ewmw8dt.skin Open in urlscan Pro
16.162.77.119 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ewmw8dt.skin/
Submission: On August 14 via api (August 14th 2024, 2:38:54 am UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 89 HTTP transactions. The main IP is 16.162.77.119, located in Hong Kong and belongs to AMAZON-02, US. The main domain is ewmw8dt.skin.
TLS certificate: Issued by Amazon RSA 2048 M03 on May 28th 2024. Valid for: a year.

This is the only time ewmw8dt.skin was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	16.162.77.119 16.162.77.119	16509 (AMAZON-02) (AMAZON-02)
30	240e:978:902:... 240e:978:902:4000::c0	137697 (CHINATELE...) (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province)
13	172.67.186.224 172.67.186.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	39.156.66.111 39.156.66.111	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
2	14.215.182.140 14.215.182.140	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
19	240e:946:6004... 240e:946:6004:13::6e	58540 (CHINATELE...) (CHINATELECOM-SHANDONG-JINAN-IDC Jinan)
4	172.67.181.92 172.67.181.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.145.181 172.67.145.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	172.67.184.12 172.67.184.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
89	10

7 16.162.77.119 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com

ewmw8dt.skin	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 240e:978:902:4000::c0 (China)

ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN)

otc.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otc0.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.67.186.224 (United States)

ASN13335 (CLOUDFLARENET, US)

img.ptallenvery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 39.156.66.111 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

libs.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.215.182.140 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 240e:946:6004:13::6e (China)

ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN)

otc1.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otc2.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otc5.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.181.92 (United States)

ASN13335 (CLOUDFLARENET, US)

video-hk.664460.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.145.181 (United States)

ASN13335 (CLOUDFLARENET, US)

res.tpxiaoshimei.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.184.12 (United States)

ASN13335 (CLOUDFLARENET, US)

res.bjhav.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	bjhav.cn otc.bjhav.cn otc0.bjhav.cn otc1.bjhav.cn otc2.bjhav.cn otc5.bjhav.cn res.bjhav.cn otc4.bjhav.cn Failed	295 KB
13	ptallenvery.com img.ptallenvery.com	1 MB
7	ewmw8dt.skin ewmw8dt.skin	85 KB
4	664460.com video-hk.664460.com	504 KB
3	baidu.com libs.baidu.com — Cisco Umbrella Rank: 134886 hm.baidu.com — Cisco Umbrella Rank: 8226	45 KB
1	tpxiaoshimei.com img.tpxiaoshimei.com Failed res.tpxiaoshimei.com	2 KB
0	ctizh.com Failed gwbd-tk.ctizh.com Failed
89	7

	Domain	Requested by
18	otc.bjhav.cn	ewmw8dt.skin otc.bjhav.cn
13	img.ptallenvery.com	ewmw8dt.skin
12	otc0.bjhav.cn	otc.bjhav.cn
7	otc1.bjhav.cn	otc.bjhav.cn ewmw8dt.skin
7	ewmw8dt.skin	ewmw8dt.skin
6	otc5.bjhav.cn	otc.bjhav.cn
6	otc2.bjhav.cn	otc.bjhav.cn
5	res.bjhav.cn	ewmw8dt.skin
4	video-hk.664460.com	ewmw8dt.skin
2	hm.baidu.com	ewmw8dt.skin
1	res.tpxiaoshimei.com	ewmw8dt.skin
1	libs.baidu.com	ewmw8dt.skin
0	otc4.bjhav.cn Failed	ewmw8dt.skin
0	gwbd-tk.ctizh.com Failed	ewmw8dt.skin
0	img.tpxiaoshimei.com Failed	img.ptallenvery.com
89	15

This site contains no links.

Subject Issuer	Validity	Valid
*.7jm7j75e8o.shop Amazon RSA 2048 M03	`2024-05-28` - `2025-06-26`	a year	crt.sh
otc.bjhav.cn TrustAsia RSA DV TLS CA G2	`2024-06-26` - `2024-09-24`	3 months	crt.sh
ptallenvery.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
otc0.bjhav.cn R11	`2024-06-30` - `2024-09-28`	3 months	crt.sh
664460.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
tpxiaoshimei.com WE1	`2024-07-13` - `2024-10-11`	3 months	crt.sh
bjhav.cn WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://ewmw8dt.skin/
Frame ID: AE5F7B732EFB25E277402A627D71EC1E
Requests: 31 HTTP requests in this frame

Frame: https://ewmw8dt.skin/1.html
Frame ID: FED2CBB63861D2C8D536A76056B6861D
Requests: 10 HTTP requests in this frame

Frame: https://ewmw8dt.skin/2.html
Frame ID: 0C84F2E490EEE374111E1AB3F09DDBC9
Requests: 15 HTTP requests in this frame

Frame: https://ewmw8dt.skin/3.html
Frame ID: CBBAFBFB85701C35A1FB5D36EEE2AF18
Requests: 11 HTTP requests in this frame

Frame: https://ewmw8dt.skin/4.html
Frame ID: C0810E219D669C9E13203DC8436F8BA0
Requests: 11 HTTP requests in this frame

Frame: https://ewmw8dt.skin/5.html
Frame ID: 6DF12C3A4AD6A4C1D81F2B78651302CD
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

84 %
HTTPS

22 %
IPv6

7
Domains

15
Subdomains

10
IPs

3
Countries

2406 kB
Transfer

3664 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

89 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ewmw8dt.skin/ 26 KB
5 KB 1540ms
333ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44087d0c011633d8938b5dc49bc991974aa031c29c88e4b7e487170d1b67b835

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html
date: Wed, 14 Aug 2024 02:38:22 GMT
etag: W/"66b4aaf0-676e"
last-modified: Thu, 08 Aug 2024 11:24:32 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 com.js Show response
otc.bjhav.cn/ 993 B
1 KB 1200ms
432ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-000-01jI653 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43997
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H3 200 caitu.css
img.ptallenvery.com/1121666/img/ 2 KB
1 KB 532ms
391ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/1121666/img/caitu.css?13
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:22 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Aug 2024 11:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b74f71-965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FZalr3hSHQphq6R8A9iuLASlUCu58p7vpgSFFw2M6reCvyMe73NfbRvLhM5uLPccGfWkKtyqLGbshorvi%2BOdfnvBYdpkr4skIx%2B%2FzYhAQXvSdq8ar7eX3xjGuKYBy%2FMNJhukEQxU"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b2d917e2e7c9152-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.css
img.ptallenvery.com/196499/css/ 52 KB
7 KB 535ms
394ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/196499/css/style.css
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: deb49fe3e687c180ebb406114ff62912b0667ef8d478edd8743249ff9e350c6e

