image
image/gif

52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=716E2271-600D-40B3-9405-C4C2B47A63EA&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.61.182
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=716E2271-600D-40B3-9405-C4C2B47A63EA&gdpr=0
date: Wed, 03 Jan 2024 18:01:27 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

41715
i6.liadm.com/s/ Frame 976F
Redirect Chain

https://i.liadm.com/s/41715?bidder_id=127211&bidder_uuid=f9e3751cabd25ed4f513b265902ccc03
https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=f9e3751cabd25ed4f513b265902ccc03

43 B
548 B

135ms
30ms

Image
image/gif

2600:1f18:ed:550f:9eb9:354c:5ca7:7a69
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=f9e3751cabd25ed4f513b265902ccc03

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:9eb9:354c:5ca7:7a69 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:28 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/41715?bidder_id=127211&bidder_uuid=f9e3751cabd25ed4f513b265902ccc03
Date: Wed, 03 Jan 2024 18:01:28 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2

200

gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a/gdpr=0/ Frame 976F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a/gdpr=0/gdpr_consent=

49 B
264 B

83ms
70ms

Image
image/gif

52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a/gdpr=0/gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.5.97
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a/gdpr=0/gdpr_consent=
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Kestrel
content-length: 249

GET
H2

200

tpid=5836799e-713c-463f-bf95-000978e3c876
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 976F
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=f9e3751cabd25ed4f513b265902ccc03&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=f9e3751cabd25ed4f513b265902ccc03&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=5836799e-713c-463f-bf95-000978e3c876%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&ttd_puid=5836799e-713c-463f-bf95-000978e3c876%2Chttps%253A%252F%252Fsync.crwdcntrl.n...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5836799e-713c-463f-bf95-000978e3c876

49 B
264 B

47ms
46ms

Image
image/gif

52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5836799e-713c-463f-bf95-000978e3c876
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.50.15
content-length: 49
expires: 0

Redirect headers

date: Wed, 03 Jan 2024 18:01:28 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=5836799e-713c-463f-bf95-000978e3c876
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

tpid=6c528503eb5bd7597adfc0d10d140f58
sync.crwdcntrl.net/map/c=10832/tp=TRUP/ Frame 976F
Redirect Chain

https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=6c528503eb5bd7597adfc0d10d140f58

49 B
264 B

44ms
44ms

Image
image/gif

52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=6c528503eb5bd7597adfc0d10d140f58
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.62.19
content-length: 49
expires: 0

Redirect headers

date: Wed, 03 Jan 2024 18:01:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-length: 142
x-xss-protection: 1; mode=block
pragma: no-cache
to-dmp-sync: s2b-dmp-use1-aws.truoptik.com
server: cloudflare
user-agent: Tru Optik DMP 1.3.1
x-frame-options: SAMEORIGIN
content-type: text/html
location: https://sync.crwdcntrl.net/map/c=10832/tp=TRUP/tpid=6c528503eb5bd7597adfc0d10d140f58
access-control-allow-origin: *
cache-control: no-store
cf-ray: 83fd25ae9f4d3a02-YYZ
expires: 0

GET /
loadus.exelator.com/load/ Frame 976F 0
0

GET
H/1.1 200
OK identity
c.cintnetworks.com/ Frame 976F 0
543 B 2113ms
1947ms Image
text/plain 40.71.11.141

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.cintnetworks.com/identity?a=5461&gdpr=0&id=Lotame:f9e3751cabd25ed4f513b265902ccc03
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 40.71.11.141 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:30 GMT
Cache-Control: max-age=60, private, must-revalidate
Access-Control-Allow-Credentials: true
Arr-Disable-Session-Affinity: true
Content-Length: 0
Vary: Origin
P3P: CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 976F
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=f9e3751cabd25ed4f513b265902ccc03
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=f9e3751cabd25ed4f513b265902ccc03

120 B
983 B

352ms
82ms

Image
image/png

64.58.232.180
ASN-FLEXENTIAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=f9e3751cabd25ed4f513b265902ccc03
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Server: 64.58.232.180 , United States, ASN13649 (ASN-FLEXENTIAL, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 18:01:27 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/png
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: LAS08
Content-Length: 120
Expires: -1

Redirect headers

Date: Wed, 03 Jan 2024 18:01:27 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html; charset=utf-8
Location: https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=f9e3751cabd25ed4f513b265902ccc03
Access-Control-Allow-Origin: *
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Cache-Control: private
X-Server: NY14
Content-Length: 217

GET
H3 200 utsync.ashx
ml314.com/ Frame 976F 43 B
60 B 60ms
59ms Image
image/gif 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=f9e3751cabd25ed4f513b265902ccc03&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: image/gif
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0,Thu, 04 Jan 2024 18:01:28 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 976F
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&gdpr=0&gdpr_consent=

49 B
264 B

57ms
56ms

Image
image/gif

52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&gdpr=0&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.3.114
content-length: 49
expires: 0

Redirect headers

Location: https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-bf1d78c1-6055-5148-4d68-ad66fce70329$ip$96.9.249.42&gdpr=0&gdpr_consent=
Date: Wed, 03 Jan 2024 18:01:28 GMT
Connection: keep-alive
Content-Length: 165
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 976F 70 B
440 B 46ms
46ms Image
image/gif 50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=51mdg9u&uid=f9e3751cabd25ed4f513b265902ccc03&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 03 Jan 2024 18:01:28 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 976F
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-JCM.TVBE2pyuv_JZ88GjfDCYqrv6SZEGuGg-~A&gdpr=0

49 B
264 B

44ms
43ms

Image
image/gif

52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-JCM.TVBE2pyuv_JZ88GjfDCYqrv6SZEGuGg-~A&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.1.252
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-JCM.TVBE2pyuv_JZ88GjfDCYqrv6SZEGuGg-~A&gdpr=0
date: Wed, 03 Jan 2024 18:01:28 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=38ea971b-e4e3-44df-a373-e86e43944a53-6595a0f8-5553/ Frame 976F
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=38ea971b-e4e3-44df-a373-e86e43944a53-6595a0f8-5553/gdpr=0

