Submitted URL: https://paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Effective URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Submission: On November 11 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 35 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.paytogether.net.
TLS certificate: Issued by WE1 on September 16th 2024. Valid for: 3 months.
This is the only time www.paytogether.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 188.114.96.3 13335 (CLOUDFLAR...)
9 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 27.124.9.115 152194 (CTGSERVER...)
1 207.148.47.166 59371 (DNC-AS Di...)
1 163.181.92.239 24429 (TAOBAO Zh...)
1 188.114.97.3 13335 (CLOUDFLAR...)
35 7
Apex Domain
Subdomains
Transfer
20 theweeklydonut.org
www.theweeklydonut.org
13 MB
11 paytogether.net
paytogether.net
www.paytogether.net
116 KB
2 staticfile.org
cdn.staticfile.org — Cisco Umbrella Rank: 138535
47 KB
1 jiezibook.cn
11wap.jiezibook.cn
10 KB
1 xxsmad4.com
xxsmad4.com
1 KB
0 11cdocker402.com Failed
11cdocker402.com Failed
35 6
Domain Requested by
20 www.theweeklydonut.org www.paytogether.net
10 www.paytogether.net www.paytogether.net
2 cdn.staticfile.org www.paytogether.net
1 11wap.jiezibook.cn www.paytogether.net
1 xxsmad4.com www.paytogether.net
1 paytogether.net 1 redirects
0 11cdocker402.com Failed www.paytogether.net
35 7
Subject Issuer Validity Valid
paytogether.net
WE1
2024-09-16 -
2024-12-15
3 months crt.sh
*.staticfile.org
GlobalSign GCC R6 AlphaSSL CA 2023
2024-09-15 -
2025-10-17
a year crt.sh
xxsmad2.com
R11
2024-10-09 -
2025-01-07
3 months crt.sh
theweeklydonut.org
WE1
2024-10-12 -
2025-01-10
3 months crt.sh
jiezibook.cn
R10
2024-10-28 -
2025-01-26
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Frame ID: BD4B25F49AB1897C7F47FC203ADCB601
Requests: 35 HTTP requests in this frame

Screenshot

Page Title

萝萝爱吃萝卜的小说_萝萝爱吃萝卜作品全集_在线阅读_txt下载_作者萝萝爱吃萝卜全部小说专题_小燕文学网

Page URL History Show full URLs

  1. https://paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html HTTP 301
    https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

97 %
HTTPS

17 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

13131 kB
Transfer

13533 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html HTTP 301
    https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request %E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
www.paytogether.net/author/
Redirect Chain
  • https://paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
  • https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
50 KB
15 KB
Document
General
Full URL
https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f26680c4513ce74c1247c48557e3012bb6758e9bede9b89f1eb0a1e1df7af88

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8e0a388ecb53d2c6-FRA
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Mon, 11 Nov 2024 00:38:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5yITLaQAVG3G9VKRyPvkXiHUiDuY4np8hBRTO9ik50bjnUdBB%2FaqzmTKlwKvxTFgDok5RHEnfFRn0t7gZ0Y%2FNVFgZpQEMyhMkxE7leNBgeRkwk0b%2FGjtf1fDMF2ZoZD9V%2BXSqwVRU%2FSnq1xEPxRLAGe"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=19289&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4024&recv_bytes=2440&delivery_rate=280958&cwnd=254&unsent_bytes=0&cid=418ec94a2ccf1276&ts=77&x=0"
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e0a388dbdaddbe8-FRA
content-type
text/html
date
Mon, 11 Nov 2024 00:38:41 GMT
location
https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=leKroleZOqbeIDeCtMxdmuL%2BQYbduJua0Kn9QxgijybdzCulhUz6%2FTWVt4JtIH7eE7NTprPV825C8TKcoZO6B63MK6yZBaJnklh%2BmtDP4TEIdNbVuFz%2F%2Fcts6P0oY%2FobS3M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=16640&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4248&recv_bytes=4544&delivery_rate=30244&cwnd=12000&unsent_bytes=0&cid=76b3303dd4deb60b&ts=60&x=1" cfHdrFlush;dur=0
bootstrap.min.css
www.paytogether.net/static/blue/css/
120 KB
22 KB
Stylesheet
General
Full URL
https://www.paytogether.net/static/blue/css/bootstrap.min.css
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf01f690089eb06dda2a55c575a4886254a3d8ef0e2eacab8e6f7efc8e94e68c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wcCldwJRM8VONxWWI1aotVqB5MZvDKs%2FH2rXfgmvP6a6%2FYxR5zFEVykvI7HlE62rGITd7WxHsIfyniPH4nlrNWabA0OZD7%2FnME%2BA20IQIWoVCbciYy0UPzgUul8WlDo6p9EuHlC37nQx8ko3lrYobYO4"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a388f1b89d2c6-FRA
expires
Mon, 11 Nov 2024 00:39:41 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=TCP&rtt=19792&sent=50&recv=26&lost=0&retrans=0&sent_bytes=33554&recv_bytes=3125&delivery_rate=960503&cwnd=257&unsent_bytes=0&cid=418ec94a2ccf1276&ts=119&x=0"
date
Mon, 11 Nov 2024 00:38:41 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 26 Nov 2023 18:28:22 GMT
vary
Accept-Encoding
server
cloudflare
style.css
www.paytogether.net/static/blue/css/
9 KB
3 KB
Stylesheet
General
Full URL
https://www.paytogether.net/static/blue/css/style.css
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cc52429563ead3c9fffce6cc185e3fe2fab5430022368bfa35dcfc9b522fb98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZyA0oBATtKstDE86fUJ%2FkjYC2Zjgsa2MGGyeYBI1b9wysLo9GpI3H3QK2oxezusggSdVIZz74p0GnCU6HbIijOIdyfiSXSzMOrkbTNVLuXR0FyVpH9V5Z%2FT3PoKGVGp%2FAGhcOWgUP%2Fd5jIEo4htxTSqe"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a388f1b8cd2c6-FRA
expires
Mon, 11 Nov 2024 00:39:41 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=TCP&rtt=19792&sent=73&recv=26&lost=0&retrans=0&sent_bytes=55893&recv_bytes=3125&delivery_rate=960503&cwnd=257&unsent_bytes=0&cid=418ec94a2ccf1276&ts=119&x=0"
date
Mon, 11 Nov 2024 00:38:41 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 30 Oct 2023 16:30:12 GMT
vary
Accept-Encoding
server
cloudflare
font-awesome.min.css
cdn.staticfile.org/font-awesome/4.7.0/css/
30 KB
8 KB
Stylesheet
General
Full URL
https://cdn.staticfile.org/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.124.9.115 Shatin, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