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:22 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2024 10:33:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66af58ea-d146"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hOYVPv7fU06fNHteE6GsMuq3bkmgD1r2fz%2FtI1tPUfw98jWf7qJoV27POPza15wM1oTdz8%2B2OarDUMfxSAHtmpl8f31IkYrAaATlQDwR3HE7cisz%2BCoEo8QbazWFBSCZzR%2B%2FMxDX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b2d917e2e7e9152-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK jquery.min.js Show response
libs.baidu.com/jquery/1.11.1/ 94 KB
33 KB 1846ms
186ms Script
application/x-javascript 39.156.66.111
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL

https://libs.baidu.com/jquery/1.11.1/jquery.min.js

Requested by

Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

39.156.66.111 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),

Reverse DNS

Software

Apache /

Resource Hash

91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=87600

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 02:38:23 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=87600
Last-Modified: Tue, 08 Jul 2014 03:05:51 GMT
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Fri, 13 Sep 2024 02:38:23 GMT

GET
H2 200 layer.min.js Show response
otc.bjhav.cn/assets/ 3 KB
2 KB 1461ms
694ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/layer.min.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 9aeba8c3b288c850c42a6f2233bbbef39234f1855e7b8ed346b1f9f1ccc70b51

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:32:07 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: policy=overwrite
etag: W/"6677ffc7-bfd"
x-cache-status: HIT
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-44014
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 12 Aug 2024 23:25:57 GMT

GET
H2 200 qqface.js Show response
otc.bjhav.cn/assets/ 4 KB
2 KB 1198ms
431ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/qqface.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 7d3ea645ab82c37a6788f353eb9afc118295ad07749ff61c0e41669b6fec7edb

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:31:37 GMT
content-encoding: gzip
last-modified: Wed, 26 Jun 2024 08:47:33 GMT
server: nginx
age: policy=overwrite
etag: W/"667bd5a5-e73"
x-cache-status: HIT
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43999
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:04 GMT

GET
H2 200 common_am4.js Show response
otc.bjhav.cn/assets/ 28 KB
8 KB 1198ms
432ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/common_am4.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3bebc274d555408140025b328b95203ea791b655b5a0282179588e3cc44ecccc

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:18:09 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2024 06:25:39 GMT
server: nginx
age: policy=overwrite
etag: W/"66ab2a63-7174"
x-cache-status: HIT
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43998
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:06 GMT

GET
H2 200 common.css
otc.bjhav.cn/assets/ 9 KB
3 KB 1198ms
431ms Stylesheet
text/css 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/common.css
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: f68cf3ef03d3a7c1858c58f92c2475be7b7efea477e2cc591502d5ba5996144f

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:11:23 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2024 13:12:33 GMT
server: nginx
age: policy=overwrite
etag: W/"66acdb41-23e8"
x-cache-status: HIT
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43992
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:05 GMT

GET
H2 200 jquery.cookie.js Show response
otc.bjhav.cn/assets/ 2 KB
1 KB 1197ms
431ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/jquery.cookie.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: b20d3c9c8dc843952a44096596d53c5f548a26ad431d144146aa7336fedde27b

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:26:56 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: policy=overwrite
etag: W/"6677ffc8-793"
x-cache-status: HIT
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43993
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:05 GMT

GET
H2 200 hktop4.js Show response
otc.bjhav.cn/assets/ 18 KB
7 KB 1198ms
431ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/hktop4.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: ab8579126982c8512f0793e5dd66a6c6d75a8c4518eed71a102ddca6ee7fd04f

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:09:33 GMT
content-encoding: gzip
last-modified: Thu, 01 Aug 2024 06:25:39 GMT
server: nginx
age: policy=overwrite
etag: W/"66ab2a63-47a8"
x-cache-status: HIT
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43994
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:04 GMT

GET
H2 200 tuku.js Show response
otc.bjhav.cn/hk/ 49 KB
14 KB 1197ms
430ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/hk/tuku.js?3
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 6ca50aaa5964884a2b34d9b669e841eb730bd30acfcda7d5cbde8181822059e1

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:11:32 GMT
content-encoding: gzip
last-modified: Sun, 28 Jul 2024 11:06:58 GMT
server: nginx
age: policy=overwrite
etag: W/"66a62652-c46c"
x-cache-status: HIT
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43995
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 30 Jul 2024 20:21:00 GMT

GET
H2 200 amgg4.js Show response
otc.bjhav.cn/assets/ 30 KB
6 KB 1193ms
431ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/amgg4.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 9ba35a7ccba77bcee2523da129a0cbbf39eed185e08027313910c1e128d2a7ef

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:12:09 GMT
content-encoding: gzip
last-modified: Sun, 04 Aug 2024 08:58:39 GMT
server: nginx
age: policy=overwrite
etag: W/"66af42bf-786c"
x-cache-status: HIT
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43996
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:36:04 GMT

GET
H2 200 comment_v2.js Show response
otc.bjhav.cn/assets/ 38 KB
10 KB 351ms
350ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/comment_v2.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 21916a0094c6d24ac19275015be42cb1945bcc0b230cd46c77f8ca99ae631269

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:12:40 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2024 06:03:30 GMT
server: nginx
age: policy=overwrite
etag: W/"66b9a5b2-9877"
x-cache-status: HIT
x-ws-request-id: 66bc18a1_PS-000-01jI653_16180-44097
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 12 Aug 2024 06:18:16 GMT

GET
H3 200 shengxiao.png
img.ptallenvery.com/149599/ 103 KB
95 KB 857ms
724ms Image
image/png 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/149599/shengxiao.png
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3f8f5ecbc9504399be3d5ab916bbf99183af46acee1d097480eb1deb1a94a62

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:23 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2024 06:54:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b0772a-19cf4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vtl2YNoo3kF12r%2FdRmfU6qKsIGK4e5czRRc%2BvorNqZV3QkqRH9Upbeda1oE01Bs9p3QxJv7LU0oU3hF83I%2F5kp%2BdLluJvHJjAlhWr5dx049ER4NE3RptfJIDIA%2BHacY0N3JIHeP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 8b2d917e2e7a9152-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sscg1.png
img.ptallenvery.com/149599/ 290 KB
285 KB 982ms
848ms Image
image/png 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/149599/sscg1.png
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44d82ed801decf8070c4a8d0efed028ce12cf846464f8af28061533166a7c3b1