49 B
264 B

44ms
43ms

Image
image/gif

52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=38ea971b-e4e3-44df-a373-e86e43944a53-6595a0f8-5553/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.49.86
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:27 GMT
server: A
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=38ea971b-e4e3-44df-a373-e86e43944a53-6595a0f8-5553/gdpr=0
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 976F 0
674 B 160ms
35ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=7&puid=f9e3751cabd25ed4f513b265902ccc03&gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 0190a17a18f2299b1b85aeb1793e601c
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

gdpr=0&_test=ZZWg_AAL06dTSQBH
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZWg_AAL06dTSQBH/ Frame 976F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZZWg_AAL06dTSQBH
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZWg_AAL06dTSQBH/gdpr=0&_test=ZZWg_AAL06dTSQBH

49 B
265 B

43ms
43ms

Image
image/gif

52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZWg_AAL06dTSQBH/gdpr=0&_test=ZZWg_AAL06dTSQBH
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.49.212
content-length: 49
expires: 0

Redirect headers

x-served-by: cache-yyz4523-YYZ
pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704304888.435796,VS0,VE0
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZZWg_AAL06dTSQBH/gdpr=0&_test=ZZWg_AAL06dTSQBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 976F 170 B
188 B 44ms
43ms Image
image/png 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=ZjllMzc1MWNhYmQyNWVkNGY1MTNiMjY1OTAyY2NjMDM&gdpr=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5907
tags.bluekai.com/site/ Frame 976F 62 B
306 B 103ms
102ms Image
image/gif 23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=c141ad4265c9ae29761d14d5fffaa730
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 03 Jan 2024 18:01:28 GMT
content-length: 62
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 976F 170 B
188 B 43ms
42ms Image
image/png 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=ZjllMzc1MWNhYmQyNWVkNGY1MTNiMjY1OTAyY2NjMDM&gdpr=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8550189643272942068/ Frame 976F
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/f9e3751cabd25ed4f513b265902ccc03/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8550189643272942068/gdpr=0

49 B
264 B

41ms
41ms

Image
image/gif

52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8550189643272942068/gdpr=0
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.5.78
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=8550189643272942068/gdpr=0
pragma: no-cache
date: Wed, 03 Jan 2024 18:01:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

rand=245830629
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3035946598938582926/gdpr=0/ Frame 976F
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=245830629
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3035946598938582926/gdpr=0/rand=245830629

49 B
263 B

42ms
42ms

Image
image/gif

52.20.53.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3035946598938582926/gdpr=0/rand=245830629
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=161%2C155%2C145%2C136%2C122%2C116%2C106%2C104%2C100%2C92%2C78%2C61%2C54%2C49%2C41%2C33%2C31%2C26%2C22%2C12%2C7%2C3%2C2&c=3825&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol: H2
Server: 52.20.53.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-53-186.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.40.2.79
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
an-x-request-uuid: a1cb974f-c167-4a96-a692-13908e1c6312
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=3035946598938582926/gdpr=0/rand=245830629
x-proxy-origin: 96.9.249.42; 96.9.249.42; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK 57333
i.liadm.com/s/ Frame 98A8 43 B
573 B 41ms
41ms Image
image/gif 18.211.201.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=H7kZhSZHXC2ZxH6LT9isXLi_&rnd=34030

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.211.201.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-201-194.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 18:01:28 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 3
Content-Type: image/gif

GET
H2 200 Portal.html Show response
get.s-onetag.com/underground-sync-portal/ Frame 19C0 85 B
483 B 26ms
25ms Document
text/html 18.238.55.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-87.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer: https://683jb.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 708577
cache-control: max-age=864000
content-length: 85
content-type: text/html
date: Tue, 02 Jan 2024 09:01:40 GMT
etag: "131a68f1a3ad405d816af56e04b93481"
last-modified: Mon, 24 Aug 2020 10:07:31 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a09be795efaa72bd6adbcee7b35c4d1c.cloudfront.net (CloudFront)
x-amz-cf-id: kdTKAb87Cb_NxyFIdtqfZFj1X66XGJc0pLoDBruFOkYjd-7KpQVadg==
x-amz-cf-pop: JFK52-P4
x-amz-version-id: DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache: Hit from cloudfront

GET
H2 200 Portal.js Show response
get.s-onetag.com/underground-sync-portal/ Frame 19C0 766 B
1 KB 25ms
22ms Script
text/javascript 18.238.55.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.55.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-55-87.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date: Wed, 03 Jan 2024 08:06:19 GMT
via: 1.1 a09be795efaa72bd6adbcee7b35c4d1c.cloudfront.net (CloudFront)
last-modified: Mon, 24 Aug 2020 10:07:19 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P4
age: 623437
etag: "145e495d0d92a3c8fd975bfe5485b72c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=864000
accept-ranges: bytes
content-length: 766
x-amz-cf-id: CU3qjgBbpHtSIx6D-gnIEzQvtPcU8kzG2WbF8Cg9IdOhaVLMw5dhSA==

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 98A8
Redirect Chain

https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=H7kZhSZHXC2ZxH6LT9isXLi_/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
https://ce.lijit.com/merge?pid=5001&3pid=f9e3751cabd25ed4f513b265902ccc03

43 B
999 B

34ms
34ms

Image
image/gif

63.251.86.51
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=5001&3pid=f9e3751cabd25ed4f513b265902ccc03
Protocol: HTTP/1.1
Server: 63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Jan 2024 18:01:28 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3dca1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ce.lijit.com/merge?pid=5001&3pid=f9e3751cabd25ed4f513b265902ccc03
cache-control: no-cache
x-server: 10.40.15.215
content-length: 0
expires: 0

GET
H/1.1 200
OK pixel Show response
ps.eyeota.net/ Frame 98A8 644 B
1 KB 60ms
60ms Script
application/javascript 50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by: Host: data-beacons.s-onetag.com
URL: https://data-beacons.s-onetag.com/dataBeacons.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: 4caa7626b1277ce6efc1c1e3ba900e4d905d0caa99c469439f84ab63c95e8942

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: application/javascript
Date: Wed, 03 Jan 2024 18:01:29 GMT
Content-Length: 644
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 98A8
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
https://ps.eyeota.net/match?uid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&bid=1e2n4ou

70 B
440 B

97ms
66ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&bid=1e2n4ou
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 03 Jan 2024 18:01:29 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?uid=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&bid=1e2n4ou
date: Wed, 03 Jan 2024 18:01:29 GMT
server: Kestrel
content-length: 191

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 98A8
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Oujynb5E2pVHcNXTOtqmGwXFV.ELqXjbYXM-~A

