gfa.bothturn.top Open in urlscan Pro
2606:4700:3031::6815:1a21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gfa.bothturn.top/
Submission: On March 17 via api (March 17th 2023, 9:57:18 am UTC) from US — Scanned from US

Summary HTTP 59 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 59 HTTP transactions. The main IP is 2606:4700:3031::6815:1a21, located in United States and belongs to CLOUDFLARENET, US. The main domain is gfa.bothturn.top.
TLS certificate: Issued by GTS CA 1P5 on February 1st 2023. Valid for: 3 months.

This is the only time gfa.bothturn.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2606:4700:303... 2606:4700:3031::6815:1a21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	199.232.214.131 199.232.214.131	54113 (FASTLY) (FASTLY)
1	103.143.19.103 103.143.19.103	134760 (CHINANET-...) (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network)
1	183.240.166.132 183.240.166.132	56040 (CMNET-GUA...) (CMNET-GUANGDONG-AP China Mobile communications corporation)
59	4

31 2606:4700:3031::6815:1a21 (United States)

ASN13335 (CLOUDFLARENET, US)

gfa.bothturn.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 199.232.214.131 (United States)

ASN54113 (FASTLY, US)

static.mercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.143.19.103 (China)

ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.240.166.132 (China)

ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	bothturn.top gfa.bothturn.top	882 KB
26	mercdn.net static.mercdn.net — Cisco Umbrella Rank: 150960	3 MB
2	51.la js.users.51.la — Cisco Umbrella Rank: 78773 ia.51.la — Cisco Umbrella Rank: 67140	3 KB
59	3

	Domain	Requested by
31	gfa.bothturn.top	gfa.bothturn.top
26	static.mercdn.net	gfa.bothturn.top
1	ia.51.la	gfa.bothturn.top
1	js.users.51.la	gfa.bothturn.top
59	4

This site contains no links.

Subject Issuer	Validity	Valid
*.bothturn.top GTS CA 1P5	`2023-02-01` - `2023-05-02`	3 months	crt.sh
*.mercdn.net GlobalSign GCC R3 DV TLS CA 2020	`2022-04-18` - `2023-05-20`	a year	crt.sh
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh
*.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-04-19` - `2023-05-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gfa.bothturn.top/
Frame ID: E478E11822F240A722632A4AFEEF72F8
Requests: 59 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【ポケモンカードゲーム】【60％OFF】日本酒印刷物

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

59
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

3784 kB
Transfer

3890 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gfa.bothturn.top/ 27 KB
6 KB 3617ms
3525ms Document
text/html 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b6a22986a96d1dcd37e3cd66da50df4ea3f6326def8c3d2a25a5938c512eb37

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 7a945e8d78c9db25-MIA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 17 Mar 2023 09:57:05 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNDIlyV2dS2wTOaaK13%2FKzKaLeYCTqXsFlceS1fQ5thgbmNKW59VvdDMpyr1hf7uAJtaSIdQAsY8QVZgbeYszziyJju4BnXFGs5WjRXG4TXfBC5s8A8mdK6%2BIJogbzMKe1cSnTS8FUUeWMUsGQO%2F"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style_dropmenu.css
gfa.bothturn.top/style/css/ 915 B
723 B 132ms
126ms Stylesheet
text/css 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/css/style_dropmenu.css
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b1812076056515b27ed64ea5ca5975c8b195c27840d5bbe4e8258e8b030609

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a1-393"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LBl2v18c3d%2F9EKTCcbVvamJQd8M3wVg2RrE1sPZV6%2Ff4Eh7ZjtavwlPjIuJLFszibzIU29%2BRUFiU2ml2jHGLYdC4O6zTNVMm3uJHj8bnzgczZMKkwcPiMGXyPD%2BVAIqO9nEdGGBjdHA0dSDWi27"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a945ea3aa3cdb25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H2 200 style_footer.css
gfa.bothturn.top/style/css/ 933 B
648 B 137ms
131ms Stylesheet
text/css 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/css/style_footer.css
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 263af1cfa4a354bd021fa7bab6c08be0f0615f4fb2f40ed279749b7f7b7b5367

