165638.com-165638.mpv.165638ee2ee.buzz Open in urlscan Pro
27.124.33.26  Public Scan

URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Submission: On April 28 via api from US — Scanned from SG

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 39 HTTP transactions. The main IP is 27.124.33.26, located in Singapore and belongs to CTGSERVERLIMITED-AS-AP CTG Server Limited, HK. The main domain is 165638.com-165638.mpv.165638ee2ee.buzz.
TLS certificate: Issued by R3 on April 28th 2024. Valid for: 3 months.
This is the only time 165638.com-165638.mpv.165638ee2ee.buzz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 27.124.33.26 152194 (CTGSERVER...)
1 172.67.158.205 13335 (CLOUDFLAR...)
2 14.215.183.79 4134 (CHINANET-...)
23 2606:4700:303... 13335 (CLOUDFLAR...)
1 172.67.69.123 13335 (CLOUDFLAR...)
39 6
Domain Requested by
23 amtk.11828.cc 165638.com-165638.mpv.165638ee2ee.buzz
11 165638.com-165638.mpv.165638ee2ee.buzz 165638.com-165638.mpv.165638ee2ee.buzz
2 hm.baidu.com 165638.com-165638.mpv.165638ee2ee.buzz
1 tk.tutu.finance 165638.com-165638.mpv.165638ee2ee.buzz
1 h5.l1l1l1l1l11l-l1l1l11l1l1l.com 165638.com-165638.mpv.165638ee2ee.buzz
0 vbe.smhkbnry.com Failed 165638.com-165638.mpv.165638ee2ee.buzz
39 6
Subject Issuer Validity Valid
h5.ww522sd-jdnn.com
R3
2024-04-28 -
2024-07-27
3 months crt.sh
l1l1l1l1l11l-l1l1l11l1l1l.com
GTS CA 1P5
2024-04-16 -
2024-07-15
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2023-07-06 -
2024-08-06
a year crt.sh
11828.cc
GTS CA 1P5
2024-03-21 -
2024-06-19
3 months crt.sh
tutu.finance
E1
2024-03-06 -
2024-06-04
3 months crt.sh

This page contains 3 frames:

Primary Page: https://165638.com-165638.mpv.165638ee2ee.buzz/
Frame ID: 2F6E40F027FA2F5D8223A06662E96416
Requests: 12 HTTP requests in this frame

Frame: https://h5.l1l1l1l1l11l-l1l1l11l1l1l.com/new/new_kj.html
Frame ID: 203E686809631F1FE8C532982123A824
Requests: 1 HTTP requests in this frame

Frame: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Frame ID: 3E80D7180019DA87888EFAFAC6BB773F
Requests: 26 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