70 B
440 B

101ms
51ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Oujynb5E2pVHcNXTOtqmGwXFV.ELqXjbYXM-~A
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 03 Jan 2024 18:01:29 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location: https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Oujynb5E2pVHcNXTOtqmGwXFV.ELqXjbYXM-~A
date: Wed, 03 Jan 2024 18:01:29 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 98A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=ZZWg_AAL06dTSQBH&bid=0rijhbu&referrer_pid=51md42u

70 B
440 B

47ms
46ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=ZZWg_AAL06dTSQBH&bid=0rijhbu&referrer_pid=51md42u
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 03 Jan 2024 18:01:29 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by: cache-yyz4523-YYZ
pragma: no-cache
date: Wed, 03 Jan 2024 18:01:29 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704304889.304562,VS0,VE0
x-cache: HIT
location: https://ps.eyeota.net/match?uid=ZZWg_AAL06dTSQBH&bid=0rijhbu&referrer_pid=51md42u
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 98A8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
https://ps.eyeota.net/match?uid=3035946598938582926&bid=2cr76e1&referrer_pid=51md42u

70 B
440 B

146ms
47ms

Image
image/gif

50.16.174.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=3035946598938582926&bid=2cr76e1&referrer_pid=51md42u
Protocol: HTTP/1.1
Server: 50.16.174.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-174-192.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 03 Jan 2024 18:01:29 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Wed, 03 Jan 2024 18:01:29 GMT
an-x-request-uuid: 262c0dcd-4235-4e66-8e01-1bf8bc6b331f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ps.eyeota.net/match?uid=3035946598938582926&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin: 96.9.249.42; 96.9.249.42; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

5386
tags.bluekai.com/site/ Frame 98A8
Redirect Chain

https://tags.bluekai.com/site/39798?limit=1&id=2WMkvWFJkKt6KtOIWxU2F9BN08J0UNVBO2_46UJFj4zo
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
https://tags.bluekai.com/site/5386?id=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&gdpr=0&gdpr_consent=

62 B
306 B

118ms
117ms

Image
image/gif

23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5386?id=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 03 Jan 2024 18:01:29 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/5386?id=8a3ed88a-efc0-40b1-9966-f7c30dc9d59a&gdpr=0&gdpr_consent=
date: Wed, 03 Jan 2024 18:01:29 GMT
server: Kestrel
content-length: 221

GET
H2

204

CookieSyncThrotle
rtb.adentifi.com/ Frame 98A8
Redirect Chain

https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=H7kZhSZHXC2ZxH6LT9isXLi_
https://thrtle.com/sync?_reach=1&vxii_pdid=H7kZhSZHXC2ZxH6LT9isXLi_&vxii_pid=12&vxii_pid1=7002&vxii_rcid=fa6d9362-773f-4d4f-96be-b36114982a50&vxii_rmax=1
https://rtb.adentifi.com/CookieSyncThrotle?

0
35 B

140ms
43ms

Image
text/plain

52.203.70.213

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncThrotle?
Protocol: H2
Server: 52.203.70.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://683jb.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 18:01:30 GMT

Redirect headers

location: https://rtb.adentifi.com/CookieSyncThrotle?
date: Wed, 03 Jan 2024 18:01:29 GMT
content-type: text/html; charset=utf-8
content-length: 66
p3p: CP="NOI OUR BUS UNI COM NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tajs.qq.com
URL: https://tajs.qq.com/stats?sId=65407254

Domain: pic1.afdiancdn.com
URL: https://pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/27a9fc7d5dda787a3bbac00e47b75b6d_w720_h450_s74.jpg

Domain: pic1.afdiancdn.com
URL: https://pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/06d7d2f71b1c365e25e120c9bccf7580_w720_h450_s50.jpg

Domain: pic1.afdiancdn.com
URL: https://pic1.afdiancdn.com/user/f12e34626eb511eca06352540025c377/common/c56c46e0cb3f7d57da817eb1eff613a2_w720_h450_s67.jpg

Domain: p1.meituan.net
URL: https://p1.meituan.net/csc/ee61c22b83198a257fe8fa1c51e4433d69054.jpg

Domain: loadus.exelator.com
URL: https://loadus.exelator.com/load/?p=204&g=260&buid=f9e3751cabd25ed4f513b265902ccc03&j=0&gdpr=0