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a1-3a5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRvpbG%2BfrtjbqhX9NpezCRrryNvGO4F3YvYHfvlCQ10PFApJUhUpw0fztWLPnvOHMAcvlZGVrE0VOHanM2NMNPovcCzz7FzJzB4%2FsaUG2ReDwrV3coXZWWVGdGmYuzThg3AZGH6nVQ7JgncSSP%2BC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a945ea3aa3ddb25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H2 200 style_header.css
gfa.bothturn.top/style/css/ 2 KB
810 B 143ms
137ms Stylesheet
text/css 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/css/style_header.css
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b52955d910067221d8c4fde6e3ae586c94de944abdd900d3a8b1fdcda8a5f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a1-618"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2M9iHClDa5euzFAJHuRJ04qQkaB2k4lLkfC26JFU%2BhpAuMFfZZlcQqtXOKGyTVhicGC2j0UVRDUubdvKTvWt1TtsU4EetzahPEJNXR3V2EglhC4srPhvtcyKl02Tu9YMA8avzlR8vgKdP8aOMHta"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a945ea3aa3edb25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H2 200 stylesheet.css
gfa.bothturn.top/style/css/ 8 KB
3 KB 145ms
139ms Stylesheet
text/css 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/css/stylesheet.css
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07b5e2f88341b5d4dc3fa798eb15cdeabb3354dd8f7b76fb77dd707aedff2d57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a1-1e59"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwLWI%2F0F6AIM4bUPa0WB%2FXizW3J%2FVBxYfKEBZVqT%2ByCzevyZuR2045UONfEzBGZXsR4jPAp7iclY%2FaX%2BFpH%2BfQTLxBhPuDcI%2Ff2aK6a6sdc8XMPrL%2BPNfBrHK0sWS6hQSB1qD%2BBqtDD52UaI5Jfv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a945ea3aa3fdb25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H2 200 stylesheet_cart.css
gfa.bothturn.top/style/css/ 8 KB
3 KB 131ms
127ms Stylesheet
text/css 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/css/stylesheet_cart.css
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35d5f96c4a62f60647b8768dc77f58c22509066451cf10ff9bd43fd4a05488cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a1-214a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlriAId2%2BGxJaDkAJdLtdXPBXN5zqkstqGWNgbzlZ%2B6HgkaWWHtR2dSheMfNR7OTV271X6HpEQV5L9fdJJ4g6z65E%2F7Pu8MWiQ4gnw80P568OKYzqLViF5siy%2B5Vku3HjmfyUZlAoyplJUheLsks"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a945ea3aa40db25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H2 200 stylesheet_css_buttons.css
gfa.bothturn.top/style/css/ 1 KB
767 B 138ms
134ms Stylesheet
text/css 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/css/stylesheet_css_buttons.css
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3a8b3452204af5c4a2df2ff9035addeee0b11d2123d92342918304ee34ea885

