Submitted URL: https://j249cn3.com/
Effective URL: https://kg09ut5.com/main
Submission: On November 09 via api from BE — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 49 HTTP transactions. The main IP is 2606:4700::6812:1a84, located in United States and belongs to CLOUDFLARENET, US. The main domain is kg09ut5.com.
TLS certificate: Issued by WE1 on November 8th 2024. Valid for: 3 months.
This is the only time kg09ut5.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2606:4700::68... 13335 (CLOUDFLAR...)
11 104.18.26.132 13335 (CLOUDFLAR...)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 2 104.18.95.41 13335 (CLOUDFLAR...)
15 104.18.27.132 13335 (CLOUDFLAR...)
4 104.18.26.31 13335 (CLOUDFLAR...)
49 7
Apex Domain
Subdomains
Transfer
22 kg09ut5.com
kg09ut5.com
1 MB
19 j249cn3.com
j249cn3.com
263 KB
4 n-t-v-w.com
api.n-t-v-w.com
832 B
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
challenges.cloudflare.com — Cisco Umbrella Rank: 3443
98 KB
49 4
Domain Requested by
22 kg09ut5.com j249cn3.com
kg09ut5.com
19 j249cn3.com j249cn3.com
4 api.n-t-v-w.com kg09ut5.com
2 challenges.cloudflare.com 1 redirects kg09ut5.com
2 cdnjs.cloudflare.com kg09ut5.com
cdnjs.cloudflare.com
49 5

This site contains no links.

Subject Issuer Validity Valid
j249cn3.com
WE1
2024-11-05 -
2025-02-03
3 months crt.sh
kg09ut5.com
WE1
2024-11-08 -
2025-02-06
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
n-t-v-w.com
WE1
2024-11-03 -
2025-02-01
3 months crt.sh

This page contains 1 frames:

Primary Page: https://kg09ut5.com/main
Frame ID: B9645AB52EA1114B239572DF0A2B6743
Requests: 46 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://j249cn3.com/ Page URL
  2. https://kg09ut5.com/main Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

49
Requests

96 %
HTTPS

17 %
IPv6

4
Domains

5
Subdomains

7
IPs

2
Countries

1778 kB
Transfer

4687 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://j249cn3.com/ Page URL
  2. https://kg09ut5.com/main Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
j249cn3.com/
5 KB
3 KB
Document
General
Full URL
https://j249cn3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Nuxt
Resource Hash
3dcaffebdddc53bff7b9bed07fbe2773f5c3b6022dd34af37cb2c20da234f9ae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
8dfbb9facc624d54-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Sat, 09 Nov 2024 06:25:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wHn1sGIzoUBVWKugs%2FQgZJobluJjOL39WWmWZIFyJNca6KzRiDKhNnxd%2B35u%2FLNzqwWsqw1DUvwIQy63yerW2qAjuhT2fH6IMOtMHyp%2FFxYMs5C8qpJH52qUr%2FH1BSO0edFC0XkvrI4Nfg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=14448&sent=9&recv=13&lost=0&retrans=1&sent_bytes=4030&recv_bytes=2310&delivery_rate=335518&cwnd=254&unsent_bytes=0&cid=150830ebda7efccf&ts=455&x=0"
vary
Accept-Encoding
x-powered-by
Nuxt
Cu0HX_AA.js
j249cn3.com/_nuxt/
96 KB
40 KB
Script
General
Full URL
https://j249cn3.com/_nuxt/Cu0HX_AA.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"d4c4f32e8934c0d86765ba10d777675a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nzry9kfY5FY%2B1Gla3kcf8d7b%2B6jg9k6PrbJxi7Sk3xVgbS%2Fxqod3TtXWv8CL6%2BEIvaP3sfCwJarT1An%2F%2FhItqH6q0JetOEoyNgf2k5qi56YqVdA6s7uVLHjBq6jbQNw95ZYMFAuXC5Wpg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbb9fe7ee14d54-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13284&sent=21&recv=25&lost=0&retrans=1&sent_bytes=6861&recv_bytes=2975&delivery_rate=554960&cwnd=256&unsent_bytes=0&cid=150830ebda7efccf&ts=651&x=0"
date
Sat, 09 Nov 2024 06:25:37 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
YEsMPfrR-legacy.js
j249cn3.com/_nuxt/
89 KB
36 KB
Script
General
Full URL
https://j249cn3.com/_nuxt/YEsMPfrR-legacy.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"43743563a28103bcae897aac89c4dc0b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FCp%2B1SD6bOG14VpnkBf%2Fy7RQ5S%2FznLebE%2Blw44xMLo1mVkbHTipbPqnDUAOomcTi%2Bstd8oxmDM1tgqcsgbjRwybHo9l%2BqAd8Uz0KqtJ7CtzZQkdOsLW96A98XaXrpL6xvthneZebn6Loyg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbb9fe7ee44d54-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13284&sent=85&recv=25&lost=0&retrans=1&sent_bytes=70989&recv_bytes=2975&delivery_rate=554960&cwnd=256&unsent_bytes=32352&cid=150830ebda7efccf&ts=654&x=0"
date
Sat, 09 Nov 2024 06:25:37 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
BpHzTSm_-legacy.js
j249cn3.com/_nuxt/
154 KB
58 KB
Script
General
Full URL
https://j249cn3.com/_nuxt/BpHzTSm_-legacy.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"cd86f65c2a8137dd2269402bdd8e7a7d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qEnt1lfDXoddOVUz%2BhYHEBy7pDUNDeUHVP2WhoeDmOst8VES7izZfjzHj%2B%2FIFMpvZREC0LlKDGQ1sv9PGnX%2BStabesksUtea2X9ZdX5Uy8n7Y7q9K5h5el4lTVD5acTFXp7xVpO8lOeFNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbb9fe7ee74d54-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13284&sent=66&recv=25&lost=0&retrans=1&sent_bytes=49444&recv_bytes=2975&delivery_rate=554960&cwnd=256&unsent_bytes=0&cid=150830ebda7efccf&ts=652&x=0"
date
Sat, 09 Nov 2024 06:25:37 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
aICu0AXk.js
j249cn3.com/_nuxt/
158 KB
61 KB
Script
General
Full URL
https://j249cn3.com/_nuxt/aICu0AXk.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"0efb6bcd72325523035fd3c025350f4d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PjQq5Rr82j7UG%2Ff%2Bf%2FtutNFInI6U140qI5gV7LDOfy9EdNSX%2Be7wc2H08fVCNwNagKQXd0UaYaKriStOnHJWSo%2BUmuYWhuS0IL6wlU8Y09M2U00qUjQljffHugtSMeOEW6SeckYJ9vfdNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbb9fe7ee94d54-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13284&sent=37&recv=25&lost=0&retrans=1&sent_bytes=21535&recv_bytes=2975&delivery_rate=554960&cwnd=256&unsent_bytes=0&cid=150830ebda7efccf&ts=651&x=0"
date
Sat, 09 Nov 2024 06:25:37 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
GGfah0dn.js
j249cn3.com/_nuxt/
20 KB
10 KB
Script
General
Full URL
https://j249cn3.com/_nuxt/GGfah0dn.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"32a4be07fb364257203ad81af7542c3c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1XR%2FaJ%2BHCaqDF%2BWT4qKK%2BpdTJxISEU2c3At93IVzn%2FNM4bjcvg08MdrWjqrDSPwOLAgjbK4f5Xv4klWL4WAty5e%2Fq%2B0DKxNuU1f7AS%2BRvdLpQXeWBMA1JBcd7UDccIpJfU42NvXrPFrcg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbb9fe7eea4d54-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13284&sent=85&recv=25&lost=0&retrans=1&sent_bytes=70989&recv_bytes=2975&delivery_rate=554960&cwnd=256&unsent_bytes=18380&cid=150830ebda7efccf&ts=653&x=0"
date
Sat, 09 Nov 2024 06:25:37 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
CMQg-MuX.js
j249cn3.com/_nuxt/
13 KB
6 KB
Script
General
Full URL
https://j249cn3.com/_nuxt/CMQg-MuX.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"965c5a65ddd194e1510fd4c3894b9813"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PXoe%2FCMepNtDUE8ZNaI03hWcOlgYW%2FGlOxVje4%2BRvehfAOLc7HvvjIdF8bxGyaqTdJXlp5krRFFHhAOpW0ngvMt7clPSHJztn612L0o9BuV8TCJkgRwTiPAZL4JMCRRuwWHCrV6A33Nkjg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbb9fe7eeb4d54-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13284&sent=85&recv=25&lost=0&retrans=1&sent_bytes=70989&recv_bytes=2975&delivery_rate=554960&cwnd=256&unsent_bytes=32352&cid=150830ebda7efccf&ts=653&x=0"
date
Sat, 09 Nov 2024 06:25:37 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
Cj862xVT.js
j249cn3.com/_nuxt/
384 B
720 B
Script
General
Full URL
https://j249cn3.com/_nuxt/Cj862xVT.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"46e0ad9d11e5e50d3c8c373d295a84b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oKpzwAykzTgJJU%2B4otrYsOKLzcQWNd8tXsktGoHcad2SVm2uSNsmgY6J0xTdFD7um9rSvx%2Bntl0Yq4lONc6YKo%2FErP3qWduLjdDQvasEkAqOpb%2FEj8iPayiaUBr6x8V%2FuBtxlfwDppLPPw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbb9fe7eed4d54-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13284&sent=85&recv=25&lost=0&retrans=1&sent_bytes=70989&recv_bytes=2975&delivery_rate=554960&cwnd=256&unsent_bytes=32352&cid=150830ebda7efccf&ts=653&x=0"
date
Sat, 09 Nov 2024 06:25:37 GMT
content-type
application/javascript
vary
Accept-Encoding
server
cloudflare
B_Wqv3ta-legacy.js
j249cn3.com/_nuxt/
0
10 KB
Other
General
Full URL
https://j249cn3.com/_nuxt/B_Wqv3ta-legacy.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