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

81 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 18:08:16	Name: _li_ss Value: ChMKBgjdARDxFgoJCP____8HEPsW
i6.liadm.com/s	1970-01-20 18:08:16	Name: _li_ss Value: CgA
.hm.baidu.com/	1970-01-21 03:01:04	Name: HMACCOUNT_BFESS Value: 586AFCC2552FD443
.shaoguan.theperfectgathering.com/	1970-01-21 02:10:40	Name: Hm_lvt_29b1db81c93c28a26e06c8b1d898ba60 Value: 1704304884
.shaoguan.theperfectgathering.com/	1969-12-31 23:59:59	Name: Hm_lpvt_29b1db81c93c28a26e06c8b1d898ba60 Value: 1704304884
.dtscout.com/	1970-01-20 17:25:09	Name: m Value: 1
.dtscout.com/	1970-01-20 17:25:08	Name: st Value: 1
.dtscout.com/	1970-01-20 17:25:19	Name: oa Value: 1
.dtscout.com/	1970-01-20 19:49:04	Name: df Value: 1704304884
.dtscout.com/	1970-01-20 19:33:14	Name: l Value: 51A01704304884CE506932A27445C4B8
.sharethis.com/	1970-01-21 02:12:07	Name: __stid Value: ZGYABmWVoPQAAAAIW56WAw==
.sharethis.com/	1970-01-21 02:12:07	Name: __stidv Value: 2
.shaoguan.theperfectgathering.com/	1970-01-21 02:10:40	Name: Hm_lvt_3133194f251bbc230fc36b806b812f58 Value: 1704304885
.shaoguan.theperfectgathering.com/	1969-12-31 23:59:59	Name: Hm_lpvt_3133194f251bbc230fc36b806b812f58 Value: 1704304885
.t.sharethis.com/	1970-01-20 17:45:14	Name: pxcelPage_default_c010_C Value: 1_0_1704304884844
.dtscdn.com/	1970-01-20 21:42:50	Name: uid Value: 51A01704304884CE506932A27445C4B8
.adsrvr.org/	1970-01-21 02:12:07	Name: TDID Value: 8a3ed88a-efc0-40b1-9966-f7c30dc9d59a
.ml314.com/	1970-01-21 02:12:07	Name: pi Value: 3641095699338100789
.eyeota.net/	1970-01-21 02:12:07	Name: mako_uid Value: 18cd07cbd10-81a0000010a57f5
.eyeota.net/	1970-01-20 17:25:05	Name: SERVERID Value: 22517~DM
.rlcdn.com/	1970-01-21 02:10:40	Name: rlas3 Value: lUGU/CQTPWxqtQV49FM+7qdGB9ZcXA+cGTrus8EkAmc=
.rlcdn.com/	1970-01-20 18:51:28	Name: pxrc Value: CPXB1qwGEgUI204QAA==
.bluekai.com/	1970-01-20 21:47:09	Name: bku Value: +rQ99wVQkVUQQQ6u
.onaudience.com/	1970-01-21 02:10:40	Name: cookie Value: 9ef0ab8fa6f5d522
.onaudience.com/	1970-01-20 17:26:31	Name: done_redirects236 Value: 1
.lijit.com/	1970-01-21 02:10:40	Name: ljt_reader Value: H7kZhSZHXC2ZxH6LT9isXLi_
.pippio.com/	1970-01-21 02:10:40	Name: did Value: 7xixRXKz0QrFtik2
.pippio.com/	1970-01-21 02:10:40	Name: didts Value: 1704304885
.pippio.com/	1970-01-20 18:51:28	Name: nnls Value:
.pippio.com/	1970-01-20 18:51:28	Name: pxrc Value: CPXB1qwGEgYIgr0rEAA=
.linkedin.com/	1970-01-20 19:34:40	Name: li_sugr Value: 4d9e7eeb-0d2f-4189-b507-c2477e20db82
.linkedin.com/	1970-01-21 02:10:40	Name: bcookie Value: "v=2&b86f166a-4d84-4e5b-832a-31f82a543fef"
.linkedin.com/	1970-01-20 17:26:31	Name: lidc Value: "b=VGST06:s=V:r=V:a=V:p=V:g=2847:u=1:x=1:i=1704304885:t=1704391285:v=2:sig=AQHroNRiBrWyv2Zsow5KZAZp_7jv9Txe"
.doubleclick.net/	1970-01-21 03:01:04	Name: IDE Value: AHWqTUmDpW-AwMNXMMws9eAnJs5h4AfZ76rmiNfOVXYLJEEQkWjdj3mJE7QoeI90crE
.intentiq.com/	1970-01-21 03:01:04	Name: IQver Value: 1.9
.liadm.com/	1970-01-21 03:01:04	Name: lidid Value: c1c48d9a-4c8c-445a-be80-08cf0b71b6e8
.crwdcntrl.net/	1970-01-20 23:53:53	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 23:53:53	Name: _cc_id Value: f9e3751cabd25ed4f513b265902ccc03
.simpli.fi/	1970-01-21 02:12:07	Name: suid Value: 4FC4B8C31488426F99925AF4C040B05C
.t.sharethis.com/	1969-12-31 23:59:59	Name: pxcelBcnLcy Value: 120
.lijit.com/	1970-01-21 02:10:40	Name: _ljtrtb_2 Value: 4FC4B8C31488426F99925AF4C040B05C
.tapad.com/	1970-01-20 18:51:28	Name: TapAd_TS Value: 1704304888109
.tapad.com/	1970-01-20 18:51:28	Name: TapAd_DID Value: 5836799e-713c-463f-bf95-000978e3c876
.truoptik.com/	1970-01-21 02:10:40	Name: to_master_s Value: 6c528503eb5bd7597adfc0d10d140f58
.truoptik.com/	1970-01-21 02:10:40	Name: to_version_s Value: b2
.pubmatic.com/	1970-01-20 17:26:31	Name: KTPCACOOKIE Value: YES
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: akz21nh03f4octps0cpm5dmr
.pubmatic.com/	1970-01-21 02:10:40	Name: KADUSERCOOKIE Value: 716E2271-600D-40B3-9405-C4C2B47A63EA