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a1-5d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJ9mlte4OJaYcTmvllK6g9VYOqLT1jY9zqL%2BWGeCFcAlLBJpQTUetk3eOKjyJp8gBQPH6V0XERnQv%2BoKcdwd19DkIjTdwf11ywKd3Zaw0RioI0VRtOugSlvQl80x22EStx4crry2FmA9yxZNDyX6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a945ea3aa41db25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H2 200 stylesheet_index_home.css
gfa.bothturn.top/style/css/ 3 KB
1 KB 142ms
138ms Stylesheet
text/css 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/css/stylesheet_index_home.css
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc59e2a53eba430ff361317907f9570828e7a1e1e9be8646271a3a077ef8aabf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a1-a4f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHKQzXqM1HbCEvlxX04qe%2FJkh9S9TkWh2Yvdbcmu2%2FjhL5W6cFpplgO1LE5pKxGd6bO0vbTt5%2Bw7kZv0pjRisigWsYOEXfHJYUiLoOdxZ2g%2F7yv%2BbdlfllPyVWFTDcc9NYxGXZBy2LvkHEhglobX"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a945ea3aa42db25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H2 200 stylesheet_related.css
gfa.bothturn.top/style/css/ 2 KB
908 B 136ms
133ms Stylesheet
text/css 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/css/stylesheet_related.css
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d80257070127e87bc9ac494cc1af5c9dcfa9b47668593e9cac85b827b2673b5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a1-6d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJbHIhPSig9hzrm3Vtk5Oi9SpsMJdze%2BsxSUOXhnIq%2FWuO2GEdJ54wu5mhFNijZ57Vvfs%2FnK6Odndljv7H9OaMD%2FnnKv166CNM%2B2%2FT%2F8qKu1V5R82jUMjUOzBDiGy%2FmvT%2BY1KT4kEghqMCbpY9r9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a945ea3aa44db25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H2 200 stylesheet_searchtop.css
gfa.bothturn.top/style/css/ 941 B
661 B 134ms
132ms Stylesheet
text/css 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/css/stylesheet_searchtop.css
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2ba20d799175ae78fafa81d1c3214653ee5acde6b3e3fb41244041a8fec43f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a1-3ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5%2FkWQ%2FTcRLPmDFrBSuFJGzXbttn4UvMQ0mnvQ2RM%2BKKWU6AAPNHWe8LkrL7DCVxRSIllYN5tzX1aWvle1wX5uZFTPiFZH8Z80fKGzQKZwL19DLHi20D5%2BbtQ%2FYhhwOP6saNaBRdbICgMjv2dNMm"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a945ea3aa45db25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H2 200 stylesheet_tm.css
gfa.bothturn.top/style/css/ 36 KB
8 KB 138ms
135ms Stylesheet
text/css 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/css/stylesheet_tm.css
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de010017d538cf3e1fee06cbc27dc53a7a70d850291e5f6fd3bd30bebc75235d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a1-9180"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lIhj3F23EJVppnf4AfM%2FDmPcG32ciZoB8n8PGWXVQuTrGiKaqIUjJpwAtdY1tmMAIQ0DiLQ2RPYym2jfx1V8YxPDsNfvoJMSBKn3t2pJw8lqPeidnGuNBpxWpuvW0gMHY9PZhfedSnfHcTYvOYk3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a945ea3aa47db25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H2 200 jquery-1.12.4.min.js Show response
gfa.bothturn.top/style/js/ 95 KB
34 KB 210ms
208ms Script
application/javascript 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/js/jquery-1.12.4.min.js
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a2-17b8e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q137haEZ%2FrO%2FEuH0tUZ%2FcO4z3CMhnuf0yaQ1hWhmBjq5OH2Mt8gRd3kIoqV0EgrdW61BKEmytB5ag0e0LvDAOxxvlGg1w1j4ceAiX6ePNht1dao5x0wox0R4XRVp36xVbG8wKtYqPXKNZDJbTJET"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 7a945ea3da69db25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H3 200 logo.png
gfa.bothturn.top/images/ 11 KB
11 KB 156ms
147ms Image
image/png 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/logo.png
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4826ad6bf158cb3f517913b384174746b25714c598f2570ee7d3362f71ba3f57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-2a60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXJJBod0ljNduYX5BSCAPOHJXlsJhRO1lbNv1eeAhHoSSRq7Er5Z9P1o%2FKJqf9MJitpB7I%2BKobQjaZFSkmA7pd2ZOlGg%2F5fXe8gS99VMVFSpd9GI%2BSxRvTJFinqwm9u4DefVsKxjJRCYbrssmo1X"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea43fdfd50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10848
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H2 200 style_categories.css
gfa.bothturn.top/style/css/ 912 B
685 B 161ms
144ms Stylesheet
text/css 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfa.bothturn.top/style/css/style_categories.css
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1de6a6462ed88a4699f9f82d367af31eb5fcb82c008e175aa8ca35358ace9739

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63f071a1-390"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6Vql8vt%2BwEeV1kTOHigsn0BhDflaVm0uvwG94mevklMRFvwnEnOC9PclfYXGg5GVUnDqGuubK7jX4r8TOQToM09954jTxBVKexSC93g2XNS1%2FUlPWsGrxkGZ0DsYAOoPDnBm8wNB8pGs5jxu8cH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 7a945ea43ab7db25-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 17 Mar 2023 21:57:05 GMT

GET
H3 200 side_bnr_recruit.gif
gfa.bothturn.top/images/ 8 KB
8 KB 202ms
192ms Image
image/gif 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/side_bnr_recruit.gif
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b2454e2ce6f9451af5a6a402de7fea4cb59f3b61ea519b15689a25352d18a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-1fe8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5MjNhXktE%2B%2Fyrk88xrdGaf0rJherUTU8rh7GtIkwGSkto8TRaxgY6WXqDdoLfgZTS0EqcWkB8tzyryfS%2Fvh7vXYxHuNtQQaFJVqpZC7eaHIK5xflYI0mjrCFsdCw%2B2TVZdqMErGe1I5cSuvnnqO"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea43fe0d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8168
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H2 200 m75591820981_1.jpg
static.mercdn.net/item/detail/orig/photos/ 75 KB
75 KB 367ms
241ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m75591820981_1.jpg?1675861359