content-encoding
br
etag
W/"110f248784c37700e96ac00c0a38f299"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=druxJkHomkEYMY87OqHVHPIB8bzGGLgC0vmh%2Fbq51FDk9j8YbDi95tH9tK15qGBY8hkxGWlinSyPffBiopXW4CMOrweY5tKQ7Vx3XLey13eXBgtpVk1fJkCCzDH9oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21688&sent=25&recv=17&lost=5&retrans=7&sent_bytes=7095&recv_bytes=5706&delivery_rate=16908&cwnd=8400&unsent_bytes=0&cid=a5c85d98ecb6ab7b&ts=1039&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:38 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbba04df1fd411-FRA
access-control-allow-origin
*
server
cloudflare
BFfI4Gjz-legacy.js
j249cn3.com/_nuxt/
0
6 KB
Other
General
Full URL
https://j249cn3.com/_nuxt/BFfI4Gjz-legacy.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

content-encoding
br
etag
W/"61fe9c0e130d333d955077fc9541d8b3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g4jzm%2F7pta8JKN4OrBzcpBt81kdNxTZ%2By182X%2FC44e86AHd8kCPW7oMBJEKBoOiMNAojuuXRbva4jOlpyFR4pKW48znP0FH4v%2FBFcQpw7CGtco0xr6gWnGdfebaDvw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22053&sent=35&recv=28&lost=5&retrans=7&sent_bytes=17753&recv_bytes=9245&delivery_rate=112474&cwnd=9600&unsent_bytes=0&cid=a5c85d98ecb6ab7b&ts=1098&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:38 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbba053fcad411-FRA
access-control-allow-origin
*
server
cloudflare
6igjDNGO-legacy.js
j249cn3.com/_nuxt/
0
984 B
Other
General
Full URL
https://j249cn3.com/_nuxt/6igjDNGO-legacy.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

content-encoding
br
etag
W/"fec42302af708ae628c1e1aeb479b787"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BYYblISCvXaCobvsgkQSJFh7bASLIdN5vg8V4jBJGWwDIf%2BqAKnFZ4jHs7Vacz7tnvfRdGFTXUl4wWEIsH3EVpSJ0BovT01arW9MsqyWVrvtcO%2FploYg4LJSq2Qy9g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22053&sent=44&recv=28&lost=5&retrans=7&sent_bytes=27353&recv_bytes=9245&delivery_rate=112474&cwnd=9600&unsent_bytes=0&cid=a5c85d98ecb6ab7b&ts=1098&x=1", cfExtPri, cfHdrFlush;dur=23
date
Sat, 09 Nov 2024 06:25:38 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbba053fccd411-FRA
access-control-allow-origin
*
server
cloudflare
BzIRJCKp-legacy.js
j249cn3.com/_nuxt/
0
14 KB
Other
General
Full URL
https://j249cn3.com/_nuxt/BzIRJCKp-legacy.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

