URL: http://qtkim.com/
Submission: On April 11 via api from US — Scanned from DE

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 75 HTTP transactions. The main IP is 102.134.33.38, located in South Africa and belongs to sun-asn, SC. The main domain is qtkim.com.
This is the only time qtkim.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 102.134.33.38 328543 (sun-asn)
30 2606:4700:10:... 13335 (CLOUDFLAR...)
1 198.2.211.99 54600 (PEGTECHINC)
1 45.61.212.120 53587 (AZT)
1 120.232.54.164 56040 (CMNET-GUA...)
3 172.247.50.244 40065 (CNSERVERS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 154.211.69.60 399077 (TERAEXCH)
3 103.143.19.103 134760 (CHINANET-...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 45.61.212.221 53587 (AZT)
3 112.90.153.37 136959 (UNICOM-FU...)
1 45.61.212.57 53587 (AZT)
75 13
Apex Domain
Subdomains
Transfer
30 slsltutu.com
fmtu.slsltutu.com — Cisco Umbrella Rank: 392859
2 MB
27 qtkim.com
qtkim.com
130 KB
6 51.la
js.users.51.la — Cisco Umbrella Rank: 66521
ia.51.la — Cisco Umbrella Rank: 60668
8 KB
3 8499223.com
8499223.com
812 KB
2 thpitnx.cn
img.thpitnx.cn
390 KB
1 aaaaa886.com
aaaaa886.com
50 KB
1 aaaaa558.com
aaaaa558.com
36 KB
1 loli.net
s2.loli.net — Cisco Umbrella Rank: 200566
10 KB
1 jsjsjs.xyz
cdn.jsjsjs.xyz
398 KB
1 595tuchuang.com
595tuchuang.com — Cisco Umbrella Rank: 249909
181 KB
1 aaaaa855.com
aaaaa855.com
973 KB
1 img1yutu.com
img.img1yutu.com — Cisco Umbrella Rank: 656653
48 KB
75 12
Domain Requested by
30 fmtu.slsltutu.com qtkim.com
27 qtkim.com qtkim.com
3 ia.51.la qtkim.com
3 js.users.51.la qtkim.com
3 8499223.com qtkim.com
2 img.thpitnx.cn qtkim.com
1 aaaaa886.com qtkim.com
1 aaaaa558.com qtkim.com
1 s2.loli.net qtkim.com
1 cdn.jsjsjs.xyz qtkim.com
1 595tuchuang.com qtkim.com
1 aaaaa855.com qtkim.com
1 img.img1yutu.com qtkim.com
75 13
Subject Issuer Validity Valid
*.slsltutu.com
GTS CA 1P5
2023-02-28 -
2023-05-29
3 months crt.sh
img.img1yutu.com
Sectigo RSA Domain Validation Secure Server CA
2023-01-03 -
2024-01-03
a year crt.sh
aaaaa855.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-27 -
2024-03-26
a year crt.sh
683tuchuang.com
Certum Domain Validation CA SHA2
2022-12-21 -
2024-01-19
a year crt.sh
8499223.com
ZeroSSL RSA Domain Secure Site CA
2023-03-27 -
2023-06-25
3 months crt.sh
cdn.jsjsjs.xyz
GTS CA 1P5
2023-03-25 -
2023-06-23
3 months crt.sh
pic.thpitnx.cn
R3
2023-03-24 -
2023-06-22
3 months crt.sh
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020
2022-03-29 -
2023-04-30
a year crt.sh
loli.net
Cloudflare Inc ECC CA-3
2023-04-05 -
2024-04-04
a year crt.sh
aaaaa558.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-27 -
2024-03-26
a year crt.sh
aaaaa886.com
Sectigo RSA Domain Validation Secure Server CA
2023-03-27 -
2024-03-26
a year crt.sh

This page contains 1 frames:

Primary Page: http://qtkim.com/
Frame ID: 54F10C96FEAB10E5C5786E03E0F8CC2E
Requests: 75 HTTP requests in this frame

Screenshot

Page Title

携手同行创未来-亚洲中文字幕视频国产片日产片中文字幕午夜欧美AAA免费高清视频黄色免费一级视频 片中文字幕在线永久视颏91探花精品一区二区久久免费国产美女上床大片国产福利片亚洲 免费 国产 网站-老司机福利网,提供最新、最全的福利收集站点,宅男必备福利。今日福利网-免费视频、国产视频、无码视频、高清AV、日本AV、更新最快,线上免费看,全站免费,免费视频!可下载!

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

60 %
HTTPS

23 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

4785 kB
Transfer

4958 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
qtkim.com/
32 KB
9 KB
Document
General
Full URL
http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / PHP/7.0.33 ASP.NET
Resource Hash
2c35cf1ee09525a8232a8afa44814996af1d36af5734c0663e707b2bcfc278ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Length
8749
Content-Type
text/html; charset=utf-8
Date
Tue, 11 Apr 2023 21:34:59 GMT
Server
Microsoft-IIS/7.5
Vary
Accept-Encoding
X-Powered-By
PHP/7.0.33 ASP.NET
ate.css
qtkim.com/template/m1938pc/css/
74 KB
5 KB
Stylesheet
General
Full URL
http://qtkim.com/template/m1938pc/css/ate.css
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:34:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jan 2022 15:13:25 GMT
Server
Microsoft-IIS/7.5
ETag
"80d88c9e7d1d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
4498
zui.css
qtkim.com/template/m1938pc/css/
89 KB
16 KB
Stylesheet
General
Full URL
http://qtkim.com/template/m1938pc/css/zui.css
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d90a559fe13193e019e3a8c766ad5552d010799b3a60d632a0ade6510d9853cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:34:59 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jan 2022 13:57:24 GMT
Server
Microsoft-IIS/7.5
ETag
"0ba387fce3d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
15748
jquery11.js
qtkim.com/static/js/
0
0
Script
General
Full URL
http://qtkim.com/static/js/jquery11.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:34:59 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Length
1163
Content-Type
text/html
jquery.config.js
qtkim.com/template/m1938pc/js/
5 KB
2 KB
Script
General
Full URL
http://qtkim.com/template/m1938pc/js/jquery.config.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
3307ac2d9b16148f210070834055add1db4b8e0fd046fa3045ef1d9eee64cdd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:34:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Jan 2022 15:13:35 GMT
Server
Microsoft-IIS/7.5
ETag
"80b982a47d1d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1744
sxxf9.js
qtkim.com/template/m1938pc/html9/ad/
0
0
Script
General
Full URL
http://qtkim.com/template/m1938pc/html9/ad/sxxf9.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:34:59 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Length
1163
Content-Type
text/html
tj.js
qtkim.com/template/pgysvip/js/
0
0
Script
General
Full URL
http://qtkim.com/template/pgysvip/js/tj.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Length
1163
Content-Type
text/html
logo.jpg
qtkim.com/static/images/
15 KB
15 KB
Image
General
Full URL
http://qtkim.com/static/images/logo.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
1233d0d35bb923275fd475808abb34554ee4bc0afe3adc31f2096e13daad6287