39
Requests

97 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

3053 kB
Transfer

3182 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
165638.com-165638.mpv.165638ee2ee.buzz/
71 KB
10 KB
Document
General
Full URL
https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
6349e61490d1fa61e6bd28eebd2802c6c6366ed3f4b130d1837992de67baefae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 28 Apr 2024 22:41:22 GMT
server
nginx
strict-transport-security
max-age=31536000
txcss.css
165638.com-165638.mpv.165638ee2ee.buzz/style/
28 KB
9 KB
Stylesheet
General
Full URL
https://165638.com-165638.mpv.165638ee2ee.buzz/style/txcss.css
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
eba3d0525ae916ec3a7d16e49e71f640fa719de81ac488bee00a67974183b16c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:22 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:40 GMT
server
nginx
etag
W/"65ef66a8-6e5c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:41:22 GMT
wind-reset.css
165638.com-165638.mpv.165638ee2ee.buzz/images/wind/
3 KB
1 KB
Stylesheet
General
Full URL
https://165638.com-165638.mpv.165638ee2ee.buzz/images/wind/wind-reset.css
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
4a4d95870439260445a3b5a53f1b450a64321c168730d700ec40ba2f794b655a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:22 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:41 GMT
server
nginx
etag
W/"65ef66a9-af2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:41:22 GMT
media.css
165638.com-165638.mpv.165638ee2ee.buzz/style/
5 KB
1 KB
Stylesheet
General
Full URL
https://165638.com-165638.mpv.165638ee2ee.buzz/style/media.css
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
a53530620f94eb34730e1635c95f4d02f9ed449addcb2595a34a848bd37374b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:22 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:40 GMT
server
nginx
etag
W/"65ef66a8-15a6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:41:22 GMT
pw_ajax.js
165638.com-165638.mpv.165638ee2ee.buzz/js/
7 KB
3 KB
Script
General
Full URL
https://165638.com-165638.mpv.165638ee2ee.buzz/js/pw_ajax.js
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
a17c51f0de393f2cacd76464680d68a21148dc940f61afc5dc4e79784896e4c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:22 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 13 Apr 2024 13:52:21 GMT
server
nginx
etag
W/"661a8e15-1a5e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:41:22 GMT
865559.gif
165638.com-165638.mpv.165638ee2ee.buzz/images/
231 KB
231 KB
Image
General
Full URL
https://165638.com-165638.mpv.165638ee2ee.buzz/images/865559.gif
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
ed9b8bbd6e2a85ccca09d5b1785de308a4ec1f5b8fb3fc5a2229ef65d04f467c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:22 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 11 Mar 2024 20:16:42 GMT
server
nginx
etag
"65ef66aa-39a00"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
236032
expires
Tue, 28 May 2024 22:41:22 GMT
Deploy.js
165638.com-165638.mpv.165638ee2ee.buzz/js/
2 KB
1 KB
Script
General
Full URL
https://165638.com-165638.mpv.165638ee2ee.buzz/js/Deploy.js
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
5c08766973e46c6237da4860553a264670d96726234185ddb4ce43c6ba8e7352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:22 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:43 GMT
server
nginx
etag
W/"65ef66ab-778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:41:22 GMT
global.js
165638.com-165638.mpv.165638ee2ee.buzz/js/
10 KB
4 KB
Script
General
Full URL
https://165638.com-165638.mpv.165638ee2ee.buzz/js/global.js
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
9b43e375f0f7cb0112794f903f588c8eecc8994d17cb408780cac22f6d6de82e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:22 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:43 GMT
server
nginx
etag
W/"65ef66ab-2669"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:41:22 GMT
new_kj.html
h5.l1l1l1l1l11l-l1l1l11l1l1l.com/new/ Frame 203E
0
0
Document
General
Full URL
https://h5.l1l1l1l1l11l-l1l1l11l1l1l.com/new/new_kj.html
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.158.205 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87ba8f426a684b7a-SIN
content-encoding
br
content-type
text/html
date
Sun, 28 Apr 2024 22:41:24 GMT
last-modified
Sat, 17 Feb 2024 13:47:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nH5KbXAeLLGIUkJiPgLawy0Z%2B9UFNawSfRFlrXHs2R84%2FI97yRWxJp5EPulnHAynE%2Fc%2F5n71g5GQDCFYSKzlnH2%2FnRZgLoveIdx1aiGvapIRdM4C6znWrGWM5oBgnbSIRZYkR5bU5v%2B9hL7xvJV23ketGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
xgk.html
165638.com-165638.mpv.165638ee2ee.buzz/ Frame 3E80
28 KB
3 KB
Document
General
Full URL
https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
39b21b2f01a58ef707196261bf9e090b9c9b0cde567ede9e33f8232c0ce2e278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 28 Apr 2024 22:41:23 GMT
etag
W/"662de422-6f78"
last-modified
Sun, 28 Apr 2024 05:52:34 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
Deploy.js
165638.com-165638.mpv.165638ee2ee.buzz/js/
2 KB
0
Script
General
Full URL
https://165638.com-165638.mpv.165638ee2ee.buzz/js/Deploy.js
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
5c08766973e46c6237da4860553a264670d96726234185ddb4ce43c6ba8e7352

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:22 GMT
content-encoding
gzip
last-modified
Mon, 11 Mar 2024 20:16:43 GMT
server
nginx
etag
W/"65ef66ab-778"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Mon, 29 Apr 2024 10:41:22 GMT
hm.js
hm.baidu.com/
29 KB
12 KB
Script
General
Full URL
https://hm.baidu.com/hm.js?09deae81aef712c3d64d5987a096ae05
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
5f98e31131c152d5c986cf09298efe5418452fb4d1c430f7634ad3dd12369b8f
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 28 Apr 2024 22:41:26 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
701bcedba3fb8e091912a31e17abef39
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11258
amgp.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
68 KB
69 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amgp.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7e3f8d12a15e17eafc0e29ac215d2f17851084444979cb5002d5c81f4a022479

