www.mazaye.com Open in urlscan Pro
134.172.166.68 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mazaye.com/
Effective URL:
http://www.mazaye.com/
Submission: On December 14 via manual (December 14th 2021, 10:51:07 pm UTC) from SA — Scanned from DE

Summary HTTP 123 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 20 domains to perform 123 HTTP transactions. The main IP is 134.172.166.68, located in United States and belongs to BLUENET Blue Data Center, CN. The main domain is www.mazaye.com.

This is the only time www.mazaye.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	134.172.166.68 134.172.166.68	136545 (BLUENET B...) (BLUENET Blue Data Center)
2	45.10.208.58 45.10.208.58	132839 (POWERLINE...) (POWERLINE-AS-AP POWER LINE DATACENTER)
8	2606:4700:303... 2606:4700:3035::ac43:c006	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2606:4700:303... 2606:4700:3031::ac43:aa54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	2606:4700:10:... 2606:4700:10::6816:56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	45.61.212.129 45.61.212.129	53587 (AZT) (AZT)
10	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	240d:c040:1:4... 240d:c040:1:40::13f	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
3	2402:4e00:162... 2402:4e00:1620:1300:0:942e:75b8:c214	45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
2	2606:4700:303... 2606:4700:3032::6815:4d1b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3030::ac43:a2ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.224.177.148 23.224.177.148	40065 (CNSERVERS) (CNSERVERS)
2	2606:4700:303... 2606:4700:3033::ac43:b9c8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	154.23.245.118 154.23.245.118	395886 (KURUN-AS-) (KURUN-AS-)
1	8.210.131.106 8.210.131.106	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
4	79.133.177.214 79.133.177.214	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	2402:4e00:1a0... 2402:4e00:1a04:100:0:9458:4c2d:fe01	45090 (CNNIC-TEN...) (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
6	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
123	18

4 134.172.166.68 (United States) 1 redirects

ASN136545 (BLUENET Blue Data Center, CN)

mazaye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mazaye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.10.208.58 (Hong Kong)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)

klxkj1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3035::ac43:c006 (United States)

ASN13335 (CLOUDFLARENET, US)

tt7.haokan856.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:3031::ac43:aa54 (United States)

ASN13335 (CLOUDFLARENET, US)

www.semimiyy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
semimiyy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2606:4700:10::6816:56 (United States)

ASN13335 (CLOUDFLARENET, US)

ddcdn.comtucdncom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.61.212.129 (United States)

ASN53587 (AZT, US)

3332600.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 240d:c040:1:40::13f (Singapore) 4 redirects

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

wx.mail.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2402:4e00:1620:1300:0:942e:75b8:c214 (China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

sz.btfs.mail.ftn.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::6815:4d1b (United States)

ASN13335 (CLOUDFLARENET, US)

8.t-s-s.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::ac43:a2ca (United States)

ASN13335 (CLOUDFLARENET, US)

tnlapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.224.177.148 (United States)

ASN40065 (CNSERVERS, US)

img.123456img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:b9c8 (United States)

ASN13335 (CLOUDFLARENET, US)

mgsc.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.23.245.118 (United States)

ASN395886 (KURUN-AS-, US)

1639220631.eswjj.com.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.210.131.106 (Central, Hong Kong)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

sandrarene.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 79.133.177.214 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

rfv.honhon.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2402:4e00:1a04:100:0:9458:4c2d:fe01 (China)

ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

cqc-download.ftn.qq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	comtucdncom.com ddcdn.comtucdncom.com	8 MB
18	semimiyy.com www.semimiyy.com semimiyy.com	15 KB
10	jsdelivr.net cdn.jsdelivr.net	2 MB
8	qq.com 4 redirects wx.mail.qq.com sz.btfs.mail.ftn.qq.com cqc-download.ftn.qq.com	348 KB
8	haokan856.com tt7.haokan856.com	56 KB
6	tnlapp.com tnlapp.com	6 MB
6	baidu.com push.zhanzhang.baidu.com Failed hm.baidu.com	40 KB
4	honhon.top rfv.honhon.top	41 KB
4	3332600.com 3332600.com	2 MB
4	mazaye.com 1 redirects mazaye.com www.mazaye.com	7 KB
2	mgsc.me mgsc.me	1 MB
2	123456img.com img.123456img.com	410 KB
2	t-s-s.cn 8.t-s-s.cn	605 KB
2	klxkj1.com klxkj1.com	765 B
1	sandrarene.com sandrarene.com	708 B
1	eswjj.com.cn 1639220631.eswjj.com.cn	6 KB
0	dingyar.top Failed zw.dingyar.top Failed az.dingyar.top Failed zd.dingyar.top Failed
0	9923tv.com Failed www.9923tv.com Failed
0	cnzz.com Failed v1.cnzz.com Failed
0	51.la Failed js.users.51.la Failed
123	20

	Domain	Requested by
40	ddcdn.comtucdncom.com	tt7.haokan856.com
10	cdn.jsdelivr.net	tt7.haokan856.com www.semimiyy.com semimiyy.com
10	www.semimiyy.com	tt7.haokan856.com
8	semimiyy.com	tt7.haokan856.com
8	tt7.haokan856.com	www.mazaye.com tt7.haokan856.com
6	hm.baidu.com	www.mazaye.com tt7.haokan856.com
6	tnlapp.com	tt7.haokan856.com semimiyy.com
4	rfv.honhon.top	www.semimiyy.com
4	wx.mail.qq.com	4 redirects
4	3332600.com	tt7.haokan856.com www.semimiyy.com
3	sz.btfs.mail.ftn.qq.com	tt7.haokan856.com
3	www.mazaye.com	www.mazaye.com
2	mgsc.me	tt7.haokan856.com semimiyy.com
2	img.123456img.com	tt7.haokan856.com semimiyy.com
2	8.t-s-s.cn	tt7.haokan856.com semimiyy.com
2	klxkj1.com	www.mazaye.com
1	cqc-download.ftn.qq.com	tt7.haokan856.com
1	sandrarene.com	www.semimiyy.com
1	1639220631.eswjj.com.cn	www.semimiyy.com
1	mazaye.com	1 redirects
0	zd.dingyar.top Failed	rfv.honhon.top
0	az.dingyar.top Failed	rfv.honhon.top
0	zw.dingyar.top Failed	rfv.honhon.top
0	www.9923tv.com Failed	tt7.haokan856.com semimiyy.com
0	v1.cnzz.com Failed	tt7.haokan856.com
0	js.users.51.la Failed	www.mazaye.com
0	push.zhanzhang.baidu.com Failed	www.mazaye.com
123	27

This site contains no links.

Subject Issuer	Validity	Valid
klxkj1.com R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
*.haokan856.com R3	`2021-12-01` - `2022-03-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-04-22` - `2022-04-21`	a year	crt.sh
*.comtucdncom.com R3	`2021-11-07` - `2022-02-05`	3 months	crt.sh
3332600.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-16` - `2022-04-16`	a year	crt.sh
img.123456img.com TrustAsia TLS RSA CA	`2021-09-03` - `2022-09-02`	a year	crt.sh
*.eswjj.com.cn Sectigo RSA Domain Validation Secure Server CA	`2021-12-11` - `2022-12-11`	a year	crt.sh
sandrarene.com Go Daddy Secure Certificate Authority - G2	`2021-08-09` - `2022-08-09`	a year	crt.sh
rfv.honhon.top TrustAsia TLS RSA CA	`2021-10-22` - `2022-10-21`	a year	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-01` - `2022-08-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://www.mazaye.com/
Frame ID: 2360F40B7C7CAFEB76511E072A1458C7
Requests: 7 HTTP requests in this frame

Frame: https://tt7.haokan856.com/
Frame ID: AEA0185C6C1E9E740752D46B0BEC2377
Requests: 58 HTTP requests in this frame

Frame: https://tt7.haokan856.com/
Frame ID: C8F6522980C4B5EDE7E805E5069C2CFC
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

抚顺退芬影院有限公司抚顺退芬影院有限公司

Page URL History Show full URLs

http://mazaye.com/ HTTP 301
http://www.mazaye.com/ Page URL

Page Statistics

123
Requests

86 %
HTTPS

56 %
IPv6

20
Domains

27
Subdomains

18
IPs

5
Countries

21740 kB
Transfer

22096 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mazaye.com/ HTTP 301
http://www.mazaye.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://wx.mail.qq.com/webnote/viewfile?fileid=ZF0017_ysPN0iWMxqsuctwAAvIxYb2&notekey=PSgXrwkA5BvNraUyd8IF9xBvkIpXMT5QnK4mfTpySJg&name=520%E4%B8%8A.gif HTTP 302
https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a81e0bb991fdde945972f6e035059ccc00055537f2cce5045cbe1f0d145b56bdf?compressed=0&dtype=1&fname=520%E4%B8%8A.gif

Request Chain 74

https://wx.mail.qq.com/webnote/viewfile?fileid=ZF0017_ysPN0iWMxqsuctwAAvIxYb2&notekey=PSgXrwkA5BvNraUyd8IF9xBvkIpXMT5QnK4mfTpySJg&name=520%E4%B8%8A.gif HTTP 302
https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a5913d0c745dc35ebd077663a3f741326085143c5e25837239abf4d20d0ea3c7c?compressed=0&dtype=1&fname=520%E4%B8%8A.gif

Request Chain 92

https://wx.mail.qq.com/webnote/viewfile?fileid=ZF0017_ysPN0iWMxqsuctwAAvIxYb2&notekey=PSgXrwkA5BvNraUyd8IF9xBvkIpXMT5QnK4mfTpySJg&name=520%E4%B8%8A.gif HTTP 302
https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a2395f9abedb5e55ee531e0687964d4d3054f42052544f870586cf607d182c9bd?compressed=0&dtype=1&fname=520%E4%B8%8A.gif

Request Chain 105

https://wx.mail.qq.com/webnote/viewfile?fileid=ZF0017_ysPN0iWMxqsuctwAAvIxYb2&notekey=PSgXrwkA5BvNraUyd8IF9xBvkIpXMT5QnK4mfTpySJg&name=520%E4%B8%8A.gif HTTP 302
https://cqc-download.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57330c294ce586f390ef321e5d1f0e5abf518ae1c4b23219bf10783839fd83bef60bea289cf4e79835827f1a563968498f?compressed=0&dtype=1&fname=520%E4%B8%8A.gif

123 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.mazaye.com/
Redirect Chain

http://mazaye.com/
http://www.mazaye.com/

2 KB
2 KB

509ms
341ms

Document
text/html

134.172.166.68
BLUENET Blue Data...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.mazaye.com/
Protocol: HTTP/1.1
Server: 134.172.166.68 , United States, ASN136545 (BLUENET Blue Data Center, CN),
Reverse DNS
Software: nginx /
Resource Hash: c708fb51ed8b0b148338c0faabb41025578d2458cccd84151a00b703c743986d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Tue, 14 Dec 2021 22:50:34 GMT
Content-Length: 2215
Content-Type: text/html
Server: nginx

Redirect headers

Content-Length: 0
Server: nginx
Location: http://www.mazaye.com/
Content-Type: text/html

GET
H/1.1 200
OK common.js Show response
www.mazaye.com/ 4 KB
4 KB 173ms
172ms Script
application/x-javascript 134.172.166.68
BLUENET Blue Data...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.mazaye.com/common.js
Requested by: Host: www.mazaye.com
URL: http://www.mazaye.com/
Protocol: HTTP/1.1
Server: 134.172.166.68 , United States, ASN136545 (BLUENET Blue Data Center, CN),
Reverse DNS
Software: nginx /
Resource Hash: c45723dd1e74428516d19cd1a247ea7d69e6efcd3f0afdfcd6566076fb0d58d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.mazaye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 14 Dec 2021 22:50:34 GMT
Server: nginx
Content-Length: 4198
Content-Type: application/x-javascript

GET
H/1.1 200
OK tj.js Show response
www.mazaye.com/ 102 B
234 B 327ms
324ms Script
application/x-javascript 134.172.166.68
BLUENET Blue Data...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.mazaye.com/tj.js
Requested by: Host: www.mazaye.com
URL: http://www.mazaye.com/
Protocol: HTTP/1.1
Server: 134.172.166.68 , United States, ASN136545 (BLUENET Blue Data Center, CN),
Reverse DNS
Software: nginx /
Resource Hash: 214f66a2a7f41b2fbaec64f5085cc5a92dc8e3572633f49e9d8841cb141b3455

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.mazaye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 14 Dec 2021 22:50:34 GMT
Server: nginx
Content-Length: 102
Content-Type: application/x-javascript

GET push.js
push.zhanzhang.baidu.com/ 0
0

GET
H2 200 smm-common.php Show response
klxkj1.com/ 64 B
383 B 736ms
191ms XHR
text/html 45.10.208.58
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

https://klxkj1.com/smm-common.php?val=smm7&t=0.16273784006040315?v=04866677836633251

Requested by

Host: www.mazaye.com
URL: http://www.mazaye.com/common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.10.208.58 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

ec9d23d8d061343ea8f689093d04aa72a96d2c75d5aabfa9614ee9f09b4eb72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.mazaye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: text/html;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET
H2 200 smm-common.php Show response
klxkj1.com/ 64 B
382 B 735ms
191ms XHR
text/html 45.10.208.58
POWERLINE-AS-AP P...