access-control-max-age
1800
cache-control
max-age=31536000
content-encoding
gzip
etag
W/"66fc0c65-7918"
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
expires
Mon, 10 Nov 2025 23:42:25 GMT
access-control-allow-origin
*
x-cache
HIT, policy, memory
date
Sun, 10 Nov 2024 23:42:25 GMT
content-type
text/css
last-modified
Sun, 10 Nov 2024 23:48:25 GMT
server
nginx
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With, Token
a.css
www.paytogether.net/static/blue/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://www.paytogether.net/static/blue/css/a.css
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5da5466cddd392fadb5e010b73e76f884767c2a90a6fb9a891b7ff7ba0a87c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2yeNH8XB%2BiPtQelmYvYh13eVmV1IIi6tvwZm9ulAEZn2PAu8JQzaasmvz%2BA%2FZj3hrCsZLlVVjGImPL3qrRwwSMRVxGN4e%2FB5X0xEo%2BTwOlN593bT1BJQnZyPUR4PZUHCDaWY6ytErF8JliLRoBlhq8T"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a388f1b8ed2c6-FRA
expires
Mon, 11 Nov 2024 00:39:41 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=TCP&rtt=19792&sent=34&recv=26&lost=0&retrans=0&sent_bytes=21958&recv_bytes=3125&delivery_rate=960503&cwnd=257&unsent_bytes=0&cid=418ec94a2ccf1276&ts=118&x=0"
date
Mon, 11 Nov 2024 00:38:41 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 29 Oct 2023 21:45:48 GMT
vary
Accept-Encoding
server
cloudflare
jquery.min.js
www.paytogether.net/static/blue/js/
91 KB
34 KB
Script
General
Full URL
https://www.paytogether.net/static/blue/js/jquery.min.js
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09009edd44f342d7d63f5a7061581492ccee1ffee99eedc695550a11015c0f13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5xVih%2F%2BzgbVSsQIZ826ApqRbzQq5mKpCkN1wJMIdUJBrkqG8ecyxE9%2B9EvM%2BAPwB5K7KUHOPO1mkPgSMHCIioQtRjeW1FSbg9q4m3LuPENOR%2Fwm7EiNdsm%2FxBEq7Gd0RziNZC%2Fnnajzde%2FdHdOUNyR9B"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a388f1b8fd2c6-FRA
expires
Mon, 11 Nov 2024 00:39:41 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=TCP&rtt=19792&sent=85&recv=26&lost=0&retrans=0&sent_bytes=69360&recv_bytes=3125&delivery_rate=960503&cwnd=257&unsent_bytes=0&cid=418ec94a2ccf1276&ts=120&x=0"
date
Mon, 11 Nov 2024 00:38:41 GMT
content-type
application/javascript
last-modified
Thu, 04 Aug 2016 07:22:56 GMT
vary
Accept-Encoding
server
cloudflare
jquery.cookie.min.js
www.paytogether.net/static/blue/js/
1 KB
1 KB
Script
General
Full URL
https://www.paytogether.net/static/blue/js/jquery.cookie.min.js
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s6jyYyxvff1%2FCY1MY0UcSytGzaBovmphqZiSChQhKHr%2BHCKSzK3fiaoMuz9fnt%2B7r2lL3gGpvrOtBEbcz5pW0a6p4jw7ohIreOlKK6en3C8%2FAu5OQ5sansFTfF8HM%2B6nREJ9Zbz50OpQTRbCdU1l%2FNtj"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a388f1b91d2c6-FRA
expires
Mon, 11 Nov 2024 00:39:41 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=TCP&rtt=19792&sent=28&recv=26&lost=0&retrans=0&sent_bytes=19220&recv_bytes=3125&delivery_rate=960503&cwnd=257&unsent_bytes=0&cid=418ec94a2ccf1276&ts=117&x=0"
date
Mon, 11 Nov 2024 00:38:41 GMT
content-type
application/javascript
last-modified
Sat, 12 Aug 2023 13:47:00 GMT
vary
Accept-Encoding
server
cloudflare
b.m.js
www.paytogether.net/static/blue/js/
28 KB
9 KB
Script
General
Full URL
https://www.paytogether.net/static/blue/js/b.m.js
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhfTDB%2B87LaXeuZt6Iz1S7ORY5E84gPQG7eScMfcNgi7y8zLjdXlrBgtYWH8MAkUvVgreAk8%2FlB38S2MFt%2BvlHVUmsqZw9%2BiZgUHpiPyH%2BAtcLStrcOL0Ux1tBpedPbyw6pK%2B1eu9HEuq9VBet1AhFVb"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a388f1b93d2c6-FRA
expires
Mon, 11 Nov 2024 00:39:41 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=TCP&rtt=19792&sent=38&recv=26&lost=0&retrans=0&sent_bytes=24509&recv_bytes=3125&delivery_rate=960503&cwnd=257&unsent_bytes=0&cid=418ec94a2ccf1276&ts=118&x=0"
date
Mon, 11 Nov 2024 00:38:41 GMT
content-type
application/javascript
last-modified
Thu, 04 Aug 2016 07:23:04 GMT
vary
Accept-Encoding
server
cloudflare
17mb.js
www.paytogether.net/static/blue/js/
2 KB
1 KB
Script
General
Full URL
https://www.paytogether.net/static/blue/js/17mb.js
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eb1b617b369f5645aa4dccab9182f84713e1d22644f52cca1961263e746bbd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qS16RkeK9oerLXXKjoC7lcrhy8gcyWUgIBL2M89DmI6Mrz8NTKrurkwOMrmts1Xiyup2dGZm4iGpfEOkqpYYwpEhMtHIbDkuAzP5eLUCCGY0lMXAFtXG4JLGVwjwTDQps8wpTpIuR3YZvFQzGyXqF0DB"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a388f1b94d2c6-FRA
expires
Mon, 11 Nov 2024 00:39:41 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=TCP&rtt=19792&sent=31&recv=26&lost=0&retrans=0&sent_bytes=20539&recv_bytes=3125&delivery_rate=960503&cwnd=257&unsent_bytes=0&cid=418ec94a2ccf1276&ts=117&x=0"
date
Mon, 11 Nov 2024 00:38:41 GMT
content-type
application/javascript
last-modified
Tue, 26 May 2020 12:07:28 GMT
vary
Accept-Encoding
server
cloudflare
17mbbase.js
www.paytogether.net/static/blue/js/
30 KB
10 KB
Script
General
Full URL
https://www.paytogether.net/static/blue/js/17mbbase.js
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
690363fad01997fc9426855d2abf682e7e72751fb0737126e049882d640e0d61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Ov%2FAjHi2Z6IdREtx3dpbqmNfBbJJeOl2UcSOObsq8y4cF2eMdbkOGbkPkLEv%2FAGYTATmJPxRc78OVx4WNxCb3mG8WfXmv9ikwRQ9N0GAhvMQMgVEyhUu8QaAfQMbct4r7NFl7vNTqHqlsGQezTBZzQ%2F"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0a388f1b96d2c6-FRA
expires
Mon, 11 Nov 2024 00:39:41 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=TCP&rtt=19792&sent=76&recv=26&lost=0&retrans=0&sent_bytes=59229&recv_bytes=3125&delivery_rate=960503&cwnd=257&unsent_bytes=0&cid=418ec94a2ccf1276&ts=119&x=0"
date
Mon, 11 Nov 2024 00:38:41 GMT
content-type
application/javascript
last-modified
Sun, 13 Aug 2023 07:14:32 GMT
vary
Accept-Encoding
server
cloudflare
crypto-js.js
cdn.staticfile.org/crypto-js/4.1.1/
193 KB
39 KB
Script
General
Full URL
https://cdn.staticfile.org/crypto-js/4.1.1/crypto-js.js
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
27.124.9.115 Shatin, Hong Kong, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
f0bdf25fda8f9af5920c82070775864c7e1166eb31540d030e6b80a382e39ce1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
expires
0
access-control-allow-origin
*
x-cache
BYPASS
date
Mon, 11 Nov 2024 00:38:42 GMT
content-type
text/javascript; charset=utf-8
server
nginx
access-control-allow-headers
Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With,token
s.php
xxsmad4.com/
2 KB
1 KB
Script
General
Full URL
https://xxsmad4.com/s.php?g=1&t=2&p=1388&i=
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
207.148.47.166 Hong Kong, Hong Kong, ASN59371 (DNC-AS Dimension Network & Communication Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
fa3d9bdb2ceec59320c5baa8812c1354d17c55352297cc940c149af314189ac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 11 Nov 2024 00:38:42 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
nginx
t2.gif
www.theweeklydonut.org/img/
365 KB
366 KB
Image
General
Full URL
https://www.theweeklydonut.org/img/t2.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73cc3a2d99e874aa002656f9073c345a2311047f9c1c727f8df26e8859aac212