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Last-Modified
Tue, 15 Feb 2022 17:08:12 GMT
Server
Microsoft-IIS/7.5
ETag
"026df9c8e22d81:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
14914
xx1.js
qtkim.com/template/m1938pc/ads/
3 KB
903 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/xx1.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
0771b56b41756cac35fd1b9f5486359b59c9be10f2673f68cd97b25c839c47f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09 Apr 2023 12:54:13 GMT
Server
Microsoft-IIS/7.5
ETag
"80c86362e26ad91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
594
1.gif
qtkim.com/template/m1938pc/images/
254 B
500 B
Image
General
Full URL
http://qtkim.com/template/m1938pc/images/1.gif
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Last-Modified
Tue, 04 Jan 2022 15:13:40 GMT
Server
Microsoft-IIS/7.5
ETag
"745e87a77d1d81:0"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
254
wz.js
qtkim.com/template/m1938pc/ads/
8 KB
1 KB
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/wz.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
ed6ab754eed453b1df295b34c39d9208f7642949cfdc02cf067300c19817afdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09 Apr 2023 12:55:00 GMT
Server
Microsoft-IIS/7.5
ETag
"06a677ee26ad91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1125
xx2.js
qtkim.com/template/m1938pc/ads/
4 KB
1 KB
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/xx2.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
69c0556600c32292e0f8e0b229a1bf45a74a79f184e881efa18f8f6a615341a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09 Apr 2023 12:55:48 GMT
Server
Microsoft-IIS/7.5
ETag
"0a239be26ad91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
795
1.js
qtkim.com/template/m1938pc/ads/
1 KB
753 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/1.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d17445981d52307060fa310f5f8f65374519035ce0e13a4bfd148c02bc450d28

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Content-Encoding
gzip
Last-Modified
Sun, 02 Apr 2023 03:43:47 GMT
Server
Microsoft-IIS/7.5
ETag
"95c8ad541565d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
444
2.js
qtkim.com/template/m1938pc/ads/
1001 B
737 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/2.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
f38ca4ec01fb9dd96454251a2f6d07247080467276d81e32d8cca8806b93e3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Mar 2023 07:11:20 GMT
Server
Microsoft-IIS/7.5
ETag
"b9ae3dfe9f63d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
428
5910d4ae533acbce043608104a9af047.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
112 KB
112 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/5910d4ae533acbce043608104a9af047.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9c43ad7c33cc49731c0191848705d9a45c454a70ddc62663033c2456177e10d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1831
cf-polished
status=not_needed
content-length
114312
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:17 GMT
server
cloudflare
etag
"64327a2d-1be88"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b640ac92c7d-FRA
9f82e8b878fa0722561adba3f05fe39f.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
81 KB
82 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/9f82e8b878fa0722561adba3f05fe39f.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a0cf18bec9a4f9fe07df105b4cf7bfbc3195004fbf61d38249358b0b1d304b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1115
cf-polished
status=not_needed
content-length
83422
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:16 GMT
server
cloudflare
etag
"64327a2c-145de"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b640acc2c7d-FRA
4575723338fd4ec6997e59dad328d0a3.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
95 KB
95 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/4575723338fd4ec6997e59dad328d0a3.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b598b43d79deb8718edd77307e4b987633cae470d56f5ea62b31eacca93f130a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
3204
cf-polished
status=not_needed
content-length
96929
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:20 GMT
server
cloudflare
etag
"64327a30-17aa1"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b640ace2c7d-FRA
88fa8a2cb41e06b082219b2353a4760c.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
93 KB
93 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/88fa8a2cb41e06b082219b2353a4760c.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6520e5203006d7c96579084735f54bddf45cc83e8ca6dc07d7903752ef20d1cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1114
cf-polished
status=not_needed
content-length
95190
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:24 GMT
server
cloudflare
etag
"64327a34-173d6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b640ad12c7d-FRA
3b3065e8db054fd42cc110a4f07ea0a1.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
88 KB
88 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/3b3065e8db054fd42cc110a4f07ea0a1.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db9ef7b6509b59999cff168f0c76dd18b869c8cb4c8253ca4d74c75d606a4ca4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1114
cf-polished
status=not_needed
content-length
89721
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:24 GMT
server
cloudflare
etag
"64327a34-15e79"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b640ad22c7d-FRA
dd4f3946ddc857e6ce73c27546d38f5f.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
46 KB
47 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/dd4f3946ddc857e6ce73c27546d38f5f.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199f92e835a7f57d7ae461a7fa3cb2a3e2810c9271bbbba0ddc54cbf25609f33

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1114
cf-polished
qual=85, origFmt=jpeg, origSize=48552
content-disposition
inline; filename="dd4f3946ddc857e6ce73c27546d38f5f.webp"
content-length
47528
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:24 GMT
server
cloudflare
etag
"64327a34-bda8"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b640ad32c7d-FRA
3.js
qtkim.com/template/m1938pc/ads/
1 KB
735 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/3.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d895b40c46b008286e56985791cd2ecf6dedcff2eda05ce3bfe850b6d31276a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09 Apr 2023 12:59:04 GMT
Server
Microsoft-IIS/7.5
ETag
"f9616910e36ad91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
426
4.js
qtkim.com/template/m1938pc/ads/
466 B
691 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/4.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
33a56fc9d9887f031ca3df20bd7329d0320825ce257efc31a3874d963fc0912f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 10:44:27 GMT
Server
Microsoft-IIS/7.5
ETag
"a3e13b36212d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
383
06dc92a242e5cd43bf07acd848b3c79c.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
9 KB
9 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/06dc92a242e5cd43bf07acd848b3c79c.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ec1f5e3b8d90ede44dc32ffd3cb7fd61f8cfc6fdef9d90d14acfbbd3df34318

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=11584
content-disposition
inline; filename="06dc92a242e5cd43bf07acd848b3c79c.webp"
content-length
9264
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:24 GMT
server
cloudflare
etag
"64327a34-2d40"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b1b2c7d-FRA
62b075a5f21bcf958e9c6057cbde2b13.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
18 KB
18 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/62b075a5f21bcf958e9c6057cbde2b13.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e98fa8f620146ff0ff75e0352c9704b0ff9de7cad0349b3ebf63d43f8409c322

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=19572
content-disposition
inline; filename="62b075a5f21bcf958e9c6057cbde2b13.webp"
content-length
18444
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:43 GMT
server
cloudflare
etag
"64327a47-4c74"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b1c2c7d-FRA
d4b659c31d16d3a925719be4fe7695d5.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
8 KB
8 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/d4b659c31d16d3a925719be4fe7695d5.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2a90cd5dc7116053e680cba110de357e387a8bd1ace7290b947a354c5f29708

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=9505
content-disposition
inline; filename="d4b659c31d16d3a925719be4fe7695d5.webp"
content-length
8278
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:35 GMT
server
cloudflare
etag
"64327a3f-2521"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b1d2c7d-FRA
30c648f5cc8315135c9f53477358e8db.jpg
fmtu.slsltutu.com/upload/vod/20230406-1/
7 KB
7 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230406-1/30c648f5cc8315135c9f53477358e8db.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5cccd6963a416be09c8bbed2923ba76d67bb868512ff7f080b621450a54b274

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=7948
content-disposition
inline; filename="30c648f5cc8315135c9f53477358e8db.webp"
content-length
6814
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 09:15:58 GMT
server
cloudflare
etag
"642e8dce-1f0c"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b1f2c7d-FRA
6e79e5ea72200ab58324583e3a5003c7.jpg
fmtu.slsltutu.com/upload/vod/20230406-1/
9 KB
9 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230406-1/6e79e5ea72200ab58324583e3a5003c7.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab11a72dc867ddc141839e11a54584e9cec6000ec57dc9c9d42bee0a8339ced