General

Check archive.org

Show headers Download Go to

Full URL

https://klxkj1.com/smm-common.php?val=smm7&t=0.5227333088089257?v=037879641062894054

Requested by

Host: www.mazaye.com
URL: http://www.mazaye.com/common.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.10.208.58 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK),

Reverse DNS

Software

nginx /

Resource Hash

ec9d23d8d061343ea8f689093d04aa72a96d2c75d5aabfa9614ee9f09b4eb72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://www.mazaye.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:28 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,GET,OPTIONS,DELETE
content-type: text/html;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin

GET 21125701.js
js.users.51.la/ 0
0

GET
H2 200 / Show response
tt7.haokan856.com/ Frame AEA0 20 KB
4 KB 540ms
500ms Document
text/html 2606:4700:3035::ac43:c006
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt7.haokan856.com/
Requested by: Host: www.mazaye.com
URL: http://www.mazaye.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df4af5a68ba672f049d7a7efd9fdd523d7876dfd50b16b85e048bdf2ee0fbe40

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.mazaye.com/

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4ga%2FYDeir7bps7uDupHjkNL9RWwbFQfpSbPhF21JnfrH4GM5wmij01Er0%2BomigG8cuD3drSh7htbbJu3Ob%2B1Q0FvPwM6PE2o8l7%2FTz8NWshGUtGr5T5jCfq8QycuTbJ%2BZHzMskmbL6GL8jdj7tMeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bdafdc86e854ac2-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
tt7.haokan856.com/ Frame C8F6 20 KB
4 KB 568ms
531ms Document
text/html 2606:4700:3035::ac43:c006
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt7.haokan856.com/
Requested by: Host: www.mazaye.com
URL: http://www.mazaye.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df4af5a68ba672f049d7a7efd9fdd523d7876dfd50b16b85e048bdf2ee0fbe40

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://www.mazaye.com/

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLJxlwOPVhjczi968PlSUREUoo1RX1XkxhEURYtKxTgw%2BqeeTATmxYq02bsJ6rh3eGriszPkgx%2B8ccuskv2vJv5dWiFU961uwfMJ4GbgIQksS%2B5cv9PlzE7TguuJJZLGWsa50EySXntMyGX4DlnP0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bdafdc86e894ac2-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ate.css
tt7.haokan856.com/template/m1938pc/css/ Frame AEA0 74 KB
5 KB 19ms
17ms Stylesheet
text/css 2606:4700:3035::ac43:c006
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt7.haokan856.com/template/m1938pc/css/ate.css
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39643
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 24 Jan 2021 07:28:38 GMT
server: cloudflare
etag: W/"600d21a6-126e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ikj0VfyO7t85U%2B%2FcJkiP3J12sFDEEV29ZfJb4Qy7NcihIpPfdyYDZxj2BI28EN5CCKhXWIxy7Et%2BFQGWk0CPvm%2F0vYcVXKSYe%2Bguus6Zl%2Fo6bErwSliAv5dmQ9J8E6KVyvznMbXq3PmRAKncBr%2Bt%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 6bdafdcb9c474ac2-FRA
expires: Tue, 14 Dec 2021 23:49:46 GMT

GET
H2 200 zui.css
tt7.haokan856.com/template/m1938pc/css/ Frame AEA0 84 KB
16 KB 22ms
21ms Stylesheet
text/css 2606:4700:3035::ac43:c006
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt7.haokan856.com/template/m1938pc/css/zui.css
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e3b17818dddf7bfbf5cdfae99500fbb2882ee077e308618804860d0740c5246

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39643
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 06 Apr 2021 06:56:22 GMT
server: cloudflare
etag: W/"606c0616-14ff2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8D%2FDzJxU7qxXwkr4j9d0oxj%2BI3vcihhIw9DAwUs%2BDqMJekckoZRG7nHHH4Oht5A3ho8iwhpkh%2F5FzTAL873RKBdb65BmeHbdNMbGzn9sylLIdKiulNAkEwrys3KHlEdqcmlpIb3%2Fy5WMI8mbE5dPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 6bdafdcb9c4b4ac2-FRA
expires: Tue, 14 Dec 2021 23:49:46 GMT

GET
H2 200 dh.js Show response
www.semimiyy.com/ads/ Frame AEA0 2 KB
928 B 58ms
21ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semimiyy.com/ads/dh.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b198e38b7f8d08b063eac831341765dae774f56aca6d945bb4c33eee9edb233d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11380
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:30:46 GMT
server: cloudflare
etag: W/"61b47dd6-8a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2KL04urBWBGU8sjt1MYG8VW5ufY4O2TsSnDBI8aYRfq8EZWFzf9MWiWbx8jkuAyl7SVg9FATfg2Q%2BMJNVupbHUcqLxyxTPwe3%2FhkiqhW7qbrAP%2BV5x%2FwPC2Yl0iTzcpq7JAT7V1039Nm4h6u0ce"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd89a5c26-FRA
expires: Wed, 15 Dec 2021 07:40:22 GMT

GET
H2 200 960.js Show response
www.semimiyy.com/ads/ Frame AEA0 5 KB
1 KB 53ms
16ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semimiyy.com/ads/960.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470604c0cbf71f9e0c2ac2d209092d21b8a1be44ea6a00efc1d1c1c977f8d6e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 12 Dec 2021 09:49:51 GMT
server: cloudflare
etag: W/"61b5c5bf-1544"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qtkzGAS83JkP7JhIhLZxLA3Sd7NBLx8g1B64xPyaMWbMkVq6JQnZPwVr0JX7NpP8zH3SC%2FY%2FWfvzElGshxtMe2WCMFvbyfF33TfFUj26Q9FOmC%2BERgIgC%2BFJ0ruI40uoEs3rByCs0kcfxf4TTTg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd89c5c26-FRA
expires: Wed, 15 Dec 2021 07:36:16 GMT

GET
H2 200 9601.js Show response
www.semimiyy.com/ads/ Frame AEA0 3 KB
966 B 56ms
19ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semimiyy.com/ads/9601.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a535d0cd591cad94eda3ff4ad2c618d1c982ec35ccb9142955c448fdd6778a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11379
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 28 Nov 2021 15:40:34 GMT
server: cloudflare
etag: W/"61a3a2f2-a18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QayCCiklBoG1InG9cYo379eBF2bDOCwiPYnaDvuUk8ZA0THPHpcR0s2Lg11jeiwdKGl3xwtBgg0cNmcac4OLWrIymSXNDSGsJrluDwXHGIFPN1dXBc7ah98jEsiYwu3ph6O2mPT%2Fa03rJz66eEtv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd89d5c26-FRA
expires: Wed, 15 Dec 2021 07:40:23 GMT

GET
H2 200 1.js Show response
semimiyy.com/ads/ Frame AEA0 826 B
940 B 56ms
19ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://semimiyy.com/ads/1.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93a9d72c506c9346499986aa08d700cb1cf90218294a7996a59f4f3bb21869e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32865
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:29:27 GMT
server: cloudflare
etag: W/"61b47d87-33a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KDJLPOU2BF1lmKjhDzyIXBS8OSWccPOavnR%2BKVIzWdVO81goqo5iFLS7iJRD0f6Am81msuKEkminX1nrJnVI%2BenXEIVOGasPGUknwzss1O0rk%2B49NmL1Bpm2KVX8xm5U1Ans8yIfP7LcM38%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd8af5c26-FRA
expires: Wed, 15 Dec 2021 01:42:17 GMT

GET
H2 200 e7116352475ce4d120888aecd50645e7.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 77 KB
78 KB 51ms
16ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/e7116352475ce4d120888aecd50645e7.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45933fd2ad7cf875dd322e9ce8eca94c5a8ba58192c9df4c460fe900432ecfe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-13556"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbdea5693d-FRA
content-length: 79190
cf-bgj: h2pri

GET
H2 200 2d063ffe04f375e2940d00efd33e1cff.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 377 KB
377 KB 60ms
26ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/2d063ffe04f375e2940d00efd33e1cff.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9118bb6e423248fede2bcf96263c21c347288ffd40f2f7d84e62f3e6d8f3db63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-5e34a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbdea6693d-FRA
content-length: 385866
cf-bgj: h2pri

GET
H2 200 717d76d62114af03c2a7b0848dc51e80.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 107 KB
107 KB 60ms
26ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/717d76d62114af03c2a7b0848dc51e80.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e860ad8a5a82c847f47c02b99b341904377721dc171c3f75cccb78c1e3f39b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-1ad29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbdea8693d-FRA
content-length: 109865
cf-bgj: h2pri

GET
H2 200 2.js Show response
semimiyy.com/ads/ Frame AEA0 831 B
641 B 55ms
20ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://semimiyy.com/ads/2.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93dd8d69ab20a85546ede524b2b4af86ebb095d91f75869a79bf671f5eac73c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32911
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:29:47 GMT
server: cloudflare
etag: W/"61b47d9b-33f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lbSbdT4ZKgTbzc%2FE2qXaHoMPfVHsNoiD8GqttbuJNuQY9lJeDRa7wrHdpVF%2BaDHSEwes7bIYTZC241oLbTdWJM2yvjWx7GR%2Bxur1O1%2FJypWNBDe5lYN4xpP%2FgcyPFDtx5dfAz55Ag9kf7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd8b15c26-FRA
expires: Wed, 15 Dec 2021 01:41:31 GMT

GET
H2 200 2a0f0e71ba687824a2dd2692f3333a35.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 396 KB
396 KB 60ms
26ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/2a0f0e71ba687824a2dd2692f3333a35.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae28fbc952e06b4fd9e85598349265435d9e0b238ff5e85a78b80cd5c1aa7bf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-62e60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbdead693d-FRA
content-length: 405088
cf-bgj: h2pri

GET
H2 200 b48eaa6d402cfa04cd1f7c738695bf99.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 365 KB
366 KB 46ms
37ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/b48eaa6d402cfa04cd1f7c738695bf99.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69dede1cb8b5858a68fb21eff75915cf0d21f7a54da488029b91b5c60b3ad0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-5b5ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc0f02693d-FRA
content-length: 374222
cf-bgj: h2pri

GET
H2 200 b6c1696736d499f06369d261f3a5be1f.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 583 KB
584 KB 46ms
37ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/b6c1696736d499f06369d261f3a5be1f.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f53a536b3a69c7d41e74de8793c15a8abfcfda21c6c4fcb7944d40e617162ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-91c70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:52 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc0f05693d-FRA
content-length: 597104
cf-bgj: h2pri

GET
H2 200 3.js Show response
semimiyy.com/ads/ Frame AEA0 834 B
651 B 53ms
18ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://semimiyy.com/ads/3.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b8bfa45bc61a9badfe746a8c76d4fa75315871d746eaca07f2ac3b0e273a23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11625
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:30:05 GMT
server: cloudflare
etag: W/"61b47dad-342"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DsYIT4EGgbxnS3geDQExnkNpQjwvasVZ%2FGVgwDr9oyNgtnOGXvVk8ZHliFZkWuVHb54lY4uIR%2BUFwr25NMJ9p2tkEKoyuvF7BiaHnMP1jAqjRQXGx%2BD1aZb5lIugcilPeyzPLI4HQd8dfd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd8b05c26-FRA
expires: Wed, 15 Dec 2021 07:36:17 GMT