content-encoding
br
etag
W/"c70010cb0e49cb95d12da89b4dbe8d67"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VA0UdIpzM2PuVWA7OhGsBr8KfpsP7FM9nU2RodXaWhgakdT4L3TyvTlZdyivwQpyKIgAaxthqd5uFMKuOkzoH8pCaRgP%2FgR9CYHB%2F1RYmTLznsypnfuLlgQAfBqF%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22053&sent=44&recv=28&lost=5&retrans=7&sent_bytes=27353&recv_bytes=9245&delivery_rate=112474&cwnd=9600&unsent_bytes=0&cid=a5c85d98ecb6ab7b&ts=1098&x=1", cfExtPri, cfHdrFlush;dur=23
date
Sat, 09 Nov 2024 06:25:38 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbba053fcdd411-FRA
access-control-allow-origin
*
server
cloudflare
DUbMBqg6-legacy.js
j249cn3.com/_nuxt/
0
5 KB
Other
General
Full URL
https://j249cn3.com/_nuxt/DUbMBqg6-legacy.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

content-encoding
br
etag
W/"d1851cc0d47d606bad6c18deb36f024c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Zb%2Fw4dn7XZMo%2FaDr5mn%2BTVKGqBgRfmcr4wQblbK%2BE%2B%2BDNOccvKXzmHdL95srnVX56NHrf3nL%2BIUn7VVrdtGWFkjoQwbFgGnkhd%2F7E%2BoD%2FUvnPoj3otm%2BCsebI6rrg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22053&sent=44&recv=28&lost=5&retrans=7&sent_bytes=27353&recv_bytes=9245&delivery_rate=112474&cwnd=9600&unsent_bytes=0&cid=a5c85d98ecb6ab7b&ts=1100&x=1", cfExtPri, cfHdrFlush;dur=21
date
Sat, 09 Nov 2024 06:25:38 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbba053fced411-FRA
access-control-allow-origin
*
server
cloudflare
uso_ElAT-legacy.js
j249cn3.com/_nuxt/
0
3 KB
Other
General
Full URL
https://j249cn3.com/_nuxt/uso_ElAT-legacy.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

content-encoding
br
etag
W/"f9e91ff589e6ad8973be05fec6f6b176"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ejRsfyTCb4IHuoarel2Q9hAwf7ZPlGOAeTr9g0PW29yBKxB2ZHEuC4TVWraSH7De3FSexA1NReuufffeXHunnY2m%2FQTGwVnRzKm3RWVtVu32zoIqiBeYzI1adGOVyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22053&sent=44&recv=28&lost=5&retrans=7&sent_bytes=27353&recv_bytes=9245&delivery_rate=112474&cwnd=9600&unsent_bytes=0&cid=a5c85d98ecb6ab7b&ts=1099&x=1", cfExtPri, cfHdrFlush;dur=22
date
Sat, 09 Nov 2024 06:25:38 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbba053fcfd411-FRA
access-control-allow-origin
*
server
cloudflare
7G5qPtoe.js
j249cn3.com/_nuxt/
0
4 KB
Other
General
Full URL
https://j249cn3.com/_nuxt/7G5qPtoe.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

content-encoding
br
etag
W/"0f129817c56731f9a45918be3c39a144"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cl6yMhamSLsB26cnY31z5jRL%2FIoqn4otwdLEWfNcNvN%2BIjehkxc4s9zduqmKxViVcKK3J6c1iSYci97pyNn7PyNroUmNPj%2FVi4iuOJ2bb2wiXrr7xL81KiLY2IzMlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22053&sent=41&recv=28&lost=5&retrans=7&sent_bytes=24208&recv_bytes=9245&delivery_rate=112474&cwnd=9600&unsent_bytes=0&cid=a5c85d98ecb6ab7b&ts=1098&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:38 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbba053fd1d411-FRA
access-control-allow-origin
*
server
cloudflare
DBwpRuPD.js
j249cn3.com/_nuxt/
0
2 KB
Other
General
Full URL
https://j249cn3.com/_nuxt/DBwpRuPD.js
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

content-encoding
br
etag
W/"915da2f3d273ce4410ca512c13eb3c1d"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wEdpMgNjTeequvPkc9bMJpyVcrHEiZPhYZervUnxJ%2BbRyN%2FIF3ZLXzFbIbxenYjXsoCIgZrMnrcn%2F2oX63%2BYE6PGyzVyL4TOP5VY1008lA8mRspm9GH2C8ESvQIOBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22053&sent=44&recv=28&lost=5&retrans=7&sent_bytes=27353&recv_bytes=9245&delivery_rate=112474&cwnd=9600&unsent_bytes=0&cid=a5c85d98ecb6ab7b&ts=1100&x=1", cfExtPri, cfHdrFlush;dur=21
date
Sat, 09 Nov 2024 06:25:38 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=4,i
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbba053fd2d411-FRA
access-control-allow-origin
*
server
cloudflare
index.DokOj3jQ.css
j249cn3.com/_nuxt/
494 B
1 KB
Stylesheet
General
Full URL
https://j249cn3.com/_nuxt/index.DokOj3jQ.css
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/_nuxt/aICu0AXk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://j249cn3.com
Referer
https://j249cn3.com/

Response headers

content-encoding
br
etag
W/"92471d573f769267c7bbed4a3016bb5e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rlM%2FoUHz2kiRFUI4y4Lrnruj%2FpD%2BCEzguHopibPrJVT7QiPbR4Q5Yocb3r9bL96aNo%2FZlL4SihjkYyp3r4KFoZsXGBlxZcfAeHAaXRZOWFdowU5iX6898ocsiNx8zg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18102&sent=20&recv=13&lost=5&retrans=7&sent_bytes=4944&recv_bytes=4691&delivery_rate=314&cwnd=8400&unsent_bytes=0&cid=a5c85d98ecb6ab7b&ts=840&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:37 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbba038d29d411-FRA
access-control-allow-origin
*
server
cloudflare
d3ec52eb-952b-4a60-88b8-faf365e41df5.json
j249cn3.com/_nuxt/builds/meta/
139 B
841 B
Fetch
General
Full URL
https://j249cn3.com/_nuxt/builds/meta/d3ec52eb-952b-4a60-88b8-faf365e41df5.json
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/_nuxt/aICu0AXk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://j249cn3.com/

