urlscan.io logo urlscan.io
SecurityTrails logo

pay.crew.icu Open in urlscan Pro
154.12.89.56  Public Scan

Go To Rescan Add Verdict Report
URL: https://pay.crew.icu/
Submission: On November 21 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 9 domains to perform 25 HTTP transactions. The main IP is 154.12.89.56, located in Man Kok, Hong Kong and belongs to HFTCL-AS-AP High Family Technology Co., Limited, HK. The main domain is pay.crew.icu.
TLS certificate: Issued by R3 on November 21st 2023. Valid for: 3 months.
This is the only time pay.crew.icu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 154.12.89.56 142032 (HFTCL-AS-...)
9 2a04:4e42:400... 54113 (FASTLY)
1 2402:4e00:183... 45090 (TENCENT-N...)
1 159.75.83.181 45090 (TENCENT-N...)
2 97.64.23.206 25820 (IT7NET)
1 1 104.21.9.66 13335 (CLOUDFLAR...)
1 172.67.71.131 13335 (CLOUDFLAR...)
2 7 2606:4700:303... 13335 (CLOUDFLAR...)
2 23.199.63.146 20940 (AKAMAI-ASN1)
25 8
4    154.12.89.56 (Man Kok, Hong Kong)

ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK)
pay.crew.icu
9    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2402:4e00:1830:12fc:0:93c1:d63d:efe8 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
q1.qlogo.cn
1    159.75.83.181 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)
apis.jxcxin.cn
2    97.64.23.206 (Los Angeles, United States)

ASN25820 (IT7NET, CA)
PTR: localhost.localdomain
busuanzi.ibruce.info
1    104.21.9.66 (None, )

ASN13335 (CLOUDFLARENET, US)
tenapi.cn
1    172.67.71.131 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cdnjson.com
7    2606:4700:3036::ac43:d163 (United States)

ASN13335 (CLOUDFLARENET, US)
api.i-meto.com
2    23.199.63.146 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-199-63-146.deploy.static.akamaitechnologies.com
y.gtimg.cn
Apex Domain
Subdomains		 Transfer
9 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
113 KB
7 i-meto.com
api.i-meto.com
8 KB
4 crew.icu
pay.crew.icu
3 KB
2 gtimg.cn
y.gtimg.cn — Cisco Umbrella Rank: 34664
27 KB
2 ibruce.info
busuanzi.ibruce.info — Cisco Umbrella Rank: 421409
2 KB
1 cdnjson.com
cdn.cdnjson.com
1 MB
1 tenapi.cn
tenapi.cn
485 B
1 jxcxin.cn
apis.jxcxin.cn
27 KB
1 qlogo.cn
q1.qlogo.cn — Cisco Umbrella Rank: 148829
3 KB
25 9
Domain Requested by
9 cdn.jsdelivr.net pay.crew.icu
cdn.jsdelivr.net
7 api.i-meto.com 2 redirects cdn.jsdelivr.net
pay.crew.icu
4 pay.crew.icu pay.crew.icu
2 y.gtimg.cn pay.crew.icu
2 busuanzi.ibruce.info pay.crew.icu
busuanzi.ibruce.info
1 cdn.cdnjson.com pay.crew.icu
1 tenapi.cn 1 redirects
1 apis.jxcxin.cn pay.crew.icu
1 q1.qlogo.cn pay.crew.icu
25 9

This site contains links to these domains. Also see Links.

Domain
tenapi.cn
beian.miit.gov.cn
Subject Issuer Validity Valid
pay.crew.icu
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
*.qpic.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2023-04-12 -
2024-05-13		 a year crt.sh
*.jxcxin.cn
R3		 2023-09-29 -
2023-12-28		 3 months crt.sh
busuanzi.ibruce.info
R3		 2023-10-15 -
2024-01-13		 3 months crt.sh
i-meto.com
E1		 2023-10-27 -
2024-01-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://pay.crew.icu/
Frame ID: 803F8F527D4E8E3FDF9FB3A2F37967AF
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

网站名称 - 优雅而个性的个人主页!