GET
H2 200 c3634351d9e737ae68bc62abfb31655d.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 87 KB
88 KB 50ms
43ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/c3634351d9e737ae68bc62abfb31655d.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f99f92bee0388ac99a950f364db123c708e559ec77b3904f8747a62b92274e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:21:08 GMT
server: cloudflare
age: 16040
etag: "61b8e094-15da0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:23:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc0f06693d-FRA
content-length: 89504
cf-bgj: h2pri

GET
H2 200 be7509e43e51682bbc574be729971cd1.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 74 KB
74 KB 43ms
37ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/be7509e43e51682bbc574be729971cd1.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff2442e5e433d7c141d80fc22c736511245c9653b2ae7f961dffc30ca5a832e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:21:08 GMT
server: cloudflare
age: 16036
etag: "61b8e094-12611"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:23:13 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc0f09693d-FRA
content-length: 75281
cf-bgj: h2pri

GET
H2 200 67570c706c0dd0f691f2268d599d0b7c.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 30 KB
30 KB 43ms
37ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/67570c706c0dd0f691f2268d599d0b7c.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ee0eb687101822e9be12ac50a00c058c1f1cf39a7d25951e6dc3035ec48fe9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:21:09 GMT
server: cloudflare
age: 16032
etag: "61b8e095-7782"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:23:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc0f0c693d-FRA
content-length: 30594
cf-bgj: h2pri

GET
H2 200 4.js Show response
semimiyy.com/ads/ Frame AEA0 859 B
610 B 55ms
20ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://semimiyy.com/ads/4.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27e6a3e882e3213659151faa83f3e7deec47cab69dc3ffdb6ec29a73cd95bafe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11625
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:30:19 GMT
server: cloudflare
etag: W/"61b47dbb-35b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T2Rc97zq5qQeBzWgre73KgJi%2FqbkQP4rKNDjie14cjdbkRMeVwp37CUVZZX5lpzM9JxrvMUdUP0Tf%2BGgPwpaDXDbhSAvF0s15W3IR0y4naGjiS%2BJ%2FFGFaCtZefaNPA6zheS6DeZ4re6yZ1k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd8b25c26-FRA
expires: Wed, 15 Dec 2021 07:36:17 GMT

GET
H2 200 b42bf40d794ad3cf6ba5f60ccda7ce9d.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 72 KB
72 KB 49ms
43ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/b42bf40d794ad3cf6ba5f60ccda7ce9d.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5eaf6a5ec0aa8af426469fea82fcdeccb371faac96c855c24ac606a305b305

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:24:19 GMT
server: cloudflare
age: 15321
etag: "61b8e153-11f6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:35:08 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc0f0e693d-FRA
content-length: 73579
cf-bgj: h2pri

GET
H2 200 26025dffa230480b451aeee1e4eec813.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 24 KB
24 KB 49ms
43ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/26025dffa230480b451aeee1e4eec813.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04cc4c8a2fe964178f4d38f80387efc585b4c79c6f0186ca5b752c98ce90520a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:24:19 GMT
server: cloudflare
age: 15321
etag: "61b8e153-5f66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:35:08 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc0f11693d-FRA
content-length: 24422
cf-bgj: h2pri

GET
H2 200 155d883ccf08b8eed3b3591ccc433ede.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 74 KB
74 KB 49ms
43ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/155d883ccf08b8eed3b3591ccc433ede.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26dbf98712d77980ca0b19c3bcfdc645791386dafa3bda61bff50a1d2f68f360

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:24:19 GMT
server: cloudflare
age: 15720
etag: "61b8e153-126bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:28:29 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc0f14693d-FRA
content-length: 75451
cf-bgj: h2pri

GET
H2 200 dibu.js Show response
www.semimiyy.com/ads/ Frame AEA0 2 KB
1 KB 52ms
17ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semimiyy.com/ads/dibu.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ecb012fca090c0467e0775d938fd62a9641d7a5527ba5136091191c5d55c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10736
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:31:12 GMT
server: cloudflare
etag: W/"61b47df0-9f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZaj8XKQSWExEWKM1YII6JguBZ%2FcFSaAiBafEDWO4FQwC3DNKl2ynLl34HCWKvOYjbr0qGZy4%2BY%2BcmXmB7jQw0CMku%2B0gKuWW0MvnvHBY6AoU8LeUogyi2nEAyJ5DBxlBcZANoBtS2mAr5nSUD14"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd8a45c26-FRA
expires: Wed, 15 Dec 2021 07:51:06 GMT

GET
H2 200 dblm.js Show response
www.semimiyy.com/ads/ Frame AEA0 1 KB
735 B 52ms
18ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semimiyy.com/ads/dblm.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de52f3b1cd50ca77f5fbbfec94fa0d7cd75a60baca278640d3143ad14d6a8745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11609
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 12 Dec 2021 03:12:53 GMT
server: cloudflare
etag: W/"61b568b5-46c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPz0RshNdGt2sNskB%2B3UvlVVTa0Cx8zg9zT7iZYuX4SefLegRCAQXPSKFJAtxx5%2Flzja9%2BrYZA%2FeOibPnvRTqGN4b%2F8MJxlqgfwrkb8%2BagWoRuGlFklOt3eCX%2BuWhlpAojkgD9mJpJ55toj8H4CN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd8a65c26-FRA
expires: Wed, 15 Dec 2021 07:36:33 GMT

GET z_stat.php
v1.cnzz.com/ Frame AEA0 0
0

GET
H3 200 ate.css
tt7.haokan856.com/template/m1938pc/css/ Frame C8F6 74 KB
5 KB 27ms
23ms Stylesheet
text/css 2606:4700:3035::ac43:c006
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt7.haokan856.com/template/m1938pc/css/ate.css
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39643
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 24 Jan 2021 07:28:38 GMT
server: cloudflare
etag: W/"600d21a6-126e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXXDUMlMdHpUOTMFtZY4bflYaK3BYugITiOA8lB5B0E534wNgIhfLHD0CtEVwyLB6IeM8SLEnDcILcV%2FG0dHb9W3HNBQ5ifYtylgW1nd3urilDBonnjbMZ9YvgA8PACBFakUNWyGZdkeahBx%2FOKcRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 6bdafdcbde49dfbb-FRA
expires: Tue, 14 Dec 2021 23:49:46 GMT

GET
H3 200 zui.css
tt7.haokan856.com/template/m1938pc/css/ Frame C8F6 84 KB
17 KB 27ms
26ms Stylesheet
text/css 2606:4700:3035::ac43:c006
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tt7.haokan856.com/template/m1938pc/css/zui.css
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e3b17818dddf7bfbf5cdfae99500fbb2882ee077e308618804860d0740c5246

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 39643
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 06 Apr 2021 06:56:22 GMT
server: cloudflare
etag: W/"606c0616-14ff2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2EqrTpaX0cgT6o9U5ub5PuY4wlbDlSUdiKnkijAtN9g%2FM5XuFEOcxzpC%2FVJQ0ECtErcUXlzbDsnD91S%2BBDVBHa1PJLGGO6VlGkFI0WorMDNHd6a3MzEOybPskT6jYmzpHpt8ZmL9vrqjk%2Bvh7m5Sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 6bdafdcbde4cdfbb-FRA
expires: Tue, 14 Dec 2021 23:49:46 GMT

GET
H2 200 dh.js Show response
www.semimiyy.com/ads/ Frame C8F6 2 KB
933 B 21ms
19ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semimiyy.com/ads/dh.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b198e38b7f8d08b063eac831341765dae774f56aca6d945bb4c33eee9edb233d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11380
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:30:46 GMT
server: cloudflare
etag: W/"61b47dd6-8a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEoo9isfFvOFtoVad1b59z%2Fao%2FZvcIgOWu4XNXi40e26uo4g299p5jCUlOQRT%2BPAt%2BbSWOfRvg9ZSfhAHVxWaq%2BVfKpz5RVINdQ%2FQ1bmSQXL2m0sv2GNiJ5i%2FmQ5h8MdU4Tkp2eNixvJ6Jn%2Fp6pP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd89f5c26-FRA
expires: Wed, 15 Dec 2021 07:40:22 GMT

GET
H2 200 960.js Show response
www.semimiyy.com/ads/ Frame C8F6 5 KB
1 KB 22ms
20ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semimiyy.com/ads/960.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 470604c0cbf71f9e0c2ac2d209092d21b8a1be44ea6a00efc1d1c1c977f8d6e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11626
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 12 Dec 2021 09:49:51 GMT
server: cloudflare
etag: W/"61b5c5bf-1544"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bt3dvduNfGmRXSmWoDBiQkKAswwVssDof0mdSHcnZpFkdgsYFdNL7bTrekz5f%2Fp57AhSAZ3XMQEkkUafep5VqXWj63hIfHKxFtpmD9FnnZkAJ5rfE5NwCHgo8E%2BXfOOosvQqLJWMfyVZ7MVVyz8c"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd8a05c26-FRA
expires: Wed, 15 Dec 2021 07:36:16 GMT

GET
H2 200 9601.js Show response
www.semimiyy.com/ads/ Frame C8F6 3 KB
1 KB 19ms
17ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semimiyy.com/ads/9601.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a535d0cd591cad94eda3ff4ad2c618d1c982ec35ccb9142955c448fdd6778a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11379
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 28 Nov 2021 15:40:34 GMT
server: cloudflare
etag: W/"61a3a2f2-a18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMtoMYlrkHG3zl3%2FBKl9KRqhyec3BLlnXF061NgnX%2BGDYlLqueKn8o4aw0ETujr5R4d6sfZ%2BOUdYkbcusX745n%2FVREd4K8nb%2FMrdvx0NWEWoU7SZQZ29OWR14Qby8LEuvIICiW6bwKWi8Knxe8ti"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd8a15c26-FRA
expires: Wed, 15 Dec 2021 07:40:23 GMT

GET
H2 200 1.js Show response
semimiyy.com/ads/ Frame C8F6 826 B
579 B 21ms
19ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://semimiyy.com/ads/1.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a93a9d72c506c9346499986aa08d700cb1cf90218294a7996a59f4f3bb21869e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32865
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:29:27 GMT
server: cloudflare
etag: W/"61b47d87-33a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpeZVbOMoIjW1dt7l5nn%2BI0TV3XQKw8JGDvNtBCI4J1Bgt2uz0Ck7WVH0aStRwBaI8ksnLsxFghruAyCjeuQcUryLMOkxjqcck2e7H7OFXa35ck1j%2BeoKEO4tsnKLWXMKhZXkvXEZWtshyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbd8ac5c26-FRA
expires: Wed, 15 Dec 2021 01:42:17 GMT

GET
H2 200 e7116352475ce4d120888aecd50645e7.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 77 KB
77 KB 29ms
27ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/e7116352475ce4d120888aecd50645e7.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45933fd2ad7cf875dd322e9ce8eca94c5a8ba58192c9df4c460fe900432ecfe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-13556"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbeece693d-FRA
content-length: 79190
cf-bgj: h2pri

GET
H2 200 2d063ffe04f375e2940d00efd33e1cff.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 377 KB
377 KB 29ms
27ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/2d063ffe04f375e2940d00efd33e1cff.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9118bb6e423248fede2bcf96263c21c347288ffd40f2f7d84e62f3e6d8f3db63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-5e34a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbeecf693d-FRA
content-length: 385866
cf-bgj: h2pri

GET
H2 200 717d76d62114af03c2a7b0848dc51e80.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 107 KB
107 KB 29ms
27ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/717d76d62114af03c2a7b0848dc51e80.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e860ad8a5a82c847f47c02b99b341904377721dc171c3f75cccb78c1e3f39b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-1ad29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbeed0693d-FRA
content-length: 109865
cf-bgj: h2pri

GET
H2 200 2.js Show response
semimiyy.com/ads/ Frame C8F6 831 B
587 B 18ms
16ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://semimiyy.com/ads/2.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93dd8d69ab20a85546ede524b2b4af86ebb095d91f75869a79bf671f5eac73c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32911
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:29:47 GMT
server: cloudflare
etag: W/"61b47d9b-33f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KrElunE3igWp9rQ9KioERS74Wly%2BHhymm0XPc8wi8CIvay80DAzJsFfcfOsNprkV0QrAJEKHPGKGCdFNq2L1aM9wR%2F%2FSNyBjVGW%2Ba2d6May5ARRpygKVmG8US0i2L4QypLXi0LAQdqg3pDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbe8d85c26-FRA
expires: Wed, 15 Dec 2021 01:41:31 GMT