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

be003f4ac50c5a2ba96321c7f7635ae32717aa1d7571260747d9b1dd4d137625

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: ENpNyJ4zxQeB0vSWiu5sPC5vqtYaxdoW
via: http/1.1 rear.sv125 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: 7JDADBH74DRHA35F
age: 526463
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 76690
x-amz-id-2: yt6Ncll7JjqQ1aJ9FBklXnQXrKbLqmIj1jGqRCQ+edg3c/mideuFpO3d+ZvFwOcx13ngmyi1bvc=
x-served-by: cache-tyo11979-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 13:02:40 GMT
server: nginx
x-timer: S1679047025.437767,VS0,VE199
etag: W/"EF_r_2TE1MS3cJ3jYyIAAAAiMTVjY2MzODY3ODY2OTVmYmNiNjBkODM5YmI4MTJlMGYi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 11, 0

GET
H2 200 m17424373987_1.jpg
static.mercdn.net/item/detail/orig/photos/ 167 KB
167 KB 563ms
437ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m17424373987_1.jpg?1675863072

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6306dacf0aa222498d482a7fc29d55996d37300f9dcc3fa43e6e4e4d9c3b3a44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: aSefMAXzKnI89xRnNvERd6OCJlw7Q7N_
via: http/1.1 rear.sv122 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: 3X9MDYS0GM9J17SS
age: 276430
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 170629
x-amz-id-2: QRrmyO7CJl7TkJNOxlz2q9A73jctae48I7UCOz+vLznRW9g1KOD4Ax1UIKtb0QJzV0FeRy6LL1I=
x-served-by: cache-tyo11925-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 13:31:13 GMT
server: nginx
x-timer: S1679047025.437757,VS0,VE244
etag: W/"EGn7nWWTjPn1IaTjYyIAAAAiYjRkOGY2Mzc2NWExMDc2YWMwZWFlZDE4ZTMzYzA2MGUi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 11, 0

GET
H2 200 m48269310755_1.jpg
static.mercdn.net/item/detail/orig/photos/ 55 KB
56 KB 460ms
334ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m48269310755_1.jpg?1675862478

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e51b79e2b577b03c475b1200a726bfcaf563c9d90c79d9c07b10d7d39de4ce47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 4Y_PdsRDaLp1lKIHNRjF.8l8VYGZ.2W4
via: http/1.1 rear.sv128 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: 3X9PBAG87K71BT2G
age: 276430
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 56604
x-amz-id-2: q9f5cqTprrPPi+FtgCIO0rCqcO1jl+QeCpy62SioMPkRlLm/OIKTf9HvfYO1B7hd8nqes95mA0I=
x-served-by: cache-tyo11949-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 13:21:19 GMT
server: nginx
x-timer: S1679047025.437992,VS0,VE202
etag: W/"EEMUxUGTfmslz6HjYyIAAAAiNDhiNjc1MzJiNTFjM2ExMWViYTRlMmMzNzQzYzRhZmQi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 11, 0

GET
H2 200 m46171994075_1.jpg
static.mercdn.net/item/detail/orig/photos/ 57 KB
57 KB 962ms
836ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m46171994075_1.jpg?1675861426

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

287567b1d8f1dbd7cf320c499221aada31903861324de4f9518a678ae024d872

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: R44y3p2FCjTE_X7t4sRdBCJYR7nsYgZN
via: http/1.1 rear.sv123 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: W242F11SH3RKAS0W
age: 40093
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 58145
x-amz-id-2: UinY428bJlCwURrSyZYnCTgbulwCpM4cIbxVY4OYmLVS5wwIFs86xiwapNhOKS5WZcQ6SDKFxOM=
x-served-by: cache-tyo11976-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 13:03:47 GMT
server: nginx
x-timer: S1679047025.437980,VS0,VE600
etag: W/"EIRLOpZsO5gos53jYyIAAAAiYWZjMzRlNmUyNTk0M2E4OGQxNzRhNjA0NzgzN2NmOTgi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 10, 0

GET
H2 200 m57885793298_1.jpg
static.mercdn.net/item/detail/orig/photos/ 60 KB
60 KB 842ms
717ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m57885793298_1.jpg?1675838238

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

38b62ba003663311e647cc51e3883543cd9ced9935e7ef67baa4b4b297af9b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: iBxW4jZn3kWSqcQIQ7KTe3GitG9H1ePu
via: http/1.1 rear.sv114 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: 65KQQP1JDXSGNXZ0
age: 889431
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 61466
x-amz-id-2: q/6xlnsQpwSCmPT6W8krEdwgHIWlfa8Jntb+DtjrWGLKO7rwtN2/HeCyWWqOzVTNq2pFYeQfcIk=
x-served-by: cache-tyo11924-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 06:37:19 GMT
server: nginx
x-timer: S1679047025.437965,VS0,VE563
etag: W/"EL1QGZdu7sfvH0PjYyIAAAAiZmJjZGZkZGQ2ZDNhNjU5NjNjNzM5OTAwMWE2M2FlOGUi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 12, 0