Response headers

content-encoding
br
etag
W/"4e57ec6d4afbf1b252abd9706dfffb79"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KpF%2Fobjq4h%2FLbhfg%2BridAv%2BKIPYg8F%2F%2BZE9RbUQka2hNhLmEHdpbudHEkxRB7j3z4MeIurCh4BRQ25gfaP5P42UZB3lVlHYT%2FuRtsJoUMY1xYzO0OGyixsqeUs8sTA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21058&sent=23&recv=15&lost=5&retrans=7&sent_bytes=6207&recv_bytes=5181&delivery_rate=17893&cwnd=8400&unsent_bytes=0&cid=a5c85d98ecb6ab7b&ts=918&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:37 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=31536000, immutable, public, max-age=1, immutable, public, max-age=31536000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbba041df1d411-FRA
access-control-allow-origin
*
server
cloudflare
Primary Request main
kg09ut5.com/
5 KB
3 KB
Document
General
Full URL
https://kg09ut5.com/main?
Requested by
Host: j249cn3.com
URL: https://j249cn3.com/_nuxt/aICu0AXk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4bcd6b26b827ce2852a33133d04d849c46ca23a85df046bb5a172f12f24c8b1

Request headers

Referer
https://j249cn3.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-ray
8dfbba0d0bd36ae0-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 09 Nov 2024 06:25:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HT75AxBMxJu%2BG6lGhCvxjcZBpKUPF83zNPydl88RNYg0KEaF7qpqG2YcFkAX5yP%2BPXj%2B%2FA1ReSsq7qiLqUEoriCW1cUko2F0F5U%2FTLeWcOxnTltp5m%2BXg12nvq15uGWOZOoQmf8Mqt2fVg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=10859&sent=8&recv=13&lost=0&retrans=1&sent_bytes=4773&recv_bytes=2290&delivery_rate=238204&cwnd=253&unsent_bytes=0&cid=6cd217b3d8807fd5&ts=477&x=0"
vary
Accept-Encoding
x-from
R2
x-r2-path
v39/index.html
x-version
v39
favicon.ico
j249cn3.com/
4 KB
1 KB
Other
General
Full URL
https://j249cn3.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://j249cn3.com/

Response headers

content-encoding
br
etag
W/"eb0ac4ca53d79290163968630addb1d5"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DTvDZZkpOqpnDoDy%2FEcYASg0URvpOZyHkkl8TR2DT2dsNE8KZew%2FB7B%2FvID7eEX%2BobQlPQxzgsjprym%2BUwDy0wruiB%2BXsZ2tOfbqQhFna8GY1p%2BlbTJ88BeoBKJasg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38405&sent=73&recv=48&lost=5&retrans=7&sent_bytes=54987&recv_bytes=10531&delivery_rate=184132&cwnd=10800&unsent_bytes=0&cid=a5c85d98ecb6ab7b&ts=1255&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:38 GMT
content-type
image/vnd.microsoft.icon
vary
Accept-Encoding
priority
u=1,i
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8dfbba063949d411-FRA
access-control-allow-origin
*
server
cloudflare
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/main?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e5f-7918"
age
38032
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KWYcnnEs7Wp3DZVrAPeaDRyh234w%2BJ7RRGIU0MIR22tETdzLcbOsUtlbwCiD5zSNApKpMNZYa9Bbj2NQouqsjuLUaaNMQ0VjxRJDHgSDK%2BHO%2B6MsapeAHKjGMwT6rSHmFoBoyU1b"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 06:25:39 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 09 Nov 2024 06:25:39 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8dfbba0f395cd368-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
5631
server
cloudflare
mini.js
kg09ut5.com/
466 KB
141 KB
Script
General
Full URL
https://kg09ut5.com/mini.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/main?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4c26210c0347a902e40b557af13bc633a8950292b1e787fb3dbf2c025b2874e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/main?

Response headers

x-version
v39
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FSaDtFySFHS5mi4kO7WCc%2BOlmY2zYv2UVqKCvvHoOUeEr9cVDlzB3r6FL8BbGCdsn1m6TXaKHfgEnoxa0wHBwf4uavhnnRMYIySKbdEyH9vQk448AV9ErNQnqzqWeA0NjLtdHa6R8B7liA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba0ebc8a6ae0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=11321&sent=606&recv=145&lost=0&retrans=14&sent_bytes=739700&recv_bytes=2912&delivery_rate=36404638&cwnd=447&unsent_bytes=0&cid=6cd217b3d8807fd5&ts=941&x=0"
date
Sat, 09 Nov 2024 06:25:39 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/mini.js
server
cloudflare
api.js
challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js
47 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/22755d9a86c9/api.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/main?
Protocol
H3
Server
104.18.95.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/

Response headers

cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8dfbba109fb730e2-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 09 Nov 2024 06:25:39 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Mon, 28 Oct 2024 19:08:47 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=300, public
location
/turnstile/v0/b/22755d9a86c9/api.js
cross-origin-resource-policy
cross-origin
cf-ray
8dfbba105f8c30e2-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 09 Nov 2024 06:25:39 GMT
vary
Accept-Encoding
server
cloudflare
adAnalytics.js
kg09ut5.com/
7 KB
3 KB
Script
General
Full URL
https://kg09ut5.com/adAnalytics.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/main?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95f99592f1e1d933dd836158720ba5a971eac815767df96e234ae2303580d00b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/main?

Response headers

x-version
v39
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ubALX7TT9%2BqoB2p2n6xssFcPCGxC04ZuKPpralSnLnMuN2MmjLmUWzvuyli53MNU4HAWfDbihGUUvrxGA9yKx%2BhqtrARbefqy6nxp9BvXagYo8OMPprlaQXNOjSRinWkfzVViVGlV0BFoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba0ebc876ae0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13197&sent=141&recv=26&lost=0&retrans=1&sent_bytes=150183&recv_bytes=2912&delivery_rate=5629567&cwnd=253&unsent_bytes=13463&cid=6cd217b3d8807fd5&ts=766&x=0"
date
Sat, 09 Nov 2024 06:25:39 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/adAnalytics.js
server
cloudflare
reload.css
kg09ut5.com/appReload/
4 KB
1 KB
Stylesheet
General
Full URL
https://kg09ut5.com/appReload/reload.css
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/main?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
920cbdf782168b5a13073f919eb275f19884dac5599531b66389575717203046

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/main?