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f60b0-5b598"
age
2258003
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QhLIb8%2FGMFK0knVOf7J1zq%2Fcf0I78Vs4Sa97AJ66wXJgSKu2MU%2FjgOhfOOmy65rsLK5hxSfWdAvcgDL1tib8HHVUoygCe8VAOz3Pg45ynee0UI2%2B6dtjUYfxHouNruliQS238XzbjnT%2F"}],"group":"cf-nel","max_age":604800}
expires
Thu, 14 Nov 2024 21:25:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=61446&sent=21&recv=12&lost=0&retrans=0&sent_bytes=15555&recv_bytes=6025&delivery_rate=52946&cwnd=12000&unsent_bytes=0&cid=0834f96b8f78937d&ts=112&x=1", cfExtPri, cfHdrFlush;dur=63
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 08:56:16 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389969dd2be9-FRA
accept-ranges
bytes
content-length
374168
server
cloudflare
t7.gif
www.theweeklydonut.org/img/
130 KB
131 KB
Image
General
Full URL
https://www.theweeklydonut.org/img/t7.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ceecc51de9c41d32909000045d486b60ca5b94fb2e38636ec6e383d53e7e11e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f60b1-2082d"
age
512372
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKOsXw3m3doqdinHlkfkwU30zh5TAsR6rlmwLPQE%2BKjB1u5yd6jeqwnqckP6RXfo3mAV7I7Yt4zUeeHxjctdhUv4banrFEIBWQyIHn4cUf6mtq81dk6Op%2BD%2B4NRyNWB9zH2JZ8M0AaVz"}],"group":"cf-nel","max_age":604800}
expires
Thu, 05 Dec 2024 02:19:11 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=61446&sent=21&recv=12&lost=0&retrans=0&sent_bytes=15555&recv_bytes=6025&delivery_rate=52946&cwnd=12000&unsent_bytes=0&cid=0834f96b8f78937d&ts=111&x=1", cfExtPri, cfHdrFlush;dur=64
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 08:56:17 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389969d92be9-FRA
accept-ranges
bytes
content-length
133165
server
cloudflare
tb20.gif
www.theweeklydonut.org/pic/
188 KB
189 KB
Image
General
Full URL
https://www.theweeklydonut.org/pic/tb20.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5107b7348a98e169f3c6f3baa7579fa8f48b87031201192907b08179a09f4cfc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33ba-2f032"
age
2257962
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHF08fWt1sY6eNm%2F%2BFkvWi5dNRs%2BpH5i7x30pR3huF%2FaH4q7MoYSOEYTG5AK3kAOb3tMbTPFLN4j8sXwKTTn0kIp0MvpZxySxLl%2FMp6WPaxHij6XR4PQvyEd0BAvNQDvNji%2FLcEoQqd8"}],"group":"cf-nel","max_age":604800}
expires
Thu, 14 Nov 2024 21:26:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=61446&sent=11&recv=12&lost=0&retrans=0&sent_bytes=4137&recv_bytes=6025&delivery_rate=52946&cwnd=12000&unsent_bytes=0&cid=0834f96b8f78937d&ts=109&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:26 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389969da2be9-FRA
accept-ranges
bytes
content-length
192562
server
cloudflare
tb18.gif
www.theweeklydonut.org/pic/
1 MB
1 MB
Image
General
Full URL
https://www.theweeklydonut.org/pic/tb18.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96337209fb220ae80ffc4e43811602d0c51009fd6768d69d9ec6a8dcadac13f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33ba-1216c4"
age
2163177
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bZtIkb7SdkQiLRFJbB87VuZ7pZubfqgKx24lAYAy8G2jN5zhNOXVA7Vnd4iHCHK%2FvDUmf4MC%2FPFW6RZzERIy3xv9XTgZOZb56dMVjDNig9re5y68HfvnPK%2BwJNtNHvrPeUGCN2%2F8rQoQ"}],"group":"cf-nel","max_age":604800}
expires
Fri, 15 Nov 2024 23:45:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=61446&sent=21&recv=12&lost=0&retrans=0&sent_bytes=15555&recv_bytes=6025&delivery_rate=52946&cwnd=12000&unsent_bytes=0&cid=0834f96b8f78937d&ts=110&x=1", cfExtPri, cfHdrFlush;dur=65
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:26 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389969d72be9-FRA
accept-ranges
bytes
content-length
1185476
server
cloudflare
manh1.gif
www.theweeklydonut.org/pic/
79 KB
79 KB
Image
General
Full URL
https://www.theweeklydonut.org/pic/manh1.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f9026767d7162a4c8d1c647ae1541479cd568e26f4b4960aa1dad3a3d71adac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33b8-13a33"
age
2271612
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2YyiWi0VIQQ87Ar70C98rIRbxoNrfrmqpR4tm8xMFJaZpMaeZTOdiTFey%2FSQbyzqXmaCUh%2B2NqZE5VxGqVm9iPJ3JprqtOMOfKnkqTXv%2F6D5uRFbA59uTuSow1h%2FjgTHa1t6n8JObXq"}],"group":"cf-nel","max_age":604800}