.mgid.com/	1970-01-21 02:10:40	Name: muidn Value: o03sfe63-U1a
.mgid.com/	1970-01-20 17:25:06	Name: __cf_bm Value: tZ1j.pXXc3o_pa2VLUvETDDmjolIxzZnDHEU_TVUgF4-1704304888-1-Aeg2k5Ptfw1mfEf+CHMXa0TZErMa8QM7NF091LWwMKljaUxl0E+rxeNMLd+ju2C6iothiQpfWeFVfbLSNVytB1o=
.mediawallahscript.com/	1970-01-21 03:01:04	Name: mCookie Value: 1e011b50-aa62-11ee-ad6a-a517d8de15c4
.mediawallahscript.com/	1970-01-21 03:01:04	Name: mUserCookie Value: %7B%7D
cm.mgid.com/	1970-01-20 18:08:16	Name: mg_sync Value: {}
.tapad.com/	1970-01-20 18:51:28	Name: TapAd_3WAY_SYNCS Value: 1!90
sync.srv.stackadapt.com/	1970-01-21 02:10:40	Name: sa-user-id Value: s%3A0-bf1d78c1-6055-5148-4d68-ad66fce70329.OB%2BHvK2MR1qsWGkyqIq8JW916hac9NvbzDnMDoxU%2Fdc
.srv.stackadapt.com/	1970-01-21 02:10:40	Name: sa-user-id Value: s%3A0-bf1d78c1-6055-5148-4d68-ad66fce70329.OB%2BHvK2MR1qsWGkyqIq8JW916hac9NvbzDnMDoxU%2Fdc
sync.srv.stackadapt.com/	1970-01-21 02:10:40	Name: sa-user-id-v2 Value: s%3Avx14wWBVUUhNaK1m_OcDKWAJ-So.Bk1crIxweNSdtRRzAPwqHzkK7sPoeVPQF4swdB9%2Bkuw
.srv.stackadapt.com/	1970-01-21 02:10:40	Name: sa-user-id-v2 Value: s%3Avx14wWBVUUhNaK1m_OcDKWAJ-So.Bk1crIxweNSdtRRzAPwqHzkK7sPoeVPQF4swdB9%2Bkuw
sync.srv.stackadapt.com/	1970-01-21 02:10:40	Name: sa-user-id-v3 Value: s%3AAQAKINpyOBL1OjPClppkMM43asH_ViYXZW1-XXmWbGjDLes3EHwYBCD4wdasBjABOgT90vuTQgS0OF-J.BNXT12cb4UMRFLnA4CG9pxEa1g0wkYvaIiALuIIx%2Fik
.srv.stackadapt.com/	1970-01-21 02:10:40	Name: sa-user-id-v3 Value: s%3AAQAKINpyOBL1OjPClppkMM43asH_ViYXZW1-XXmWbGjDLes3EHwYBCD4wdasBjABOgT90vuTQgS0OF-J.BNXT12cb4UMRFLnA4CG9pxEa1g0wkYvaIiALuIIx%2Fik
.adnxs.com/	1970-01-20 19:34:40	Name: uuid2 Value: 3035946598938582926
.sitescout.com/	1970-01-21 02:10:40	Name: ssi Value: 38ea971b-e4e3-44df-a373-e86e43944a53#1704304888348
.yahoo.com/	1970-01-21 02:11:02	Name: A3 Value: d=AQABBPiglWUCEDpkivATpVNHUU1zp9NvHtQFEgEBAQHylmWfZdxH0iMA_eMAAA&S=AQAAAp307NhxF_T25FDhsJ7G7Rs
.sitescout.com/	1970-01-20 18:08:16	Name: _ssuma Value: eyI3IjoxNzA0MzA0ODg4MzgxfQ
.rubiconproject.com/	1970-01-21 02:10:40	Name: khaos Value: LQY34K7I-1Y-4XRT
.rubiconproject.com/	1970-01-21 02:10:40	Name: audit Value: 1\|PakkDF9Ibiz5LqUsc+/fZqA3clk2cwkFsXC6PcNL87zhj9K5Ghav9Q/CfDiSnKPx0Jp8ovo+8DxBK03vAHceENBQIIuieds92qumN1V6vPzq0P3vsuC0OSLi6cHwvgcA3ATbkDJixTA1nWY3nyv7qM2O8qCVR0N4qoxmw57vRqc=
.everesttech.net/	1970-01-21 02:10:40	Name: everest_g_v2 Value: g_surferid~ZZWg_AAL06dTSQBH
.analytics.yahoo.com/	1970-01-21 02:10:40	Name: IDSYNC Value: 19bk~2fz6
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vh0c4zzty2kchkfmwv2xxvql
.ib.mookie1.com/	1970-01-21 02:12:07	Name: ibkukiuno Value: s=9def5419-a24c-4576-a69c-48d1bbbd0269&h=&v=0&l=-8584973019970289581&op=&hl=0&vlu=0&tcs=1&dcc=-8584973019970289581
.ib.mookie1.com/	1970-01-21 02:12:07	Name: ibkukinet Value: 1611266346=-8584973019970289581
.adform.net/	1970-01-20 18:09:43	Name: C Value: 1
.adform.net/	1970-01-20 18:51:28	Name: uid Value: 382015151928465879
.adsrvr.org/	1970-01-21 02:12:07	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiun4CogaTGPBAFGAEgASgCMgsIsuTc2JekxjwQBTgBWgd2eHNydjNpYAI.
.mediawallahscript.com/	1970-01-20 17:26:31	Name: mRemnantVisitedCookie_d41d8cd98f00b204e9800998ecf8427e_01_2024 Value: %7B%227bYSR%22%3A1%7D
.turn.com/	1970-01-20 21:44:16	Name: uid Value: 8550189643272942068
.rqtrk.eu/	1970-01-20 17:35:09	Name: browser_id Value: 1:be7c6e94-a646-4986-a166-db691d6d4ded
.crwdcntrl.net/	1970-01-20 23:53:52	Name: _cc_cc Value: "ACZ4XmNQSLNMNTY3NUxOTEoxMk1NMUkzNTROMjIztTQwSk5ONjBmAILUqQt%2B%2FAcCfhAHDHivH241YvkTxPCfkfEDI4jcowUiP8qCSIZ7HyxxS7ave8qNW%2Fbc0UPMuGV%2FbpzCglv20qlHbLhld%2B%2B7LIBb9kPDfQEmFE8cXjwHj12%2FZx5gwm3a9m4t3JLvluAzuOG%2FJm6tAIPhkmY%3D"
.crwdcntrl.net/	1970-01-20 23:53:52	Name: _cc_aud Value: "ABR4XmNgYGBInbrgB5CCAHYGBq4ZYOaiVhDJqDUbQs0CUXzuDmDew3oQxa%2BzH0gCADUMCN4%3D"
.lijit.com/	1970-01-21 02:10:40	Name: ljtrtb Value: eJyrVjJSslIycXM2cbJwNjY0sbAwMTJzs7S0NDJ1dDNxNjAxcDIwdVaqBQC3fwkT
.lijit.com/	1970-01-21 02:10:40	Name: _ljtrtb_5001 Value: f9e3751cabd25ed4f513b265902ccc03