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:23 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2024 06:54:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b07728-48666"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gkfvbWsWZyGigQSrImR2nEiqrDx6MMnn5mfZyd%2Fuf37GIlDS8stnBKNdoa6WrgmvktMEyAOD%2BbhNACGRD9CROa26tM5D3DU0c7CchwES%2B5e%2FfTln6LrBqn2DuwIGN31NaWmsFQGl"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
cf-ray: 8b2d917e2e7b9152-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 sx24.jpg
img.ptallenvery.com/9999/img/ 922 KB
904 KB 394ms
393ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/9999/img/sx24.jpg
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baa1b406b581ed4878d2394fa8e539c32f26ce535606ffcd1a3e0342b99c3654

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:23 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2024 05:24:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66af10a2-e67da"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c38gbVQqj9zAfmJEyrKALom0bJS5ImzaaqnAh6sB3n3lAwKtyei92%2FARJULga2ZVZOUPVjEOb2Tl5HetZhN5CpxOsQBRWvIn5QxRmkRBIB4q6KACyRlKDfzjNvD9%2B7JLVh1c39V9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b2d918389399152-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 860ms
345ms Script
application/javascript 14.215.182.140
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?1f87540d152513c2cee36575190ad2c2

Requested by

Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

e2a4f290c5bb2579b37c80b9553e79b562c7444066a443459d0d0089c0814ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Wed, 14 Aug 2024 02:38:25 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 4951ed5e43ec7b119339d761ae66602d
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11295

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ 8 KB
4 KB 1121ms
349ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 14 Aug 2024 02:12:30 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1554
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-000-01xAT49_8086-53990
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01xAT49 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sat, 10 Aug 2024 00:04:06 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ 6 KB
3 KB 1130ms
358ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 14 Aug 2024 02:35:57 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 147
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8336-52176
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ 2 KB
1 KB 1279ms
370ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 14 Aug 2024 02:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 314
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8195-63833
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ 94 KB
37 KB 1266ms
360ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 14 Aug 2024 02:20:55 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1049
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8387-29985
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js
otc0.bjhav.cn/assets/ 17 KB
0 4547ms
3778ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?14.8.2024438
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 14 Aug 2024 02:38:27 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2024 07:12:29 GMT
server: nginx
etag: W/"66b9b5dd-4878"
x-cache-status: MISS
x-ws-request-id: 66bc18a0_PS-000-01xAT49_8086-53991
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-01vdB150 [MISS], 2.0 PS-000-01xAT49 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 14 Aug 2024 02:48:27 GMT

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 338ms
338ms Image
image/gif 14.215.182.140
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=68D8F28BFF46BB5F&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=de-de&lo=0&rnd=1564112477&si=1f87540d152513c2cee36575190ad2c2&v=1.3.2&lv=1&sn=32606&r=0&ww=1600&u=https%3A%2F%2Fewmw8dt.skin%2F

Requested by

Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Aug 2024 02:38:26 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 layer.css
otc.bjhav.cn/assets/need/ 5 KB
2 KB 351ms
351ms Stylesheet
text/css 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/need/layer.css?2.0
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/assets/layer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:20:49 GMT
content-encoding: gzip
last-modified: Mon, 21 Jun 2021 04:46:55 GMT
server: nginx
age: policy=overwrite
etag: W/"60d019bf-148c"
x-cache-status: HIT
x-ws-request-id: 66bc18b8_PS-000-01jI653_16180-45084
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 30 Jul 2024 17:13:01 GMT

GET bg.gif
img.tpxiaoshimei.com/196499/images/ 0
0

GET
H2 200 impact.font.css
otc1.bjhav.cn/image/ 269 KB
146 KB 381ms
380ms Stylesheet
text/css 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/image/impact.font.css
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: e04dbc0c22c6655dce965ab8853e5ea1c09b7a07121bd07d55c7b6b98f161a89

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:29:52 GMT
content-encoding: gzip
last-modified: Mon, 24 Jun 2024 13:22:14 GMT
server: nginx
age: 536
etag: W/"66797306-4359b"
x-cache-status: HIT
x-ws-request-id: 66bc18b8_PS-TNA-01uaD38_8336-52406
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 31 Jul 2024 20:18:31 GMT

GET
H3 200 ananh.jpg
img.ptallenvery.com/196499/img/ 175 KB
164 KB 727ms
727ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/196499/img/ananh.jpg
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bac19bcef7f13a5bda646939eb205d6c3e4a31562fb5810810a958df7a01518

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:48 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 03 Aug 2024 06:54:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66add415-2bc14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WRKtr4%2F3U8uslGSyDvCxKQwv3WeFFNitUkOH6YhnDYAL77N8TpuSc30PSSPaOa9dzo67HYbMpvxYDHgrGFEdQ%2F8sRtMPgqtCvXcsMMF6gWO%2F3conOLX5BLQ0GH1unLEbEJCk6wBS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b2d921ece299152-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 tz.js Show response
otc.bjhav.cn/file/ 11 KB
3 KB 350ms
350ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/file/tz.js?38
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: f03062e167d8586172f0e591a3a2c5830f7c24194c8744dbce26632a878d6f7c

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 14 Aug 2024 02:38:03 GMT
content-encoding: gzip
last-modified: Tue, 13 Aug 2024 15:42:18 GMT
server: nginx
age: policy=overwrite
etag: W/"66bb7eda-2a88"
x-cache-status: HIT
x-ws-request-id: 66bc18b9_PS-000-01jI653_16180-45125
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 13 Aug 2024 16:48:04 GMT

GET
H2 200 1.html Show response
ewmw8dt.skin/ Frame FED2 35 KB
35 KB 331ms
329ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewmw8dt.skin/1.html
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 2eab639f0bfdaec492ad6ee151b101ee57c4203a46e9d189fc06aa4f7aaddbb1

Request headers

Referer: https://ewmw8dt.skin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=300
content-length: 35490
content-type: text/html
date: Wed, 14 Aug 2024 02:38:49 GMT
etag: "66bb6dba-8aa2"
last-modified: Tue, 13 Aug 2024 14:29:14 GMT
server: nginx/1.24.0

GET
H2 200 2.html Show response
ewmw8dt.skin/ Frame 0C84 15 KB
15 KB 674ms
673ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewmw8dt.skin/2.html
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: fd24aca948b61791cc16e1879d61f8a3d40c1bd45744dbc534347618511bf8fc

Request headers

Referer: https://ewmw8dt.skin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=300
content-length: 14986
content-type: text/html
date: Wed, 14 Aug 2024 02:38:49 GMT
etag: "66bb6dba-3a8a"
last-modified: Tue, 13 Aug 2024 14:29:14 GMT
server: nginx/1.24.0