expires
Thu, 14 Nov 2024 17:38:31 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=61446&sent=21&recv=12&lost=0&retrans=0&sent_bytes=15555&recv_bytes=6025&delivery_rate=52946&cwnd=12000&unsent_bytes=0&cid=0834f96b8f78937d&ts=110&x=1", cfExtPri, cfHdrFlush;dur=65
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:24 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389969d82be9-FRA
accept-ranges
bytes
content-length
80435
server
cloudflare
llt.gif
www.theweeklydonut.org/img/
670 KB
670 KB
Image
General
Full URL
https://www.theweeklydonut.org/img/llt.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8a6e6dc344c036b19ce2b18e8569588d5419e7d1c973dc18624df78a73df0b0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"672487e6-a7664"
age
837837
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tK9P5entTAgfJyjhiFlFiLxe9O2WY4G3ZKAARFStAQrp7yWSnzrESQILggpheojiiIpSLT1BUg63we2e1wSMdPJSQKEdualVOXOHt%2B1ECLJ%2FVIDJ4anKmwaK%2FtytsXBZ1X0P3CtbCPKP"}],"group":"cf-nel","max_age":604800}
expires
Sun, 01 Dec 2024 07:54:46 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=61446&sent=21&recv=12&lost=0&retrans=0&sent_bytes=15555&recv_bytes=6025&delivery_rate=52946&cwnd=12000&unsent_bytes=0&cid=0834f96b8f78937d&ts=110&x=1", cfExtPri, cfHdrFlush;dur=65
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Fri, 01 Nov 2024 07:48:54 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389969d62be9-FRA
accept-ranges
bytes
content-length
685668
server
cloudflare
tb10.gif
www.theweeklydonut.org/pic/
163 KB
164 KB
Image
General
Full URL
https://www.theweeklydonut.org/pic/tb10.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5728c52c86d69746af2f7c55d07ba6b0dba833a9750456e9b83b48ad3d4602c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33b9-28c53"
age
340321
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEWpIt%2FBAlrG9kMYUTXY76nPpbR4eSfIGpDkCyYv%2FsJAbzhWKZkyawXfBoD%2FjIEuUX9jWReLdunygOzPi9rtZVOet5LL42DU0QOV3YRKc%2BdD6DZHeVDmc%2BwTAusNeHowD7UdmUr0nviL"}],"group":"cf-nel","max_age":604800}
expires
Sat, 07 Dec 2024 02:06:42 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=301&x=1", cfExtPri, cfHdrFlush;dur=11
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:25 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa1b2be9-FRA
accept-ranges
bytes
content-length
166995
server
cloudflare
manh4.gif
www.theweeklydonut.org/pic/
281 KB
282 KB
Image
General
Full URL
https://www.theweeklydonut.org/pic/manh4.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ccde475a80ad10984ef468c687db355c70622817706be8d33a5549d08bd3441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33b9-463b2"
age
2356918
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NNWT%2FVc8Xg1FqY4pPiBBMt0%2BU4W8YcqM%2B8AnLQroE9AR%2B0OOuTGHqjNooEjgY3S0V443Q8EPPGTZIwTES9vEZcluET7TAo4%2Bc%2BWgfa2XUabVCYUFerRwnR0FqX7hXtj9Wiu4JiOVBR23"}],"group":"cf-nel","max_age":604800}
expires
Wed, 13 Nov 2024 17:56:45 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=300&x=1", cfExtPri, cfHdrFlush;dur=12
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:25 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa1d2be9-FRA
accept-ranges
bytes
content-length
287666
server
cloudflare
manh7.gif
www.theweeklydonut.org/pic/
290 KB
291 KB
Image
General
Full URL
https://www.theweeklydonut.org/pic/manh7.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7faae46270b8d7477234e8fab1048b4e2b8888cfe72d3bbb61fcde271cedcee1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33b9-487b3"
age
2361724
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lOYfu7omjvX7%2B3OeUKRtNsvJKELOBJsZc1dA3JSUV4pMapjA4VMPSXExCFEIUhSMnKJNcQpDdqyL8MQ5ldwRAl7nScjcixThkKlfdC0OBVur%2BXDVc2qnZe0Toj45kA%2BJg9wz5Rt0%2F9KI"}],"group":"cf-nel","max_age":604800}
expires
Wed, 13 Nov 2024 16:36:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=301&x=1", cfExtPri, cfHdrFlush;dur=12
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:25 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa1e2be9-FRA
accept-ranges
bytes
content-length
296883
server
cloudflare
manh6.gif
www.theweeklydonut.org/pic/
2 MB
2 MB
Image
General
Full URL
https://www.theweeklydonut.org/pic/manh6.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e43d4a758666dc5e066bf65608aa16571d1424bcbddc33d02081e66438ca0514