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
69675
last-modified
Sun, 28 Apr 2024 02:18:47 GMT
server
cloudflare
etag
"7dcc0661299da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BkZca%2BVfAag%2FPOybiy3QijdFPRweqLJ%2BQb9dK3DI5u2WxFojfGxFaMz27ggNLCjZbkRD2LN0nwY6Oq9FaR997wqwqKT5zOsrOjiw7FT43y5SNwOrqxkt0z61Nohf1hNXvMlAHZGR6rhO%2F7F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f420aa29ca1-SIN
shym.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
120 KB
121 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/shym.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ddf4a13930a996f0cecc3faa4a89f805dfd223f61e6630fbff7ae1c5dbf783f2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
123221
last-modified
Sun, 28 Apr 2024 01:25:02 GMT
server
cloudflare
etag
"44be5e4a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zS0SW4gva72diGXrQisglojzixRri3ZBPIFZe%2BiXN2us8dDu5XoDieAOg41scHsGPJjcpGJTpgErRkJCsMUBuLwl%2FrWHOXCgo1rkRAEDFv3FnQKZDUwEl8w%2FUjlqoawQD18UfSR8mFrFDV6U"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f420aa39ca1-SIN
amsbx.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
119 KB
119 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amsbx.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a074fe10930a14ab2d49da765394e65386f57d02c2134732fb033ff89349d874

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
121470
last-modified
Sun, 28 Apr 2024 01:24:35 GMT
server
cloudflare
etag
"67abadd4a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T10h11fKTQFm3a9vTZDdIofLkdvgJL6NpgGpYkHmqf8Mm5qhmv%2FBqwGh%2BBgtzqHL1PwWIQMdHvKQSQhw4JGO50ysoSH%2FdoH09z%2FVsXFvOdJTE01q1aMR2B%2Bz5EYmbTd5%2Fesg3S4uYVn22r%2F%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f420aa49ca1-SIN
amnrw.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
44 KB
44 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amnrw.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2dab282e8c82efcae05d5219d4b75d8848c56723d4d6a72574e57c31f338ce29

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
44796
last-modified
Sun, 28 Apr 2024 01:24:33 GMT
server
cloudflare
etag
"e3997ad3a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6WlP6bcctELz%2FGe%2BcyiwPze5cZFrFSp%2FdlSTJRTbHGBhepsbtjKGXWubaRLgrn1%2B6%2FGRtNf%2F39wRLGRiV4b0ZNLI4qk2IgxaEPRr0Oiq7%2BbYcLzYcfyrtWTFp5ZWejsqYXng08%2FXWviykYJu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f420aa59ca1-SIN
amyzjtm.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
50 KB
51 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amyzjtm.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
41528347461d71a665b4787645ca9f9ccc9a57f21c50daaccd3f57275201d425

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
51460
last-modified
Sun, 28 Apr 2024 01:24:39 GMT
server
cloudflare
etag
"447ec0d6a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1wHopa935vtzu%2Bkeo1MHwJou61FKwGmH4lclEuqqriRzEaxlldk2rkTOzLs0m4r7xLJQV4PsLDe79tqnXW%2B2ylaH%2BYLfloq3K8YUPmd51ulXI1hSnHgqDPLbUTTd2TVvQkpXcGBgv8j8jb%2BH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f420aa69ca1-SIN
amzbsp.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
101 KB
102 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amzbsp.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d585048269b70c6d7eba8593455e23b2e7f4901788186ab28fa4c5cfd2b671a7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
103670
last-modified
Sun, 28 Apr 2024 01:24:39 GMT
server
cloudflare
etag
"cb243d7a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvvf2CCxNqUaUldxEYLVldwCgK9ZzZKuWONQGKvD6WKiLgf0%2FrypXArFcTTPpS%2FQrYEWBAKJ4fuAbR3Do6CR3ZlPs9oE6grUuTJPEhDfOEGrXtWFzFg6gl2xCgfq4RzdJwtcSuKgLGPdmY2q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f420aa79ca1-SIN
dcxj.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
25 KB
25 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/dcxj.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
01a4f88d4f865121cc5be80c73d942882f3c0f0498d8f66e5430cbd662013927