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Apr 2023 09:15:58 GMT
server
cloudflare
etag
"642e8dce-22e2"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b202c7d-FRA
content-length
8930
9c5660d54a9fbe085b58fa09c3d2ce7c.jpg
fmtu.slsltutu.com/upload/vod/20230406-1/
14 KB
14 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230406-1/9c5660d54a9fbe085b58fa09c3d2ce7c.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba19c2eefd03959f806a5f96820cbb3f52fe7f8204202396e974fba02d61291

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=32181
content-disposition
inline; filename="9c5660d54a9fbe085b58fa09c3d2ce7c.webp"
content-length
14318
cf-bgj
imgq:85,h2pri
last-modified
Thu, 06 Apr 2023 09:16:01 GMT
server
cloudflare
etag
"642e8dd1-7db5"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b212c7d-FRA
5.js
qtkim.com/template/m1938pc/ads/
1 KB
766 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/5.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
bb7fdadc1e199a8b77c0a0c4c7d87005e85c0f42b3fddebc58bffc2bc3e1a9e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Apr 2023 06:11:39 GMT
Server
Microsoft-IIS/7.5
ETag
"eac8dd11769d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
458
6.js
qtkim.com/template/m1938pc/ads/
466 B
691 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/6.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
33a56fc9d9887f031ca3df20bd7329d0320825ce257efc31a3874d963fc0912f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 10:44:27 GMT
Server
Microsoft-IIS/7.5
ETag
"a3e13b36212d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
383
0520e08a41bb738f85099cf6156571b1.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
75 KB
75 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/0520e08a41bb738f85099cf6156571b1.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da358d03aec86f53fff15abd6c608bc47463fc708801715ae8d658fdcb906a59

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1115
cf-polished
qual=85, origFmt=jpeg, origSize=106566
content-disposition
inline; filename="0520e08a41bb738f85099cf6156571b1.webp"
content-length
76594
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:17 GMT
server
cloudflare
etag
"64327a2d-1a046"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b222c7d-FRA
f6fe4edbeb2eaabf7573fd8dbf8d8b18.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
42 KB
42 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/f6fe4edbeb2eaabf7573fd8dbf8d8b18.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b32cdb4acbee1bd9385774a6437ad140cc7f65af637155bb02d8b38f35d69877

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1115
cf-polished
status=not_needed
content-length
42507
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:20 GMT
server
cloudflare
etag
"64327a30-a60b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b232c7d-FRA
3acd84ec9be172c7ea93b9bc5f8eb82e.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
28 KB
28 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/3acd84ec9be172c7ea93b9bc5f8eb82e.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7363e673e5fd258cc5f96ab5669e5bae7090728bccd126d739aaa52bf0b687

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=39240
content-disposition
inline; filename="3acd84ec9be172c7ea93b9bc5f8eb82e.webp"
content-length
28512
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:24 GMT
server
cloudflare
etag
"64327a34-9948"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b242c7d-FRA
215176d46eb4bef9e809428952752763.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
62 KB
62 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/215176d46eb4bef9e809428952752763.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d22af37c3a6e00c8764ecf4556714164d3fe7fe53ec7b39065f4785b6cbe14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1114
cf-polished
degrade=85, origSize=99475, status=webp_bigger
content-length
63536
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:24 GMT
server
cloudflare
etag
"64327a34-18493"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b252c7d-FRA
fde25f5b14f6fd63c045ad363694f60e.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
76 KB
76 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/fde25f5b14f6fd63c045ad363694f60e.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e53ffa3a6bf0516732e427b7076d9ad40973820b852237f0372b805b712ded

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1114
cf-polished
status=not_needed
content-length
77368
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:28 GMT
server
cloudflare
etag
"64327a38-12e38"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b262c7d-FRA
21f2b30f5cc0a1c7101900a57467fe57.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
63 KB
63 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/21f2b30f5cc0a1c7101900a57467fe57.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6403db57159abd5cdf1055f22030b1ea4368ae26898ccca76729d809aa11fc1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1114
cf-polished
status=not_needed
content-length
64103
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:28 GMT
server
cloudflare
etag
"64327a38-fa67"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b292c7d-FRA
7.js
qtkim.com/template/m1938pc/ads/
466 B
691 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/7.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
33a56fc9d9887f031ca3df20bd7329d0320825ce257efc31a3874d963fc0912f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 10:44:27 GMT
Server
Microsoft-IIS/7.5
ETag
"a3e13b36212d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
383
8.js
qtkim.com/template/m1938pc/ads/
466 B
691 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/8.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
33a56fc9d9887f031ca3df20bd7329d0320825ce257efc31a3874d963fc0912f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 10:44:27 GMT
Server
Microsoft-IIS/7.5
ETag
"a3e13b36212d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
383
9817bec03ed03962752c7c3049724131.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
103 KB
104 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/9817bec03ed03962752c7c3049724131.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88cc823678cfeea799a86201d2a876beab44cd96b42b7c3a12622755585345e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1115
cf-polished
status=not_needed
content-length
105829
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:17 GMT
server
cloudflare
etag
"64327a2d-19d65"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b2a2c7d-FRA
6f62fab702b92aa8c2d3a407c585674b.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
94 KB
94 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/6f62fab702b92aa8c2d3a407c585674b.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697624e2452dfb2e1f356c96145acaa8a883e1005421e06410534a583c29bbc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1115
cf-polished
status=not_needed
content-length
96371
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:20 GMT
server
cloudflare
etag
"64327a30-17873"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b644b2b2c7d-FRA
8a749defe964133ff639255a435f26ef.jpg
img.img1yutu.com/upload/vod/20230327-1/
48 KB
48 KB
Image
General
Full URL
https://img.img1yutu.com:3451/upload/vod/20230327-1/8a749defe964133ff639255a435f26ef.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.2.211.99 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
9eb5f8e7c0682f99c5a3515e8c78c56b29ea2a3ed01d493c747fc6fcfcc12b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 29 Mar 2023 22:22:26 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Mon, 27 Mar 2023 13:22:59 GMT
Server
nginx
ETag
"642198b3-bebe"
Transfer-Encoding
chunked
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
max-age=3199842
Connection
keep-alive
Expires
Fri, 28 Apr 2023 22:22:26 GMT
c1ef07b0970a1444f36abdae5021e415.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
54 KB
54 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/c1ef07b0970a1444f36abdae5021e415.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
600f321cda3384391d29bb06d73b7956103a77e3561ff74f79ecb14943b68868

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
1114
cf-polished
status=not_needed
content-length
54865
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:24 GMT
server
cloudflare
etag
"64327a34-d651"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b646b3a2c7d-FRA
e5f8541632f21a1e01ad9eebfbb89094.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
19 KB
19 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/e5f8541632f21a1e01ad9eebfbb89094.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
530beca9dbb2ebee68a855e03b630776ab9427e12064319e91eee09bd3cc7d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
3204
cf-polished
qual=85, origFmt=jpeg, origSize=30159
content-disposition
inline; filename="e5f8541632f21a1e01ad9eebfbb89094.webp"
content-length
19518
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:24 GMT
server
cloudflare
etag
"64327a34-75cf"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b646b3c2c7d-FRA
5bd1fbb57bc1a3fda175b70fcb69e294.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
132 KB
132 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/5bd1fbb57bc1a3fda175b70fcb69e294.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5233c813b4ed4506afe1a2eacd175ba1e0011517cc36ded1d3937a21fb015212