95 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/wxqrcode.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/index5/Content/img/sz002303.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1654046772.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1654261554.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1655059297.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171222/1503324866.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171222/1522488231.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171225/1347019269.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/css/videobgb.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/bg/index/mp4.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/index5/Content/img/p4.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/index5/Content/img/p2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/index5/Content/img/p3.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/user/img/index/ico001.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/user/img/index/ico002.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/user/img/index/ico003.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/user/img/index/ico004.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1105072272.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1029451187.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1032049164.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1035316208.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1039005498.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1051288370.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1055418777.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1111030505.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1113302492.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1119062662.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1027165693.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/jzcqrcode.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/govIcon.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://tajs.qq.com/stats?sId=65407254 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://683jb.xyz/js/get_ym.js(Line 50) Message: Unsafe attempt to initiate navigation for frame with URL 'https://shaoguan.theperfectgathering.com/' from frame with URL 'https://683jb.xyz/index.html'. The frame attempting navigation is targeting its top-level window, but is neither same-origin with its target nor has it received a user gesture. See https://www.chromestatus.com/feature/5851021045661696.
network	error	URL: https://www.szmys.com/fonts/font-awesome-4.6.3http://www.szmys.com/css/font-awesome.css Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://p0.meituan.net/csc/37e16cff8291d86688685ede653a4f1051736.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://p0.meituan.net/csc/818c1b8061ae219374da07bff6b8003376117.jpg Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/wxqrcode.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/index5/Content/img/sz002303.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1654046772.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1654261554.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1655059297.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171222/1503324866.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171222/1522488231.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171225/1347019269.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/css/videobgb.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/bg/index/mp4.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/index5/Content/img/p4.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/index5/Content/img/p2.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/index5/Content/img/p3.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/user/img/index/ico001.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/user/img/index/ico002.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/user/img/index/ico003.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/user/img/index/ico004.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1105072272.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1029451187.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1032049164.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1035316208.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1039005498.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1051288370.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1055418777.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1111030505.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1113302492.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1119062662.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1027165693.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/jzcqrcode.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/(Line 428) Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/govIcon.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1654046772.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1654261554.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1655059297.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1654046772.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1654261554.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20171124/1655059297.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1105072272.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1029451187.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1032049164.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1035316208.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1039005498.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1051288370.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1055418777.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1111030505.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1113302492.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1119062662.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1027165693.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1105072272.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1029451187.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1032049164.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1035316208.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1039005498.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1051288370.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1055418777.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1111030505.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1113302492.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1119062662.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://shaoguan.theperfectgathering.com/ Message: Mixed Content: The page at 'https://shaoguan.theperfectgathering.com/' was loaded over HTTPS, but requested an insecure element 'http://www.szmys.com/upload/20170727/1027165693.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://shaoguan.theperfectgathering.com/js/ajax/lastNews.ashx?&0.8642635454006851 Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://683jb.xyz/index.html Message: Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=H7kZhSZHXC2ZxH6LT9isXLi_' because its MIME type ('image/gif') is not executable.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