GET
H2 200 com.js Show response
otc.bjhav.cn/ Frame FED2 993 B
0 0ms
0ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/1.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-000-01jI653 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43997
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H3 200 caitu.css
img.ptallenvery.com/1121666/img/ Frame FED2 2 KB
1 KB 394ms
394ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/1121666/img/caitu.css?12
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/1.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:49 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Aug 2024 11:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b74f71-965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdRoeqqenax3kq1ifKCL9X2g7sssEY3Bqt4FmLpbbYjSmXPhfDnqyu9eABGNnxhUBmz3Agb3K4Vq4mNmKSYYuQOXoNhS2x0p%2F%2BxrDYjkGG9EhbeP5tJa8o9wrSbY%2B9D5%2B58ddmtJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b2d9227cb059152-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ Frame FED2 8 KB
0 1ms
0ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:12:30 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1554
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-000-01xAT49_8086-53990
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01xAT49 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sat, 10 Aug 2024 00:04:06 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ Frame FED2 6 KB
0 1ms
1ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:35:57 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 147
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8336-52176
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ Frame FED2 2 KB
0 2ms
2ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 314
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8195-63833
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ Frame FED2 94 KB
0 2ms
2ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:20:55 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1049
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8387-29985
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js Show response
otc0.bjhav.cn/assets/ Frame FED2 18 KB
8 KB 1156ms
1154ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?14.8.2024438
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 062cbad1de60533afcf7b4932476e7bddd1acd0bc4b51a3d06f05fc8c5ef74b4

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:50 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2024 07:12:29 GMT
server: nginx
etag: W/"66b9b5dd-4878"
x-cache-status: MISS
x-ws-request-id: 66bc18b9_PS-000-01xAT49_8086-55283
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-01vdB150 [MISS], 2.0 PS-000-01xAT49 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 14 Aug 2024 02:48:50 GMT

GET
H2 200 3.html Show response
ewmw8dt.skin/ Frame CBBA 24 KB
24 KB 649ms
648ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewmw8dt.skin/3.html
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 7be567f7c6cbd3a62a5bde5d2627637a30ec7b7bc6468da82b1263cdeb35a6a2

Request headers

Referer: https://ewmw8dt.skin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=300
content-length: 24426
content-type: text/html
date: Wed, 14 Aug 2024 02:38:49 GMT
etag: "66bb6dba-5f6a"
last-modified: Tue, 13 Aug 2024 14:29:14 GMT
server: nginx/1.24.0

GET
H2 200 4.html Show response
ewmw8dt.skin/ Frame C081 8 KB
3 KB 648ms
647ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewmw8dt.skin/4.html
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 33f8fda6e0d1754065cdaa6933e673afcc3d1c8bc6587cee99c7d78f82409472

Request headers

Referer: https://ewmw8dt.skin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html
date: Wed, 14 Aug 2024 02:38:49 GMT
etag: W/"66bb6dba-1fd4"
last-modified: Tue, 13 Aug 2024 14:29:14 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 5.html Show response
ewmw8dt.skin/ Frame 6DF1 11 KB
3 KB 647ms
647ms Document
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewmw8dt.skin/5.html
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eb0e7d2c60141b78e3099c1c82acd36ba9080876a16d5a20721e7f0544d2359a

Request headers

Referer: https://ewmw8dt.skin/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=300
content-encoding: gzip
content-type: text/html
date: Wed, 14 Aug 2024 02:38:49 GMT
etag: W/"66bb6dba-2bca"
last-modified: Tue, 13 Aug 2024 14:29:14 GMT
server: nginx
vary: Accept-Encoding

GET
H3 200 bt.jpg
img.ptallenvery.com/196499/images/ 17 KB
8 KB 395ms
395ms Image
image/jpeg 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/196499/images/bt.jpg
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b5e9c82c89288dd6770f4f906144443c0c6635bc8d7d72f61cda119da3b7c01

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:49 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2024 07:39:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66af303a-44e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dDftyIaZfBMTZD5GI4x4ixKFOG%2FLCU1Pwqlq3B549pbMZQC7bI43oMryTwdSWcmExafn5HqjmdRmGLXhyG9FB4c1fZyp%2FYA28JvStm%2Fatq%2F5oKb6zXaUZG2o5rwat0dGJJw746EM"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 8b2d9227db139152-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 com.js Show response
otc.bjhav.cn/ Frame 0C84 993 B
0 0ms
0ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-000-01jI653 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43997
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H2 200 jquery.min.js Show response
otc.bjhav.cn/assets/ Frame 0C84 94 KB
37 KB 354ms
353ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/assets/jquery.min.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:29:57 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: policy=overwrite
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66bc18ba_PS-000-01jI653_16180-45154
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01jI653 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:41:49 GMT

GET
H3 200 caitu.css
img.ptallenvery.com/1121666/img/ Frame 0C84 2 KB
0 59ms
59ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/1121666/img/caitu.css?12
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:49 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Aug 2024 11:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b74f71-965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdRoeqqenax3kq1ifKCL9X2g7sssEY3Bqt4FmLpbbYjSmXPhfDnqyu9eABGNnxhUBmz3Agb3K4Vq4mNmKSYYuQOXoNhS2x0p%2F%2BxrDYjkGG9EhbeP5tJa8o9wrSbY%2B9D5%2B58ddmtJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b2d9227cb059152-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gjpydq.jpg
video-hk.664460.com/images/hk/2024/col/90/ Frame 0C84 74 KB
73 KB 898ms
706ms Image
image/jpeg 172.67.181.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video-hk.664460.com/images/hk/2024/col/90/gjpydq.jpg?2.0.16?2.04.08
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 728620e6e3c322b986a3dd77e9ce1a6f6ec3b61c78a39089b10fa48751cfe909

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:50 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 10 Aug 2024 16:20:45 GMT
server: cloudflare
etag: W/"66b7935d-128cb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qKnIR%2FtbHi7I%2F%2FSnYNR7SihfjS15ay3n%2BX%2FFMltiaT7glNVc7d6ApaMZIFviAfbWsMHVo71Dl9XTwomtwhwe%2BEzBYogJXZsq4s%2F4XLsHzJBumq0lvu6AlZWuOkFDPSqg1w0MCE4b"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8b2d922b0f59372e-FRA
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Cache-Control, Connection, Authorization, Content-Type, lang, token, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Referer, Sec-Ch-Ua, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Platform, User-Agent
expires: Fri, 13 Sep 2024 02:38:50 GMT

GET
H3 200 yznl1.gif
img.ptallenvery.com/404455/ Frame 0C84 8 KB
9 KB 395ms
394ms Image
image/gif 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.ptallenvery.com/404455/yznl1.gif
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7657be27dc536cdfa4bacd2977c6728e5f8ec3288224a11c87c4d51d9667ecdc