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:35 GMT
server
cloudflare
cf-polished
degrade=85, origSize=196605, status=webp_bigger
etag
"64327a3f-2fffd"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b646b3d2c7d-FRA
content-length
135307
9.js
qtkim.com/template/m1938pc/ads/
466 B
691 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/9.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
33a56fc9d9887f031ca3df20bd7329d0320825ce257efc31a3874d963fc0912f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 10:44:27 GMT
Server
Microsoft-IIS/7.5
ETag
"a3e13b36212d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
383
10.js
qtkim.com/template/m1938pc/ads/
466 B
691 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/10.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
33a56fc9d9887f031ca3df20bd7329d0320825ce257efc31a3874d963fc0912f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:01 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Jan 2022 10:44:27 GMT
Server
Microsoft-IIS/7.5
ETag
"a3e13b36212d81:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
383
6d57d5b022a8fc24eef78980c0d1d56e.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
67 KB
68 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/6d57d5b022a8fc24eef78980c0d1d56e.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c162e1634eb19f78baf435d33ae5b7cb5f9bd19c7de5e2fb060310dbe26623e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:42:16 GMT
server
cloudflare
cf-polished
degrade=85, origSize=139674, status=webp_bigger
etag
"64327a68-2219a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b646b3f2c7d-FRA
content-length
68882
82eaa751fc442d3a0c00a8a811b7ce55.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
64 KB
64 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/82eaa751fc442d3a0c00a8a811b7ce55.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb9ee32f7176fc9dd8e452ec81ccaabbe14aae833f102cfda6b98d8a35a4046d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=126746
content-disposition
inline; filename="82eaa751fc442d3a0c00a8a811b7ce55.webp"
content-length
65032
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:17 GMT
server
cloudflare
etag
"64327a2d-1ef1a"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b646b402c7d-FRA
31168d127085bee6df82f331e0291613.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
70 KB
71 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/31168d127085bee6df82f331e0291613.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5c2ec852109197eb492dec42a07d68e7b762cfc2896e13ec6d49691946ef004

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:17 GMT
server
cloudflare
cf-polished
degrade=85, origSize=145274, status=webp_bigger
etag
"64327a2d-2377a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b646b412c7d-FRA
content-length
72028
45ea42415bc135579c9aedddfdf90e27.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
30 KB
30 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/45ea42415bc135579c9aedddfdf90e27.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5c9273fa6cf6f4702cecceaf31deaebe3ef449b2559fce99107e67a3c6eb489

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=44976
content-disposition
inline; filename="45ea42415bc135579c9aedddfdf90e27.webp"
content-length
30930
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:17 GMT
server
cloudflare
etag
"64327a2d-afb0"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b646b422c7d-FRA
03c2848829c124c55ea4fca57117f9c8.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
54 KB
54 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/03c2848829c124c55ea4fca57117f9c8.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26916b603722e808b344948c4935c0922a99e48577ee1d23b6331f9e668ab9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:16 GMT
server
cloudflare
cf-polished
degrade=85, origSize=113827, status=webp_bigger
etag
"64327a2c-1bca3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b646b432c7d-FRA
content-length
55448
6dbf5b78c8cdc2c8753623ea99cbbea3.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
31 KB
31 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/6dbf5b78c8cdc2c8753623ea99cbbea3.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abac72e4539402561ee7eeee839f197af81f458b453ce4d366b2539d1e2e0591

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:01 GMT
cf-cache-status
HIT
age
2348
cf-polished
qual=85, origFmt=jpeg, origSize=32798
content-disposition
inline; filename="6dbf5b78c8cdc2c8753623ea99cbbea3.webp"
content-length
31842
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:20 GMT
server
cloudflare
etag
"64327a30-801e"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b646b442c7d-FRA
a395e4e1677fe141904a623153dc7f76.jpg
fmtu.slsltutu.com/upload/vod/20230409-1/
101 KB
101 KB
Image
General
Full URL
https://fmtu.slsltutu.com/upload/vod/20230409-1/a395e4e1677fe141904a623153dc7f76.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f51f86e9efe73e57aa4eb806c5b09be5075a092c22573f73aafd21bee0adc9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Sun, 09 Apr 2023 08:41:17 GMT
server
cloudflare
cf-polished
status=not_needed
etag
"64327a2d-192cc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b665b646b462c7d-FRA
content-length
103116
xx3.js
qtkim.com/template/m1938pc/ads/
525 B
627 B
Script
General
Full URL
http://qtkim.com/template/m1938pc/ads/xx3.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
2bd17db7127ebb199560ae06e14f0f3c3d3455288e1579f854351111b6cbcece

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 May 2021 11:53:25 GMT
Server
Microsoft-IIS/7.5
ETag
"50fa9268dc4bd71:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
318
75618fc6d1564711ac361a41859967aa.gif
aaaaa855.com/
973 KB
973 KB
Image
General
Full URL
https://aaaaa855.com/75618fc6d1564711ac361a41859967aa.gif
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.120 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
a5359528bfb225ae197aaab25ce48cea04a72aab1547ed31ca79cbb9035ea719

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 09 Apr 2023 13:19:02 GMT
Last-Modified
Sun, 09 Apr 2023 08:01:17 GMT
Server
nginx
ETag
"643270cd-f3421"
X-Cache
HIT from cloud-us2-cdnb-20
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
996385
960x120.gif
595tuchuang.com/
181 KB
181 KB
Image
General
Full URL
https://595tuchuang.com/960x120.gif
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.232.54.164 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software
cdn /
Resource Hash
31d7984bc007f48066a4fe3115ef3cd90450fa65349034eb9eaffcf7cf223e69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:03 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Sun, 29 Jan 2023 15:25:24 GMT
Server
cdn
ETag
"63d68fe4-2d29f"
X-Cache-Status
HIT
Content-Type
image/gif
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
184991
Expires
Sun, 07 May 2023 07:07:48 GMT
960x100.gif
8499223.com/8499/zzxx/
468 KB
468 KB
Image
General
Full URL
https://8499223.com/8499/zzxx/960x100.gif
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.247.50.244 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
qq.com /
Resource Hash
af1a7ed89fa356285f747cd80c8d7d33b980066a02051706c41083edd567414d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:04 GMT
last-modified
Sat, 24 Dec 2022 13:23:32 GMT
server
qq.com
etag
"74f3c-5f092cf09552f"
x-cache-status
HIT
content-type
image/gif
accept-ranges
bytes
content-length
479036
960x60ns.gif
cdn.jsjsjs.xyz/happy/newyear/kongkong/
397 KB
398 KB
Image
General
Full URL
https://cdn.jsjsjs.xyz/happy/newyear/kongkong/960x60ns.gif
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3f2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2214705
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
406419
last-modified
Wed, 16 Feb 2022 13:39:39 GMT
server
cloudflare
etag
"620cfe9b-63393"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJikdKXcZpG1iehieBcCgurqgSjrdP8fSwPPf4yrE3s1rjQ7%2Ft31xjMfqVtFopBcOy3bePFxJldS5vgrKphOzKEwCfM7DkmOWIysKSzSoyMzhK2joB45AypG8CNzEqD%2B0Q7zxUeMgczo6PtOOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7b665b69ca8292b4-FRA
expires
Sun, 16 Apr 2023 06:23:17 GMT
960.gif
qtkim.com/template/m1938pc/ads/
59 KB
60 KB
Image
General
Full URL
http://qtkim.com/template/m1938pc/ads/960.gif
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
29d43e039e0df4f0634dea759be37678ca9e46ac0f6f8db889f6f65fefa8f48d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:00 GMT
Last-Modified
Sat, 14 Aug 2021 03:18:46 GMT
Server
Microsoft-IIS/7.5
ETag
"e523f617bb90d71:0"
X-Powered-By
ASP.NET
Content-Type
image/gif
Accept-Ranges
bytes
Content-Length
60872
960X100.gif
img.thpitnx.cn/sejie/
196 KB
197 KB
Image
General
Full URL
https://img.thpitnx.cn/sejie/960X100.gif
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.211.69.60 , Hong Kong, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
7ca848ef09b6f0503ec6249dc1cbb8ab6ebec89007a7c195cc779af39ef5c17a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:04 GMT
last-modified
Sun, 05 Feb 2023 06:46:10 GMT
server
NgxFence
etag
"63df50b2-310ec"
x-cache
HIT
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
200940
expires
Mon, 24 Apr 2023 08:18:19 GMT
21589015.js
js.users.51.la/
5 KB
3 KB
Script
General
Full URL
https://js.users.51.la/21589015.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/template/m1938pc/ads/xx2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
a2e49d7cb565f86ec79613c576b204df11d603036da5cde6de0225b5b9e99363