683jb.xyz
992i2333.com
ap.lijit.com
api.intentiq.com
bcp.crwdcntrl.net
c.cintnetworks.com
c1.adform.net
cdn.staticfile.org
ce.lijit.com
cm.g.doubleclick.net
cm.mgid.com
cms.analytics.yahoo.com
d.turn.com
data-beacons.s-onetag.com
dis.criteo.com
dmp.truoptik.com
e.dtscout.com
get.s-onetag.com
global.ib-ibi.com
hm.baidu.com
i.liadm.com
i6.liadm.com
ib.adnxs.com
ib.mookie1.com
idsync.rlcdn.com
image6.pubmatic.com
loadus.exelator.com
match.adsrvr.org
ml314.com
onetag-geo.s-onetag.com
p0.meituan.net
p1.meituan.net
partner.mediawallahscript.com
pd.sharethis.com
pic1.afdiancdn.com
pippio.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
ps.eyeota.net
px.ads.linkedin.com
qt.gtimg.cn
rtb.adentifi.com
s10.histats.com
s4.histats.com
secure.adnxs.com
shaoguan.theperfectgathering.com
stags.bluekai.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.sharethis.com
sync.srv.stackadapt.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
tajs.qq.com
thrtle.com
token.rubiconproject.com
track2.securedvisit.com
ubb.bbb.byjykj.xyz
um.simpli.fi
ups.analytics.yahoo.com
ws.rqtrk.eu
www.szmys.com
loadus.exelator.com
p1.meituan.net
pic1.afdiancdn.com
tajs.qq.com
103.235.46.191
104.17.216.204
107.178.254.65
108.157.162.49
113.105.134.36
116.153.39.134
142.251.40.162
146.59.148.16
15.235.42.103
151.101.2.49
158.69.254.144
18.160.46.85
18.173.132.127
18.173.132.7
18.189.215.189
18.211.201.194
18.238.55.87
185.167.164.49
203.205.235.28
207.198.113.88
23.196.3.202
23.224.130.221
23.224.137.68
23.47.69.85
23.7.64.229
2600:1f18:ed:550f:9eb9:354c:5ca7:7a69
2606:4700:10::6814:5063
2606:4700:1::6813:844c
2606:4700:20::681a:c3c
2606:4700:21::8d65:780b
2606:4700:3033::6815:3173
2620:112:f002:bbbb::23
2620:1ec:21::14
3.130.26.161
3.225.218.10
34.111.113.62
34.117.77.79
34.150.170.96
35.175.29.179
35.244.154.8
4.34.42.108
40.71.11.141
43.152.182.26
50.16.174.192
52.20.53.186
52.203.70.213
52.223.40.198
54.146.35.99
54.166.243.239
54.85.146.200
63.251.86.49
63.251.86.51
64.58.232.180
68.67.178.10
69.169.86.38
69.173.151.100
74.119.119.150
8.28.7.81
00f05a602cdaa780164e7bd8ec3ac3a82fca42fce73ddfd99602ac19ef9ff42f
00fe8a99636a1da3f0f5f079780d8f56b42de706a0a7286557a411034e522f66
015fd126f875a35f4356ef72764043b5db4543d218fa8a3a1f35e88029c7b111
01f0553d33acaf579ba0f637338a889b5edfe429d7fe9e25d4f7c5aff171e2d0
0527c6a6bd613a2e4cea74d7629b2b17fcae742e1fe40b467c2d2b1ea65b11fb
069bba500e21f737b175c4c36f84971ee0632fe643159d37825b8ec4c73de865
0702c9bf07ee76f8a2ac6dfdf2dd26f289fd48b58013e86936a7bd14b4e81577
08b479c3eeb1cb4d44354e6bf17322cd7acd38ae9a33ee5956898447ed43fab6
095e6d5fa415e59e9c53b5c7ea9ced8f7d71eeb88f0da98d178ee0f13dbf8dc1
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb221bd5e47c0610d56a03f1d580f9ee857777c8875adc633a8122be8b79dcd
0ca0556eeccf58ecf7041cb39f839af06405f4caaf660c5c963530e93c96fb57
0fa7752926a95e3ab6b5f67a21ef40628ce4447c81ddf4f6cacf663b6fb85af7
0fbbb778c234d248b938c13358da8b2af62710154b8418e47bddb82a5b057c96
105b113eff39c40b75eefac9a75dd96c094fc919b09afed98debcbb76865cb02
10a26f4d35b2931b5fd8ad4b2fadfa935294190e71bef7268c0be5964ca80a81
13cd6986ae45bfba8251f6399310f8c4f94c5264a29321f4270b9c3f48c791db
18b0ce86190047070a14bfc871001d8b54c7923bd32be46d078187ada3fa372a
1ebe598e3d8fd17c1283dc67f20b87a69a597df94d4801dcb7206de4e0596a65
1f39162b33ae24108c369f9dfa9c29af7d8a1a8cc6d25d528f47f0dfe1461454
2065aecca0fb9b0567358d352ed5f1ab72fce139bf449b4d09805f5d9c3725ed
24c7009e8cbd0e9ee4c82320cdfe3de0c42373ee9d603a9c242afb3e3f6692cd
2755ab7f75e604cb47987f3da8ddeb66879a7c629029f06026001c6f1bbbb35f
27f44422692081c41230cf1d69590cf4f2413f341df699395989e7c05c1ceffc
281d50911257108dcc478c88312b2d973e366bce8da824c429d0be568a8afa70
2821073c78d6ce4a8376006cd2248354eea3b56060fc7c4b79b33b05c033bf56
28f40a8c0cc4c778fb327ebda07be620b8e586baf15942312494b767270c8d60
28f8659a8bcde8b7b4a886e15490150f01d0a0312c2dbd122de7e2b848214336
2be5bc681ba2488b5b366e183923c008835985f5cd45b5f3be3075d6454366d2
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30f1b44517adbb594b56f713e1f0234ad58fee51bb2d785b911157ff73a9a7f6
3294e8ef217bfcb67ae649213c5db073c78f5048fc141f9fa10ecb3d7cd58db3
38bb40a58d3a9da94b045cc1ff3e3c49d54a5b70cec7842715376d069bcc7c60
39357fac08813fc12c20184a952eeed02cdb691ea6736e265d172047fc21f885
398949c9055a4ab08ff4bd5edf007a19b6bec6973ef581837a212b202f760414
39feb7eccf1b9fd45b9b7754ab7ac9ed44475bf745dd86b12c98fd359ae10f40
3cb7ea487656759eadfd624a7c41dfe79e833e9aaf9d24bc57741ab180272924
3ec583dd9e16bf9fcc009b2022b2f3e9893b66a61298c2ec20dd29842fdc6cf7
3eff826dd7e86ec1a340bd2a5dcf7dd83bc5a46caaf2628d9bc3f863b9ab627f
401c36ea0b1de2f1c7d300490187e693451193e86d021b1dd60a28ac5b606d08
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
45f62ec968112fc7b4990c80fade55b51ea311fc8731978ed02a880bf721e68c
4caa7626b1277ce6efc1c1e3ba900e4d905d0caa99c469439f84ab63c95e8942
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50987574de3f635dc3e9db817ba8d44dffbfe2e0146c6b93e0aba6c6f2fd4af3
50e1e0336e482c00a570bb2e9189b6fb88a96b6463ad377aaa0d81f9c705d80e
51e8d061758d803eec026f03c92065dd0d5bdfa3dc1b7f1bdc7ca17c362b6e79
578e2ba0f1ebfb0df78dee76499c2720bbc7a873ac676d99048d7c6fddf4ab0b
59f4835386e27dc5f9acc51d32c2d96992bf06f2d73c6c32a85db878101be2bc
5b7de9a13c6c91059394808a063bd6aef0f71f939378e89ce83ccfbe71e1f1c2
5fc84b2e8c4f8057caa5771f2c9b711e337764d2c0bd7241e4602f701d49f86b
609c771efb25dd6e3c0b08e001bee20e08a2198c66245677f87f8bbb90c37c25
6107efd2c283c35f3dbcc7298163583a69c62ac066a5a235aa9768f1d2bd5a9d
611da9220eff25c4037f674123ba3ff4b24d41721b4a7ce533bfc886dd64ec3f
6469598e03c314a0191835fd4419f5cfa73ee39f246e999a1ddb75276a76a16d
64f878aadc9c96742983e36e684fbe7b70c90d79ab907b0e998362e841e79bbf
69656f544d710f6f1cd28b4b2f36ec11d2b8d14319db5b48a84f1a5792e47d12
6aaa4b0508f65eb9b2a90c0c74bcedf4b2cd0a18916c78a35c917905bfbe7a44
6e2fdb533dfd96b59cc18b864dc9aff7973f8117e432e06bda61df68c0dc37a3
7679c7f023311f2d7093c4ab01d25a121ade00088cbaa36e055f15762f6e6f51
776691f41e8255e73c1b9bcc5fd646b228c3f6cb4d76b422bed50cfe0961e203
78a713f6e0548ac987cec8705ffd921ecf19d2f98b4671eebba82ba210a283ba