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

25
Requests

88 %
HTTPS

33 %
IPv6

9
Domains

9
Subdomains

8
IPs

4
Countries

1393 kB
Transfer

1505 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://tenapi.cn/v2/acg HTTP 302
  • https://cdn.cdnjson.com/tvax3.sinaimg.cn/large/006ZFECEgy1fr1x6ibxycj31hc0u04qp.jpg
Request Chain 18
  • https://api.i-meto.com/meting/api?server=tencent&type=pic&id=00274vQL16r9Tf&auth=1d77e02f2ea411218e1236b4cf0d78659c21f821 HTTP 302
  • https://y.gtimg.cn/music/photo_new/T002R300x300M00000274vQL16r9Tf.jpg?max_age=2592000
Request Chain 21
  • https://api.i-meto.com/meting/api?server=tencent&type=pic&id=0013014T2al3sN&auth=ac9868440d2ec124680a2f4fab43688331d46f9e HTTP 302
  • https://y.gtimg.cn/music/photo_new/T002R300x300M0000013014T2al3sN.jpg?max_age=2592000

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay.crew.icu/ 		13 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.12.89.56 Man Kok, Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
3215c2d75bdea6d07e3e500a1e0421de2a8ef478bc184a7205793575eeeed5df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 21 Nov 2023 18:43:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
ins.css
pay.crew.icu/static/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.crew.icu/static/css/ins.css
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.12.89.56 Man Kok, Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:43:28 GMT
server
nginx
content-length
548
content-type
text/html
layui.css
pay.crew.icu/static/layui/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pay.crew.icu/static/layui/css/layui.css
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.12.89.56 Man Kok, Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:43:28 GMT
server
nginx
content-length
548
content-type
text/html
font-awesome.min.css
cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 21 Nov 2023 18:43:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
3090459
x-jsd-version
4.7.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
7114
x-served-by
cache-fra-etou8220080-FRA, cache-nyc-kteb1890032-NYC
x-jsd-version-type
version
etag
W/"7918-USx9eQM+MCipvmG1QM8aaHDIlvg"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.fancybox.css
cdn.jsdelivr.net/npm/jquery.fancybox@2.1.5/source/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery.fancybox@2.1.5/source/jquery.fancybox.css
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
33675f4a8b0e98d8cac9af2b3cd9374abd17070a24de91ee5c4035754c9127f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 21 Nov 2023 18:43:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
2477799
x-jsd-version
2.1.5
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1517
x-served-by
cache-fra-etou8220020-FRA, cache-nyc-kteb1890032-NYC
x-jsd-version-type
version
etag
W/"134b-Z+TzzuGmcL1pBfEarFz8EN4Vnms"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
typed.js@2.0.11
cdn.jsdelivr.net/npm/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/typed.js@2.0.11
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
49b8cd37d709cd17dda686bcd9ba97282e6e320fa8a9b5af540ccf96e6c274d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 21 Nov 2023 18:43:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
18198759
x-jsd-version
2.0.11
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3735
x-served-by
cache-fra-eddf8230034-FRA, cache-nyc-kteb1890032-NYC
x-jsd-version-type
version
etag
W/"2de5-rYp1vUdDEitdv1FyIVBmB1iOxQs"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
g
q1.qlogo.cn/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q1.qlogo.cn/g?b=qq&nk=572945050&s=100
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2402:4e00:1830:12fc:0:93c1:d63d:efe8 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
NWSs /
Resource Hash
20a0fae6f3d37d008ad36f5747423b136e04c40c1ac41caec8a612a201ec622f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