GET
H2 200 2a0f0e71ba687824a2dd2692f3333a35.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 396 KB
396 KB 42ms
40ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/2a0f0e71ba687824a2dd2692f3333a35.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae28fbc952e06b4fd9e85598349265435d9e0b238ff5e85a78b80cd5c1aa7bf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-62e60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbeed1693d-FRA
content-length: 405088
cf-bgj: h2pri

GET
H2 200 b48eaa6d402cfa04cd1f7c738695bf99.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 365 KB
366 KB 33ms
31ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/b48eaa6d402cfa04cd1f7c738695bf99.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69dede1cb8b5858a68fb21eff75915cf0d21f7a54da488029b91b5c60b3ad0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-5b5ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbeed3693d-FRA
content-length: 374222
cf-bgj: h2pri

GET
H2 200 b6c1696736d499f06369d261f3a5be1f.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 583 KB
584 KB 35ms
34ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/b6c1696736d499f06369d261f3a5be1f.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f53a536b3a69c7d41e74de8793c15a8abfcfda21c6c4fcb7944d40e617162ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-91c70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:52 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbeed4693d-FRA
content-length: 597104
cf-bgj: h2pri

GET
H2 200 3.js Show response
semimiyy.com/ads/ Frame C8F6 834 B
652 B 23ms
20ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://semimiyy.com/ads/3.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2b8bfa45bc61a9badfe746a8c76d4fa75315871d746eaca07f2ac3b0e273a23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11625
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:30:05 GMT
server: cloudflare
etag: W/"61b47dad-342"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YmJRX5nHU5KJmxdUaDqkQytC0MhWFoPwBUlfZztG7E4QlZh6Wg%2BSZ2jnDIxahOUav27LOBCMlTPTw%2Bz6CcIILU4gI0jXSobtmwD51Q9jA%2ByGz5r7NPgRa0%2BroC1vHEM10DUg2s7WZYtVtE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbe8dc5c26-FRA
expires: Wed, 15 Dec 2021 07:36:17 GMT

GET
H2 200 c3634351d9e737ae68bc62abfb31655d.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 87 KB
88 KB 42ms
40ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/c3634351d9e737ae68bc62abfb31655d.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f99f92bee0388ac99a950f364db123c708e559ec77b3904f8747a62b92274e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:21:08 GMT
server: cloudflare
age: 16040
etag: "61b8e094-15da0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:23:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbeed5693d-FRA
content-length: 89504
cf-bgj: h2pri

GET
H2 200 be7509e43e51682bbc574be729971cd1.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 74 KB
74 KB 47ms
45ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/be7509e43e51682bbc574be729971cd1.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff2442e5e433d7c141d80fc22c736511245c9653b2ae7f961dffc30ca5a832e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:21:08 GMT
server: cloudflare
age: 16036
etag: "61b8e094-12611"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:23:13 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbeed6693d-FRA
content-length: 75281
cf-bgj: h2pri

GET
H2 200 67570c706c0dd0f691f2268d599d0b7c.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 30 KB
30 KB 49ms
48ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/67570c706c0dd0f691f2268d599d0b7c.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ee0eb687101822e9be12ac50a00c058c1f1cf39a7d25951e6dc3035ec48fe9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:21:09 GMT
server: cloudflare
age: 16032
etag: "61b8e095-7782"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:23:17 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbeed9693d-FRA
content-length: 30594
cf-bgj: h2pri

GET
H2 200 4.js Show response
semimiyy.com/ads/ Frame C8F6 859 B
609 B 30ms
28ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://semimiyy.com/ads/4.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27e6a3e882e3213659151faa83f3e7deec47cab69dc3ffdb6ec29a73cd95bafe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11625
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:30:19 GMT
server: cloudflare
etag: W/"61b47dbb-35b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcYVgIUpi9F5ymIN%2BmWkvCSkqnZyJh0Nh4kGg37AGv2yF5U9gaU9s4OAGCSGuTb17Ju6J2DwwGONTcHtsHSqjtjcyKwdDGBZnrpY6uEUysXE0Godgc3YzuYOnurHhE1d5ZjOy2%2BpWZK47PQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbe8dd5c26-FRA
expires: Wed, 15 Dec 2021 07:36:17 GMT

GET
H2 200 b42bf40d794ad3cf6ba5f60ccda7ce9d.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 72 KB
72 KB 41ms
40ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/b42bf40d794ad3cf6ba5f60ccda7ce9d.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5eaf6a5ec0aa8af426469fea82fcdeccb371faac96c855c24ac606a305b305

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:24:19 GMT
server: cloudflare
age: 15321
etag: "61b8e153-11f6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:35:08 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbeedc693d-FRA
content-length: 73579
cf-bgj: h2pri

GET
H2 200 26025dffa230480b451aeee1e4eec813.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 24 KB
24 KB 45ms
44ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/26025dffa230480b451aeee1e4eec813.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04cc4c8a2fe964178f4d38f80387efc585b4c79c6f0186ca5b752c98ce90520a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:24:19 GMT
server: cloudflare
age: 15321
etag: "61b8e153-5f66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:35:08 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbeedd693d-FRA
content-length: 24422
cf-bgj: h2pri

GET
H2 200 155d883ccf08b8eed3b3591ccc433ede.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 74 KB
74 KB 35ms
34ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/155d883ccf08b8eed3b3591ccc433ede.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26dbf98712d77980ca0b19c3bcfdc645791386dafa3bda61bff50a1d2f68f360

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:24:19 GMT
server: cloudflare
age: 15720
etag: "61b8e153-126bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:28:29 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcbfee1693d-FRA
content-length: 75451
cf-bgj: h2pri

GET
H2 200 dibu.js Show response
www.semimiyy.com/ads/ Frame C8F6 2 KB
1 KB 17ms
14ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semimiyy.com/ads/dibu.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ecb012fca090c0467e0775d938fd62a9641d7a5527ba5136091191c5d55c88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10736
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 11 Dec 2021 10:31:12 GMT
server: cloudflare
etag: W/"61b47df0-9f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X7ZgprOToMVK50P6axVVkp0RR2tDJKXfSDixb3p4h6L7konPclovCGyCeMk2YAee9v3zmTrfyQKT%2BMYU1dou447S6b1%2Bpte%2BE4tirgorYuw5VFgey4UoYvf02rC4l3j7Fc8RrJp79wS6oBbwYgyK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbe8df5c26-FRA
expires: Wed, 15 Dec 2021 07:51:06 GMT

GET
H2 200 dblm.js Show response
www.semimiyy.com/ads/ Frame C8F6 1 KB
732 B 18ms
15ms Script
application/javascript 2606:4700:3031::ac43:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.semimiyy.com/ads/dblm.js
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:aa54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de52f3b1cd50ca77f5fbbfec94fa0d7cd75a60baca278640d3143ad14d6a8745

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11609
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 12 Dec 2021 03:12:53 GMT
server: cloudflare
etag: W/"61b568b5-46c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQq22p4qoBLOciW%2BSNuGqLSvqDytzgZTGg6V22Ez4thockuD7S0ckMkXZabGdzjZtcOnELizoIMe9JO9ogJaiagzoM1cmrX%2BxRXxUOUVU%2Faer5S%2BWYX3eGNF3sh56mn6PZayA3%2F1etbJYcCRvV5Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 6bdafdcbe8e05c26-FRA
expires: Wed, 15 Dec 2021 07:36:33 GMT

GET z_stat.php
v1.cnzz.com/ Frame C8F6 0
0

GET
H/1.1 200
OK 247b3526d8054a04b8128fb837250c04.gif
3332600.com/ Frame AEA0 631 KB
631 KB 2129ms
445ms Image
image/gif 45.61.212.129
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3332600.com/247b3526d8054a04b8128fb837250c04.gif
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.129 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: c6fafe28e6b8f4d93be498c49a8c43d61f3c7ea3f7d4ad43f793b5ba9abaf3e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:31:18 GMT
Last-Modified: Sun, 24 Oct 2021 10:15:54 GMT
Server: nginx
ETag: "6175325a-9dabe"
X-Cache: HIT from cloud-us2-cdnb-29
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 645822

GET
H2 200 960x240-4.x
cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/ Frame AEA0 134 KB
134 KB 110ms
72ms Image
application/octet-stream 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/960x240-4.x

Requested by

Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cba518ce5224fa9ee65ae21958af785ab76c339dba2793f9017a806c904cf6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18326
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 137113
x-served-by: cache-fra19153-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"21799-b/a/iPD98IfKwHuu7M7WV4FN78U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6bdafdcc48f75b3e-FRA

GET
H2 200 960x240-3.x
cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/ Frame AEA0 305 KB
306 KB 110ms
72ms Image
application/octet-stream 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/960x240-3.x

Requested by

Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff155cfd7da51e6984c8749f3cbb2da4146b00ff9d2bb93daa027673fa015ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18326
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 312830
x-served-by: cache-fra19178-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"4c5fe-89R7Y++b1Co0plymXq4DJrJbY9E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6bdafdcc48f95b3e-FRA

GET
H/1.1

200
OK

8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a81e0bb991fdde945972f6e035059ccc00055537f2cce5045cbe1f0d145b56bdf
sz.btfs.mail.ftn.qq.com/ftn_handler/ Frame AEA0
Redirect Chain

https://wx.mail.qq.com/webnote/viewfile?fileid=ZF0017_ysPN0iWMxqsuctwAAvIxYb2&notekey=PSgXrwkA5BvNraUyd8IF9xBvkIpXMT5QnK4mfTpySJg&name=520%E4%B8%8A.gif
https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a81e0bb991fdde945972f6e035059ccc00055537f2cce5045cbe1f0d145b56bdf?compressed=0&dtype=1&fna...

115 KB
115 KB

2800ms
952ms

Image
image/gif

2402:4e00:1620:1300:0:942e:75b8:c214
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a81e0bb991fdde945972f6e035059ccc00055537f2cce5045cbe1f0d145b56bdf?compressed=0&dtype=1&fname=520%E4%B8%8A.gif
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: HTTP/1.1
Server: 2402:4e00:1620:1300:0:942e:75b8:c214 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 3f823f07057dd241c5837135adf69736382218bbe7f087417e4b92d73c2c37ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

User-ReturnCode: 0
Date: Tue, 14 Dec 2021 22:50:32 GMT
Server: NWSs
Content-Language: zh-CN
Access-Control-Allow-Origin: *
Content-Disposition: attachment; filename="520ä¸.gif"; filename*=utf-8''520%E4%B8%8A.gif
X-NWS-LOG-UUID: 4fc9bb4f-fc37-48c6-9476-a5a6af0919d9
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 117796

Redirect headers

Location: https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a81e0bb991fdde945972f6e035059ccc00055537f2cce5045cbe1f0d145b56bdf?compressed=0&dtype=1&fname=520%E4%B8%8A.gif
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: ; charset=UTF-8

GET
H2 200 xxx.78gn7mff1gw0.gif
cdn.jsdelivr.net/gh/mizsw/min@main/ Frame AEA0 104 KB
105 KB 68ms
43ms Image
image/gif 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/mizsw/min@main/xxx.78gn7mff1gw0.gif

Requested by

Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4227b0b7f3a4b4a4c94e222e2d9de062d72a61e26d1a0b254f055cf321e42405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35880
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 106747
x-served-by: cache-fra19141-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"1a0fb-eEba/f4jTrZjtux/8oF5rcDioyU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6bdafdcc48fa5b3e-FRA

GET
H2 200 500x280-1.gif
8.t-s-s.cn/Xiii/ Frame AEA0 302 KB
303 KB 86ms
25ms Image
image/gif 2606:4700:3032::6815:4d1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8.t-s-s.cn/Xiii/500x280-1.gif

Requested by

Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::6815:4d1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fac51feb5988d1666014fa78a870689a907f20606e351e18558da33e1c51dfa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2131269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 309091
last-modified: Mon, 20 Sep 2021 11:20:10 GMT
server: cloudflare
etag: "61486e6a-4b763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0V9z1R1wJqIdU9R6niNvs5pwr%2FQbHTrPn16rjhfobsY9D7O%2Bbr1kNanOyDAj%2F1GGjyT1%2FQ2Rvve8Vc1X0YRHI1NCI9Dr9%2F4p4KnxJwnK3zMmZlRVhoC3GbAPYe0qYGROQUBsxHtHLGv"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc8fb1061c-FRA
expires: Mon, 20 Dec 2021 06:48:26 GMT