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33b9-19abf2"
age
63928
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vS5tR3C2kfkdWe0DdqlZnSVA7x%2B5yjJgXTyEnGpWQukckcH8p5PljBnnt7MXjlIqiP1kN6EB%2FDY9pfyr94Txpw2yQvDtHQdQoJBZojEVQKV02w%2BRVOWjzljyyVXqq4q5XVg6Ygqk0HU"}],"group":"cf-nel","max_age":604800}
expires
Tue, 10 Dec 2024 06:53:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=304&x=1", cfExtPri, cfHdrFlush;dur=9
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:25 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa1f2be9-FRA
accept-ranges
bytes
content-length
1682418
server
cloudflare
tb3.gif
www.theweeklydonut.org/pic/
43 KB
43 KB
Image
General
Full URL
https://www.theweeklydonut.org/pic/tb3.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec754597f24745eed9e994c83e3e4fc77f9a6f717868a2d5476c3a56c9864a42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33ba-aac8"
age
754630
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=22xUSSj4i0kFcMHGfKuQ7jvj52x4v9PlCxONTzUuZvS02hRFAWfHvUQv3wxSLhwXaOfQaoFN65MePgV7RqTsGp8P0p9F5XtGbVeICTgGCC8qHtNIq4YUdUK5HJGzkAD84s9j0bI1iiVg"}],"group":"cf-nel","max_age":604800}
expires
Mon, 02 Dec 2024 07:01:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=301&x=1", cfExtPri, cfHdrFlush;dur=12
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:26 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa202be9-FRA
accept-ranges
bytes
content-length
43720
server
cloudflare
tb21.gif
www.theweeklydonut.org/pic/
176 KB
177 KB
Image
General
Full URL
https://www.theweeklydonut.org/pic/tb21.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bacfd7a902fde36d94b4e5927dc62a7d434b5ea2c919e72f1189295d5cc0edf5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33ba-2c1d0"
age
64186
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02dWmtWNrGVWKeGAZ6k%2FmMcVBmoVKE%2BdZnOisN5WgZ4R3jHpJgL5IVrmzekCE5RZVYLf7g8exMpoQQJ6F%2F2s9%2Bjim7CUVGm9%2F39DLo52JHGgc9wGSZm4zal9g%2Fk%2BMHzX0855cMjqL3Co"}],"group":"cf-nel","max_age":604800}
expires
Tue, 10 Dec 2024 06:48:57 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=301&x=1", cfExtPri, cfHdrFlush;dur=12
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:26 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa212be9-FRA
accept-ranges
bytes
content-length
180688
server
cloudflare
xxss.png
www.theweeklydonut.org/img/
21 KB
22 KB
Image
General
Full URL
https://www.theweeklydonut.org/img/xxss.png
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c34a1a92b9429344790a8f1d51eee9f9980d33485dc06c02b8843fbf0cf3ffd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"66325ad5-5570"
age
2264243
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VHO%2BtnsEru08A2QsfDtaWwS2ypRwHr5sECXj7UXkwd1yGv%2B8Wh4EzXWzXAI82fZ1%2FyMP7WSYGfL9Rfme0YDV6PSvduQhZH2R%2B0uZyMgr3y4co6QfSe9F24FLRu%2Bzjx4cISmF2RQ%2BIxXM"}],"group":"cf-nel","max_age":604800}
expires
Thu, 14 Nov 2024 19:41:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=302&x=1", cfExtPri, cfHdrFlush;dur=11
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/png
last-modified
Wed, 01 May 2024 15:08:05 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa232be9-FRA
accept-ranges
bytes
content-length
21872
server
cloudflare
tb9.gif
www.theweeklydonut.org/pic/
2 MB
2 MB
Image
General
Full URL
https://www.theweeklydonut.org/pic/tb9.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7704b731152fb876d561278c51aca3a7d145e640f328cc4eea2b7742481dc87a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33bb-1ce9e8"
age
2257962
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCf7qANmubzTov9ZGzVODZMEHqUUFb76BCPCxO1Uwin0js0iQClSF3pKMWMnEx5DETrojhvAQlAsuoSKro40bmeSZ4oEnFZijIh7QHAsaUkY8wkWM6Q77vTWXc%2F3xRX%2Fx9XEP3vnCgDr"}],"group":"cf-nel","max_age":604800}
expires
Thu, 14 Nov 2024 21:26:01 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=303&x=1", cfExtPri, cfHdrFlush;dur=10
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:27 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa242be9-FRA
accept-ranges
bytes
content-length
1894888
server
cloudflare
dpd.jpg
www.theweeklydonut.org/img/
13 KB
14 KB
Image
General
Full URL
https://www.theweeklydonut.org/img/dpd.jpg
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9659bbd52fc1660c38394ccffe803705c81eaa1ffb0d576253c1a4722c2e631