X-DataSrc
0
Date
Tue, 21 Nov 2023 18:43:29 GMT
Size
3000
Connection
keep-alive
Content-Length
3000
X-Info
real data
X-ReqGue
0
User-ReturnCode
0
fid
0
Last-Modified
Tue, 24 Oct 2023 12:40:14 GMT
Server
NWSs
X-Cpt
filename=0
Vary
Accept,Origin
Content-Type
image/jpeg
X-Delay
12960 us
chid
0
Cache-Control
max-age=2592000
X-BCheck
1698122414_0
X-NWS-LOG-UUID
ce7092a7-354e-41c8-9b16-3775f1b62852
ip
apis.jxcxin.cn/api/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://apis.jxcxin.cn/api/ip?title=%E9%81%87%E6%9E%A7%E7%AC%94%E8%AE%B0
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.75.83.181 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software
nginx /
Resource Hash
f0f7e0398717219db0db740a8c601fb408d3b567d6056a56d085549e15d47835
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/JPEG
pragma
no-cache
date
Tue, 21 Nov 2023 18:43:30 GMT
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000
server
nginx
expires
Thu, 19 Nov 1981 08:52:00 GMT
busuanzi.pure.mini.js
busuanzi.ibruce.info/busuanzi/2.3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
97.64.23.206 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
localhost.localdomain
Software
nginx/1.14.1 /
Resource Hash
0471fe90ad450f642e15aa79134b7bb6a2b2fd7e88349948fbe60747062ab25e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:43:29 GMT
last-modified
Mon, 23 Nov 2020 05:39:59 GMT
server
nginx/1.14.1
accept-ranges
bytes
etag
"5fbb4b2f-793"
content-length
1939
content-type
application/javascript
lazysizes.min.js
cdn.jsdelivr.net/npm/lazysizes@5.2.0/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lazysizes@5.2.0/lazysizes.min.js
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 21 Nov 2023 18:43:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
2401642
x-jsd-version
5.2.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3563
x-served-by
cache-fra-eddf8230128-FRA, cache-nyc-kteb1890032-NYC
x-jsd-version-type
version
etag
W/"1c43-uNTZy/60iNL9YQBP7LrKXd9a6TI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
APlayer.min.css
cdn.jsdelivr.net/npm/aplayer/dist/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/aplayer/dist/APlayer.min.css
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
baa4101a70dc9912af84ac1ce559b85d3d46436a15eadd54d0d47637db55f814
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 21 Nov 2023 18:43:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
31146
x-jsd-version
1.10.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2717
x-served-by
cache-fra-etou8220028-FRA, cache-nyc-kteb1890032-NYC
x-jsd-version-type
version
etag
W/"30f0-BzcqK6UHOI0P7RZtdhscLCplnc4"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
APlayer.min.js
cdn.jsdelivr.net/npm/aplayer/dist/ 		58 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/aplayer/dist/APlayer.min.js
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e98ec22436a5b6878d824f997ed8020fd8cb8261afe31294a3c9d0d07800c15a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 21 Nov 2023 18:43:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
19056
x-jsd-version
1.10.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
14538
x-served-by
cache-fra-eddf8230026-FRA, cache-nyc-kteb1890032-NYC
x-jsd-version-type
version
etag
W/"e7bd-Isqij/a0Ghb/QPFdOPFzniI1lHg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
Meting.min.js
cdn.jsdelivr.net/npm/meting@2/dist/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/meting@2/dist/Meting.min.js
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
94e50ffa5f6a2db31368260a2cd74beac05917ef0966b1715e65eb55bcd2823d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 21 Nov 2023 18:43:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
41749
x-jsd-version
2.0.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1488
x-served-by
cache-fra-eddf8230041-FRA, cache-nyc-kteb1890032-NYC
x-jsd-version-type
version
etag
W/"d90-8rPSC4vWTM0DHGRijysTIweK4yQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
maodian.js
cdn.jsdelivr.net/gh/TRHX/CDN-for-itrhx.com@3.0.8/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/TRHX/CDN-for-itrhx.com@3.0.8/js/maodian.js
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a2ae6c04013f654fb8f1fefed8da7e9af0a3515fff95e7d616c7134916ab1b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 21 Nov 2023 18:43:28 GMT
x-content-type-options
nosniff
content-encoding
br
age
2367593
x-jsd-version
3.0.8
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1372
x-served-by
cache-fra-etou8220052-FRA, cache-nyc-kteb1890032-NYC
x-jsd-version-type
version
etag
W/"12b3-eM5DgQ4sriA09rdULAemjJA8s+Q"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
layui.js
pay.crew.icu/static/layui/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.crew.icu/static/layui/layui.js
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.12.89.56 Man Kok, Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:43:28 GMT
server
nginx
content-length
548
content-type
text/html
006ZFECEgy1fr1x6ibxycj31hc0u04qp.jpg
cdn.cdnjson.com/tvax3.sinaimg.cn/large/
Redirect Chain
  • https://tenapi.cn/v2/acg
  • https://cdn.cdnjson.com/tvax3.sinaimg.cn/large/006ZFECEgy1fr1x6ibxycj31hc0u04qp.jpg
1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cdnjson.com/tvax3.sinaimg.cn/large/006ZFECEgy1fr1x6ibxycj31hc0u04qp.jpg
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Server
172.67.71.131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf39d7f8f03f3d76f0d80277ad8791dc9f36ca067dcac1dca4fe4c70415bdf83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:43:29 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
last-modified
Tue, 21 Nov 2023 12:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYccuRABmNdiKZcWKYgndNF3ddvUJcPeVU9krI5nF4Nf%2BK776muvIHXKcc%2Bb3p0JZg4FyRs0pQTFm%2F0wq6QuzQqsOuNylMs3cAcK411xS1d%2FSnrQwuD%2FHDI%2BfZKIEpXo9P4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=28800
cf-ray
829b141b6d4ba244-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 21 Nov 2023 18:43:28 GMT
strict-transport-security
max-age=31536000
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXmofRI0KR%2F3dMtVl6dVF%2F2RFkzuGOOrhV1jRL6pIUKrBBMY80dTSWV%2FDpx1Hx%2FO9Nfx6AMCdcjZhWm6KsULtBOZLaZs4eYbHuBVFilpvB3GQgqH0LR3QzxMwhU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
location
https://cdn.cdnjson.com/tvax3.sinaimg.cn/large/006ZFECEgy1fr1x6ibxycj31hc0u04qp.jpg
access-control-allow-origin
*
cf-ray
829b14170b2ca1f0-YYZ
alt-svc
h3=":443"; ma=86400
fontawesome-webfont.woff2
cdn.jsdelivr.net/npm/font-awesome@4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/font-awesome@4.7.0/css/font-awesome.min.css
Origin
https://pay.crew.icu
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 21 Nov 2023 18:43:28 GMT
x-content-type-options
nosniff
age
564525
x-jsd-version
4.7.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
77160
x-served-by
cache-fra-eddf8230109-FRA, cache-nyc-kteb1890044-NYC
x-jsd-version-type
version
etag
W/"12d68-1vSMun0Hb7by/Wupk6dbncHsvww"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
api
api.i-meto.com/meting/ 		18 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.i-meto.com/meting/api?server=tencent&type=playlist&id=7763486142&r=0.4560325762540651
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/meting@2/dist/Meting.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d794a6f948725be54015fdd23f08b3e377a5fef6b21f25e64657d1640beabb55
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:43:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QckNQeUyqhRGkKLsy5Mw9XXn1EVUZtcY7Ub3FyU%2BsSECoQpjf%2BJnlu%2FAJT1td%2F8Zhuuez2fSNFamrLRNCcRjtfoE51JAktIDVX145%2FnUONGGFEJskNZgkZamNX7et5xqXZw%2BVQD21uoGuCfNAg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cache
miss
access-control-allow-origin
https://pay.crew.icu
content-type
application/json; charset=utf-8
cf-ray
829b14167acd4bcc-BUF
alt-svc
h3=":443"; ma=86400
busuanzi
busuanzi.ibruce.info/ 		97 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://busuanzi.ibruce.info/busuanzi?jsonpCallback=BusuanziCallback_61587153934
Requested by
Host: busuanzi.ibruce.info
URL: https://busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
97.64.23.206 Los Angeles, United States, ASN25820 (IT7NET, CA),
Reverse DNS
localhost.localdomain
Software
nginx/1.14.1 /
Resource Hash
b6039549bbcd29a6ae187db474ef0ccbb1f093cae480cb14dabc4b49e026b929