Response headers

x-version
v39
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DGS%2FUWUvnt6n7p38KGDf73MHAFqEgxbEFSLFTRw6z%2FCSxjWxMBDKYMgZsauJoErpLzi3mURNsHq9jI6Eb%2BsUSUh2Xlw9zzYC0Wc8uebwaoxJRqBa86uBgFbE4%2FVfkXhZhhg3E%2FgopTqk2A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba0ebc846ae0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=10337&sent=91&recv=23&lost=0&retrans=1&sent_bytes=86055&recv_bytes=2912&delivery_rate=2769998&cwnd=253&unsent_bytes=30961&cid=6cd217b3d8807fd5&ts=752&x=0"
date
Sat, 09 Nov 2024 06:25:39 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/appReload/reload.css
server
cloudflare
index-BNtNQx7r.js
kg09ut5.com/assets/
2 MB
644 KB
Script
General
Full URL
https://kg09ut5.com/assets/index-BNtNQx7r.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/main?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a7e812ba99384c164477897c55e5e4dbe4f17ff534d8008da371edfde297883

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kg09ut5.com
Referer
https://kg09ut5.com/main?

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6e9TJ4cA3ErAYS%2Fsmx9CxK0Wy0VzGAVzEzKETDb1URUmiPva3JigT27WkBoKGOW%2FOcZn8o4wc8oI8jynnUzyq%2BUYsqTHmZpNOdxvEXkgHylWlqRi%2BTzjOMdt47fJ98Pzc3J%2BShZB6Wvlw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba0ebc886ae0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=12078&sent=15&recv=20&lost=0&retrans=1&sent_bytes=7997&recv_bytes=2912&delivery_rate=326946&cwnd=253&unsent_bytes=0&cid=6cd217b3d8807fd5&ts=741&x=0"
date
Sat, 09 Nov 2024 06:25:39 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-BNtNQx7r.js
server
cloudflare
index-9O30LjkW.css
kg09ut5.com/assets/
316 KB
46 KB
Stylesheet
General
Full URL
https://kg09ut5.com/assets/index-9O30LjkW.css
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/main?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af731f7d19c6ace6b642f99c00ec8f1c88b6b0401c407d4788d506bdd2ddce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kg09ut5.com
Referer
https://kg09ut5.com/main?

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iVK7ZlcTtIRw%2FznnqZBlSZCHx0zgQhadpo2PTwa85EWLkVfKSo%2BV9oJmBywcO19xYBDtmJkeuFanDWjshle9uWDvXLliO%2BQDYqnhxnkWjQFQSHl2U30bShZLx9YPc9rfE3c7xa6E9pPvkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba0ebc866ae0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=10718&sent=89&recv=22&lost=0&retrans=1&sent_bytes=84664&recv_bytes=2912&delivery_rate=2769998&cwnd=253&unsent_bytes=24882&cid=6cd217b3d8807fd5&ts=749&x=0"
date
Sat, 09 Nov 2024 06:25:39 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-9O30LjkW.css
server
cloudflare
version-polling.min.js
kg09ut5.com/
3 KB
2 KB
Script
General
Full URL
https://kg09ut5.com/version-polling.min.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/main?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9faf673113292d24752db2af256ce2cf2de78bb2c65498675ca7898f7c077b35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/main?

Response headers

x-version
v39
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=16Pk37IdAvPp6mSlIiymw9uGeIkJ66pjd7N8aTMel3kTglCS9vt3IU9PRpGMUrGyL8dMlw4KDZ%2Fj4byWLzzI3IFGDJkGhJnBA6F%2F3WcXoD3RpMJxgGAYbSTkcFpwyWjcJMhoWseLxOEtNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba0ebc896ae0-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=13010&sent=602&recv=143&lost=0&retrans=14&sent_bytes=737800&recv_bytes=2912&delivery_rate=36404638&cwnd=443&unsent_bytes=0&cid=6cd217b3d8807fd5&ts=915&x=0"
date
Sat, 09 Nov 2024 06:25:39 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/version-polling.min.js
server
cloudflare
index.js
kg09ut5.com/appReload/
4 KB
2 KB
Script
General
Full URL
https://kg09ut5.com/appReload/index.js?v=20241103
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/main?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2529c653f216397e16fe2519f773a1fe204db22cbbbda5b410e6a9d0047527

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/main?

Response headers

x-version
v39
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hoz52skCJD4b%2B1Zv3pBHgxqCPdbtq20lUKGQpIF7GbOTtpR73sZNOFhObfW5WmVtowRKkTq3aeZKoFN2Tm8ioZ5Ru4oyEGnYW3WkEn9aeAKj7FgcQjUL3sysZxJgiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba102c221ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=11669&sent=37&recv=24&lost=0&retrans=0&sent_bytes=29826&recv_bytes=5842&delivery_rate=92311&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=431&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:40 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/appReload/index.js
server
cloudflare
webPushSdk.produce.min.2.1.6.js
kg09ut5.com/
60 KB
24 KB
Script
General
Full URL
https://kg09ut5.com/webPushSdk.produce.min.2.1.6.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/main?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ee4947bae28f87f22e0f400ac7ae540d0162c4102402eaafe7d3aa6a3420c7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/main?

Response headers

x-version
v39
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n9gcXSnTnYi5KuPKfz2CeSA5dy24k2ExX1iKvPaX24CKyUXV011rtwNiy%2FhTD7KWP9iQNFdwA7WBsZsJiepiUnUHtjGG2Y9BQMAj9VlbpBrgStmEIIQk2fuAAxkb3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba102c231ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18501&sent=14&recv=13&lost=0&retrans=0&sent_bytes=4321&recv_bytes=5369&delivery_rate=582&cwnd=12000&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=384&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:40 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/webPushSdk.produce.min.2.1.6.js
server
cloudflare
version.js
kg09ut5.com/
0
0
Fetch
General
Full URL
https://kg09ut5.com/version.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/version-polling.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/main?