GET
H2 200 e7116352475ce4d120888aecd50645e7.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 77 KB
78 KB 50ms
48ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/e7116352475ce4d120888aecd50645e7.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45933fd2ad7cf875dd322e9ce8eca94c5a8ba58192c9df4c460fe900432ecfe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-13556"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc2f64693d-FRA
content-length: 79190
cf-bgj: h2pri

GET
H2 200 2d063ffe04f375e2940d00efd33e1cff.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 377 KB
377 KB 56ms
55ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/2d063ffe04f375e2940d00efd33e1cff.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9118bb6e423248fede2bcf96263c21c347288ffd40f2f7d84e62f3e6d8f3db63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-5e34a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc2f6b693d-FRA
content-length: 385866
cf-bgj: h2pri

GET
H2 200 717d76d62114af03c2a7b0848dc51e80.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 107 KB
107 KB 52ms
51ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/717d76d62114af03c2a7b0848dc51e80.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e860ad8a5a82c847f47c02b99b341904377721dc171c3f75cccb78c1e3f39b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-1ad29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc2f6f693d-FRA
content-length: 109865
cf-bgj: h2pri

GET
H3 200 video-play.png
tt7.haokan856.com/template/m1938pc/images/ Frame AEA0 2 KB
2 KB 347ms
346ms Image
image/png 2606:4700:3035::ac43:c006
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt7.haokan856.com/template/m1938pc/images/video-play.png
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/template/m1938pc/css/zui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1567
last-modified: Sun, 24 Jan 2021 07:28:48 GMT
server: cloudflare
etag: "600d21b0-61f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJEUuBhFTp0mApBZRoliXViTjjO2mfDe8%2BDLkGzu8cx1mSPCZo5qDJlS9Vd%2BbXNDhVWL8pr9B2DudZ9CUILQkMeGtUiXL%2BvLDUu9nwiUx0xWB%2B1FblBprCI2xGG0WJSWQWAfgk%2F4j0FzR9vOTUF77g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bdafdcc2e87dfbb-FRA
expires: Thu, 13 Jan 2022 22:50:29 GMT

GET
H2 200 xt11.gif
tnlapp.com/static/images/ Frame AEA0 2 MB
2 MB 220ms
21ms Image
image/gif 2606:4700:3030::ac43:a2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt11.gif
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 315893
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1639812
last-modified: Mon, 07 Jun 2021 05:47:54 GMT
server: cloudflare
etag: "60bdb30a-190584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mChep0CI29OdPC%2BFCbosx%2BWMG7r0doG1iH4FsUogKhq7ajvkRWLkO0VBg%2F9W3Qn8r9Hs0WJA%2Fh4GFWELAvWYTIJWWHIPTBmH2UDZLxshdWD71Tu5b2s9u%2B7MjNyVqZFPrV9Ml4uFfem"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bdafdcdba664ac3-FRA
expires: Mon, 10 Jan 2022 07:05:36 GMT

GET
H/1.1 200
OK 200-200-1.gif
img.123456img.com/ Frame AEA0 205 KB
205 KB 783ms
308ms Image
image/gif 23.224.177.148
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.123456img.com:3366/200-200-1.gif
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.224.177.148 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: Tengine /
Resource Hash: 7d25352fe3d33607e2cca46a6544d7084a8eb1ea44dc8db5d868eb0a3ffe231e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 14 Dec 2021 22:50:29 GMT
Last-Modified: Sat, 23 Oct 2021 00:02:56 GMT
Server: Tengine
ETag: "61735130-33290"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-Cache: hit
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 209552

GET
H2 200 2a0f0e71ba687824a2dd2692f3333a35.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 396 KB
396 KB 73ms
72ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/2a0f0e71ba687824a2dd2692f3333a35.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae28fbc952e06b4fd9e85598349265435d9e0b238ff5e85a78b80cd5c1aa7bf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-62e60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc8823693d-FRA
content-length: 405088
cf-bgj: h2pri

GET
H2 200 b48eaa6d402cfa04cd1f7c738695bf99.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 365 KB
366 KB 77ms
75ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/b48eaa6d402cfa04cd1f7c738695bf99.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69dede1cb8b5858a68fb21eff75915cf0d21f7a54da488029b91b5c60b3ad0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-5b5ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc8826693d-FRA
content-length: 374222
cf-bgj: h2pri

GET
H2 200 b6c1696736d499f06369d261f3a5be1f.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 583 KB
584 KB 77ms
76ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/b6c1696736d499f06369d261f3a5be1f.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f53a536b3a69c7d41e74de8793c15a8abfcfda21c6c4fcb7944d40e617162ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-91c70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:52 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc8827693d-FRA
content-length: 597104
cf-bgj: h2pri

GET
H/1.1 200
OK 247b3526d8054a04b8128fb837250c04.gif
3332600.com/ Frame C8F6 631 KB
631 KB 2056ms
447ms Image
image/gif 45.61.212.129
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3332600.com/247b3526d8054a04b8128fb837250c04.gif
Requested by: Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dh.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.129 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: c6fafe28e6b8f4d93be498c49a8c43d61f3c7ea3f7d4ad43f793b5ba9abaf3e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:31:18 GMT
Last-Modified: Sun, 24 Oct 2021 10:15:54 GMT
Server: nginx
ETag: "6175325a-9dabe"
X-Cache: HIT from cloud-us2-cdnb-29
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 645822

GET
H2 200 960x240-4.x
cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/ Frame C8F6 134 KB
134 KB 65ms
64ms Image
application/octet-stream 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/960x240-4.x

Requested by

Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cba518ce5224fa9ee65ae21958af785ab76c339dba2793f9017a806c904cf6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18326
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 137113
x-served-by: cache-fra19153-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"21799-b/a/iPD98IfKwHuu7M7WV4FN78U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6bdafdcc89335b3e-FRA

GET
H2 200 960x240-3.x
cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/ Frame C8F6 305 KB
306 KB 80ms
79ms Image
application/octet-stream 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/960x240-3.x

Requested by

Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff155cfd7da51e6984c8749f3cbb2da4146b00ff9d2bb93daa027673fa015ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18326
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 312830
x-served-by: cache-fra19178-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"4c5fe-89R7Y++b1Co0plymXq4DJrJbY9E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6bdafdcc89365b3e-FRA

GET
H/1.1

200
OK

8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a5913d0c745dc35ebd077663a3f741326085143c5e25837239abf4d20d0ea3c7c
sz.btfs.mail.ftn.qq.com/ftn_handler/ Frame C8F6
Redirect Chain

https://wx.mail.qq.com/webnote/viewfile?fileid=ZF0017_ysPN0iWMxqsuctwAAvIxYb2&notekey=PSgXrwkA5BvNraUyd8IF9xBvkIpXMT5QnK4mfTpySJg&name=520%E4%B8%8A.gif
https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a5913d0c745dc35ebd077663a3f741326085143c5e25837239abf4d20d0ea3c7c?compressed=0&dtype=1&fna...

115 KB
115 KB

2745ms
950ms

Image
image/gif

2402:4e00:1620:1300:0:942e:75b8:c214
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a5913d0c745dc35ebd077663a3f741326085143c5e25837239abf4d20d0ea3c7c?compressed=0&dtype=1&fname=520%E4%B8%8A.gif
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: HTTP/1.1
Server: 2402:4e00:1620:1300:0:942e:75b8:c214 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 3f823f07057dd241c5837135adf69736382218bbe7f087417e4b92d73c2c37ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

User-ReturnCode: 0
Date: Tue, 14 Dec 2021 22:50:32 GMT
Server: NWSs
Content-Language: zh-CN
Access-Control-Allow-Origin: *
Content-Disposition: attachment; filename="520ä¸.gif"; filename*=utf-8''520%E4%B8%8A.gif
X-NWS-LOG-UUID: dc6a9308-bedc-4e80-b15c-da58f6fbd893
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 117796

Redirect headers

Location: https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a5913d0c745dc35ebd077663a3f741326085143c5e25837239abf4d20d0ea3c7c?compressed=0&dtype=1&fname=520%E4%B8%8A.gif
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: ; charset=UTF-8

GET
H2 200 sss.gif
mgsc.me/tuplic/ Frame AEA0 572 KB
573 KB 348ms
48ms Image
image/gif 2606:4700:3033::ac43:b9c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mgsc.me/tuplic/sss.gif
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b9c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7db560f3d1657f5e6ca8e6ce513ddd6db9f18a4c02b5e3c3ff2d6c27fe0d58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1976873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 585790
last-modified: Mon, 12 Jul 2021 15:46:43 GMT
server: cloudflare
etag: "60ec63e3-8f03e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtWxsfyMeqD3bUv%2FclkBKtGyDbn%2FoYaMKyTHza4aVZD23WPFpYDPepsxNvYZ%2By4D7zDjDeYV%2Fz%2BwdWpu2zzqf6W6XJqlC9ch%2FbKaeH7d8flysZ5xPAoIZgikuJm1iF3XKvZVgFz1"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bdafdce8dd17028-FRA
expires: Wed, 22 Dec 2021 01:42:36 GMT

GET xiuxiu.gif
www.9923tv.com/Template/jjy/images/ Frame AEA0 0
0

GET
H2 200 c3634351d9e737ae68bc62abfb31655d.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 87 KB
88 KB 100ms
100ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/c3634351d9e737ae68bc62abfb31655d.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f99f92bee0388ac99a950f364db123c708e559ec77b3904f8747a62b92274e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:21:08 GMT
server: cloudflare
age: 16040
etag: "61b8e094-15da0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:23:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc9848693d-FRA
content-length: 89504
cf-bgj: h2pri

GET
H2 200 be7509e43e51682bbc574be729971cd1.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame AEA0 74 KB
74 KB 102ms
102ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/be7509e43e51682bbc574be729971cd1.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff2442e5e433d7c141d80fc22c736511245c9653b2ae7f961dffc30ca5a832e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:21:08 GMT
server: cloudflare
age: 16036
etag: "61b8e094-12611"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:23:13 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdcc984b693d-FRA
content-length: 75281
cf-bgj: h2pri

GET
H3 200 xxx.78gn7mff1gw0.gif
cdn.jsdelivr.net/gh/mizsw/min@main/ Frame C8F6 104 KB
105 KB 57ms
30ms Image
image/gif 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/mizsw/min@main/xxx.78gn7mff1gw0.gif

Requested by

Host: semimiyy.com
URL: https://semimiyy.com/ads/1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4227b0b7f3a4b4a4c94e222e2d9de062d72a61e26d1a0b254f055cf321e42405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35880
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 106747
x-served-by: cache-fra19141-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"1a0fb-eEba/f4jTrZjtux/8oF5rcDioyU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6bdafdccdbb842ee-FRA

GET
H3 200 500x280-1.gif
8.t-s-s.cn/Xiii/ Frame C8F6 302 KB
303 KB 80ms
33ms Image
image/gif 2606:4700:3032::6815:4d1b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8.t-s-s.cn/Xiii/500x280-1.gif

Requested by

Host: semimiyy.com
URL: https://semimiyy.com/ads/1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:4d1b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fac51feb5988d1666014fa78a870689a907f20606e351e18558da33e1c51dfa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2131269
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 309091
last-modified: Mon, 20 Sep 2021 11:20:10 GMT
server: cloudflare
etag: "61486e6a-4b763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeEM1rPOSf%2Bvsc2NpVOevaoKsNFsffIyQY8nc3PlCCkDuGIX62ysWxCDlyR%2BiXFc%2FtKSKkb37nSV8W%2Fq%2BA3G%2BklIEmjpfU8SjgcRfPkF4Ewc73we3iIHb7JfYzug0BMDqiJRxOMuS%2Blq"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdccfc50c295-FRA
expires: Mon, 20 Dec 2021 06:48:26 GMT

GET
H2 200 e7116352475ce4d120888aecd50645e7.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 77 KB
77 KB 113ms
110ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/e7116352475ce4d120888aecd50645e7.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45933fd2ad7cf875dd322e9ce8eca94c5a8ba58192c9df4c460fe900432ecfe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-13556"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdccb8b9693d-FRA
content-length: 79190
cf-bgj: h2pri