Request headers

Referer
http://qtkim.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 11 Apr 2023 21:35:02 GMT
Content-Encoding
gzip
Server
CloudWAF
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=360000
Access-Control-Allow-Credentials
true
Connection
keep-alive
21423705.js
js.users.51.la/
5 KB
3 KB
Script
General
Full URL
https://js.users.51.la/21423705.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/template/m1938pc/ads/xx2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
833f913011130028bf732f89a18a00993880b80232ea7878ad5480cc6a30337d

Request headers

Referer
http://qtkim.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 11 Apr 2023 21:35:02 GMT
Content-Encoding
gzip
Server
CloudWAF
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=360000
Access-Control-Allow-Credentials
true
Connection
keep-alive
21280315.js
js.users.51.la/
5 KB
3 KB
Script
General
Full URL
https://js.users.51.la/21280315.js
Requested by
Host: qtkim.com
URL: http://qtkim.com/template/m1938pc/ads/xx2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software
CloudWAF /
Resource Hash
eb65889e764d55de1eefa4dc0b6ed9bb9952d397d25dc991fdc514495054bb12

Request headers

Referer
http://qtkim.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 11 Apr 2023 21:35:02 GMT
Content-Encoding
gzip
Server
CloudWAF
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=360000
Access-Control-Allow-Credentials
true
Connection
keep-alive
zAxwCKkLnFjlaQ8.jpg
s2.loli.net/2022/05/21/
9 KB
10 KB
Image
General
Full URL
https://s2.loli.net/2022/05/21/zAxwCKkLnFjlaQ8.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/template/m1938pc/ads/xx2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9166
x-xss-protection
1; mode=block
last-modified
Sat, 21 May 2022 11:42:12 GMT
server
cloudflare
etag
"6288d014-23ce"
x-frame-options
SAMEORIGIN
vary
Accept, Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRpMzp0ACto8kdflqzX4%2F93NkcpkKMuRSh9sX3E8B%2F%2Fo4ABdLGWA2TRdsv8mjgKPC0PQMVRcQDIcU%2BQK2D9iic4BWuBelovlu3okhvk26iC0fheULbJimwX6Hr%2B%2BKkD%2FMfsrGch4ROJR"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b665b655a79923b-FRA
150x150.gif
8499223.com/8499/zzxx/
181 KB
181 KB
Image
General
Full URL
https://8499223.com/8499/zzxx/150x150.gif
Requested by
Host: qtkim.com
URL: http://qtkim.com/template/m1938pc/ads/xx2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.247.50.244 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
qq.com /
Resource Hash
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:04 GMT
last-modified
Wed, 28 Dec 2022 09:29:04 GMT
server
qq.com
etag
"2d353-5f0dfffdcb1c7"
x-cache-status
HIT
content-type
image/gif
accept-ranges
bytes
content-length
185171
200x200.gif
8499223.com/8499/
162 KB
163 KB
Image
General
Full URL
https://8499223.com/8499/200x200.gif
Requested by
Host: qtkim.com
URL: http://qtkim.com/template/m1938pc/ads/xx2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.247.50.244 , United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software
qq.com /
Resource Hash
269b7a6d667098e8db5611e861c2160879f65c0e234f8c515b60bda77995f121