Response headers

x-version
v39
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
etag
W/"7283b8ef06d8e6491f20c0a56e971163"
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FHCRoHMElLqGWXvEYaSi3NsTgxreZCTVRMDUZGRNMrpvt7PyHnOqDrPP%2FGzrN%2Bc%2Bhh9bpCGAo3ipfc4N%2FDbvbMXd44XwmcQqGiVq%2BHW3e3bjbZQidlQ1o8%2B%2BvbLGiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba10fca81ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12652&sent=40&recv=27&lost=0&retrans=0&sent_bytes=32195&recv_bytes=5973&delivery_rate=60305&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=483&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:40 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
v39/version.js
server
cloudflare
c085b019-59a9-41aa-9b9f-f6bae439407a
https://kg09ut5.com/
0
0

fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kg09ut5.com
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03e5f-12d68"
age
1500582
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JpZYGMoz306Ehi6HRIYf70W69xfe8SXoNobmXP8Xbf82326QKGd9n2jLy5nKpNDngpo7NZ%2FFlZPB0wLzPXjuWEXV788P%2FL%2BUaczHxFvW349dW780EVd8i0fSKd2LTYxQ97Bvu4er"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Thu, 30 Oct 2025 06:25:40 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 09 Nov 2024 06:25:40 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8dfbba168e45d233-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
server
cloudflare
index-BemCDsx1.js
kg09ut5.com/assets/
1 KB
1 KB
Script
General
Full URL
https://kg09ut5.com/assets/index-BemCDsx1.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c97e2998b7fbd0d03fcfa9af75acbbbfe76a3cbccd8680b897efb7ce3b5bcb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kg09ut5.com
Referer
https://kg09ut5.com/assets/index-BNtNQx7r.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WH3%2FIBlVSxOgVLbMFtDCWfX%2BCwUrgj1ifzhOniF0qmGyZZun4zFlbfVOlTgRQ3cXCpXvGB1MxyYeG2d4mE57ZSsI5p6S1TBMG9x%2Fj3rzGMYoKu%2BTwE2cEzjj5qQhcw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba187a6b1ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=13097&sent=43&recv=30&lost=0&retrans=0&sent_bytes=33134&recv_bytes=6857&delivery_rate=21647&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=1699&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:41 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-BemCDsx1.js
server
cloudflare
favicon.ico
kg09ut5.com/
0
577 B
Other
General
Full URL
https://kg09ut5.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/main

Response headers

x-version
v39
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VXMjVRdfrStDj87pVPlEYKU5MHhyXQ4oxYFuZjdBR7jCvq9%2FEPbpN2%2BhTzBdBaLuqWaeVv59ojSY%2F8Fz%2BNLy1KAuMiTLPg8Ul%2FWYORlun6BcNdV1GV14XntekeCUwg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba1a1be31ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26481&sent=73&recv=47&lost=0&retrans=1&sent_bytes=58594&recv_bytes=9228&delivery_rate=75144&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=2176&x=1", cfHdrFlush;dur=0
content-length
0
date
Sat, 09 Nov 2024 06:25:41 GMT
vary
Accept-Encoding
server
cloudflare
x-r2-path
v39/favicon.ico
web-CjaTeccx.js
kg09ut5.com/assets/
2 KB
2 KB
Script
General
Full URL
https://kg09ut5.com/assets/web-CjaTeccx.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15b7e35cd404486b697343e2dc487b69f59a5129d4e794eff6cfc00ca0b7110f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kg09ut5.com
Referer
https://kg09ut5.com/assets/index-BNtNQx7r.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4NpLvv51VUQZQlwBxraJUvqJ6Arrmvyo%2BHWVFH23qCRhFI2VcD4xOqKACu4yZ5ygQwug1u%2FljpNI4oauNDOGnAmduzvI7XA1JodOHUu9C1mWNqfzri0L5itFzPGRkw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba1acc881ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12579&sent=50&recv=35&lost=0&retrans=1&sent_bytes=36082&recv_bytes=8305&delivery_rate=6830&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=2092&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:41 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/web-CjaTeccx.js
server
cloudflare
favicon.ico
kg09ut5.com/
0
576 B
Other
General
Full URL
https://kg09ut5.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/launch

Response headers

x-version
v39
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BOW51C3GPf9HNKky6BYgrDo8XIqmEJ6rvVMEtS%2BEhS0EZPGcGr2igQKQVtw%2F7tDsWzwLsRK8s3896x98Jyd9DFI68%2FIqUr72Y%2FF63DOqHnbQ%2ByGyna4FdzZQ8R%2BzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba1ea81a1ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23706&sent=80&recv=51&lost=0&retrans=3&sent_bytes=61405&recv_bytes=9827&delivery_rate=686&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=2844&x=1", cfHdrFlush;dur=0
content-length
0
date
Sat, 09 Nov 2024 06:25:42 GMT
vary
Accept-Encoding
server
cloudflare
x-r2-path
v39/favicon.ico
pt_BR-DR4Wzu9l.js
kg09ut5.com/assets/
54 KB
20 KB
Script
General
Full URL
https://kg09ut5.com/assets/pt_BR-DR4Wzu9l.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e499518b40a1d295bcdc8952f18aae6951bd3c9bfd607a95bc015acd2e73f7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kg09ut5.com
Referer
https://kg09ut5.com/assets/index-BNtNQx7r.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UKTg9kfjIVoKtM%2Fz2UlZvwoiXoLKYc%2BN6GA1sA6WoNnaQJBMVbVaz7iMQAyR1%2BaKqqqMqVwnKANnik3%2BZqA52nhiDQNt3fxnLQSPOlmfJm9P39EPWNLvu2fOxj6dKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba1b0cb31ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=12579&sent=52&recv=35&lost=0&retrans=1&sent_bytes=37813&recv_bytes=8305&delivery_rate=6830&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=2096&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:41 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/pt_BR-DR4Wzu9l.js
server
cloudflare
index9-kh1sIBlc.js
kg09ut5.com/assets/
2 KB
1 KB
Script
General
Full URL
https://kg09ut5.com/assets/index9-kh1sIBlc.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff50fc10e1fd26b1cdb332fd5b4519c086059d0b925098bb9bd3879b6970f6ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kg09ut5.com
Referer
https://kg09ut5.com/assets/index-BNtNQx7r.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X5MtCIis2I53ZYBqg3Vs6lXN39BCq0R47Iqn5f2eJM0EvajpTymmgjOvNkuZJezftDUaXiqzJHzEBt7H2m49MCK6qIVB7ZzyGGc5lpJdrmJNFBguvSyNTa0ctc2xtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba1c1dd91ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26233&sent=75&recv=48&lost=0&retrans=2&sent_bytes=59800&recv_bytes=9272&delivery_rate=8835&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=2285&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:41 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index9-kh1sIBlc.js
server
cloudflare
channel.info
api.n-t-v-w.com/api/frontend/trpc/
28 B
417 B
Fetch
General
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A0%2C%22tenantId%22%3A0%2C%22domain%22%3A%22kg09ut5.com%22%7D%7D
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/mini.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa