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"672487e6-3495"
age
838102
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOvltKpXKZWg4%2BNubw7NgjvcxDX4pdL5QXwgVUuLmAcvxZNLK6y7Zs8PbUUjAdl3H7ODUbxtF7deLdE8kYgYw3ObL0Zi1Ha9DbRJivKzuanBZlbB36aKd7%2BQ2YawCf7pB9M71kvb6CRV"}],"group":"cf-nel","max_age":604800}
expires
Sun, 01 Dec 2024 07:50:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=302&x=1", cfExtPri, cfHdrFlush;dur=12
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/jpeg
last-modified
Fri, 01 Nov 2024 07:48:54 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa272be9-FRA
accept-ranges
bytes
content-length
13461
server
cloudflare
tb15.gif
www.theweeklydonut.org/pic/
3 MB
3 MB
Image
General
Full URL
https://www.theweeklydonut.org/pic/tb15.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7a75975696febc141f7007e34e6d64342c7c9074b3b43d585f60a40699729a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33b9-36a9f3"
age
1115863
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vhzvFaxTbk0Uxbirsln3aHvyE%2BffJsJ%2B91lbjPRCoIOpWXD9uwc%2BlMXGNEXj9y8Osqytbu2h%2FFAS%2F1%2FAHk7rhbaNNYD3c1iqLDUEkIzKN7Bzeem7i0TJ7PrH%2Fv8CuU184svUqQd6yzam"}],"group":"cf-nel","max_age":604800}
expires
Thu, 28 Nov 2024 02:41:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=302&x=1", cfExtPri, cfHdrFlush;dur=12
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:25 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa282be9-FRA
accept-ranges
bytes
content-length
3582451
server
cloudflare
101.webp
www.theweeklydonut.org/img/
9 KB
10 KB
Image
General
Full URL
https://www.theweeklydonut.org/img/101.webp
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db11b175e4cf289f1194e0c1c371daacc2de08dcf9c61ea0f07bb042509c7ee6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"661bc432-256a"
age
1203
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCmBrabju%2Fw8R1rVjz4bPOWBOmPE83oYBD3k5SdVg4k%2BQUW7yobdsV3C3cmmxVSX4UL1XYYjxDfFSwX%2Bx9LXLeVMaeHDT87viu8b6ijifryuy7xEHDM1EaEs30Gyaooa0ArSNB%2FRFL6D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=303&x=1", cfExtPri, cfHdrFlush;dur=11
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/webp
last-modified
Sun, 14 Apr 2024 11:55:30 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa292be9-FRA
accept-ranges
bytes
content-length
9578
server
cloudflare
tb4.gif
www.theweeklydonut.org/pic/
1 MB
1 MB
Image
General
Full URL
https://www.theweeklydonut.org/pic/tb4.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ce01669048e9992c5751495ace63caf61919c42fc22b5ed0aab308f9683691e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f33ba-16ad0a"
age
2361724
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gl59b3zmtkXBAg%2F6%2FESIHmIMSOL62rIJDOIFJ70gNqsK%2FKLehYOazmwodt%2B9A%2B1nuWq3DGtbA2TkwhAnvCif1J6bY%2BcljxQylk22iiSC22XonxhXtaaKoU%2FkyW1CICyqFX%2BDM4KKo%2Bkw"}],"group":"cf-nel","max_age":604800}
expires
Wed, 13 Nov 2024 16:36:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=304&x=1", cfExtPri, cfHdrFlush;dur=10
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 05:44:26 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa2b2be9-FRA
accept-ranges
bytes
content-length
1486090
server
cloudflare
t8.gif
www.theweeklydonut.org/img/
757 KB
758 KB
Image
General
Full URL
https://www.theweeklydonut.org/img/t8.gif
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0114144aaadf841257b71b2346dfe54158ae326d714756e20503db38e9c7bed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"662f60b2-bd2d3"
age
791139
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=85O3lYRLbrUMyr6N8MqDtGeLGIhM%2BS9r5esZrvWpykSyhNO%2F5GdbizAGR5DW%2BGZK7u7FbHkP6MxbGwXuTE38yMsPtfeEMwUtvem9g8vNmTMTF3oTKI7veTnZ%2Bn60pZ4Ua80N3YTB4jh3"}],"group":"cf-nel","max_age":604800}
expires
Sun, 01 Dec 2024 20:53:04 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=307&x=1", cfExtPri, cfHdrFlush;dur=7
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/gif
last-modified
Mon, 29 Apr 2024 08:56:18 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa2c2be9-FRA
accept-ranges
bytes
content-length
774867
server
cloudflare
107.webp
www.theweeklydonut.org/img/
154 KB
155 KB
Image
General
Full URL
https://www.theweeklydonut.org/img/107.webp
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
025debb91dad27306910e71d8cb3fd0a5d9473d722aac4f5a6e910c96dfa1e94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