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:43:29 GMT
server
nginx/1.14.1
content-length
97
content-type
application/json
T002R300x300M00000274vQL16r9Tf.jpg
y.gtimg.cn/music/photo_new/
Redirect Chain
  • https://api.i-meto.com/meting/api?server=tencent&type=pic&id=00274vQL16r9Tf&auth=1d77e02f2ea411218e1236b4cf0d78659c21f821
  • https://y.gtimg.cn/music/photo_new/T002R300x300M00000274vQL16r9Tf.jpg?max_age=2592000
15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.gtimg.cn/music/photo_new/T002R300x300M00000274vQL16r9Tf.jpg?max_age=2592000
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H2
Server
23.199.63.146 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-199-63-146.deploy.static.akamaitechnologies.com
Software
tws /
Resource Hash
1dc0bdb150d6f2ee35bee91776a67541a6a74ace14da881a5ad3430d204f078b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-datasrc
1
date
Tue, 21 Nov 2023 18:43:30 GMT
size
15678
content-length
15678
x-info
real data
x-reqgue
0
user-returncode
0
fid
0
last-modified
Thu, 10 Aug 2023 21:06:06 GMT
server
tws
x-cpt
filename=0
content-type
image/webp
x-delay
2381 us
chid
0
cache-control
max-age=2560837
x-bcheck
0_1