Request headers

Authorization
Bearer null
sign
4ab673bce040748783f30495ade9c8851930f998faa010
tenantId
Referer
https://kg09ut5.com/
X-Trace-ID
HE7OUP8L
X-Device-Type
DesktopOS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
channelId
Client-Language

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
cf-ray
8dfbba21b89c3685-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
28
date
Sat, 09 Nov 2024 06:25:42 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*
tenant.domainInfo
api.n-t-v-w.com/api/frontend/trpc/
28 B
415 B
Fetch
General
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22kg09ut5.com%22%7D%7D
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/mini.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa

Request headers

Authorization
Bearer null
sign
fc67c6d05888e6b89169c5a9133ecb121151ab9932e1b
tenantId
Referer
https://kg09ut5.com/
X-Trace-ID
ATJ7ZADV
X-Device-Type
DesktopOS
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
channelId
Client-Language

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
cf-ray
8dfbba21b8993685-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
28
date
Sat, 09 Nov 2024 06:25:42 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
*
channel.info
api.n-t-v-w.com/api/frontend/trpc/
0
0
Preflight
General
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A0%2C%22tenantId%22%3A0%2C%22domain%22%3A%22kg09ut5.com%22%7D%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,channelid,client-language,content-type,sign,tenantid,x-device-type,x-trace-id
Access-Control-Request-Method
GET
Origin
https://kg09ut5.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
8dfbba2168643685-FRA
date
Sat, 09 Nov 2024 06:25:42 GMT
server
cloudflare
vary
Accept-Encoding
tenant.domainInfo
api.n-t-v-w.com/api/frontend/trpc/
0
0
Preflight
General
Full URL
https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22kg09ut5.com%22%7D%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,channelid,client-language,content-type,sign,tenantid,x-device-type,x-trace-id
Access-Control-Request-Method
GET
Origin
https://kg09ut5.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
8dfbba2168603685-FRA
date
Sat, 09 Nov 2024 06:25:42 GMT
server
cloudflare
vary
Accept-Encoding
swipe-back-lXg72rbZ.js
kg09ut5.com/assets/
682 B
1 KB
Script
General
Full URL
https://kg09ut5.com/assets/swipe-back-lXg72rbZ.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0965ec94918d3b71ccefd138a382e8bcc32ffd6f6abd7a67a9dc375d51b3f494

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kg09ut5.com
Referer
https://kg09ut5.com/assets/index-BNtNQx7r.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HOUJZnLY5veOff14BGiFQkjQrzLJRAsOQmFcmt8nUDRZorn1PDErK9TAyJmnzKP%2Bil5DvrHzbGEgKo9G7vYl4b%2Bx%2BUuMGA87LZBrMPsTLYRgBzKcpSOtwuWf7hp7hw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba220ac51ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=23709&sent=83&recv=53&lost=0&retrans=4&sent_bytes=62635&recv_bytes=10323&delivery_rate=3060&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=3245&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:42 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/swipe-back-lXg72rbZ.js
server
cloudflare
index-CdUROUJ-.js
kg09ut5.com/assets/
2 KB
2 KB
Script
General
Full URL
https://kg09ut5.com/assets/index-CdUROUJ-.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4de82b0141cb7b5e72cc34e550472a519dd74d6b16cb955960602d9fb61ac44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kg09ut5.com
Referer

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CZp0nOetgMm3BoVdIeknaukkML%2FJLp9xAvDN7byjWub7%2BLSsAiMCO5N2dlAN1%2Bi9AoO9mPebPgDDySw79qo9O31Rle0HOMaUo8PVhitlx9ZItOrmJohx%2BskyuBCKQw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba25edef1ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18892&sent=90&recv=58&lost=0&retrans=4&sent_bytes=66029&recv_bytes=11322&delivery_rate=16073&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=3857&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:43 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-CdUROUJ-.js
server
cloudflare
index-CSJWRess.css
kg09ut5.com/assets/
8 KB
2 KB
Stylesheet
General
Full URL
https://kg09ut5.com/assets/index-CSJWRess.css
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3432094bcfc8d88b093bea9f5191c099f72920065d2cef3cf8cae41b3d400

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kg09ut5.com
Referer
https://kg09ut5.com/launch

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kTLEOCNSnCpe5xMO4px%2B07jSeAVIQi4qLnUSSMEtg4rLx9sT2AQxQ3Qr08zt1oWpRGOqX8S4Zgvd5O0MJPFHVcTWX8qG1VJXjC8vg1x7dG0jxF%2Bm95veFs%2BCvtgWBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba25edf11ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21835&sent=86&recv=56&lost=0&retrans=4&sent_bytes=63814&recv_bytes=11234&delivery_rate=7029&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=3840&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:43 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/index-CSJWRess.css
server
cloudflare
md.transition-CYNDOIh7.js
kg09ut5.com/assets/
1 KB
1 KB
Script
General
Full URL
https://kg09ut5.com/assets/md.transition-CYNDOIh7.js
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/assets/index-BNtNQx7r.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6bfcf29c79902e5e9b524f83d87c9e584cf01dcf2a85cad08f805ab4c4cf608

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://kg09ut5.com
Referer
https://kg09ut5.com/assets/index-BNtNQx7r.js

Response headers

x-version
cache-control
public, max-age=86400, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2FbGB0fjidpsXlF2gk1Cn5p7vh6ohtkpgJscsANc3Zee8Voe%2Bm%2BypXBUE5%2FngwUPd%2Ba5llKyp%2FVP0JLHUjAik2Qbl56BFB7%2FpcFofSaqIODL%2FsAfW3%2BZkExcHnnt7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba27af171ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=17717&sent=94&recv=62&lost=0&retrans=4&sent_bytes=67755&recv_bytes=12774&delivery_rate=176791&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=4123&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:43 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
x-r2-path
assets/md.transition-CYNDOIh7.js
server
cloudflare
cloud-dark.svg
kg09ut5.com/405/
3 KB
2 KB
Image
General
Full URL
https://kg09ut5.com/405/cloud-dark.svg
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/assets/index-CSJWRess.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e13775ee86b96fea82ede96ab5af4465d5f7a667aab005c041f443bdd3f2a0da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/assets/index-CSJWRess.css