GET
H2 200 m13517416129_1.jpg
static.mercdn.net/item/detail/orig/photos/ 57 KB
58 KB 561ms
436ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m13517416129_1.jpg?1675860235

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

da6732e1638e17c60f5aceeb3645b104d4adfc1181f02250e55034033613c3bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 5Ash61UJD02BcICL57..ngtmmhJr_z5c
via: http/1.1 rear.sv103 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: XJKW07XWCT917JZ8
age: 88511
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 58531
x-amz-id-2: +Ip1IK8O27cZWo7ExhtKmvZInGG+qUh5Vy3NVH2ncPdXawTGFGhTRCoQR9CxTfDQNLExSNTqXT0=
x-served-by: cache-tyo11936-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 12:43:56 GMT
server: nginx
x-timer: S1679047025.437952,VS0,VE230
etag: W/"EJbV8_BqRu-KDJnjYyIAAAAiZDFhMTcxOGQ1MTExYzgyNTI2OWEzMTM4ZjhkOWM5ZjMi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 11, 0

GET
H2 200 m12245789515_1.jpg
static.mercdn.net/item/detail/orig/photos/ 30 KB
31 KB 358ms
354ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m12245789515_1.jpg?1675860227

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cee35525f5aefeda11bd88bc1460d6f63a757d5bb137d132d23a0df18579f7c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: YsokpO0Cy6qZ8aftRHjbJmVFd3r5XrsM
via: http/1.1 rear.sv103 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: 3X9YYR3JMRM85PZJ
age: 276430
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 31120
x-amz-id-2: scQPkobJU6ZbQ0YYSsEBBNmyrY1BcuF4i4sls8OBrz5JfXCwQR+tih0/OmajU2xqqJxRrcTTv/M=
x-served-by: cache-tyo11981-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 12:43:48 GMT
server: nginx
x-timer: S1679047025.467713,VS0,VE187
etag: W/"EKIiYNL6_hEEBJnjYyIAAAAiYTkyNjg4MjM3Y2FiODgzM2E1ZDhkZDNkZGFmZGZkNzQi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 10, 0

GET
H2 200 m88646740716_1.jpg
static.mercdn.net/item/detail/orig/photos/ 71 KB
71 KB 496ms
492ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m88646740716_1.jpg?1675836674

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6f4c3d1f404dae2eb324b3cfd1d505bba71eea5d1f9decf5afea4973fde8e49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: o79BKFwdyZbmGgYsEtBv7lE2NVJxoZuT
via: http/1.1 rear.sv103 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: KY5WX8W8JV0W38EW
age: 212054
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 72376
x-amz-id-2: Emos8pzpw4/mrjac5T1pw/17j3qfkpfwlR20VeKgWPxE+lLA+nxHr2i5LQi2udkgW1ikJZmdXk8=
x-served-by: cache-tyo11935-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 06:11:15 GMT
server: nginx
x-timer: S1679047025.467878,VS0,VE257
etag: W/"ELKQHPDuBQcDAz3jYyIAAAAiMjcwZTcyYzIxYmY0Y2UzNDhmZDc3Y2Y4NzQ1MTM5YzMi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 14, 0

GET
H2 200 m57531816941_1.jpg
static.mercdn.net/item/detail/orig/photos/ 81 KB
81 KB 808ms
804ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m57531816941_1.jpg?1675858573

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

44f52f0490a2984217fd7efc1f79e3ccbe149a7cb4f75aa7dfa90559ab5441a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: fycgW1TRk6hnmjChYh4yDH1iQS5vTCxk
via: http/1.1 rear.sv130 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: 50E0XEN2W7F0WQHN
age: 356942
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 82906
x-amz-id-2: 5VlyragHQPFwa17aDeHJ1SJ7db9O/3waSZB7AHhB9obKmtCRsgwWaMZVU5vC1Dwdrf755XxQaN4=
x-served-by: cache-tyo11954-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 12:16:14 GMT
server: nginx
x-timer: S1679047025.475156,VS0,VE569
etag: W/"EAZgmaCJ2nyyjpLjYyIAAAAiYTU2ZWNjOGNjMzk4YzZiNmZhYzdjMzVhYzFjNDNhMjki"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 14, 0