GET
H2 200 2d063ffe04f375e2940d00efd33e1cff.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 377 KB
377 KB 94ms
93ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/2d063ffe04f375e2940d00efd33e1cff.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9118bb6e423248fede2bcf96263c21c347288ffd40f2f7d84e62f3e6d8f3db63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-5e34a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdccb8ba693d-FRA
content-length: 385866
cf-bgj: h2pri

GET
H2 200 717d76d62114af03c2a7b0848dc51e80.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 107 KB
107 KB 105ms
103ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/717d76d62114af03c2a7b0848dc51e80.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e860ad8a5a82c847f47c02b99b341904377721dc171c3f75cccb78c1e3f39b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:19:23 GMT
server: cloudflare
age: 15527
etag: "61b8e02b-1ad29"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:31:42 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdccb8bb693d-FRA
content-length: 109865
cf-bgj: h2pri

GET
H2 200 xt12.gif
tnlapp.com/static/images/ Frame AEA0 732 KB
733 KB 189ms
21ms Image
image/gif 2606:4700:3030::ac43:a2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt12.gif
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 734409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 749706
last-modified: Mon, 07 Jun 2021 05:47:54 GMT
server: cloudflare
etag: "60bdb30a-b708a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dALslEmoFjafCvXPbTcp4Ij9n5Cap%2Fl77hAwDtoBiXTZ8YC3smbiIrWSzFI1fmnFDlFF7SbMrVo9RP6fIcOnqlgGeysl5vE55mF4NG1uqTGdNeNoV48hpEVSL%2FSnlgr%2B%2FiJ9ceKZ8vk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bdafdcdba694ac3-FRA
expires: Wed, 05 Jan 2022 10:50:20 GMT

GET
H2 200 xt10.gif
tnlapp.com/static/images/ Frame AEA0 609 KB
610 KB 187ms
21ms Image
image/gif 2606:4700:3030::ac43:a2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt10.gif
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 734409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 623748
last-modified: Mon, 07 Jun 2021 05:47:53 GMT
server: cloudflare
etag: "60bdb309-98484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REnkpj1oTkcBtoA2BAAI%2BUTgh2gJM%2BsMfbmOI64RzLMWG7KNYqCj%2FIUG4udu0ta1Z9JvtBp3iTPULodme%2BPwcbOzjA9nRF1LKRwjCQFZ%2Fy8429%2BdjWUgGlnzflQLzvl6ygNcsAl3ushk"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bdafdcdba6a4ac3-FRA
expires: Wed, 05 Jan 2022 10:50:20 GMT

GET
H2 200 xt11.gif
tnlapp.com/static/images/ Frame C8F6 2 MB
2 MB 185ms
20ms Image
image/gif 2606:4700:3030::ac43:a2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt11.gif
Requested by: Host: semimiyy.com
URL: https://semimiyy.com/ads/2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 315893
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1639812
last-modified: Mon, 07 Jun 2021 05:47:54 GMT
server: cloudflare
etag: "60bdb30a-190584"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewziVv%2F85Ve7%2FaAQ9PNGDVhlRE82UynjSeiNdsQBBlW5LVJW8v98ae2TR7C%2B8scWqO%2FL3xvehi3RX8pSZkuXkqzeDA0p5rdlAfi3eRsgCx55Pi9nc4D3DY6ymawsUWQs%2FnkdEPBXbS18"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bdafdcdba674ac3-FRA
expires: Mon, 10 Jan 2022 07:05:36 GMT

GET
H/1.1 200
OK 200-200-1.gif
img.123456img.com/ Frame C8F6 205 KB
205 KB 827ms
348ms Image
image/gif 23.224.177.148
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.123456img.com:3366/200-200-1.gif
Requested by: Host: semimiyy.com
URL: https://semimiyy.com/ads/2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.224.177.148 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: Tengine /
Resource Hash: 7d25352fe3d33607e2cca46a6544d7084a8eb1ea44dc8db5d868eb0a3ffe231e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 14 Dec 2021 22:50:29 GMT
Last-Modified: Sat, 23 Oct 2021 00:02:56 GMT
Server: Tengine
ETag: "61735130-33290"
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-Cache: hit
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Requested-With
Content-Length: 209552

GET
H2 200 2a0f0e71ba687824a2dd2692f3333a35.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 396 KB
396 KB 106ms
105ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/2a0f0e71ba687824a2dd2692f3333a35.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae28fbc952e06b4fd9e85598349265435d9e0b238ff5e85a78b80cd5c1aa7bf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-62e60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdccb8c0693d-FRA
content-length: 405088
cf-bgj: h2pri

GET
H2 200 b48eaa6d402cfa04cd1f7c738695bf99.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 365 KB
366 KB 110ms
109ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/b48eaa6d402cfa04cd1f7c738695bf99.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c69dede1cb8b5858a68fb21eff75915cf0d21f7a54da488029b91b5c60b3ad0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-5b5ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:51 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdccb8c2693d-FRA
content-length: 374222
cf-bgj: h2pri

GET
H2 200 b6c1696736d499f06369d261f3a5be1f.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 583 KB
584 KB 102ms
101ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/b6c1696736d499f06369d261f3a5be1f.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f53a536b3a69c7d41e74de8793c15a8abfcfda21c6c4fcb7944d40e617162ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:20:02 GMT
server: cloudflare
age: 15577
etag: "61b8e052-91c70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:30:52 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdccb8c3693d-FRA
content-length: 597104
cf-bgj: h2pri

GET
H3 200 video-play.png
tt7.haokan856.com/template/m1938pc/images/ Frame C8F6 2 KB
2 KB 570ms
570ms Image
image/png 2606:4700:3035::ac43:c006
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt7.haokan856.com/template/m1938pc/images/video-play.png
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/template/m1938pc/css/zui.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c006 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/template/m1938pc/css/zui.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1567
last-modified: Sun, 24 Jan 2021 07:28:48 GMT
server: cloudflare
etag: "600d21b0-61f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QafLk4AtqTVcC9JfAZYTrmBN%2FmLCjr31fc789aePccayY0fbiNnZIdStPZKBNX0G09eEIj6zmjmEwnwvIo2EGf0ee7G4VTwSRdoQ08Bi6zb6iPcxR6nry2pp7tVudsqhw99oPBSuF10K24fLpuuugw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bdafdcccf17dfbb-FRA
expires: Thu, 13 Jan 2022 22:50:29 GMT

GET
H/1.1

200
OK

8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a2395f9abedb5e55ee531e0687964d4d3054f42052544f870586cf607d182c9bd
sz.btfs.mail.ftn.qq.com/ftn_handler/ Frame AEA0
Redirect Chain

https://wx.mail.qq.com/webnote/viewfile?fileid=ZF0017_ysPN0iWMxqsuctwAAvIxYb2&notekey=PSgXrwkA5BvNraUyd8IF9xBvkIpXMT5QnK4mfTpySJg&name=520%E4%B8%8A.gif
https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a2395f9abedb5e55ee531e0687964d4d3054f42052544f870586cf607d182c9bd?compressed=0&dtype=1&fna...

115 KB
115 KB

2747ms
959ms

Image
image/gif

2402:4e00:1620:1300:0:942e:75b8:c214
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a2395f9abedb5e55ee531e0687964d4d3054f42052544f870586cf607d182c9bd?compressed=0&dtype=1&fname=520%E4%B8%8A.gif
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: HTTP/1.1
Server: 2402:4e00:1620:1300:0:942e:75b8:c214 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 3f823f07057dd241c5837135adf69736382218bbe7f087417e4b92d73c2c37ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

User-ReturnCode: 0
Date: Tue, 14 Dec 2021 22:50:32 GMT
Server: NWSs
Content-Language: zh-CN
Access-Control-Allow-Origin: *
Content-Disposition: attachment; filename="520ä¸.gif"; filename*=utf-8''520%E4%B8%8A.gif
X-NWS-LOG-UUID: 2b458eef-bece-4647-8934-d18e0916d567
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 117796

Redirect headers

Location: https://sz.btfs.mail.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57d4ee51b9c199d4eb0240805a76645b1a2395f9abedb5e55ee531e0687964d4d3054f42052544f870586cf607d182c9bd?compressed=0&dtype=1&fname=520%E4%B8%8A.gif
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: ; charset=UTF-8

GET
H/1.1 200
OK 247b3526d8054a04b8128fb837250c04.gif
3332600.com/ Frame AEA0 631 KB
631 KB 2009ms
448ms Image
image/gif 45.61.212.129
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3332600.com/247b3526d8054a04b8128fb837250c04.gif
Requested by: Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dibu.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.129 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: c6fafe28e6b8f4d93be498c49a8c43d61f3c7ea3f7d4ad43f793b5ba9abaf3e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:31:18 GMT
Last-Modified: Sun, 24 Oct 2021 10:15:54 GMT
Server: nginx
ETag: "6175325a-9dabe"
X-Cache: HIT from cloud-us2-cdnb-29
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 645822

GET
H3 200 960x240-4.x
cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/ Frame AEA0 134 KB
134 KB 96ms
94ms Image
application/octet-stream 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/960x240-4.x

Requested by

Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dibu.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cba518ce5224fa9ee65ae21958af785ab76c339dba2793f9017a806c904cf6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18326
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 137113
x-served-by: cache-fra19153-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"21799-b/a/iPD98IfKwHuu7M7WV4FN78U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6bdafdccdbbc42ee-FRA

GET
H3 200 960x240-3.x
cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/ Frame AEA0 305 KB
306 KB 117ms
115ms Image
application/octet-stream 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/960x240-3.x

Requested by

Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dibu.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff155cfd7da51e6984c8749f3cbb2da4146b00ff9d2bb93daa027673fa015ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18326
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 312830
x-served-by: cache-fra19178-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"4c5fe-89R7Y++b1Co0plymXq4DJrJbY9E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6bdafdccdbc042ee-FRA

GET
H2 200 wap_1100_963_kuYBxjANWE Show response
1639220631.eswjj.com.cn/ Frame AEA0 11 KB
6 KB 2013ms
674ms Script
application/javascript 154.23.245.118
KURUN-AS-

General

Check archive.org

Show headers Download Go to

Full URL

https://1639220631.eswjj.com.cn:4050/wap_1100_963_kuYBxjANWE

Requested by

Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dblm.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

154.23.245.118 , United States, ASN395886 (KURUN-AS-, US),

Reverse DNS

Software

nginx /

Resource Hash

9336c9ede8f741afd9c026738b2c2b548d36d37edec2d263ba4db746623be422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000, no-cache

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:49:56 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 11:19:21 GMT
server: nginx
etag: W/"61b87db9-2c43"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
strict-transport-security: max-age=31536000, max-age=31536000, no-cache
expires: Wed, 15 Dec 2021 03:12:20 GMT

GET
H/1.1 200
OK mswia Show response
sandrarene.com/gdhchytno/mswia1mhl0aloqbm4lcyc/320/ Frame AEA0 39 B
708 B 3180ms
252ms Script
text/html 8.210.131.106
CNNIC-ALIBABA-US-...