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
25429
last-modified
Sun, 28 Apr 2024 11:37:07 GMT
server
cloudflare
etag
"c8f146666099da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S2PxgpGiVvmXx4ouGhFPvvwwbH5aPwT2R1R0igx3vNFvDlEz9GLz9ZaHFAK7nADcDJ%2BdH2%2F7RXJIZzNRAfislnXoekVMIEmM487d0k3PShP8RMG9OiC%2BFHLKEFTdRPFoOsg2UmZEXYGqsWT%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422ab09ca1-SIN
ampt.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
41 KB
42 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ampt.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5726236e13a45f0461852176bb31087d2ebe7d7d4b92a26fb3200c919aaeeb3f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
42171
last-modified
Sun, 28 Apr 2024 01:24:35 GMT
server
cloudflare
etag
"9fc76fd4a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K91PR7Tmw60vRW7Sr%2FCCrvscPiKrrUszsvl5do%2BM16tspCW8hCdJNjJcQ7xFQyvLj882iOCDeBGaDQ2AhjvWkqezK75yAdCXs2yThTzfYPyIZ1QCtJ7A5wN6hNePQGbYF%2FbuEBmyI%2FLoInrF"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422ab19ca1-SIN
amqlb.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
60 KB
61 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amqlb.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
331daa0a575061d7276d4a12f8f9664d6e7890f1a7fe4e23eefac2b3c53b558d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
61705
last-modified
Sun, 28 Apr 2024 01:24:35 GMT
server
cloudflare
etag
"e31a91d4a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qx5EwLXq1Ny4cUYdnVHzkr4tAkc1%2FxceFVJJUmypF2vTzXo%2BXnVXzwm6mtKwApyWBJdoCXkpdogyIMBc0GDQrB3EqDIJ9W%2Fds%2FPOfZ6nRcX0AGzmE5jGbE8QFLkixlCbiSxqDabW%2B4x%2Ftl1g"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422ab29ca1-SIN
amhh.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
137 KB
138 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amhh.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
23d9be245567cbdd0e59e24ec2ec8d34bdb70304b9e248ca35d88e6ee8c8e927

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
140491
last-modified
Sun, 28 Apr 2024 01:24:31 GMT
server
cloudflare
etag
"342de1d1a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=92NLaismbi0lT%2BmChIRLAjCrbgajazm2c%2F6S5DWp3Epp%2BQA9rKgIQgzzSG8EkM94trOp1EqCIWIPbo4Y1Mvr7wwATySXjBGq7v%2BefMVtg%2BrTV24DACQ6NdjooYI1CHUejiV0uMRDD%2BBJqJFc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422ab49ca1-SIN
ambxgh.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
171 KB
171 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ambxgh.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3be5879ff60bcfb1fe42f63b9b8d19b024f861ef0f6885dc65f5acd280311f69

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
174782
last-modified
Sun, 28 Apr 2024 01:24:28 GMT
server
cloudflare
etag
"aafa74d0a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIciNA9Qd6Q6Z1kyebG0Hg4JHaUIrjImuqpT35c0BpHNKWGI6MSuJZ9o4K5Wz8NZCbIVcB1dVHWMyAQb3gp2PB98rjSrt8XFPIX%2BDrLKfiCaoDTJs9qyLhuXMHpW2N52w67PaCORa5s%2BuUhV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422ab59ca1-SIN
am30ma.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
95 KB
96 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/am30ma.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3bb5c512a323b2238563f6f26f1977a32922e0d7418adc73d88a0d62a914cd77