GET
H2 200 m80652338699_1.jpg
static.mercdn.net/item/detail/orig/photos/ 75 KB
75 KB 410ms
405ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m80652338699_1.jpg?1675858229

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

21ad24b6976ccbcafbce65802a47aec322473d5b8623b5c9ac357271e95dbb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: YeYaqw26spmSEKTHoosYTi.N5jaUgUYD
via: http/1.1 rear.sv102 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: 7JDFJRJRT9K7BD87
age: 526463
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 76633
x-amz-id-2: C0tv81hy2MVJlS/Ds5yyuindcEIGGzQzx9ivPpEH2rJVlBobjP4siCc8TAEZ52BaGuvSJiec9J4=
x-served-by: cache-tyo11926-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 12:10:30 GMT
server: nginx
x-timer: S1679047025.475019,VS0,VE219
etag: W/"ELjv0zfUneIvNpHjYyIAAAAiZjUzNDM4NTk1MzVlMmVlNjcxYzhhMTQ4YTBjNzYxYjQi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 21, 0

GET
H3 200 top1.jpg
gfa.bothturn.top/images/ 15 KB
15 KB 232ms
222ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/top1.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 554963cc31815369c9dbe9c708baba97987acad5dc89907bf318e281fc8bcb28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-3b1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgUVB60zrFAgFHvTrTGfQjMp9HBWwHXBRoYiUtqMgrmMV9k0Dy36lIdNHeh3xIWoI1DqfcrEyvV%2Byu0EvUQR3dkrW0hSgu0Nm81%2FRdhAoaGt%2F8KXx57q6qvEtbTGNdGWiBIUcdesf73nCoRb%2Fj1a"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea43fe1d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15131
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 main-image_orange-gift.jpg
gfa.bothturn.top/images/ 438 KB
438 KB 249ms
238ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/main-image_orange-gift.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a19b9e4cdbc74e9342fee5ff4649bc34d51e80887ffd1f1d7aac23a9e5101e44

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-6d75f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScKG%2Ft0eUZZXPTHWltJS%2BgXZDdvE9LLy3kP4BSoNnOs1Krn9lD9TfzVnSQv933x3wUCZCyzwmIjskDdgwk%2BKMd7OmkhjzunfiHX7TJASOK%2FNDuioeZXxBSpRZqk%2Be9uJneib%2B5nuaa8ioon7iIJi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea43fe2d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 448351
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 nifty_880x220_2208.png
gfa.bothturn.top/images/ 161 KB
161 KB 313ms
303ms Image
image/png 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/nifty_880x220_2208.png
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a4bc12a377f4bf1df1ca6cda6d06fc5b2500c6b223d5e991ffdc49d60bdb28f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-2826d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=feI28eeXA7uxqj8KefGtEX%2BEmK0MefIpiwdCmXVGnNzyWRH%2FtN6y%2Bzmk4u4aNu9OpQ7Zg%2F7UZxjm52B6JzilDcJ3Ix%2BZJGS6YNjAaA2pU7Riv8lAmhjlYMV%2F%2Fbicn%2FBfHUMAj6n%2BpO5aemaigHRA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea43fe4d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 164461
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H2 200 m54082746324_1.jpg
static.mercdn.net/item/detail/orig/photos/ 41 KB
41 KB 810ms
806ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m54082746324_1.jpg?1675843991

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b827f7742ac606f6b26a383654cc9235009ce0eecbe3832cfc4dff5ba7f4f6f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 0kXvs5QsQmeAuUh21dwlVu90roaINQjM
via: http/1.1 rear.sv106 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: YCANBZ1F5D1DJ9NB
age: 6371
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 41795
x-amz-id-2: 8nt/JUjz+sX2LhaovvIsj4K5hkcbCYP9ZBVb7kAcXshcQxpg7vNFGOf4jVe3GKabLtCzfJTpTnQ=
x-served-by: cache-tyo11979-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 08:13:12 GMT
server: nginx
x-timer: S1679047025.475126,VS0,VE592
etag: W/"EPhMFeypPwbBmFnjYyIAAAAiNTQ3YzhkZmI1YWEzZDBmODMxNmU1YzA5N2Q1YmVmZmIi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 m56023002144_1.jpg
static.mercdn.net/item/detail/orig/photos/ 34 KB
34 KB 1052ms
1048ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m56023002144_1.jpg?1675842305