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:04 GMT
last-modified
Sun, 08 Jan 2023 05:09:54 GMT
server
qq.com
etag
"28973-5f1b9a949cebf"
x-cache-status
HIT
content-type
image/gif
accept-ranges
bytes
content-length
166259
929320b1876943988a21a18a5e53cd6c.gif
aaaaa558.com/
36 KB
36 KB
Image
General
Full URL
https://aaaaa558.com/929320b1876943988a21a18a5e53cd6c.gif?proc=autoorient
Requested by
Host: qtkim.com
URL: http://qtkim.com/template/m1938pc/ads/xx2.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.221 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
8bf9b8be524042f91391fdca1299ba38a3572e1b8eff9a69a00ae4b6607f028e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 09 Apr 2023 13:48:21 GMT
Last-Modified
Sat, 08 Apr 2023 12:56:33 GMT
Server
nginx
ETag
"64316481-8e98"
X-Cache
HIT from cloud-us3-cdnb-21
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
36504
go1
ia.51.la/
0
73 B
Image
General
Full URL
http://ia.51.la/go1?id=21589015&rt=1681248902748&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1681248902748&tt=%25E6%2590%25BA%25E6%2589%258B%25E5%2590%258C%25E8%25A1%258C%25E5%2588%259B%25E6%259C%25AA%25E6%259D%25A5-%25E4%25BA%259A%25E6%25B4%25B2%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E8%25A7%2586%25E9%25A2%2591%25E5%259B%25BD%25E4%25BA%25A7%25E7%2589%2587%25E6%2597%25A5%25E4%25BA%25A7%25E7%2589%2587%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E5%258D%2588%25E5%25A4%259C%25E6%25AC%25A7%25E7%25BE%258EAAA%25E5%2585%258D%25E8%25B4%25B9%25E9%25AB%2598%25E6%25B8%2585%25E8%25A7%2586%25E9%25A2%2591%25E9%25BB%2584%25E8%2589%25B2%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%2580%25E7%25BA%25A7%25E8%25A7%2586%25E9%25A2%2591%2520%25E7%2589%2587%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E5%259C%25A8%25E7%25BA%25BF%25E6%25B0%25B8%25E4%25B9%2585%25E8%25A7%2586%25E9%25A2%258F91%25E6%258E%25A2%25E8%258A%25B1%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E5%2585%258D%25E8%25B4%25B9%25E5%259B%25BD%25E4%25BA%25A7%25E7%25BE%258E%25E5%25A5%25B3%25E4%25B8%258A%25E5%25BA%258A%25E5%25A4%25A7%25E7%2589%2587%25E5%259B%25BD%25E4%25BA%25A7%25E7%25A6%258F%25E5%2588%25A9%25E7%2589%2587%25E4%25BA%259A%25E6%25B4%25B2%2520%25E5%2585%258D%25E8%25B4%25B9%2520%25E5%259B%25BD%25E4%25BA%25A7%2520%25E7%25BD%2591%25E7%25AB%2599-%25E8%2580%2581%25E5%258F%25B8%25E6%259C%25BA%25E7%25A6%258F%25E5%2588%25A9%25E7%25BD%2591%252C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E3%2580%2581%25E6%259C%2580%25E5%2585%25A8%25E7%259A%2584%25E7%25A6%258F%25E5%2588%25A9%25E6%2594%25B6%25E9%259B%2586%25E7%25AB%2599%25E7%2582%25B9%252C%25E5%25AE%2585%25E7%2594%25B7%25E5%25BF%2585%25E5%25A4%2587%25E7%25A6%258F%25E5%2588%25A9%25E3%2580%2582%25E4%25BB%258A%25E6%2597%25A5%25E7%25A6%258F%25E5%2588%25A9%25E7%25BD%2591-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%25E3%2580%2581%25E5%259B%25BD%25E4%25BA%25A7%25E8%25A7%2586%25E9%25A2%2591%25E3%2580%2581%25E6%2597%25A0%25E7%25A0%2581%25E8%25A7%2586%25E9%25A2%2591%25E3%2580%2581%25E9%25AB%2598%25E6%25B8%2585AV%25E3%2580%2581%25E6%2597%25A5%25E6%259C%25ACAV%25E3%2580%2581%25E6%259B%25B4%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25EF%25BC%258C%25E7%25BA%25BF%25E4%25B8%258A%25E5%2585%258D%25E8%25B4%25B9%25E7%259C%258B%25EF%25BC%258C%25E5%2585%25A8%25E7%25AB%2599%25E5%2585%258D%25E8%25B4%25B9%25EF%25BC%258C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%25EF%25BC%2581%25E5%258F%25AF%25E4%25B8%258B%25E8%25BD%25BD%25EF%25BC%2581&kw=&cu=http%253A%252F%252Fqtkim.com%252F&pu=
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
112.90.153.37 , China, ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:03 GMT
Content-Length
0
go1
ia.51.la/
0
73 B
Image
General
Full URL
http://ia.51.la/go1?id=21423705&rt=1681248902775&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=2&ekc=&sid=1681248902775&tt=%25E6%2590%25BA%25E6%2589%258B%25E5%2590%258C%25E8%25A1%258C%25E5%2588%259B%25E6%259C%25AA%25E6%259D%25A5-%25E4%25BA%259A%25E6%25B4%25B2%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E8%25A7%2586%25E9%25A2%2591%25E5%259B%25BD%25E4%25BA%25A7%25E7%2589%2587%25E6%2597%25A5%25E4%25BA%25A7%25E7%2589%2587%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E5%258D%2588%25E5%25A4%259C%25E6%25AC%25A7%25E7%25BE%258EAAA%25E5%2585%258D%25E8%25B4%25B9%25E9%25AB%2598%25E6%25B8%2585%25E8%25A7%2586%25E9%25A2%2591%25E9%25BB%2584%25E8%2589%25B2%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%2580%25E7%25BA%25A7%25E8%25A7%2586%25E9%25A2%2591%2520%25E7%2589%2587%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E5%259C%25A8%25E7%25BA%25BF%25E6%25B0%25B8%25E4%25B9%2585%25E8%25A7%2586%25E9%25A2%258F91%25E6%258E%25A2%25E8%258A%25B1%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E5%2585%258D%25E8%25B4%25B9%25E5%259B%25BD%25E4%25BA%25A7%25E7%25BE%258E%25E5%25A5%25B3%25E4%25B8%258A%25E5%25BA%258A%25E5%25A4%25A7%25E7%2589%2587%25E5%259B%25BD%25E4%25BA%25A7%25E7%25A6%258F%25E5%2588%25A9%25E7%2589%2587%25E4%25BA%259A%25E6%25B4%25B2%2520%25E5%2585%258D%25E8%25B4%25B9%2520%25E5%259B%25BD%25E4%25BA%25A7%2520%25E7%25BD%2591%25E7%25AB%2599-%25E8%2580%2581%25E5%258F%25B8%25E6%259C%25BA%25E7%25A6%258F%25E5%2588%25A9%25E7%25BD%2591%252C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E3%2580%2581%25E6%259C%2580%25E5%2585%25A8%25E7%259A%2584%25E7%25A6%258F%25E5%2588%25A9%25E6%2594%25B6%25E9%259B%2586%25E7%25AB%2599%25E7%2582%25B9%252C%25E5%25AE%2585%25E7%2594%25B7%25E5%25BF%2585%25E5%25A4%2587%25E7%25A6%258F%25E5%2588%25A9%25E3%2580%2582%25E4%25BB%258A%25E6%2597%25A5%25E7%25A6%258F%25E5%2588%25A9%25E7%25BD%2591-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%25E3%2580%2581%25E5%259B%25BD%25E4%25BA%25A7%25E8%25A7%2586%25E9%25A2%2591%25E3%2580%2581%25E6%2597%25A0%25E7%25A0%2581%25E8%25A7%2586%25E9%25A2%2591%25E3%2580%2581%25E9%25AB%2598%25E6%25B8%2585AV%25E3%2580%2581%25E6%2597%25A5%25E6%259C%25ACAV%25E3%2580%2581%25E6%259B%25B4%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25EF%25BC%258C%25E7%25BA%25BF%25E4%25B8%258A%25E5%2585%258D%25E8%25B4%25B9%25E7%259C%258B%25EF%25BC%258C%25E5%2585%25A8%25E7%25AB%2599%25E5%2585%258D%25E8%25B4%25B9%25EF%25BC%258C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%25EF%25BC%2581%25E5%258F%25AF%25E4%25B8%258B%25E8%25BD%25BD%25EF%25BC%2581&kw=&cu=http%253A%252F%252Fqtkim.com%252F&pu=