Redirect headers

date
Tue, 21 Nov 2023 18:43:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2jB%2F4hFdGk0cZezYnV9XtCytVwqtG55b3qxVbMgs4Encw8gYuLB7UHJ4spnDwmjiWPVbEzdWxK6f8j4tZJWcsC0Bpf5zJpHFXsSI7BA1%2FVpO4MkXF15RHpcx12P4o2ol20aZ6WRodGMxUyd9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cache
miss
location
https://y.gtimg.cn/music/photo_new/T002R300x300M00000274vQL16r9Tf.jpg?max_age=2592000
content-type
text/html; charset=utf-8
cf-ray
829b141c8f524bcf-BUF
alt-svc
h3=":443"; ma=86400
api
api.i-meto.com/meting/ 		61 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.i-meto.com/meting/api?server=tencent&type=lrc&id=004K6Dxh1xHCue&auth=8b0363f23e070d310224ebfdfa4d8186fb433e50
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/aplayer/dist/APlayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:d163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1602218289bfdfd1fe1ddcd6582eb8313bffc88dbafb005945e5fd157d6c515
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:43:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpbNWUV%2B7HkTgFDoIoBb0FowIC0vPikpCO0SnjUXBRK77GOYdeC%2FDPHCs4OCaR3MmaPd20UA%2FdU%2FCVt35J4sNrhZwc8f93Ks836Bmu5pQBudvH60z7HMivheL6sRtN5gy0zOCITekWVE%2FdzHXA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cache
miss
access-control-allow-origin
https://pay.crew.icu
content-type
text/plain; charset=utf-8
cf-ray
829b141c3b8b4bcc-BUF
alt-svc
h3=":443"; ma=86400
api
api.i-meto.com/meting/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://api.i-meto.com/meting/api?server=tencent&type=url&id=004K6Dxh1xHCue&auth=88acf3c7121c99f5df12c62552b6c407b111d6f6
Requested by
Host: pay.crew.icu
URL: https://pay.crew.icu/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:d163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pay.crew.icu/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers
T002R300x300M0000013014T2al3sN.jpg
y.gtimg.cn/music/photo_new/
Redirect Chain
  • https://api.i-meto.com/meting/api?server=tencent&type=pic&id=0013014T2al3sN&auth=ac9868440d2ec124680a2f4fab43688331d46f9e
  • https://y.gtimg.cn/music/photo_new/T002R300x300M0000013014T2al3sN.jpg?max_age=2592000
11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.gtimg.cn/music/photo_new/T002R300x300M0000013014T2al3sN.jpg?max_age=2592000
Protocol
H2
Server
23.199.63.146 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-199-63-146.deploy.static.akamaitechnologies.com
Software
tws /
Resource Hash
17ebacbc8cb3e58398f8e4c624697b69ccaa7ae7caab125cffe2d9e49926be8b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-datasrc
1
date
Tue, 21 Nov 2023 18:43:32 GMT
size
11728
content-length
11728
x-info
real data
x-reqgue
0
user-returncode
0
fid
0
last-modified
Wed, 04 Oct 2023 14:56:01 GMT
server
tws
x-cpt
filename=0
content-type
image/webp
x-delay
1044 us
chid
0
cache-control
max-age=2560912
x-bcheck
0_1

Redirect headers

date
Tue, 21 Nov 2023 18:43:32 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6HqsmGoiYMUpvQH5qGDl3Al%2BqiqIk41iyA%2FpOpXfCpiY6d26G1xxx4Aqt4JS0eF9hT%2Fx7yOczDY7rYW3owTaYdjj62EVB1oavH9bWP1TLVGT6dozS08kR%2BwIpupum%2BLcBmY7aByxqHk0i6%2BFw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cache
miss
location
https://y.gtimg.cn/music/photo_new/T002R300x300M0000013014T2al3sN.jpg?max_age=2592000
content-type
text/html; charset=utf-8
cf-ray
829b142ebfe64bcf-BUF
alt-svc
h3=":443"; ma=86400
api
api.i-meto.com/meting/ 		61 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.i-meto.com/meting/api?server=tencent&type=lrc&id=003c3jNL0Uz9iO&auth=3958a71bc1ae888ad08535a3726b847d62025af5
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/aplayer/dist/APlayer.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:d163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1602218289bfdfd1fe1ddcd6582eb8313bffc88dbafb005945e5fd157d6c515
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pay.crew.icu/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 18:43:33 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kacBtD4dlMYKy9zEEDT5yF%2BJpquUWJUs7O4PsR8xKS%2FrluCFYIzUUXFdo6O%2F3e9WXHa%2B9RoVyE8SR6MosnEbrCDaK1tgXdcn%2FU3K5w9YKkt7jciyste%2FdsPW2jzSbUJVUoYTr%2F40QK8UoT81g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-cache
miss
access-control-allow-origin
https://pay.crew.icu
content-type
text/plain; charset=utf-8
cf-ray
829b142ecc064bcd-BUF
alt-svc
h3=":443"; ma=86400
api
api.i-meto.com/meting/ 		0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://api.i-meto.com/meting/api?server=tencent&type=url&id=003c3jNL0Uz9iO&auth=0927486d950fd1ba8b0ef198ed93e679e4f175da
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:d163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pay.crew.icu/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range
bytes=0-