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:50 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sat, 03 Aug 2024 04:54:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66adb822-2144"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z43nv19gY2ewUltOtuUy0XxnfwaG8%2BmYrWmU%2FyWldG%2FkMPSxcMO%2BtRGPHXb2HcsKcMAjhdGMvWFJT86BRgtfJc%2FBfmP78J7jEvbMYQ8%2Bb%2Bx5Cr8dsSvH2GlG0jQSV7brWQyf%2BTpZ"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
cf-ray: 8b2d9229dc1c9152-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 link4_hk_4.js Show response
res.tpxiaoshimei.com/assets/ Frame 0C84 5 KB
2 KB 795ms
635ms Script
application/javascript 172.67.145.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.tpxiaoshimei.com/assets/link4_hk_4.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.145.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd93cf8f6ec8b6b47529497e9246fccca925533097ad417915e4401910c7eaff

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:51 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Aug 2024 06:25:09 GMT
server: cloudflare
etag: W/"66ab2a45-125f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MrCueZmoTa6BIoON6XTqhGi0zEHLihVJSBqUqN1Qr5RRTXLebXPZ7gB4fUQoc2SxMmY%2BoFqjttLLyawUMfGG1%2ByHad91NOoCviF%2BsbYz1gSvj%2FgxULnzO2UF%2BS%2FreA73dHij1ce26Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
cf-ray: 8b2d922d5eaa5c50-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 14 Aug 2024 02:48:50 GMT

GET
H3 200 xgdjyc.jpg
video-hk.664460.com/images/h5/2024/col/90/ Frame 0C84 99 KB
99 KB 714ms
714ms Image
image/jpeg 172.67.181.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video-hk.664460.com/images/h5/2024/col/90/xgdjyc.jpg?2.0.16?2.03.10
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/2.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e037c1ed87bf3317161805d319199146092f567f72fffee0ac25dab16b87c5b0

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:51 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 10 Aug 2024 16:03:05 GMT
server: cloudflare
etag: W/"66b78f39-18d33"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EzWUguwErdS%2FfUvw8vMapbT8Uf2Ja%2Fvzgodka39gmTI9qGW%2F4jVQtPj%2FrNX4K1CZw2eTu%2FRYXJnI2791HNyO4%2BR15bx7Quy8mCQ41DxEFT6t5znrhtY2zyOe8VHUyUig8UyXeOrb"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8b2d92311a88372e-FRA
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Cache-Control, Connection, Authorization, Content-Type, lang, token, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Referer, Sec-Ch-Ua, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Platform, User-Agent
expires: Fri, 13 Sep 2024 02:38:51 GMT

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ Frame 0C84 8 KB
0 1ms
0ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:12:30 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1554
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-000-01xAT49_8086-53990
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01xAT49 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sat, 10 Aug 2024 00:04:06 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ Frame 0C84 6 KB
0 1ms
1ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:35:57 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 147
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8336-52176
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ Frame 0C84 2 KB
0 2ms
2ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 314
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8195-63833
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ Frame 0C84 94 KB
0 2ms
2ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:20:55 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1049
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8387-29985
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js Show response
otc0.bjhav.cn/assets/ Frame 0C84 18 KB
0 821ms
821ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?14.8.2024438
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 062cbad1de60533afcf7b4932476e7bddd1acd0bc4b51a3d06f05fc8c5ef74b4

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:50 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2024 07:12:29 GMT
server: nginx
etag: W/"66b9b5dd-4878"
x-cache-status: MISS
x-ws-request-id: 66bc18b9_PS-000-01xAT49_8086-55283
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-01vdB150 [MISS], 2.0 PS-000-01xAT49 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 14 Aug 2024 02:48:50 GMT

GET
H2 200 com.js Show response
otc.bjhav.cn/ Frame 6DF1 993 B
0 0ms
0ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/5.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-000-01jI653 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43997
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H3 200 caitu.css
img.ptallenvery.com/1121666/img/ Frame 6DF1 2 KB
0 0ms
0ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/1121666/img/caitu.css?12
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:49 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Aug 2024 11:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b74f71-965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdRoeqqenax3kq1ifKCL9X2g7sssEY3Bqt4FmLpbbYjSmXPhfDnqyu9eABGNnxhUBmz3Agb3K4Vq4mNmKSYYuQOXoNhS2x0p%2F%2BxrDYjkGG9EhbeP5tJa8o9wrSbY%2B9D5%2B58ddmtJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b2d9227cb059152-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 xgmd.jpg
video-hk.664460.com/images/hk/2024/col/90/ Frame 6DF1 163 KB
163 KB 749ms
748ms Image
image/jpeg 172.67.181.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video-hk.664460.com/images/hk/2024/col/90/xgmd.jpg
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/5.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 125295738d83516d7103df88b08a71a8451dc4abcfa2adf34b0dde5ecab7fb3d

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:50 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 11 Aug 2024 06:58:47 GMT
server: cloudflare
etag: W/"66b86127-28a94"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMWI1xXxQ1nbhoc%2B1PwVT%2BnEoIDOV08b1H6sWsD19qhcXZjgrbBcVtvtG8FiDMHujN7ywhEyriqLMEw%2BY6Wx3ZUj%2BUg8U4Y9LvL%2F2fKvFH%2BWym%2B8ulv201u0ZcqJNlhCImqQjef0"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8b2d922c1ff3372e-FRA
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Cache-Control, Connection, Authorization, Content-Type, lang, token, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Referer, Sec-Ch-Ua, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Platform, User-Agent
expires: Fri, 13 Sep 2024 02:38:50 GMT

GET
H2 200 com.js Show response
otc.bjhav.cn/ Frame C081 993 B
0 0ms
0ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/4.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-000-01jI653 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43997
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H3 200 caitu.css
img.ptallenvery.com/1121666/img/ Frame C081 2 KB
0 0ms
0ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/1121666/img/caitu.css?12
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/4.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:49 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Aug 2024 11:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b74f71-965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdRoeqqenax3kq1ifKCL9X2g7sssEY3Bqt4FmLpbbYjSmXPhfDnqyu9eABGNnxhUBmz3Agb3K4Vq4mNmKSYYuQOXoNhS2x0p%2F%2BxrDYjkGG9EhbeP5tJa8o9wrSbY%2B9D5%2B58ddmtJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b2d9227cb059152-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 lmssmj.jpg
video-hk.664460.com/images/h5/2024/col/90/ Frame C081 169 KB
169 KB 703ms
702ms Image
image/jpeg 172.67.181.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video-hk.664460.com/images/h5/2024/col/90/lmssmj.jpg?2.0.16?2.04.06
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/4.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.181.92 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c342d66e495f978314723c42438f5a8be2aa21f6b8bb146e3862369dfddb0b4