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
112.90.153.37 , China, ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:05 GMT
Content-Length
0
go1
ia.51.la/
0
73 B
Image
General
Full URL
http://ia.51.la/go1?id=21280315&rt=1681248902787&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=3&ekc=&sid=1681248902787&tt=%25E6%2590%25BA%25E6%2589%258B%25E5%2590%258C%25E8%25A1%258C%25E5%2588%259B%25E6%259C%25AA%25E6%259D%25A5-%25E4%25BA%259A%25E6%25B4%25B2%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E8%25A7%2586%25E9%25A2%2591%25E5%259B%25BD%25E4%25BA%25A7%25E7%2589%2587%25E6%2597%25A5%25E4%25BA%25A7%25E7%2589%2587%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E5%258D%2588%25E5%25A4%259C%25E6%25AC%25A7%25E7%25BE%258EAAA%25E5%2585%258D%25E8%25B4%25B9%25E9%25AB%2598%25E6%25B8%2585%25E8%25A7%2586%25E9%25A2%2591%25E9%25BB%2584%25E8%2589%25B2%25E5%2585%258D%25E8%25B4%25B9%25E4%25B8%2580%25E7%25BA%25A7%25E8%25A7%2586%25E9%25A2%2591%2520%25E7%2589%2587%25E4%25B8%25AD%25E6%2596%2587%25E5%25AD%2597%25E5%25B9%2595%25E5%259C%25A8%25E7%25BA%25BF%25E6%25B0%25B8%25E4%25B9%2585%25E8%25A7%2586%25E9%25A2%258F91%25E6%258E%25A2%25E8%258A%25B1%25E7%25B2%25BE%25E5%2593%2581%25E4%25B8%2580%25E5%258C%25BA%25E4%25BA%258C%25E5%258C%25BA%25E4%25B9%2585%25E4%25B9%2585%25E5%2585%258D%25E8%25B4%25B9%25E5%259B%25BD%25E4%25BA%25A7%25E7%25BE%258E%25E5%25A5%25B3%25E4%25B8%258A%25E5%25BA%258A%25E5%25A4%25A7%25E7%2589%2587%25E5%259B%25BD%25E4%25BA%25A7%25E7%25A6%258F%25E5%2588%25A9%25E7%2589%2587%25E4%25BA%259A%25E6%25B4%25B2%2520%25E5%2585%258D%25E8%25B4%25B9%2520%25E5%259B%25BD%25E4%25BA%25A7%2520%25E7%25BD%2591%25E7%25AB%2599-%25E8%2580%2581%25E5%258F%25B8%25E6%259C%25BA%25E7%25A6%258F%25E5%2588%25A9%25E7%25BD%2591%252C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E3%2580%2581%25E6%259C%2580%25E5%2585%25A8%25E7%259A%2584%25E7%25A6%258F%25E5%2588%25A9%25E6%2594%25B6%25E9%259B%2586%25E7%25AB%2599%25E7%2582%25B9%252C%25E5%25AE%2585%25E7%2594%25B7%25E5%25BF%2585%25E5%25A4%2587%25E7%25A6%258F%25E5%2588%25A9%25E3%2580%2582%25E4%25BB%258A%25E6%2597%25A5%25E7%25A6%258F%25E5%2588%25A9%25E7%25BD%2591-%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%25E3%2580%2581%25E5%259B%25BD%25E4%25BA%25A7%25E8%25A7%2586%25E9%25A2%2591%25E3%2580%2581%25E6%2597%25A0%25E7%25A0%2581%25E8%25A7%2586%25E9%25A2%2591%25E3%2580%2581%25E9%25AB%2598%25E6%25B8%2585AV%25E3%2580%2581%25E6%2597%25A5%25E6%259C%25ACAV%25E3%2580%2581%25E6%259B%25B4%25E6%2596%25B0%25E6%259C%2580%25E5%25BF%25AB%25EF%25BC%258C%25E7%25BA%25BF%25E4%25B8%258A%25E5%2585%258D%25E8%25B4%25B9%25E7%259C%258B%25EF%25BC%258C%25E5%2585%25A8%25E7%25AB%2599%25E5%2585%258D%25E8%25B4%25B9%25EF%25BC%258C%25E5%2585%258D%25E8%25B4%25B9%25E8%25A7%2586%25E9%25A2%2591%25EF%25BC%2581%25E5%258F%25AF%25E4%25B8%258B%25E8%25BD%25BD%25EF%25BC%2581&kw=&cu=http%253A%252F%252Fqtkim.com%252F&pu=
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
112.90.153.37 , China, ASN136959 (UNICOM-FUOSHAN-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:03 GMT
Content-Length
0
0404769d5b3849a8ac21da79229eb704.gif
aaaaa886.com/
50 KB
50 KB
Image
General
Full URL
https://aaaaa886.com/0404769d5b3849a8ac21da79229eb704.gif
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.61.212.57 , United States, ASN53587 (AZT, US),
Reverse DNS
Software
nginx /
Resource Hash
2137654dce24b8143abc154e5516724c1bb71e74b2b19af934c717a8d6e666f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Sun, 09 Apr 2023 13:48:22 GMT
Last-Modified
Sun, 09 Apr 2023 08:02:46 GMT
Server
nginx
ETag
"64327126-c81c"
X-Cache
HIT from cloud-us1-cdnb-27
Content-Type
image/gif
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
51228
250.jpg
qtkim.com/template/m1938pc/ads/
10 KB
10 KB
Image
General
Full URL
http://qtkim.com/template/m1938pc/ads/250.jpg
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
f4d801270849b07afcd669e23ec87117c0109a50b2233635ad5c708969382cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:01 GMT
Last-Modified
Tue, 13 Apr 2021 06:51:16 GMT
Server
Microsoft-IIS/7.5
ETag
"430eb663130d71:0"
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
10437
240X140.gif
img.thpitnx.cn/sejie/
192 KB
193 KB
Image
General
Full URL
https://img.thpitnx.cn/sejie/240X140.gif
Requested by
Host: qtkim.com
URL: http://qtkim.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.211.69.60 , Hong Kong, ASN399077 (TERAEXCH, US),
Reverse DNS
Software
NgxFence /
Resource Hash
0b436d6ccea4616868260b3f3aeed11e4eabae6865a714874d02e4984041702c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Tue, 11 Apr 2023 21:35:04 GMT
last-modified
Sun, 05 Feb 2023 06:46:01 GMT
server
NgxFence
etag
"63df50a9-301fd"
x-cache
HIT
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
197117
expires
Mon, 24 Apr 2023 08:17:15 GMT
video-mask.png
qtkim.com/template/m1938pc/images/
107 B
353 B
Image
General
Full URL
http://qtkim.com/template/m1938pc/images/video-mask.png
Requested by
Host: qtkim.com
URL: http://qtkim.com/template/m1938pc/css/zui.css
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/template/m1938pc/css/zui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:01 GMT
Last-Modified
Tue, 04 Jan 2022 15:14:22 GMT
Server
Microsoft-IIS/7.5
ETag
"a4c086c07d1d81:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
107
video-play.png
qtkim.com/template/m1938pc/images/
2 KB
2 KB
Image
General
Full URL
http://qtkim.com/template/m1938pc/images/video-play.png
Requested by
Host: qtkim.com
URL: http://qtkim.com/template/m1938pc/css/zui.css
Protocol
HTTP/1.1
Server
102.134.33.38 , South Africa, ASN328543 (sun-asn, SC),
Reverse DNS
griffin.studyingmannerism.co.uk
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://qtkim.com/template/m1938pc/css/zui.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Tue, 11 Apr 2023 21:35:01 GMT
Last-Modified
Tue, 04 Jan 2022 15:14:21 GMT
Server
Microsoft-IIS/7.5
ETag
"744b86c07d1d81:0"
X-Powered-By
ASP.NET
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1567