7aaad7c3082639a602cf05a65586238f22955559c97478bc09b113ec482112b0
7af3f601671174c94b58fbdfe7aa5c66fd9824da85e87cbba9b372a7ccf29945
7d2aa0078c831eec4f2c2e8e77e5ec3e8d6b75dc5db5b4c87c27a6a7e8e0aa31
7e0ede9ebc898f160aa2359b39b008a1e1b3a20bcad822f2a2b18bfab5687f00
7e59e2f10f07e91a3c36556df6c75fdd555ddec2d5a41261888bdbed0040cd8d
7f56d37179dbeacf34a386eac47c6305ea5f79eb4afce927cb946e3b71920d1b
80ba0d497544140c7114cf38804dbe1419d0a34588254a4dc0ba99c7e3206cbf
82f0e99f6c12b46f4731ab7952fcf1225145e74a5005c7e7eb921772bcdb074e
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
89787961896e4a79738a5edc58840c2572e0f5223751ccb81e7dabe68505e5ac
8a0cc1e4fe32aeed10d1c9923b53a73956e8eedf09b16f947b0417215923b3b1
8b3c9d85b4fb9f612e671b1424fe9f1010edefdda5de95018e693ffd746251a1
8d1377dea8269dc9c6d0a141401f8b87113ee1783cbe20ad546e4c1f5c29bc3b
8d559a20fde994f702a120a15ac4aa7f336b1d183845e8c00f7ddcea1569ffdb
8e1a61a06a55f2a3b531f393dbdd14402b804050dafdd5ab69689f7f7fa60e66
8ec78055e5c72524cf064557b6859fd6cae1a33d5cd3ca315528021fd4483a9d
937652bde6c565d551385784641f9b4eaadbfe627651534e1f62828426ba0350
94540a0995db7211e66280cbc010d24915cb391ea7ed3ecee822258396d19092
95fddd42898245b52ac0b45a8650fd195022e9bce753d1b09f0da35aabd9026f
98a96acccd681770e0e6fdc74440d56b1ae01ed7fd33f3e2427920dc0725c86f
98e79d33cd19ab9fdf5d88857027ecd3288712e7824b52860bf3b6466315aa32
996a10a6942561c31271619fd667320bb2f5a4654e4e13cd3bfd57e59cd9cec3
998dcb369b33501feea6ebd607536b92785df1d242f5aa015f723aece804cd2c
9b77a91a35b7dbb12b4c874861a2abe8dc77bb16a10ed31ebff569d38199ebb2
9e053641c7e902d2d8283e064f8534f047f56bec7e5a4382f0d2d2f643c178ba
9e52eab5b1b51a90076321420312342c45d3ff9fcb1ce214d583f78ad97b00a0
a1d83c8b68fb1b7edbbc3300d0270e2eeaf4c1fb6645a3bcd6119b8bf3c78c03
a36079e5d5309aa8c229f582a2da11e4ba4105e507dcaa4dfe0542ed48be0d84
a401e96d77dccb3e60f6c853cabf414032bc1e9aabb22d72272862fb39e35a3e
a53c71a6f77cad5eb8606c7e086551808ae4a590cedc1a869211ba16c5213ea3
a865904878986ba6caf73c5416db4b7e04b947546446e04f0be94c2308a9a275
a908e41c730617215405605071be546fc7f0e7ae384e55dd4acfe2adf9431752
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab1b199b5cc3c03655d797fd757000ca2e9be0a03e8258f8f1f352c21dd7ab0d
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5a7f32f9a83753fdc696e112383b1b7ace4526b5146923fb94ff7a9e88fa130
b64bd3c776fc3778585810b72e613491302b4f82d1a790380ec9e2e5e8f538f2
b77b1629e669fed5ce998c25dfd15f3f2d9eb32bf5c461bf41ade609f88cbd62
b8ca84bb8c4e1cfa7a372390753dbd7cf325af6e61196572fa0ea1217e106eaf
ba7dedb3f556f4336b15b3d7dbbc7d6358f02947d606241c7e957b429ecc4a66
ba971a3d83dc2506b5eba84214d992a4903aa5b2931712b70105b17f9e96463c
bcbaafe88d044538df020a117fac73be5a274660befbf48d79cfc2d684bbde16
bcd156856662c359446ce5d18f694bf7f3607625149b8bea9b434ad8c4923041
bebc9b64d531b6d8b669ff59d07338641cb5cd6f3fb66feffc31012dcfb6faa3
bf7fd633e2c4d390977e72ad3c666908a6c7aedfd6ac5a089a81913d95b4f6de
bfcdee330811ac61df7b2b77773d2296dfb73b6a4a34e600405e70ec1ccca01d
bffda8469c8c15ff94adcdcd32b5dc518441f9614c21dadff82ce29b63d744aa
c03deced144f07e7a68ec2c67e3f5d6f0b709f6bad9d25ea01f706e55fe13ac0
c1e5ec65136463a0873ff6e1fb739b4959da464143c8b1b3e130e5cea14038d4
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c5922f65819c5007e54951699aa25e8733672c30a0f37c4afbac8fce9a97cca8
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb0b2a98a02f4005c41361f4cc0a852f67efbfbe2d201ceb2a1357b3dd95e364
cbc4cd1a822546e46448b4dbe7258dadb014ec5dc31b5791ecedb2e577b82d31
ce3ec9e64e223762dacfdfb4e7b2028b4b52c719dc7e0af31017e8e89272f744
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f7ef85d1adb6dcb1c46851f694b9560bb5a359e7315449787f1a656efc75da
d1dc7ef43ed132a53309fa0437f6baa849ef413389bad1be3e56df447dc8b10e
d38556d28622a044dd8a041585e2964425d61b1d6eb75d6642bc77038b3a24bd
d6b31e533f93b75eeccba7c4d0fe710833ba6543322321aa1b571b453654480c
d752806b32ef559afc2976d573b8d7202be9331dd46d0bc8892cff7ca22a4839
d75fe97d9ac97329e36abe76e3979893d3772ecfd203a9b8ff83f86154f4f561
da53226224e1d4be790551eaf4f5493168307ea552d389e33862e8b10d164ed6
da6d147f5f1080e8dca55e73059b113cf233f3223eba21f005c14767a059a27f
db20ac463c8e34514c134b78729a9eda875817a736ff9d8a800484e0809ca67c
dd5528ee4e69b99af96c18f5041f04f1d008050971a574284788eecd3a21fc7c
ddae935381c3cd4839647edc08f0dceef5ffedbd149e4b201dedc23727cb5c00
dde084677ab4764751181e556d225fdf7c66a7e7d5d41543c47d9c69cf6d126e
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df97830866c67199399d905c82a524a67727f479f4636bd3be262a648e388f84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e950953a25e4236f77e1c71a5609a9570ad543e148fd2c9d646e665fe04191f6
e951ffa592d9e07bf5c59ea4029a598af426c3c7d381ad488778a54155cb9375
eb0dff1466cbbfccd8ce7ff5cf776f5036a533d6a6865556dbcaa1f3be5be25c
ebe324c2c41a3d8d25b9a97a34fd22778ce993ef8fa50cd587f37b701da8c264
ec645e33634c4a7577f2520eeb0338db278b165d8ba79bf30ddb8261fd381424
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2da83e97ab92437eade35ec9a78cac9cf0fc905c9b375b4fa765a4516bd6c9
ef8d7e21aca81b46f571f1ab2e35adde599cff0a41980caa188806bcc2ee6d8b
f3af26491e1b190106361db6d59a8d8f538071c3daa5b979c61dfa6ee6b3aded
f44a3ab8f018db4152666d580eb1c871216e215b4a7a5dcf293aeb66931b293a
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
fba9021e24e429c0b63badc0dc9c82259ddab40efb7f8857c7a9512434e2f220
fd315b81e9d997f2818ab854839c29205fcdebac0f7d89972e67610c1fd7453b
ffd61df61ff69c61cad8672ab24818ebb153fe8c989493ad4d85b7125052b4ff

shaoguan.theperfectgathering.com Open in urlscan Pro 2606:4700:3033::6815:3173 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

232 Requests

84 %HTTPS

14 %IPv6

53 Domains

67 Subdomains

41 IPs

8 Countries

5116 kBTransfer

6085 kBSize

81 Cookies

0 Outgoing links

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

shaoguan.theperfectgathering.com Open in urlscan Pro
2606:4700:3033::6815:3173 Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

84 %
HTTPS

14 %
IPv6

53
Domains

67
Subdomains

41
IPs

8
Countries

5116 kB
Transfer

6085 kB
Size

81
Cookies

232 HTTP transactions
0 data transactions