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
97446
last-modified
Sun, 28 Apr 2024 01:24:28 GMT
server
cloudflare
etag
"c2f22fd0a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wyF%2Bglkv0sK%2FyWh%2BltFoax1%2Bsk4LBceTK7tXSDbSW46uWwkr7ht7zczxJP%2BOIJmV3QXzz%2BmjJpezcpYtqxRdbW863oZHPqVqDu0GN9dcF0gEJPyYb%2B2KvrW241KgCQeyHK7ypBkOdL2x2uGX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422ab69ca1-SIN
am4z3l.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
145 KB
145 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/am4z3l.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ae59e1edd0a0cdb37401e794ea9b124e15b62bba40b90355f2eedac8a5306f5f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
147998
last-modified
Sun, 28 Apr 2024 01:24:28 GMT
server
cloudflare
etag
"a8ef61d0a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDs%2B%2FEFEn5%2FL2J%2FNAqaDsTWWBh%2FodZsE9U93w0HCmBLCjKdq3fFgmRfIwybLcTwIZBvHaPP91iiKG3Fr8KF%2FAFPHXCoX9tI33ACLMgtsMgY%2FMd6Seq7%2B%2Bal5FRiWPgGpzS2QfaqDzwGj9Mqr"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422ab79ca1-SIN
amht.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
141 KB
141 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amht.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
55cbcceab0a4c3d441c21e15b4cc917423d1df485678856c3711e34018cea8af

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
144136
last-modified
Sun, 28 Apr 2024 01:24:31 GMT
server
cloudflare
etag
"5b7221d2a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z4hNzmze13H5JkgchrC%2FpqCAhhgtzMFSgv26a0KA9kKEC8NXCNt03q4A6d3zrHw%2ByFZ%2BA%2BXd0Yd%2Be%2BcPjZsZJGCrur2ibrho%2FRDXFtgjF0EKu%2FKXKb2Z1jaeyFeDSmM64jR9ANiXZ6FzUVku"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422ab89ca1-SIN
amdszt.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
154 KB
155 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amdszt.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
614613bb3c6d72f6712af33fd6e25d49deb6356199f3db8717e0575499d0c570

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
157958
last-modified
Sun, 28 Apr 2024 01:24:30 GMT
server
cloudflare
etag
"23d548d1a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hDVG0m00Hy7qQof1jRj7KFNuJdfDPel6D%2FGwZyVku3FUa9X4ONVI02ntJSa9PCjGhazHzsHf9UxInrHXqgwD9TZeE7kflKU13t8dBKFl0BrbLTAYZHqTsnxRRDW27xH0vfyihPH3lCYRvdCR"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422ab99ca1-SIN
ammhb.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
131 KB
132 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ammhb.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d23c59b758e66b9dff1f53bc3b634c889e29947c2865aa7576dd1f7b0790484f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
134353
last-modified
Sun, 28 Apr 2024 01:24:32 GMT
server
cloudflare
etag
"94ffad2a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BqF%2BNu3ihY0l7Oqoyx77M4q%2BZbcX43qKTIzWd767wbiAPUslGDGGgWQ4C4A%2BoY8Fs3qBALAhUAv1ShWpiDfGr8pUpGEJfzDOv9N7p2OdTvtakYTVZsj1ZPc6bHzIricdKcd7LKvIL6zcn0Dp"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422aba9ca1-SIN
amcsb.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
144 KB
144 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/amcsb.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6cd0b3b1de18a26e633b1b4c44eeddb94c8aafb9c0fb8dcb9a8473352c819e5c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
146976
last-modified
Sun, 28 Apr 2024 01:24:29 GMT
server
cloudflare
etag
"b326c1d0a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qE1a9z1pfv93%2BjxgP6FzbT3hGpy%2FbKKotbvLaKGM2J5deBC25xaWlnB38t7HhUc874iX%2FS72HWNcNQGxpS51feDpCUwEawLciRkn2TWgCjvdqgiGMLysBYzsEwzK8RcgyyiErNVvtCd341OK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422abb9ca1-SIN
ammh.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
43 KB
43 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ammh.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a1867f5cd8b3d2fae73ddc1cbe0027f2ad3c6a5b4db075aadc8930fd330055f7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
43681
last-modified
Sun, 28 Apr 2024 01:24:32 GMT
server
cloudflare
etag
"f365e9d2a99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rpBPaJfTo4RF5eMw0nP30ieTlgOJZ1gsiDf6csTIP%2FH7vOxnrMLqxc8nBCNl0kZNQlfGXtuvqJc99aKfMeID%2Fxsr2N%2FNkujFYgv7d6Y7qDLDgwAD0c4j7Wh%2FnFEboTMxMcvg%2BN7cjrCTZs4Y"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422abc9ca1-SIN
m33.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
76 KB
76 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/m33.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ee8de895de42678b44345a6c61c0664ebf984e8cfcc0a69ebbc67af7700146a2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
77831
last-modified
Sat, 27 Apr 2024 14:17:25 GMT
server
cloudflare
etag
"ed74b0a0ad98da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=anZRJfT0AuzTmkfGf7gLI%2F5AOHD%2BKVwtLtT%2BzjTPjjbMGjTS6GPi6ts%2B0Ka%2FU%2Fs65Jc%2FfJUnAYpCnl1YROMY8XWi0Zx%2FMoIU0AG8bH5YtnRYuw1ec0frlo8u6YGHWc%2BF07egvvIxeamMe7rM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422abd9ca1-SIN
c008.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
187 KB
188 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/c008.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
696104dbe69d21a6dc26d598ef5356861e0341fd92d5fe7ad5f72f81d5a9a50e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
191926
last-modified
Sat, 27 Apr 2024 16:08:01 GMT
server
cloudflare
etag
"e1cd5714bd98da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=La9LZ%2FqBAEUhWSf99XJWfKZRZK6IBcsi4KwIXLyrPxjX9UiXsXKnMGVLHJ135ZgHyRSaDbVS1YpC3k5QsLnnKnFe739Tkal9rqtWK8YaO0w7KEY%2BXWijUByShcjP11NxYUo4uPsA15%2Bwc856"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422abe9ca1-SIN
jigongshi.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
110 KB
111 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/jigongshi.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5f2da1d669d113cd9f263817116f4ddc52e68ad1ff0fa7738a14680c32b4c593