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

091a52d99fba70097b2374b9bf90a33aff2942a98587adb51121bbcbca79ff69

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: wP13DdQL401GCY9zWvIVhu.k6Jj52_lW
via: http/1.1 rear.sv122 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: NPJJCMV8J5GVBBHD
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS
content-length: 34573
x-amz-id-2: xcMrzWEDL26ONapTl6ESGWHO0JEOAEukuVqxBuxXLqVbtl6e3QfVoPpcQpcqqPbh+vDf9OdmL7M=
x-served-by: cache-tyo11958-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 07:45:06 GMT
server: nginx
x-timer: S1679047025.475285,VS0,VE813
etag: W/"EF7LUrzehzv3AlPjYyIAAAAiNTlkOTlhN2Y1MmRiZmNmZTQ0Nzk1NTEyYzM1NTVjNWQi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 m47404086940_1.jpg
static.mercdn.net/item/detail/orig/photos/ 173 KB
174 KB 1055ms
1051ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m47404086940_1.jpg?1675865611

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

69c5e13c13de390ef60a2980757f658ea2dac5f77106f5d829659cfb182a3d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 7KDrLC_ORc_4F.fVQ5s8So5ysrpE0ffm
via: http/1.1 rear.sv110 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: Z0Z00C37CQSNZ6JG
age: 1
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS
content-length: 177351
x-amz-id-2: kLYU9bUAgna5G/qyJGb/LZIqaTMFDXtxdidLEN+WHmja/yfI6T+y8tqCrhGK5vtAW9r2u/EWilE=
x-served-by: cache-tyo11982-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 14:13:33 GMT
server: nginx
x-timer: S1679047025.475323,VS0,VE859
etag: W/"EG-YbU5ejdfvDa7jYyIAAAAiZTQ1MzM1MGQ1OTFkNTNhMmFlMzg1YWNlZjM5MmNhZjMi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 m16002292680_1.jpg
static.mercdn.net/item/detail/orig/photos/ 172 KB
173 KB 505ms
501ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m16002292680_1.jpg?1663391500

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

959429f51a71cdc5322337162631987c57cb0e17b0a80b161f60362265a5a3ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: mb5L07ypSBOI9ckdfDvXeYseShQVxK1U
via: http/1.1 rear.sv115 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: W4G2HXPQ9BQ66CPX
age: 760566
x-cache: MISS, MISS
content-length: 176398
x-amz-id-2: ojiQCFhlb2//AzbrGIHBGaZEJKxGsHAph0LiCi9hz+Pb/+juKmTbeRvVpJG3c7l+5pKQ9C3bsmI=
x-served-by: cache-tyo11942-TYO, cache-gnv1820020-GNV
last-modified: Sat, 17 Sep 2022 05:11:41 GMT
server: nginx
x-timer: S1679047025.474929,VS0,VE260
etag: W/"EOdtL5ziCw8lDVclYyIAAAAiOTllNDc0ZTA5ZGUwYWQxYzdkZTE1YmIxNWQ1YTU2NzIi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 m94461808619_1.jpg
static.mercdn.net/item/detail/orig/photos/ 181 KB
182 KB 580ms
576ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m94461808619_1.jpg?1675868362

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

917c1656811ae6d44ce83ceb4ae4edcbe66d8cfc856587ea165987041c3f9c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: ca_oEq6EMwWtecxatUD9AisS00gkq1ER
via: http/1.1 rear.sv124 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: 5TK57VVG65Y890HF
age: 227161
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS
content-length: 185838
x-amz-id-2: asroscxSod9MGgdl2OKs/j0p3WiIyFvtZzXEsU7HGIT4hGsHtVb2c6E/mG5FkoS5/XxIqfnopWM=
x-served-by: cache-tyo11941-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 14:59:23 GMT
server: nginx
x-timer: S1679047025.474971,VS0,VE402
etag: W/"EPBp5CtH4h8ry7jjYyIAAAAiMDU4YTg5MmViMWQ2Y2VjYjBlMTY1MDQ5NWY5MmIyYzQi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 m51759605397_1.jpg
static.mercdn.net/item/detail/orig/photos/ 118 KB
118 KB 1054ms
1050ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m51759605397_1.jpg?1675831070