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:50 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 10 Aug 2024 15:44:07 GMT
server: cloudflare
etag: W/"66b78ac7-2a4f4"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, GET, OPTIONS, PUT, DELETE
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPmF9km0RhmDP5iai4%2Fg4GqHZFDe09T5tsbySJmZYAbOnZYrigOLwYNdcddcjOBokEDi%2B8fCM3qmazNUrLxye1ttEujtZANAxqFeBETY7M7S6fWqYsI9YLvqV70CmfZbVdT6kwlW"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 8b2d922c2ff8372e-FRA
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Cache-Control, Connection, Authorization, Content-Type, lang, token, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Referer, Sec-Ch-Ua, Sec-Ch-Ua-Mobile, Sec-Ch-Ua-Platform, User-Agent
expires: Fri, 13 Sep 2024 02:38:50 GMT

GET
H2 200 com.js Show response
otc.bjhav.cn/ Frame CBBA 993 B
0 0ms
0ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc.bjhav.cn/com.js
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/3.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:31:45 GMT
age: policy=overwrite
x-cache-status: HIT
x-via: 2.0 PS-000-01jI653 [HIT]
content-length: 993
last-modified: Tue, 06 Aug 2024 12:27:30 GMT
server: nginx
etag: "66b216b2-3e1"
x-ws-request-id: 66bc189f_PS-000-01jI653_16180-43997
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 13:01:22 GMT

GET
H3 200 caitu.css
img.ptallenvery.com/1121666/img/ Frame CBBA 2 KB
0 1ms
1ms Stylesheet
text/css 172.67.186.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://img.ptallenvery.com/1121666/img/caitu.css?12
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/3.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.186.224 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:49 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sat, 10 Aug 2024 11:30:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66b74f71-965"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IdRoeqqenax3kq1ifKCL9X2g7sssEY3Bqt4FmLpbbYjSmXPhfDnqyu9eABGNnxhUBmz3Agb3K4Vq4mNmKSYYuQOXoNhS2x0p%2F%2BxrDYjkGG9EhbeP5tJa8o9wrSbY%2B9D5%2B58ddmtJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8b2d9227cb059152-FRA
alt-svc: h3=":443"; ma=86400

GET zdsc197.jpg
gwbd-tk.ctizh.com/2024/col/hk/090/ Frame CBBA 0
0

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ Frame 6DF1 8 KB
0 1ms
0ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:12:30 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1554
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-000-01xAT49_8086-53990
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01xAT49 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sat, 10 Aug 2024 00:04:06 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ Frame 6DF1 6 KB
0 1ms
1ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:35:57 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 147
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8336-52176
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ Frame 6DF1 2 KB
0 2ms
2ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 314
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8195-63833
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ Frame 6DF1 94 KB
0 2ms
2ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:20:55 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1049
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8387-29985
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js Show response
otc0.bjhav.cn/assets/ Frame 6DF1 18 KB
0 449ms
449ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?14.8.2024438
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 062cbad1de60533afcf7b4932476e7bddd1acd0bc4b51a3d06f05fc8c5ef74b4

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:50 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2024 07:12:29 GMT
server: nginx
etag: W/"66b9b5dd-4878"
x-cache-status: MISS
x-ws-request-id: 66bc18b9_PS-000-01xAT49_8086-55283
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-01vdB150 [MISS], 2.0 PS-000-01xAT49 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 14 Aug 2024 02:48:50 GMT

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ Frame C081 8 KB
0 1ms
0ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:12:30 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1554
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-000-01xAT49_8086-53990
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01xAT49 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sat, 10 Aug 2024 00:04:06 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ Frame C081 6 KB
0 1ms
1ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:35:57 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 147
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8336-52176
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ Frame C081 2 KB
0 2ms
2ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 314
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8195-63833
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ Frame C081 94 KB
0 2ms
2ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:20:55 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1049
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8387-29985
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js Show response
otc0.bjhav.cn/assets/ Frame C081 18 KB
0 445ms
445ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?14.8.2024438
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 062cbad1de60533afcf7b4932476e7bddd1acd0bc4b51a3d06f05fc8c5ef74b4

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:50 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2024 07:12:29 GMT
server: nginx
etag: W/"66b9b5dd-4878"
x-cache-status: MISS
x-ws-request-id: 66bc18b9_PS-000-01xAT49_8086-55283
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-01vdB150 [MISS], 2.0 PS-000-01xAT49 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 14 Aug 2024 02:48:50 GMT

GET
H2 200 lazysizes-umd.min.js Show response
otc0.bjhav.cn/assets/ Frame CBBA 8 KB
0 1ms
0ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/lazysizes-umd.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:12:30 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:16 GMT
server: nginx
age: 1554
etag: W/"6677ffc8-1ee0"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-000-01xAT49_8086-53990
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-000-01xAT49 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sat, 10 Aug 2024 00:04:06 GMT

GET
H2 200 label-com4.js Show response
otc1.bjhav.cn/assets/ Frame CBBA 6 KB
0 1ms
1ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc1.bjhav.cn/assets/label-com4.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:35:57 GMT
content-encoding: gzip
last-modified: Thu, 08 Aug 2024 13:21:22 GMT
server: nginx
age: 147
etag: W/"66b4c652-16ff"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8336-52176
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Thu, 08 Aug 2024 13:59:15 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
otc2.bjhav.cn/assets/ Frame CBBA 2 KB
0 2ms
2ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:33:10 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 314
etag: W/"6677ffc7-750"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8195-63833
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Fri, 12 Jul 2024 02:31:52 GMT

GET
H2 200 jquery.min.js Show response
otc5.bjhav.cn/assets/ Frame CBBA 94 KB
0 2ms
2ms Script
application/javascript 240e:946:6004:13::6e
CHINATELECOM-SHAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc5.bjhav.cn/assets/jquery.min.js
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:946:6004:13::6e , China, ASN58540 (CHINATELECOM-SHANDONG-JINAN-IDC Jinan,250000, CN),
Reverse DNS
Software: nginx /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:20:55 GMT
content-encoding: gzip
last-modified: Sun, 23 Jun 2024 10:58:15 GMT
server: nginx
age: 1049
etag: W/"6677ffc7-1787c"
x-cache-status: HIT
x-ws-request-id: 66bc18a0_PS-TNA-01uaD38_8387-29985
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 2.0 PS-TNA-01uaD38 [HIT]
cache-control: max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Tue, 06 Aug 2024 12:38:35 GMT

GET
H2 200 base_code.js Show response
otc0.bjhav.cn/assets/ Frame CBBA 18 KB
0 442ms
442ms Script
application/javascript 240e:978:902:4000::c0
CHINATELECOM-JIAN...