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
112757
last-modified
Sun, 28 Apr 2024 01:24:51 GMT
server
cloudflare
etag
"7f2c33dea99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2Brx0qkaSvPId8FIuy0uG7xN9iDepYivaL02vi%2Fab4%2BlqYH7jwDN0C%2FhX8vkw1rIV%2BkYjA5TkzDY%2Bx20TcuS1PplMGtBZXNKDPHx1mTyFGBAVANMn1xJOP7NpSVFlwahaucpBzXf%2FUj%2BKzsK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422abf9ca1-SIN
fhtjt.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
244 KB
245 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/fhtjt.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8d0d55182a9ce5604733c35d0b60574d6d7175f1df69835648f9e9c7502a233b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
249885
last-modified
Sun, 28 Apr 2024 01:24:45 GMT
server
cloudflare
etag
"514376daa99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Foor%2FxqEmDW68iK1wdPzC2LLfs8YvYwj4Q%2Bc43yosWkbKqEvkhM%2FJc5unYX0nY9wN13nVCT2jH2MsPxzYXCBCsKds%2BFL0EDcvAI%2FBURWJvOzC0R83d%2FX39obTcjq0yuwh1yWQjj%2BZgR5REBO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422ac09ca1-SIN
ktjtx.jpg
amtk.11828.cc/aomen/2024/col/119/ Frame 3E80
191 KB
192 KB
Image
General
Full URL
https://amtk.11828.cc/aomen/2024/col/119/ktjtx.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:eaac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bcf7283882324993effa604c7460453f23b08bed70191487e4e5fd75c164b985

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
958
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
195760
last-modified
Sun, 28 Apr 2024 01:24:53 GMT
server
cloudflare
etag
"bfea44dfa99da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CkO94OOsPywoAzodC1GJaGNp9tAzhIwwNnjRgx2e2l6gLc8FZAadDRmeKsioZ%2BVWKEl2aeop4HT5qqu%2BRbx0KqDG3W3t7Ji8tZjukYXCCQCQSawbOXUELRtx3lXCVIkcDWlFWypcdozNMdv6"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
87ba8f422ac29ca1-SIN
amwc39m.jpg
vbe.smhkbnry.com/aomen/2024/col/119/ Frame 3E80
0
0

tt39.jpg
tk.tutu.finance//aomen/2024/col/119/ Frame 3E80
75 KB
76 KB
Image
General
Full URL
https://tk.tutu.finance//aomen/2024/col/119/tt39.jpg
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.123 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
06d46aa3b4e27038d0ba39834a572da24dfcc347d790dd047e2f495c22ceba61