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| url string| img

5 Cookies

Domain/Path Name / Value
qtkim.com/ Name: __tins__21589015
Value: %7B%22sid%22%3A%201681248902748%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201681250702748%7D
qtkim.com/ Name: __51cke__
Value:
qtkim.com/ Name: __tins__21423705
Value: %7B%22sid%22%3A%201681248902775%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201681250702775%7D
qtkim.com/ Name: __tins__21280315
Value: %7B%22sid%22%3A%201681248902787%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201681250702787%7D
qtkim.com/ Name: __51laig__
Value: 3

7 Console Messages

Source Level URL
Text
network error URL: http://qtkim.com/static/js/jquery11.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://qtkim.com/template/m1938pc/html9/ad/sxxf9.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://qtkim.com/template/pgysvip/js/tj.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: http://qtkim.com/template/m1938pc/ads/xx2.js(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21589015.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://qtkim.com/template/m1938pc/ads/xx2.js(Line 3)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21589015.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://qtkim.com/template/m1938pc/ads/xx2.js(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21423705.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://qtkim.com/template/m1938pc/ads/xx2.js(Line 8)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21280315.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

595tuchuang.com
8499223.com
aaaaa558.com
aaaaa855.com
aaaaa886.com
cdn.jsjsjs.xyz
fmtu.slsltutu.com
ia.51.la
img.img1yutu.com
img.thpitnx.cn
js.users.51.la
qtkim.com
s2.loli.net
102.134.33.38
103.143.19.103
112.90.153.37
120.232.54.164
154.211.69.60
172.247.50.244
198.2.211.99
2606:4700:10::ac43:8ab
2606:4700:20::681a:1be
2606:4700:3035::6815:3f2a
45.61.212.120
45.61.212.221
45.61.212.57
05e53ffa3a6bf0516732e427b7076d9ad40973820b852237f0372b805b712ded
0771b56b41756cac35fd1b9f5486359b59c9be10f2673f68cd97b25c839c47f7
0b436d6ccea4616868260b3f3aeed11e4eabae6865a714874d02e4984041702c
119bff063d1d402fdf6e48bc7e681d48aabfb9bc65378dfcf64a8845ec3fceef
1233d0d35bb923275fd475808abb34554ee4bc0afe3adc31f2096e13daad6287
199f92e835a7f57d7ae461a7fa3cb2a3e2810c9271bbbba0ddc54cbf25609f33
2137654dce24b8143abc154e5516724c1bb71e74b2b19af934c717a8d6e666f5
26916b603722e808b344948c4935c0922a99e48577ee1d23b6331f9e668ab9c6
269b7a6d667098e8db5611e861c2160879f65c0e234f8c515b60bda77995f121
29d43e039e0df4f0634dea759be37678ca9e46ac0f6f8db889f6f65fefa8f48d
2bd17db7127ebb199560ae06e14f0f3c3d3455288e1579f854351111b6cbcece
2c35cf1ee09525a8232a8afa44814996af1d36af5734c0663e707b2bcfc278ed
31d7984bc007f48066a4fe3115ef3cd90450fa65349034eb9eaffcf7cf223e69
321cb2617b9399c60d8f5fe163363faab0f872f5c88646ce900d17604817a1a0
3307ac2d9b16148f210070834055add1db4b8e0fd046fa3045ef1d9eee64cdd4
33a56fc9d9887f031ca3df20bd7329d0320825ce257efc31a3874d963fc0912f
35ede3c11832a2e4f6562a484535420d010601981e3b07fdc271f160b0a81507
4c162e1634eb19f78baf435d33ae5b7cb5f9bd19c7de5e2fb060310dbe26623e
5233c813b4ed4506afe1a2eacd175ba1e0011517cc36ded1d3937a21fb015212
530beca9dbb2ebee68a855e03b630776ab9427e12064319e91eee09bd3cc7d98
600f321cda3384391d29bb06d73b7956103a77e3561ff74f79ecb14943b68868
6403db57159abd5cdf1055f22030b1ea4368ae26898ccca76729d809aa11fc1c
6520e5203006d7c96579084735f54bddf45cc83e8ca6dc07d7903752ef20d1cb
697624e2452dfb2e1f356c96145acaa8a883e1005421e06410534a583c29bbc6
69c0556600c32292e0f8e0b229a1bf45a74a79f184e881efa18f8f6a615341a4
6f51f86e9efe73e57aa4eb806c5b09be5075a092c22573f73aafd21bee0adc9f
7ab11a72dc867ddc141839e11a54584e9cec6000ec57dc9c9d42bee0a8339ced
7ca848ef09b6f0503ec6249dc1cbb8ab6ebec89007a7c195cc779af39ef5c17a
833f913011130028bf732f89a18a00993880b80232ea7878ad5480cc6a30337d
88cc823678cfeea799a86201d2a876beab44cd96b42b7c3a12622755585345e0
8bf9b8be524042f91391fdca1299ba38a3572e1b8eff9a69a00ae4b6607f028e
9ba19c2eefd03959f806a5f96820cbb3f52fe7f8204202396e974fba02d61291
9d22af37c3a6e00c8764ecf4556714164d3fe7fe53ec7b39065f4785b6cbe14d
9eb5f8e7c0682f99c5a3515e8c78c56b29ea2a3ed01d493c747fc6fcfcc12b7a
9ec1f5e3b8d90ede44dc32ffd3cb7fd61f8cfc6fdef9d90d14acfbbd3df34318
a2e49d7cb565f86ec79613c576b204df11d603036da5cde6de0225b5b9e99363
a5359528bfb225ae197aaab25ce48cea04a72aab1547ed31ca79cbb9035ea719
abac72e4539402561ee7eeee839f197af81f458b453ce4d366b2539d1e2e0591
af0e248de25efb22e6edd4e1453e686154b00ce5039f94dceb2684a332ddad0e
af1a7ed89fa356285f747cd80c8d7d33b980066a02051706c41083edd567414d
b2e1235651b1e3335d325cc40542cc55ed323f88d123a1ecf2356a9a9d77bc4d
b32cdb4acbee1bd9385774a6437ad140cc7f65af637155bb02d8b38f35d69877
b3a0cf18bec9a4f9fe07df105b4cf7bfbc3195004fbf61d38249358b0b1d304b
b598b43d79deb8718edd77307e4b987633cae470d56f5ea62b31eacca93f130a
b5c2ec852109197eb492dec42a07d68e7b762cfc2896e13ec6d49691946ef004
bb7fdadc1e199a8b77c0a0c4c7d87005e85c0f42b3fddebc58bffc2bc3e1a9e3
bc7363e673e5fd258cc5f96ab5669e5bae7090728bccd126d739aaa52bf0b687
c5cccd6963a416be09c8bbed2923ba76d67bb868512ff7f080b621450a54b274
c9b6925bdd64dab63151c3106347fefb8c500d87ac3d87d9a82e9a1c561233aa
c9c43ad7c33cc49731c0191848705d9a45c454a70ddc62663033c2456177e10d
cbad06b58f97516faa5f745d4e09716b5db3f134d5b4644b159681aa24909dd4
d17445981d52307060fa310f5f8f65374519035ce0e13a4bfd148c02bc450d28
d895b40c46b008286e56985791cd2ecf6dedcff2eda05ce3bfe850b6d31276a4
d90a559fe13193e019e3a8c766ad5552d010799b3a60d632a0ade6510d9853cc
da358d03aec86f53fff15abd6c608bc47463fc708801715ae8d658fdcb906a59
db9ef7b6509b59999cff168f0c76dd18b869c8cb4c8253ca4d74c75d606a4ca4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c9273fa6cf6f4702cecceaf31deaebe3ef449b2559fce99107e67a3c6eb489
e98fa8f620146ff0ff75e0352c9704b0ff9de7cad0349b3ebf63d43f8409c322
eb65889e764d55de1eefa4dc0b6ed9bb9952d397d25dc991fdc514495054bb12
ed6ab754eed453b1df295b34c39d9208f7642949cfdc02cf067300c19817afdd
f2a90cd5dc7116053e680cba110de357e387a8bd1ace7290b947a354c5f29708
f38ca4ec01fb9dd96454251a2f6d07247080467276d81e32d8cca8806b93e3fa
f4d801270849b07afcd669e23ec87117c0109a50b2233635ad5c708969382cdc
fb9ee32f7176fc9dd8e452ec81ccaabbe14aae833f102cfda6b98d8a35a4046d