cf-cache-status
HIT
etag
"661bc5b4-26752"
age
3011
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YlWwI7xOTrb4XupmH0URWkLrJ32syPi4aGxdzlOcd7yRmpu7wgowvpZOc82TOUEFvwjWrREh0jjGgOPf88zkCudiSM%2FrvMkhjdWQu73S%2FkzuaJ7jH4aJ2udGs60gudvrw6sz5jm05l%2Fl"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=82316&sent=92&recv=45&lost=0&retrans=0&sent_bytes=80378&recv_bytes=11677&delivery_rate=256167&cwnd=43200&unsent_bytes=0&cid=0834f96b8f78937d&ts=305&x=1", cfExtPri, cfHdrFlush;dur=9
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
image/webp
last-modified
Sun, 14 Apr 2024 12:01:56 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a389aaa2d2be9-FRA
accept-ranges
bytes
content-length
157522
server
cloudflare
2737
11wap.jiezibook.cn/sc/
10 KB
10 KB
Script
General
Full URL
https://11wap.jiezibook.cn/sc/2737?n=imybzebn
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/author/%E8%90%9D%E8%90%9D%E7%88%B1%E5%90%83%E8%90%9D%E5%8D%9C.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
163.181.92.239 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b8dfdc4e1558190740e96b18b0c4275c850dce13480cecc474011f7c2a58d932
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.paytogether.net/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000
Cache-Control
max-age=1800
Timing-Allow-Origin
*
Pragma
max-age=1800
Connection
keep-alive
Via
cache2.l2hk3[7,0], ens-cache13.de5[205,0]
Access-Control-Allow-Origin
*
EagleId
a3b55ca117312855235654367e
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date
Mon, 11 Nov 2024 00:42:20 GMT
Content-Type
text/javascript; charset=utf-8
Server
Tengine
glyphicons-halflings-regular.woff2
www.paytogether.net/static/blue/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.paytogether.net/static/blue/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.paytogether.net
URL: https://www.paytogether.net/static/blue/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.paytogether.net
Referer
https://www.paytogether.net/static/blue/css/bootstrap.min.css