General

Check archive.org

Show headers Download Go to

Full URL: https://sandrarene.com/gdhchytno/mswia1mhl0aloqbm4lcyc/320/mswia
Requested by: Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dblm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 8.210.131.106 Central, Hong Kong, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: nginx/1.2.4 / PHP/5.2.14p1
Resource Hash: ba55a8d3866b0f5d4e5c85526551f2ba958c571b6662ec05d97819dddd8d6633

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 14 Dec 2021 22:50:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.14p1
Transfer-Encoding: chunked
P3P: CP=CAO PSA OUR
Connection: keep-alive
Pramga: no-cache
Last-Modified: Tue, 14 Dec 2021 22:50:32 GMT
Server: nginx/1.2.4
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: text/html;charset=UTF8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Content-Range, Content-Disposition, Content-Description

GET
H2 200 F04F2565-55B5-41B6-8681-F1D27C9E9DFC.ap Show response
rfv.honhon.top/c/ Frame AEA0 10 KB
11 KB 521ms
13ms Script
application/x-javascript 79.133.177.214
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://rfv.honhon.top/c/F04F2565-55B5-41B6-8681-F1D27C9E9DFC.ap
Requested by: Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dblm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.214 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 0a399f98008439d4b02dd287e68568a20be00aabeae20b3baff47b642b4f5aee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:43:55 GMT
via: cache2.l2de2[0,0,200-0,H], cache9.l2de2[0,0], cache9.l2de2[0,0], cache11.de3[0,0,200-0,H], cache2.de3[6,0]
server: Tengine
age: 390
access-control-allow-methods: *
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
x-swift-cachetime: 546
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 14 Dec 2021 22:44:53 GMT
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 10708
eagleid: 4f85b19616395222297525769e
ali-swift-global-savetime: 1639521839

GET
H2 200 sss.gif
mgsc.me/tuplic/ Frame C8F6 572 KB
573 KB 291ms
33ms Image
image/gif 2606:4700:3033::ac43:b9c8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mgsc.me/tuplic/sss.gif
Requested by: Host: semimiyy.com
URL: https://semimiyy.com/ads/3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b9c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7db560f3d1657f5e6ca8e6ce513ddd6db9f18a4c02b5e3c3ff2d6c27fe0d58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1976873
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 585790
last-modified: Mon, 12 Jul 2021 15:46:43 GMT
server: cloudflare
etag: "60ec63e3-8f03e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ka8sdfluOI2nZhQ6aLjdSAeM7aDeSwGM%2BW5EH%2Fes4G5VUdIU2AZdOwS0zoW4SLwk%2FyjSjyd7MYKTd2zHriLEl%2FdB7%2BF87oICqoMwI3QhdIGFvudQvdNQZ8loE8NcMLDUTZ0VY8g2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bdafdce8dd37028-FRA
expires: Wed, 22 Dec 2021 01:42:36 GMT

GET xiuxiu.gif
www.9923tv.com/Template/jjy/images/ Frame C8F6 0
0

GET
H2 200 c3634351d9e737ae68bc62abfb31655d.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 87 KB
88 KB 116ms
115ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/c3634351d9e737ae68bc62abfb31655d.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f99f92bee0388ac99a950f364db123c708e559ec77b3904f8747a62b92274e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:21:08 GMT
server: cloudflare
age: 16040
etag: "61b8e094-15da0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:23:09 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdccd8fd693d-FRA
content-length: 89504
cf-bgj: h2pri

GET
H2 200 be7509e43e51682bbc574be729971cd1.jpg
ddcdn.comtucdncom.com/upload/vod/20211215-1/ Frame C8F6 74 KB
74 KB 109ms
108ms Image
image/jpeg 2606:4700:10::6816:56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ddcdn.comtucdncom.com/upload/vod/20211215-1/be7509e43e51682bbc574be729971cd1.jpg
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ff2442e5e433d7c141d80fc22c736511245c9653b2ae7f961dffc30ca5a832e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
last-modified: Tue, 14 Dec 2021 18:21:08 GMT
server: cloudflare
age: 16036
etag: "61b8e094-12611"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Thu, 13 Jan 2022 18:23:13 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6bdafdccd8fe693d-FRA
content-length: 75281
cf-bgj: h2pri

GET
H2 200 xt12.gif
tnlapp.com/static/images/ Frame C8F6 732 KB
734 KB 155ms
13ms Image
image/gif 2606:4700:3030::ac43:a2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt12.gif
Requested by: Host: semimiyy.com
URL: https://semimiyy.com/ads/4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 734409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 749706
last-modified: Mon, 07 Jun 2021 05:47:54 GMT
server: cloudflare
etag: "60bdb30a-b708a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WT%2BR85M4e5cMpgBTgqqVVKY2AuEMGjx%2B2Kz79dVSGJdFpC9yPTV3e9sXgBlNvEHwn9TrJ5ejijOpQvKK%2FVhlMi%2B5nxumwRGbZy2R4XVHcmk5Yo6dSDkjzmI6E4gOd2OdInj7xXxsWu4q"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bdafdcdba6c4ac3-FRA
expires: Wed, 05 Jan 2022 10:50:20 GMT

GET
H2 200 xt10.gif
tnlapp.com/static/images/ Frame C8F6 609 KB
610 KB 163ms
21ms Image
image/gif 2606:4700:3030::ac43:a2ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tnlapp.com/static/images/xt10.gif
Requested by: Host: semimiyy.com
URL: https://semimiyy.com/ads/4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:a2ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 734409
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 623748
last-modified: Mon, 07 Jun 2021 05:47:53 GMT
server: cloudflare
etag: "60bdb309-98484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmivIYI%2BfMRhRgt5HASf1%2BKuBjL3p6xPZnwNAn%2FKX1MOMbZANGc81fNwaJ%2FFHvwhAY%2BD1Iwkhw2oD47Ghai2fk2NtflpYlgXC00Ac3Z9KfaV3oT%2FpeWc5fG253deWn%2BgRQd6vlZzeOao"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6bdafdcdba6d4ac3-FRA
expires: Wed, 05 Jan 2022 10:50:20 GMT

GET
H/1.1

403
Forbidden

8ec31e0c1461752ce1f88b1e2546db57330c294ce586f390ef321e5d1f0e5abf518ae1c4b23219bf10783839fd83bef60bea289cf4e79835827f1a563968498f
cqc-download.ftn.qq.com/ftn_handler/ Frame C8F6
Redirect Chain

https://wx.mail.qq.com/webnote/viewfile?fileid=ZF0017_ysPN0iWMxqsuctwAAvIxYb2&notekey=PSgXrwkA5BvNraUyd8IF9xBvkIpXMT5QnK4mfTpySJg&name=520%E4%B8%8A.gif
https://cqc-download.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57330c294ce586f390ef321e5d1f0e5abf518ae1c4b23219bf10783839fd83bef60bea289cf4e79835827f1a563968498f?compressed=0&dtype=1&fna...

16 B
16 B

1498ms
326ms

Image
text/octet

2402:4e00:1a04:100:0:9458:4c2d:fe01
CNNIC-TENCENT-NET...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cqc-download.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57330c294ce586f390ef321e5d1f0e5abf518ae1c4b23219bf10783839fd83bef60bea289cf4e79835827f1a563968498f?compressed=0&dtype=1&fname=520%E4%B8%8A.gif
Requested by: Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/
Protocol: HTTP/1.1
Server: 2402:4e00:1a04:100:0:9458:4c2d:fe01 , China, ASN45090 (CNNIC-TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: NWSs /
Resource Hash: 2a4d7f46e620e630e9430d78e31a96eb9cf9845e235edf3cb2de63219eda821e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

User-ReturnCode: -29215
Date: Tue, 14 Dec 2021 22:50:31 GMT
Server: NWSs
User-ReturnMsg: mcd1
Content-Type: text/octet
ServerIP: 9.215.243.13
X-NWS-LOG-UUID: 34cb8a96-e05d-433d-8ec1-4b0b9b116a2e
Connection: keep-alive
Content-Length: 16

Redirect headers

Location: https://cqc-download.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57330c294ce586f390ef321e5d1f0e5abf518ae1c4b23219bf10783839fd83bef60bea289cf4e79835827f1a563968498f?compressed=0&dtype=1&fname=520%E4%B8%8A.gif
Strict-Transport-Security: max-age=31536000
Connection: keep-alive
Content-Length: 0
Content-Type: ; charset=UTF-8

GET
H/1.1 200
OK 247b3526d8054a04b8128fb837250c04.gif
3332600.com/ Frame C8F6 631 KB
631 KB 1991ms
447ms Image
image/gif 45.61.212.129
AZT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3332600.com/247b3526d8054a04b8128fb837250c04.gif
Requested by: Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dibu.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 45.61.212.129 , United States, ASN53587 (AZT, US),
Reverse DNS
Software: nginx /
Resource Hash: c6fafe28e6b8f4d93be498c49a8c43d61f3c7ea3f7d4ad43f793b5ba9abaf3e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 13:31:18 GMT
Last-Modified: Sun, 24 Oct 2021 10:15:54 GMT
Server: nginx
ETag: "6175325a-9dabe"
X-Cache: HIT from cloud-us2-cdnb-29
Content-Type: image/gif
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 645822

GET
H3 200 960x240-4.x
cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/ Frame C8F6 134 KB
134 KB 121ms
119ms Image
application/octet-stream 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/960x240-4.x

Requested by

Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dibu.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cba518ce5224fa9ee65ae21958af785ab76c339dba2793f9017a806c904cf6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18326
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 137113
x-served-by: cache-fra19153-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"21799-b/a/iPD98IfKwHuu7M7WV4FN78U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6bdafdccebed42ee-FRA

GET
H3 200 960x240-3.x
cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/ Frame C8F6 305 KB
306 KB 127ms
125ms Image
application/octet-stream 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/rose123657/meimei@main/tuyp/960x240-3.x

Requested by

Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dibu.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff155cfd7da51e6984c8749f3cbb2da4146b00ff9d2bb93daa027673fa015ea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:50:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18326
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 312830
x-served-by: cache-fra19178-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"4c5fe-89R7Y++b1Co0plymXq4DJrJbY9E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6bdafdccebf042ee-FRA

GET
H2 200 FC617FA7-E3D9-4EEF-AF11-E78F5FDCD33F.ap Show response
rfv.honhon.top/c/ Frame C8F6 10 KB
10 KB 507ms
16ms Script
application/x-javascript 79.133.177.214
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://rfv.honhon.top/c/FC617FA7-E3D9-4EEF-AF11-E78F5FDCD33F.ap
Requested by: Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dblm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.214 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: cd586202b8632e20ddb6b58d2d46a02a0a14fd0b38ace2a52f6f96b96efedfd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:49:59 GMT
via: cache1.l2de2[475,475,200-0,M], cache10.l2de2[476,0], cache10.l2de2[477,0], cache13.de3[0,0,200-0,H], cache2.de3[6,0]
server: Tengine
age: 26
access-control-allow-methods: *
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
x-swift-cachetime: 600
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 14 Dec 2021 22:50:03 GMT
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 9750
eagleid: 4f85b19616395222297525770e
ali-swift-global-savetime: 1639522203

GET
H2 200 4E3077D9-43CE-41BA-81B1-2D064C967C43.ap Show response
rfv.honhon.top/c/ Frame C8F6 10 KB
10 KB 506ms
17ms Script
application/x-javascript 79.133.177.214
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://rfv.honhon.top/c/4E3077D9-43CE-41BA-81B1-2D064C967C43.ap
Requested by: Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dblm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.214 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: a62105634a7b86b7194c92b3c113cef22fa777a163683378f36494ed67e0397c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:46:21 GMT
via: cache23.l2de2[0,0,200-0,H], cache24.l2de2[1,0], cache24.l2de2[1,0], cache6.de3[0,0,200-0,H], cache2.de3[6,0]
server: Tengine
age: 243
access-control-allow-methods: *
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
x-swift-cachetime: 383
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Tue, 14 Dec 2021 22:50:03 GMT
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 9773
eagleid: 4f85b19616395222297525773e
ali-swift-global-savetime: 1639521986

GET
H2 200 F04F2565-55B5-41B6-8681-F1D27C9E9DFC.ap Show response
rfv.honhon.top/c/ Frame C8F6 10 KB
11 KB 509ms
19ms Script
application/x-javascript 79.133.177.214
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://rfv.honhon.top/c/F04F2565-55B5-41B6-8681-F1D27C9E9DFC.ap
Requested by: Host: www.semimiyy.com
URL: https://www.semimiyy.com/ads/dblm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.214 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 0a399f98008439d4b02dd287e68568a20be00aabeae20b3baff47b642b4f5aee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 22:43:55 GMT
via: cache2.l2de2[0,0,200-0,H], cache22.l2de2[1,0], cache22.l2de2[1,0], cache2.de3[3,4,200-0,M], cache2.de3[9,0]
server: Tengine
age: 390
access-control-allow-methods: *
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
x-swift-cachetime: 210
x-cache: MISS TCP_REFRESH_MISS dirn:13:304239643
x-swift-savetime: Tue, 14 Dec 2021 22:50:29 GMT
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 10708
eagleid: 4f85b19616395222297525774e
ali-swift-global-savetime: 1639521839

GET FC617FA7-E3D9-4EEF-AF11-E78F5FDCD33F
zw.dingyar.top/Report/ Frame C8F6 0
0

GET 4E3077D9-43CE-41BA-81B1-2D064C967C43
az.dingyar.top/Report/ Frame C8F6 0
0

GET F04F2565-55B5-41B6-8681-F1D27C9E9DFC
zd.dingyar.top/Report/ Frame C8F6 0
0

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame AEA0 35 KB
13 KB 1010ms
295ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?9b098147f4eb01428918a1573c056918