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
209
cf-polished
qual=85, origFmt=jpeg, origSize=102605
x-powered-by
ASP.NET
content-disposition
inline; filename="tt39.webp"
content-length
76986
cf-bgj
imgq:85,h2pri
last-modified
Sat, 27 Apr 2024 16:08:51 GMT
server
cloudflare
etag
"698d131bd98da1:0"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k7WNJAhxI2O7MccjoAOOt%2BvYzEcwpB%2FVLj5c9%2F1vgdKp%2BF8x5jfuuPjD8xWo2w7dRl%2F%2FBc7k8IjWjMor0mL8JH8WbuQlIJq2yitayZErGlG8nerTYX5BIrj7WLoYPTqtTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
87ba8f44e98aa08f-SIN
hm.gif
hm.baidu.com/
43 B
299 B
Image
General
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=zh-sg&lo=0&rnd=1245569316&si=09deae81aef712c3d64d5987a096ae05&v=1.3.0&lv=1&sn=14022&r=0&ww=1600&u=https%3A%2F%2F165638.com-165638.mpv.165638ee2ee.buzz%2F
Requested by
Host: 165638.com-165638.mpv.165638ee2ee.buzz
URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
14.215.183.79 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Pragma
no-cache
Date
Sun, 28 Apr 2024 22:41:26 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
favicon.ico
165638.com-165638.mpv.165638ee2ee.buzz/
95 KB
95 KB
Other
General
Full URL
https://165638.com-165638.mpv.165638ee2ee.buzz/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
27.124.33.26 , Singapore, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
25b3ef77305d519872426483e316a4dd224f7c57b94c24a51e01c7916739f9cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://165638.com-165638.mpv.165638ee2ee.buzz/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 28 Apr 2024 22:41:25 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 11 Mar 2024 20:16:42 GMT
server
nginx
etag
"65ef66aa-17c97"
content-type
image/x-icon
accept-ranges
bytes
content-length
97431

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vbe.smhkbnry.com
URL
https://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| AjaxObj function| XMLhttp object| ajax function| sendmsg function| getObj function| objCheck function| ietruebody function| getTop function| getLeft function| IsElement function| setCurrent function| strlen function| initCheckTextNum function| checkTextNum string| agt boolean| is_ie boolean| is_gecko string| imgpath string| verifyhash string| modeimg string| modeBase string| winduid string| windid string| groupid boolean| gIsPost undefined| base function| AddFavorite function| IndexDeploy function| SaveDeploy function| SetCookie function| FetchCookie function| Ajump boolean| ifcheck string| fid string| myshortcut function| tz function| CheckAll function| Fjump number| totalpage number| page function| PwMenu object| read function| closep function| findPosX function| findPosY function| in_array function| loadjs function| keyCodes function| opencode function| getPWBox function| getPWContainer function| elementBind function| addChild function| delElement function| pwForumList function| char_cv function| JSONParse function| showDialog object| _hmt boolean| _bdhm_loaded_09deae81aef712c3d64d5987a096ae05 object| mini_tangram_log_eodc7m

5 Cookies

Domain/Path Name / Value
165638.com-165638.mpv.165638ee2ee.buzz/ Name: 1005a_lastvisit
Value: 0%091714344082%09%2Findex.php%3F
165638.com-165638.mpv.165638ee2ee.buzz/ Name: 1005a_threadlog
Value: %2C2%2C
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: 0AAAC79E5B12FFA8
.165638.com-165638.mpv.165638ee2ee.buzz/ Name: Hm_lvt_09deae81aef712c3d64d5987a096ae05
Value: 1714344087
.165638.com-165638.mpv.165638ee2ee.buzz/ Name: Hm_lpvt_09deae81aef712c3d64d5987a096ae05
Value: 1714344087

6 Console Messages

Source Level URL
Text
recommendation verbose URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
security warning URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html
Message:
Mixed Content: The page at 'https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html' was loaded over HTTPS, but requested an insecure element 'http://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html(Line 542)
Message:
Mixed Content: The page at 'https://165638.com-165638.mpv.165638ee2ee.buzz/xgk.html' was loaded over HTTPS, but requested an insecure element 'http://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://vbe.smhkbnry.com/aomen/2024/col/119/amwc39m.jpg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://165638.com-165638.mpv.165638ee2ee.buzz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