General

Check archive.org

Show headers Download Go to

Full URL: https://otc0.bjhav.cn/assets/base_code.js?14.8.2024438
Requested by: Host: otc.bjhav.cn
URL: https://otc.bjhav.cn/com.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 240e:978:902:4000::c0 , China, ASN137697 (CHINATELECOM-JIANGSU-YANGZHOU-IDC CHINATELECOM JiangSu YangZhou IDC networkdescr: YangZhouJiangsu Province, P.R.China., CN),
Reverse DNS
Software: nginx /
Resource Hash: 062cbad1de60533afcf7b4932476e7bddd1acd0bc4b51a3d06f05fc8c5ef74b4

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:50 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2024 07:12:29 GMT
server: nginx
etag: W/"66b9b5dd-4878"
x-cache-status: MISS
x-ws-request-id: 66bc18b9_PS-000-01xAT49_8086-55283
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-via: 1.1 PS-FOC-01vdB150 [MISS], 2.0 PS-000-01xAT49 [MISS]
cache-control: max-age=600, max-age=1800
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Wed, 14 Aug 2024 02:48:50 GMT

GET
H3 200 no.js Show response
res.bjhav.cn/assets/ Frame FED2 82 B
630 B 689ms
628ms Script
text/html 172.67.184.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.bjhav.cn/assets/no.js?v=14.8.2024438
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b35060a0b80789bff84a9ae644f7617c312b948f6f48a5e3fcebf696a567fec

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63YD6pIL0TvXQFVaon%2BSOF6tohgsPgpkejKpG8lZsQppFuKHlQ%2FgBLD9KKRSvfiHKUpyBT4Co5BPM8fiJH2AP%2Ff3aPg9kEn%2FWr5XgaEbUwBuC5TpX0FRdwyt9gdehhs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 8b2d922f7a219765-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET popMore.js
otc4.bjhav.cn/hk/ Frame FED2 0
0

GET
H3 200 no.js Show response
res.bjhav.cn/assets/ Frame CBBA 82 B
0 685ms
685ms Script
text/html 172.67.184.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.bjhav.cn/assets/no.js?v=14.8.2024438
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b35060a0b80789bff84a9ae644f7617c312b948f6f48a5e3fcebf696a567fec

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63YD6pIL0TvXQFVaon%2BSOF6tohgsPgpkejKpG8lZsQppFuKHlQ%2FgBLD9KKRSvfiHKUpyBT4Co5BPM8fiJH2AP%2Ff3aPg9kEn%2FWr5XgaEbUwBuC5TpX0FRdwyt9gdehhs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 8b2d922f7a219765-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET popMore.js
otc4.bjhav.cn/hk/ Frame CBBA 0
0

GET
H3 200 no.js Show response
res.bjhav.cn/assets/ Frame 6DF1 82 B
0 682ms
682ms Script
text/html 172.67.184.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.bjhav.cn/assets/no.js?v=14.8.2024438
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b35060a0b80789bff84a9ae644f7617c312b948f6f48a5e3fcebf696a567fec

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63YD6pIL0TvXQFVaon%2BSOF6tohgsPgpkejKpG8lZsQppFuKHlQ%2FgBLD9KKRSvfiHKUpyBT4Co5BPM8fiJH2AP%2Ff3aPg9kEn%2FWr5XgaEbUwBuC5TpX0FRdwyt9gdehhs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 8b2d922f7a219765-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET popMore.js
otc4.bjhav.cn/hk/ Frame 6DF1 0
0

GET
H3 200 no.js Show response
res.bjhav.cn/assets/ Frame C081 82 B
0 677ms
677ms Script
text/html 172.67.184.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.bjhav.cn/assets/no.js?v=14.8.2024438
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b35060a0b80789bff84a9ae644f7617c312b948f6f48a5e3fcebf696a567fec

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63YD6pIL0TvXQFVaon%2BSOF6tohgsPgpkejKpG8lZsQppFuKHlQ%2FgBLD9KKRSvfiHKUpyBT4Co5BPM8fiJH2AP%2Ff3aPg9kEn%2FWr5XgaEbUwBuC5TpX0FRdwyt9gdehhs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 8b2d922f7a219765-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET popMore.js
otc4.bjhav.cn/hk/ Frame C081 0
0

GET
H3 200 no.js Show response
res.bjhav.cn/assets/ Frame 0C84 82 B
0 673ms
673ms Script
text/html 172.67.184.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://res.bjhav.cn/assets/no.js?v=14.8.2024438
Requested by: Host: ewmw8dt.skin
URL: https://ewmw8dt.skin/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.184.12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b35060a0b80789bff84a9ae644f7617c312b948f6f48a5e3fcebf696a567fec

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:51 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63YD6pIL0TvXQFVaon%2BSOF6tohgsPgpkejKpG8lZsQppFuKHlQ%2FgBLD9KKRSvfiHKUpyBT4Co5BPM8fiJH2AP%2Ff3aPg9kEn%2FWr5XgaEbUwBuC5TpX0FRdwyt9gdehhs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=300
cf-ray: 8b2d922f7a219765-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
alt-svc: h3=":443"; ma=86400

GET popMore.js
otc4.bjhav.cn/hk/ Frame 0C84 0
0

GET
H2 404 favicon.ico
ewmw8dt.skin/ 555 B
638 B 364ms
364ms Other
text/html 16.162.77.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewmw8dt.skin/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 16.162.77.119 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-162-77-119.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf

Request headers

Referer: https://ewmw8dt.skin/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Wed, 14 Aug 2024 02:38:52 GMT
server: nginx/1.24.0
content-length: 555
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.tpxiaoshimei.com
URL: https://img.tpxiaoshimei.com/196499/images/bg.gif

Domain: gwbd-tk.ctizh.com
URL: https://gwbd-tk.ctizh.com/2024/col/hk/090/zdsc197.jpg

Domain: otc4.bjhav.cn
URL: https://otc4.bjhav.cn/hk/popMore.js?14.8.2024438

Domain: otc4.bjhav.cn
URL: https://otc4.bjhav.cn/hk/popMore.js?14.8.2024438

Domain: otc4.bjhav.cn
URL: https://otc4.bjhav.cn/hk/popMore.js?14.8.2024438

Domain: otc4.bjhav.cn
URL: https://otc4.bjhav.cn/hk/popMore.js?14.8.2024438

Domain: otc4.bjhav.cn
URL: https://otc4.bjhav.cn/hk/popMore.js?14.8.2024438

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.baidu.com/	1970-01-21 08:22:43	Name: BAIDUID_BFESS Value: 2B37F04A12F74CB42E53999D148E36DA:FG=1
.hm.baidu.com/	1970-01-21 08:22:43	Name: HMACCOUNT_BFESS Value: 68D8F28BFF46BB5F
.ewmw8dt.skin/	1970-01-21 07:32:19	Name: Hm_lvt_1f87540d152513c2cee36575190ad2c2 Value: 1723603106
.ewmw8dt.skin/	1969-12-31 23:59:59	Name: Hm_lpvt_1f87540d152513c2cee36575190ad2c2 Value: 1723603106
.ewmw8dt.skin/	1969-12-31 23:59:59	Name: HMACCOUNT Value: 68D8F28BFF46BB5F