Response headers

x-version
v39
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wtfEOxnzxXzZQzFr6SypMce77ab6b1cGPkNVloE0LdZD9WQLT%2BH%2FDP0MdorxtRRaHCEMibZQi4pvhxow6%2FykriTGvD4jlYJnHW27ycZoVHy7mSTsJoKzvkfTpGzudQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba27bf1a1ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16241&sent=96&recv=63&lost=0&retrans=4&sent_bytes=69014&recv_bytes=12818&delivery_rate=9366&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=4133&x=1", cfHdrFlush;dur=0
date
Sat, 09 Nov 2024 06:25:43 GMT
content-type
image/svg+xml
vary
Accept-Encoding
x-r2-path
v39/405/cloud-dark.svg
server
cloudflare
limit-dark.png
kg09ut5.com/405/
516 KB
516 KB
Image
General
Full URL
https://kg09ut5.com/405/limit-dark.png
Requested by
Host: kg09ut5.com
URL: https://kg09ut5.com/assets/index-CSJWRess.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.132 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2f204ba03918673b51556100d6faf93ebba537b869b049bedad6e55bdc93eb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://kg09ut5.com/assets/index-CSJWRess.css

Response headers

x-version
v39
cache-control
public, max-age=3600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-from
R2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2BkcIPbsPzg9Au4ynZtBVoiMVmlu9ntyjR1aZdNuke2Oi30DFB1Sr0y57be%2FtF%2B1YOzmI3h7Kb9XU8RvGJLTa9u72cF1Pn%2FAoGWxLXoRn2a1w96%2BySP5bLFlADfjng%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8dfbba27bf1b1ac5-FRA
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=16241&sent=100&recv=63&lost=0&retrans=4&sent_bytes=71226&recv_bytes=12818&delivery_rate=9366&cwnd=22800&unsent_bytes=0&cid=61b629eb41a1c8c6&ts=4134&x=1", cfHdrFlush;dur=0
content-length
527977
date
Sat, 09 Nov 2024 06:25:43 GMT
content-type
image/png
vary
Accept-Encoding
x-r2-path
v39/405/limit-dark.png
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kg09ut5.com
URL
blob:https://kg09ut5.com/c085b019-59a9-41aa-9b9f-f6bae439407a

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| isSamsungBrowser object| script object| VersionPolling object| MTpushInterface object| diy object| turnstile object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE_I18N_FULL_INSTALL__ boolean| __VUE_I18N_LEGACY_API__ object| CapacitorPlatforms object| Capacitor function| Pusher boolean| __VUE__ object| Ionic boolean| __vite_is_modern_browser object| _refresh_btn boolean| isOpenMainUI

2 Cookies

Domain/Path Name / Value
.j249cn3.com/ Name: __cf_bm
Value: fmemiXbSVILuly99mpRUy47gBUPqqWgfc1G_D0qenPY-1731133537-1.0.1.1-sHSq4uuwIsXcybqFEfGHXSwOLVZ3R0XPPvw5sWNIZilrlK7yTPbeWCNMIOZ_KYiGR5Fn3uFC4kIqELHKZx0W5g
.kg09ut5.com/ Name: __cf_bm
Value: EYvemRIl3pEQB5FZ1PL1pB0vt6tT8aezGvntAjKlQ_E-1731133540-1.0.1.1-fJQ9T8AnuHk9lVHYNnUTL.eAVQ74hP5Pz63g4lkBMAgOeeiO5Ar.taDTegAKbUDsfwhyi2NyLJGcJgb70RP5cg

4 Console Messages

Source Level URL
Text
network error URL: https://kg09ut5.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://kg09ut5.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://api.n-t-v-w.com/api/frontend/trpc/tenant.domainInfo?input=%7B%22json%22%3A%7B%22domain%22%3A%22kg09ut5.com%22%7D%7D
Message:
Failed to load resource: the server responded with a status of 405 ()
network error URL: https://api.n-t-v-w.com/api/frontend/trpc/channel.info?input=%7B%22json%22%3A%7B%22id%22%3A0%2C%22tenantId%22%3A0%2C%22domain%22%3A%22kg09ut5.com%22%7D%7D
Message:
Failed to load resource: the server responded with a status of 405 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.n-t-v-w.com
cdnjs.cloudflare.com
challenges.cloudflare.com
j249cn3.com
kg09ut5.com
kg09ut5.com
104.17.24.14
104.18.26.132
104.18.26.31
104.18.27.132
104.18.95.41
2606:4700::6812:1a84
0965ec94918d3b71ccefd138a382e8bcc32ffd6f6abd7a67a9dc375d51b3f494
15b7e35cd404486b697343e2dc487b69f59a5129d4e794eff6cfc00ca0b7110f
1b2529c653f216397e16fe2519f773a1fe204db22cbbbda5b410e6a9d0047527
1ee4947bae28f87f22e0f400ac7ae540d0162c4102402eaafe7d3aa6a3420c7e
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2af731f7d19c6ace6b642f99c00ec8f1c88b6b0401c407d4788d506bdd2ddce0
3dcaffebdddc53bff7b9bed07fbe2773f5c3b6022dd34af37cb2c20da234f9ae
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a7e812ba99384c164477897c55e5e4dbe4f17ff534d8008da371edfde297883
8d242137194749db304b6167388d502e8718f2491f5838c98f86b078d57b1eaa
920cbdf782168b5a13073f919eb275f19884dac5599531b66389575717203046
95f99592f1e1d933dd836158720ba5a971eac815767df96e234ae2303580d00b
9c97e2998b7fbd0d03fcfa9af75acbbbfe76a3cbccd8680b897efb7ce3b5bcb1
9e499518b40a1d295bcdc8952f18aae6951bd3c9bfd607a95bc015acd2e73f7c
9faf673113292d24752db2af256ce2cf2de78bb2c65498675ca7898f7c077b35
a4bcd6b26b827ce2852a33133d04d849c46ca23a85df046bb5a172f12f24c8b1
b2f204ba03918673b51556100d6faf93ebba537b869b049bedad6e55bdc93eb2
b6bfcf29c79902e5e9b524f83d87c9e584cf01dcf2a85cad08f805ab4c4cf608
b7595c3d2e94df7416308fa2ccf5ae8832137c76d2e9a8b02e6ed2cb2d92e2f7
bad3432094bcfc8d88b093bea9f5191c099f72920065d2cef3cf8cae41b3d400
c4c26210c0347a902e40b557af13bc633a8950292b1e787fb3dbf2c025b2874e
d4de82b0141cb7b5e72cc34e550472a519dd74d6b16cb955960602d9fb61ac44
e13775ee86b96fea82ede96ab5af4465d5f7a667aab005c041f443bdd3f2a0da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff50fc10e1fd26b1cdb332fd5b4519c086059d0b925098bb9bd3879b6970f6ff