Response headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| Typed object| typed function| setImmediate function| clearImmediate function| APlayer function| _objectSpread function| _defineProperty function| MetingJSElement object| lazySizes object| bszCaller object| bszTag function| ready function| BusuanziCallback_61587153934 object| scriptTag

2 Cookies

Domain/Path Name / Value
pay.crew.icu/ Name: PHPSESSID
Value: q6hesl124gibb2m2d9nm0ja1pm
.busuanzi.ibruce.info/ Name: busuanziId
Value: B26A4BD47AE348A4B08959814F7CED90

5 Console Messages

Source Level URL
Text
network error URL: https://pay.crew.icu/static/css/ins.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pay.crew.icu/static/layui/css/layui.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://pay.crew.icu/static/layui/layui.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.i-meto.com/meting/api?server=tencent&type=url&id=004K6Dxh1xHCue&auth=88acf3c7121c99f5df12c62552b6c407b111d6f6
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.i-meto.com/meting/api?server=tencent&type=url&id=003c3jNL0Uz9iO&auth=0927486d950fd1ba8b0ef198ed93e679e4f175da
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.i-meto.com
apis.jxcxin.cn
busuanzi.ibruce.info
cdn.cdnjson.com
cdn.jsdelivr.net
pay.crew.icu
q1.qlogo.cn
tenapi.cn
y.gtimg.cn
104.21.9.66
154.12.89.56
159.75.83.181
172.67.71.131
23.199.63.146
2402:4e00:1830:12fc:0:93c1:d63d:efe8
2606:4700:3036::ac43:d163
2a04:4e42:400::485
97.64.23.206
0471fe90ad450f642e15aa79134b7bb6a2b2fd7e88349948fbe60747062ab25e
17ebacbc8cb3e58398f8e4c624697b69ccaa7ae7caab125cffe2d9e49926be8b
1dc0bdb150d6f2ee35bee91776a67541a6a74ace14da881a5ad3430d204f078b
20a0fae6f3d37d008ad36f5747423b136e04c40c1ac41caec8a612a201ec622f
2a2ae6c04013f654fb8f1fefed8da7e9af0a3515fff95e7d616c7134916ab1b7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3215c2d75bdea6d07e3e500a1e0421de2a8ef478bc184a7205793575eeeed5df
33675f4a8b0e98d8cac9af2b3cd9374abd17070a24de91ee5c4035754c9127f5
49b8cd37d709cd17dda686bcd9ba97282e6e320fa8a9b5af540ccf96e6c274d7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
94e50ffa5f6a2db31368260a2cd74beac05917ef0966b1715e65eb55bcd2823d
a1602218289bfdfd1fe1ddcd6582eb8313bffc88dbafb005945e5fd157d6c515
b6039549bbcd29a6ae187db474ef0ccbb1f093cae480cb14dabc4b49e026b929
baa4101a70dc9912af84ac1ce559b85d3d46436a15eadd54d0d47637db55f814
bf39d7f8f03f3d76f0d80277ad8791dc9f36ca067dcac1dca4fe4c70415bdf83
d794a6f948725be54015fdd23f08b3e377a5fef6b21f25e64657d1640beabb55
e98ec22436a5b6878d824f997ed8020fd8cb8261afe31294a3c9d0d07800c15a
f0f7e0398717219db0db740a8c601fb408d3b567d6056a56d085549e15d47835