165638.com-165638.mpv.165638ee2ee.buzz
amtk.11828.cc
h5.l1l1l1l1l11l-l1l1l11l1l1l.com
hm.baidu.com
tk.tutu.finance
vbe.smhkbnry.com
vbe.smhkbnry.com
14.215.183.79
172.67.158.205
172.67.69.123
2606:4700:3038::6815:eaac
27.124.33.26
01a4f88d4f865121cc5be80c73d942882f3c0f0498d8f66e5430cbd662013927
06d46aa3b4e27038d0ba39834a572da24dfcc347d790dd047e2f495c22ceba61
23d9be245567cbdd0e59e24ec2ec8d34bdb70304b9e248ca35d88e6ee8c8e927
25b3ef77305d519872426483e316a4dd224f7c57b94c24a51e01c7916739f9cb
2dab282e8c82efcae05d5219d4b75d8848c56723d4d6a72574e57c31f338ce29
331daa0a575061d7276d4a12f8f9664d6e7890f1a7fe4e23eefac2b3c53b558d
39b21b2f01a58ef707196261bf9e090b9c9b0cde567ede9e33f8232c0ce2e278
3bb5c512a323b2238563f6f26f1977a32922e0d7418adc73d88a0d62a914cd77
3be5879ff60bcfb1fe42f63b9b8d19b024f861ef0f6885dc65f5acd280311f69
41528347461d71a665b4787645ca9f9ccc9a57f21c50daaccd3f57275201d425
4a4d95870439260445a3b5a53f1b450a64321c168730d700ec40ba2f794b655a
55cbcceab0a4c3d441c21e15b4cc917423d1df485678856c3711e34018cea8af
5726236e13a45f0461852176bb31087d2ebe7d7d4b92a26fb3200c919aaeeb3f
5c08766973e46c6237da4860553a264670d96726234185ddb4ce43c6ba8e7352
5f2da1d669d113cd9f263817116f4ddc52e68ad1ff0fa7738a14680c32b4c593
5f98e31131c152d5c986cf09298efe5418452fb4d1c430f7634ad3dd12369b8f
614613bb3c6d72f6712af33fd6e25d49deb6356199f3db8717e0575499d0c570
6349e61490d1fa61e6bd28eebd2802c6c6366ed3f4b130d1837992de67baefae
696104dbe69d21a6dc26d598ef5356861e0341fd92d5fe7ad5f72f81d5a9a50e
6cd0b3b1de18a26e633b1b4c44eeddb94c8aafb9c0fb8dcb9a8473352c819e5c
7e3f8d12a15e17eafc0e29ac215d2f17851084444979cb5002d5c81f4a022479
8d0d55182a9ce5604733c35d0b60574d6d7175f1df69835648f9e9c7502a233b
9b43e375f0f7cb0112794f903f588c8eecc8994d17cb408780cac22f6d6de82e
a074fe10930a14ab2d49da765394e65386f57d02c2134732fb033ff89349d874
a17c51f0de393f2cacd76464680d68a21148dc940f61afc5dc4e79784896e4c6
a1867f5cd8b3d2fae73ddc1cbe0027f2ad3c6a5b4db075aadc8930fd330055f7
a53530620f94eb34730e1635c95f4d02f9ed449addcb2595a34a848bd37374b6
ae59e1edd0a0cdb37401e794ea9b124e15b62bba40b90355f2eedac8a5306f5f
bcf7283882324993effa604c7460453f23b08bed70191487e4e5fd75c164b985
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d23c59b758e66b9dff1f53bc3b634c889e29947c2865aa7576dd1f7b0790484f
d585048269b70c6d7eba8593455e23b2e7f4901788186ab28fa4c5cfd2b671a7
ddf4a13930a996f0cecc3faa4a89f805dfd223f61e6630fbff7ae1c5dbf783f2
eba3d0525ae916ec3a7d16e49e71f640fa719de81ac488bee00a67974183b16c
ed9b8bbd6e2a85ccca09d5b1785de308a4ec1f5b8fb3fc5a2229ef65d04f467c
ee8de895de42678b44345a6c61c0664ebf984e8cfcc0a69ebbc67af7700146a2