Response headers

cf-cache-status
REVALIDATED
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c1KsSwv%2FIutIvxj1Fq4LgsvfP1hBaYr2qVrMD5u08ixsb8IN0dw962k4GVIJmXNErvQid3EeasoLNDDlst6L%2BvIyNX1HTbxLvkl4fOQKoBZykmjesEbEELNhi%2B2P5s46610Z4vlw"}],"group":"cf-nel","max_age":604800}
expires
Mon, 11 Nov 2024 00:39:43 GMT
alt-svc
h3=":443"; ma=86400
x-cache
MISS
server-timing
cfL4;desc="?proto=QUIC&rtt=15070&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4271&recv_bytes=4471&delivery_rate=850&cwnd=12000&unsent_bytes=0&cid=13c20eb3df3860fb&ts=1635&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 00:38:43 GMT
content-type
font/woff2
last-modified
Tue, 16 Jun 2015 13:56:18 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e0a38992d1edcb4-FRA
accept-ranges
bytes
content-length
18028
server
cloudflare
2737
11cdocker402.com/d/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
11cdocker402.com
URL
https://11cdocker402.com:8001/d/2737?c=1&n=imybzebn

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| jQuery110004490969230312867 function| _17mb_tj function| _17mb_pctop function| _17mb_pcmiddle function| _17mb_pcbottom function| _17mb_pcduilian function| _17mb_chapter1 function| _17mb_chapter2 function| _17mb_chapter3 function| _17mb_waptop function| _17mb_wapmiddle function| _17mb_wapbottom string| UA string| url function| killerrors function| GetObjcet function| GetObjcetA object| Method object| Form function| $F function| jieqi_ajax object| Ajax function| pageWidth function| pageHeight function| pageTop function| pageLeft function| showMask function| hideMask object| dialogs function| displayDialog function| openDialog function| closeDialog function| loadJs function| GetObj function| saveCookie function| readCookie function| setCookie function| getCookie function| delCookie function| LastRead function| removebook function| removeall function| showtempbooks function| report function| addbookcase function| register_check function| dir function| delbookcase function| get_cookie_value function| user function| bookset function| LoadReadSet object| lastread object| CryptoJS function| x number| n number| j string| style object| a number| imybzebn_is_kk number| $widthwindow number| imybzebn_is_ws object| rde4avd

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11cdocker402.com
11wap.jiezibook.cn
cdn.staticfile.org
paytogether.net
www.paytogether.net
www.theweeklydonut.org
xxsmad4.com
11cdocker402.com
163.181.92.239
188.114.96.3
188.114.97.3
207.148.47.166
27.124.9.115
2a06:98c1:3121::3
025debb91dad27306910e71d8cb3fd0a5d9473d722aac4f5a6e910c96dfa1e94
09009edd44f342d7d63f5a7061581492ccee1ffee99eedc695550a11015c0f13
1ceecc51de9c41d32909000045d486b60ca5b94fb2e38636ec6e383d53e7e11e
3ce01669048e9992c5751495ace63caf61919c42fc22b5ed0aab308f9683691e
3f9026767d7162a4c8d1c647ae1541479cd568e26f4b4960aa1dad3a3d71adac
5107b7348a98e169f3c6f3baa7579fa8f48b87031201192907b08179a09f4cfc
5728c52c86d69746af2f7c55d07ba6b0dba833a9750456e9b83b48ad3d4602c3
690363fad01997fc9426855d2abf682e7e72751fb0737126e049882d640e0d61
6f26680c4513ce74c1247c48557e3012bb6758e9bede9b89f1eb0a1e1df7af88
73cc3a2d99e874aa002656f9073c345a2311047f9c1c727f8df26e8859aac212
7704b731152fb876d561278c51aca3a7d145e640f328cc4eea2b7742481dc87a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cc52429563ead3c9fffce6cc185e3fe2fab5430022368bfa35dcfc9b522fb98
7faae46270b8d7477234e8fab1048b4e2b8888cfe72d3bbb61fcde271cedcee1
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
93eb1b617b369f5645aa4dccab9182f84713e1d22644f52cca1961263e746bbd
96337209fb220ae80ffc4e43811602d0c51009fd6768d69d9ec6a8dcadac13f3
9ccde475a80ad10984ef468c687db355c70622817706be8d33a5549d08bd3441
b8dfdc4e1558190740e96b18b0c4275c850dce13480cecc474011f7c2a58d932
bacfd7a902fde36d94b4e5927dc62a7d434b5ea2c919e72f1189295d5cc0edf5
bf01f690089eb06dda2a55c575a4886254a3d8ef0e2eacab8e6f7efc8e94e68c
c34a1a92b9429344790a8f1d51eee9f9980d33485dc06c02b8843fbf0cf3ffd7
c7a75975696febc141f7007e34e6d64342c7c9074b3b43d585f60a40699729a8
d0114144aaadf841257b71b2346dfe54158ae326d714756e20503db38e9c7bed
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
db11b175e4cf289f1194e0c1c371daacc2de08dcf9c61ea0f07bb042509c7ee6
e43d4a758666dc5e066bf65608aa16571d1424bcbddc33d02081e66438ca0514
e8a6e6dc344c036b19ce2b18e8569588d5419e7d1c973dc18624df78a73df0b0
ec754597f24745eed9e994c83e3e4fc77f9a6f717868a2d5476c3a56c9864a42
f0bdf25fda8f9af5920c82070775864c7e1166eb31540d030e6b80a382e39ce1
f9659bbd52fc1660c38394ccffe803705c81eaa1ffb0d576253c1a4722c2e631
fa3d9bdb2ceec59320c5baa8812c1354d17c55352297cc940c149af314189ac6
fa5da5466cddd392fadb5e010b73e76f884767c2a90a6fb9a891b7ff7ba0a87c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c