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc0.bjhav.cn/assets/lazysizes-umd.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc0.bjhav.cn/assets/lazysizes-umd.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc1.bjhav.cn/assets/label-com4.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc2.bjhav.cn/assets/ls.unveilhooks.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc5.bjhav.cn/assets/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://otc.bjhav.cn/com.js(Line 4) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc0.bjhav.cn/assets/base_code.js?14.8.2024438, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://otc0.bjhav.cn/assets/base_code.js?14.8.2024438 Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
javascript	warning	URL: https://ewmw8dt.skin/(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc.bjhav.cn/file/tz.js?38, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ewmw8dt.skin/(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://otc.bjhav.cn/file/tz.js?38, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://ewmw8dt.skin/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ewmw8dt.skin
gwbd-tk.ctizh.com
hm.baidu.com
img.ptallenvery.com
img.tpxiaoshimei.com
libs.baidu.com
otc.bjhav.cn
otc0.bjhav.cn
otc1.bjhav.cn
otc2.bjhav.cn
otc4.bjhav.cn
otc5.bjhav.cn
res.bjhav.cn
res.tpxiaoshimei.com
video-hk.664460.com
gwbd-tk.ctizh.com
img.tpxiaoshimei.com
otc4.bjhav.cn
14.215.182.140
16.162.77.119
172.67.145.181
172.67.181.92
172.67.184.12
172.67.186.224
240e:946:6004:13::6e
240e:978:902:4000::c0
39.156.66.111
062cbad1de60533afcf7b4932476e7bddd1acd0bc4b51a3d06f05fc8c5ef74b4
125295738d83516d7103df88b08a71a8451dc4abcfa2adf34b0dde5ecab7fb3d
21916a0094c6d24ac19275015be42cb1945bcc0b230cd46c77f8ca99ae631269
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
2eab639f0bfdaec492ad6ee151b101ee57c4203a46e9d189fc06aa4f7aaddbb1
30b2271be76ee2dd43122d0611f8aa498b9781f4cd03904ca12e12d2e91e9421
328611fd7ea14f32224461252a55443aff8ee4172d74f04e9e693b7e581b82ab
338e171ecd2e7b7b1d89c2bed70f9a33477b1345be879b35a211925b67476dcf
33f8fda6e0d1754065cdaa6933e673afcc3d1c8bc6587cee99c7d78f82409472
3b35060a0b80789bff84a9ae644f7617c312b948f6f48a5e3fcebf696a567fec
3bac19bcef7f13a5bda646939eb205d6c3e4a31562fb5810810a958df7a01518
3bebc274d555408140025b328b95203ea791b655b5a0282179588e3cc44ecccc
3e90c6a68785626742aaa00feb6a8f5acaaf9477ded4e441ac56e4b364dd0747
44087d0c011633d8938b5dc49bc991974aa031c29c88e4b7e487170d1b67b835
44d82ed801decf8070c4a8d0efed028ce12cf846464f8af28061533166a7c3b1
4b5e9c82c89288dd6770f4f906144443c0c6635bc8d7d72f61cda119da3b7c01
5b0872ecc22ecb72cba49a7ab68587d2b232f9b5e9639b8359d5cbae81d9fc9b
5c342d66e495f978314723c42438f5a8be2aa21f6b8bb146e3862369dfddb0b4
6ca50aaa5964884a2b34d9b669e841eb730bd30acfcda7d5cbde8181822059e1
728620e6e3c322b986a3dd77e9ce1a6f6ec3b61c78a39089b10fa48751cfe909
7657be27dc536cdfa4bacd2977c6728e5f8ec3288224a11c87c4d51d9667ecdc
7be567f7c6cbd3a62a5bde5d2627637a30ec7b7bc6468da82b1263cdeb35a6a2
7d3ea645ab82c37a6788f353eb9afc118295ad07749ff61c0e41669b6fec7edb
91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef
9aeba8c3b288c850c42a6f2233bbbef39234f1855e7b8ed346b1f9f1ccc70b51
9ba35a7ccba77bcee2523da129a0cbbf39eed185e08027313910c1e128d2a7ef
ab8579126982c8512f0793e5dd66a6c6d75a8c4518eed71a102ddca6ee7fd04f
b20d3c9c8dc843952a44096596d53c5f548a26ad431d144146aa7336fedde27b
baa1b406b581ed4878d2394fa8e539c32f26ce535606ffcd1a3e0342b99c3654
cabb02aa069f56199c548871054a8c37909082d97f15582394ad661eb19d5f8e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
deb49fe3e687c180ebb406114ff62912b0667ef8d478edd8743249ff9e350c6e
e037c1ed87bf3317161805d319199146092f567f72fffee0ac25dab16b87c5b0
e04dbc0c22c6655dce965ab8853e5ea1c09b7a07121bd07d55c7b6b98f161a89
e2a4f290c5bb2579b37c80b9553e79b562c7444066a443459d0d0089c0814ca2
eb0e7d2c60141b78e3099c1c82acd36ba9080876a16d5a20721e7f0544d2359a
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
f03062e167d8586172f0e591a3a2c5830f7c24194c8744dbce26632a878d6f7c
f3f8f5ecbc9504399be3d5ab916bbf99183af46acee1d097480eb1deb1a94a62
f68cf3ef03d3a7c1858c58f92c2475be7b7efea477e2cc591502d5ba5996144f
fd24aca948b61791cc16e1879d61f8a3d40c1bd45744dbc534347618511bf8fc
fd93cf8f6ec8b6b47529497e9246fccca925533097ad417915e4401910c7eaff

ewmw8dt.skin Open in urlscan Pro 16.162.77.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

84 %HTTPS

22 %IPv6

7 Domains

15 Subdomains

10 IPs

3 Countries

2406 kBTransfer

3664 kBSize

5 Cookies

0 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ewmw8dt.skin Open in urlscan Pro
16.162.77.119 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

84 %
HTTPS

22 %
IPv6

7
Domains

15
Subdomains

10
IPs

3
Countries

2406 kB
Transfer

3664 kB
Size

5
Cookies

89 HTTP transactions
0 data transactions