Requested by

Host: www.mazaye.com
URL: http://www.mazaye.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

c8e0b7a0a320be66f39c5490111902005b4f090a7303a419af8779669c012f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 14 Dec 2021 22:50:32 GMT
Content-Encoding: gzip
Server: apache
Etag: 1b0dcf930610dd7ea4f1061aebf53c45
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 12934

GET F04F2565-55B5-41B6-8681-F1D27C9E9DFC
zd.dingyar.top/Report/ Frame AEA0 0
0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame AEA0 43 B
299 B 292ms
292ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=437538796&si=9b098147f4eb01428918a1573c056918&su=http%3A%2F%2Fwww.mazaye.com%2F&v=1.2.89&lv=1&sn=33138&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ftt7.haokan856.com%2F&tt=%E8%89%B2%E5%92%AA%E5%92%AA

Requested by

Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Dec 2021 22:50:32 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame AEA0 35 KB
13 KB 671ms
281ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3

Requested by

Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9200b37174b76027b946febd8ca9cf1e50db4926d78d9753e3788123d030c426

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 14 Dec 2021 22:51:00 GMT
Content-Encoding: gzip
Server: apache
Etag: 618020330b4276b6cca5597bbf8c7ce2
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 12934

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ Frame C8F6 35 KB
13 KB 674ms
284ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?3df8be917891033aa229f40ad4fd25e3

Requested by

Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

9200b37174b76027b946febd8ca9cf1e50db4926d78d9753e3788123d030c426

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 14 Dec 2021 22:51:00 GMT
Content-Encoding: gzip
Server: apache
Etag: 618020330b4276b6cca5597bbf8c7ce2
Strict-Transport-Security: max-age=172800
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 12934

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame AEA0 43 B
299 B 282ms
281ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1698837219&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.mazaye.com%2F&v=1.2.89&lv=1&sn=33166&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ftt7.haokan856.com%2F&tt=%E8%89%B2%E5%92%AA%E5%92%AA

Requested by

Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Dec 2021 22:51:01 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ Frame C8F6 43 B
299 B 281ms
281ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&lt=1639522261&rnd=595832676&si=3df8be917891033aa229f40ad4fd25e3&su=http%3A%2F%2Fwww.mazaye.com%2F&v=1.2.89&lv=2&sn=33166&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ftt7.haokan856.com%2F&tt=%E8%89%B2%E5%92%AA%E5%92%AA

Requested by

Host: tt7.haokan856.com
URL: https://tt7.haokan856.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tt7.haokan856.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Dec 2021 22:51:01 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: push.zhanzhang.baidu.com
URL: http://push.zhanzhang.baidu.com/push.js

Domain: js.users.51.la
URL: https://js.users.51.la/21125701.js

Domain: v1.cnzz.com
URL: https://v1.cnzz.com/z_stat.php?id=1279951749&web_id=1279951749

Domain: v1.cnzz.com
URL: https://v1.cnzz.com/z_stat.php?id=1279951749&web_id=1279951749

Domain: www.9923tv.com
URL: https://www.9923tv.com/Template/jjy/images/xiuxiu.gif

Domain: www.9923tv.com
URL: https://www.9923tv.com/Template/jjy/images/xiuxiu.gif

Domain: zw.dingyar.top
URL: https://zw.dingyar.top/Report/FC617FA7-E3D9-4EEF-AF11-E78F5FDCD33F

Domain: az.dingyar.top
URL: https://az.dingyar.top/Report/4E3077D9-43CE-41BA-81B1-2D064C967C43

Domain: zd.dingyar.top
URL: https://zd.dingyar.top/Report/F04F2565-55B5-41B6-8681-F1D27C9E9DFC

Domain: zd.dingyar.top
URL: https://zd.dingyar.top/Report/F04F2565-55B5-41B6-8681-F1D27C9E9DFC

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.mazaye.com/	1970-01-19 23:25:22	Name: Cookies_KL Value: 1
			.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 12A4832687050B3D

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.mazaye.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21125701.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.mazaye.com/tj.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21125701.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://www.9923tv.com/Template/jjy/images/xiuxiu.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://www.9923tv.com/Template/jjy/images/xiuxiu.gif Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://cqc-download.ftn.qq.com/ftn_handler/8ec31e0c1461752ce1f88b1e2546db57330c294ce586f390ef321e5d1f0e5abf518ae1c4b23219bf10783839fd83bef60bea289cf4e79835827f1a563968498f?compressed=0&dtype=1&fname=520%E4%B8%8A.gif Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: http://push.zhanzhang.baidu.com/push.js Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://v1.cnzz.com/z_stat.php?id=1279951749&web_id=1279951749 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://v1.cnzz.com/z_stat.php?id=1279951749&web_id=1279951749 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://zw.dingyar.top/Report/FC617FA7-E3D9-4EEF-AF11-E78F5FDCD33F Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://zd.dingyar.top/Report/F04F2565-55B5-41B6-8681-F1D27C9E9DFC Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://az.dingyar.top/Report/4E3077D9-43CE-41BA-81B1-2D064C967C43 Message: Failed to load resource: net::ERR_CONNECTION_RESET
network	error	URL: https://zd.dingyar.top/Report/F04F2565-55B5-41B6-8681-F1D27C9E9DFC Message: Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1639220631.eswjj.com.cn
3332600.com
8.t-s-s.cn
az.dingyar.top
cdn.jsdelivr.net
cqc-download.ftn.qq.com
ddcdn.comtucdncom.com
hm.baidu.com
img.123456img.com
js.users.51.la
klxkj1.com
mazaye.com
mgsc.me
push.zhanzhang.baidu.com
rfv.honhon.top
sandrarene.com
semimiyy.com
sz.btfs.mail.ftn.qq.com
tnlapp.com
tt7.haokan856.com
v1.cnzz.com
www.9923tv.com
www.mazaye.com
www.semimiyy.com
wx.mail.qq.com
zd.dingyar.top
zw.dingyar.top
az.dingyar.top
js.users.51.la
push.zhanzhang.baidu.com
v1.cnzz.com
www.9923tv.com
zd.dingyar.top
zw.dingyar.top
103.235.46.191
134.172.166.68
154.23.245.118
23.224.177.148
2402:4e00:1620:1300:0:942e:75b8:c214
2402:4e00:1a04:100:0:9458:4c2d:fe01
240d:c040:1:40::13f
2606:4700:10::6816:56
2606:4700:3030::ac43:a2ca
2606:4700:3031::ac43:aa54
2606:4700:3032::6815:4d1b
2606:4700:3033::ac43:b9c8
2606:4700:3035::ac43:c006
2606:4700::6810:5714
45.10.208.58
45.61.212.129
79.133.177.214
8.210.131.106
04cc4c8a2fe964178f4d38f80387efc585b4c79c6f0186ca5b752c98ce90520a
0a399f98008439d4b02dd287e68568a20be00aabeae20b3baff47b642b4f5aee
1c64028fba849ecf81cae46173194457736017f36066493ba9241fc6717bb7ab
1e860ad8a5a82c847f47c02b99b341904377721dc171c3f75cccb78c1e3f39b1
214f66a2a7f41b2fbaec64f5085cc5a92dc8e3572633f49e9d8841cb141b3455
26dbf98712d77980ca0b19c3bcfdc645791386dafa3bda61bff50a1d2f68f360
27e6a3e882e3213659151faa83f3e7deec47cab69dc3ffdb6ec29a73cd95bafe
2a4d7f46e620e630e9430d78e31a96eb9cf9845e235edf3cb2de63219eda821e
2d5eaf6a5ec0aa8af426469fea82fcdeccb371faac96c855c24ac606a305b305
34ee0eb687101822e9be12ac50a00c058c1f1cf39a7d25951e6dc3035ec48fe9
3f823f07057dd241c5837135adf69736382218bbe7f087417e4b92d73c2c37ae
3f99f92bee0388ac99a950f364db123c708e559ec77b3904f8747a62b92274e5
3ff2442e5e433d7c141d80fc22c736511245c9653b2ae7f961dffc30ca5a832e
4227b0b7f3a4b4a4c94e222e2d9de062d72a61e26d1a0b254f055cf321e42405
45933fd2ad7cf875dd322e9ce8eca94c5a8ba58192c9df4c460fe900432ecfe1
470604c0cbf71f9e0c2ac2d209092d21b8a1be44ea6a00efc1d1c1c977f8d6e2
4e3b17818dddf7bfbf5cdfae99500fbb2882ee077e308618804860d0740c5246
5a535d0cd591cad94eda3ff4ad2c618d1c982ec35ccb9142955c448fdd6778a4
6cba518ce5224fa9ee65ae21958af785ab76c339dba2793f9017a806c904cf6f
6e7db560f3d1657f5e6ca8e6ce513ddd6db9f18a4c02b5e3c3ff2d6c27fe0d58
7d25352fe3d33607e2cca46a6544d7084a8eb1ea44dc8db5d868eb0a3ffe231e
9118bb6e423248fede2bcf96263c21c347288ffd40f2f7d84e62f3e6d8f3db63
9200b37174b76027b946febd8ca9cf1e50db4926d78d9753e3788123d030c426
9336c9ede8f741afd9c026738b2c2b548d36d37edec2d263ba4db746623be422
93dd8d69ab20a85546ede524b2b4af86ebb095d91f75869a79bf671f5eac73c7
9f53a536b3a69c7d41e74de8793c15a8abfcfda21c6c4fcb7944d40e617162ab
a62105634a7b86b7194c92b3c113cef22fa777a163683378f36494ed67e0397c
a93a9d72c506c9346499986aa08d700cb1cf90218294a7996a59f4f3bb21869e
a9dfe27cd3c4cfd68f0deb55a593bcac7f77494883c5dc7dbe6f1301e150ab9d
ae28fbc952e06b4fd9e85598349265435d9e0b238ff5e85a78b80cd5c1aa7bf8
b198e38b7f8d08b063eac831341765dae774f56aca6d945bb4c33eee9edb233d
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
ba55a8d3866b0f5d4e5c85526551f2ba958c571b6662ec05d97819dddd8d6633
c2b8bfa45bc61a9badfe746a8c76d4fa75315871d746eaca07f2ac3b0e273a23
c45723dd1e74428516d19cd1a247ea7d69e6efcd3f0afdfcd6566076fb0d58d3
c69dede1cb8b5858a68fb21eff75915cf0d21f7a54da488029b91b5c60b3ad0f
c6fafe28e6b8f4d93be498c49a8c43d61f3c7ea3f7d4ad43f793b5ba9abaf3e1
c708fb51ed8b0b148338c0faabb41025578d2458cccd84151a00b703c743986d
c8e0b7a0a320be66f39c5490111902005b4f090a7303a419af8779669c012f39
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
cd586202b8632e20ddb6b58d2d46a02a0a14fd0b38ace2a52f6f96b96efedfd9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de52f3b1cd50ca77f5fbbfec94fa0d7cd75a60baca278640d3143ad14d6a8745
df4af5a68ba672f049d7a7efd9fdd523d7876dfd50b16b85e048bdf2ee0fbe40
ea0a19f999b329c2bfbf1d2147109c6ddd90ad772d209b86229f0412324b0d47
ec9d23d8d061343ea8f689093d04aa72a96d2c75d5aabfa9614ee9f09b4eb72b
f2ecb012fca090c0467e0775d938fd62a9641d7a5527ba5136091191c5d55c88
fac51feb5988d1666014fa78a870689a907f20606e351e18558da33e1c51dfa7
ff155cfd7da51e6984c8749f3cbb2da4146b00ff9d2bb93daa027673fa015ea1

www.mazaye.com Open in urlscan Pro 134.172.166.68 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

123 Requests

86 %HTTPS

56 %IPv6

20 Domains

27 Subdomains

18 IPs

5 Countries

21740 kBTransfer

22096 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

123 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mazaye.com Open in urlscan Pro
134.172.166.68 Public Scan

Screenshot
Live screenshot

Full Image

123
Requests

86 %
HTTPS

56 %
IPv6

20
Domains

27
Subdomains

18
IPs

5
Countries

21740 kB
Transfer

22096 kB
Size

2
Cookies

123 HTTP transactions
0 data transactions