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

fc9c3e562c05a78691e5253024ff11f63e0e02f0961f1fa7889460e291379aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: ryaNl7.IaoTl.c.Xokv0oAAdsDdQr4qy
via: http/1.1 rear.sv109 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: 0FK1GP628N5EM1Y1
age: 112282
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 120343
x-amz-id-2: SgN/uqejVAIJZyGhEJoYQn/cj2qeGpl79ArpU88TXgeyh/2vSFEyK579mgFoxGq0oVORAW3ATak=
x-served-by: cache-tyo11943-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 04:37:51 GMT
server: nginx
x-timer: S1679047025.474947,VS0,VE853
etag: W/"EH4G7z0ESBT4HyfjYyIAAAAiYTVjOWRkOWU0ZDRhODgxZGM2ZDA1N2IzMzY0YjU2MWYi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 m43855370337_1.jpg
static.mercdn.net/item/detail/orig/photos/ 199 KB
200 KB 579ms
575ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m43855370337_1.jpg?1675859608

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

45e4e24b1266530521a922e6dab4a4268f2efb03f72fc421ffa1efcd3ad9fa8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: mrgISL8PfEysT1edt5X45xFIj8TanDa_
via: http/1.1 rear.sv123 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: HZGTG1QEK3PGDTNA
age: 359599
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 204073
x-amz-id-2: rFi1K7/j4+wt20y2cLIZLV3CB4TsglUXu9+i3oH/0gD4X79VUoJ7grdFTNH8DJg2HD3awxYyaEs=
x-served-by: cache-tyo11951-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 12:33:29 GMT
server: nginx
x-timer: S1679047025.475095,VS0,VE351
etag: W/"ELdokVoDF4TWmZbjYyIAAAAiMDJkZjkyZGIwZGM2NGY0MDE1YjE1Nzc0NjgyMjQ4YjUi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 200 m29167931184_1.jpg
static.mercdn.net/item/detail/orig/photos/ 117 KB
117 KB 407ms
404ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m29167931184_1.jpg?1675859239

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

b744c0387266c5bed81b4a5fae15e62a7f99634b48ef2a0cf7b95279fe63a845

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: qw2wrDbaAkXNQj3c1Su7tvUOKXcxsjyy
via: http/1.1 rear.sv118 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: C9NXQM1PQFRFM446
age: 812368
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS
content-length: 119436
x-amz-id-2: j5s2Pa0j80yueDVAQiHNRevyrbUTHUnP0MnLuWAdepQsfFBvasw4yQsjMISIX9a6jmQQmBCNCDE=
x-served-by: cache-tyo11952-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 12:27:20 GMT
server: nginx
x-timer: S1679047025.474764,VS0,VE205
etag: W/"EM6TqBYZ4fSVKJXjYyIAAAAiMDVjZTYzODMyZGFjZGQ1OTUxNTQwNTM3YTQwODRmMjEi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 m98235374491_1.jpg
static.mercdn.net/item/detail/orig/photos/ 185 KB
186 KB 1051ms
1047ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m98235374491_1.jpg?1675809082

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

fe95d5999e7d17f6a9035436515eb2a9041d832cc630764aebc20151a1087528

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 5Yrz1xTglaCHoQgBwZHwcQJWUm0Y7lBM
via: http/1.1 rear.sv111 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: J4YPTWE73SY61676
age: 303250
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 189914
x-amz-id-2: YDy7A5wtBayaTEAmW53KPZBTnEh8q8VDewtTYZCo0SqkmUJyLva/ZcVe5Av6JKM/N/DNYcvc2C0=
x-served-by: cache-tyo11961-TYO, cache-gnv1820020-GNV
last-modified: Tue, 07 Feb 2023 22:31:23 GMT
server: nginx
x-timer: S1679047025.474758,VS0,VE808
etag: W/"EKXvXubUxB3KO9HiYyIAAAAiZDY2ODg3YjU3MTZmM2E1OGE4MzY1N2YwM2U4MGY4NzEi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 5, 0

GET
H2 200 m77434924844_1.jpg
static.mercdn.net/item/detail/orig/photos/ 69 KB
70 KB 406ms
402ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m77434924844_1.jpg?1675846151

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dcfce08dab8b4f58ab9cf48181593389155e043d9cf02d1f06b33220a4fdbc61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: 5c7Cv3_QhOW_.g0HEsXYAYH3lf715PfU
via: http/1.1 rear.sv127 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: 4VN7KEGHHHV76ZMD
age: 3457
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 70870
x-amz-id-2: rHGfWaXV9zVObnhvFskVppdahURHoQhKE5UHeq+xSnIxu1hajgoHpordGEVBo7fSzk1Zkaf/iVY=
x-served-by: cache-tyo11950-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 08:49:12 GMT
server: nginx
x-timer: S1679047025.474748,VS0,VE191
etag: W/"EKCzFnwJtBGLCGLjYyIAAAAiMTUzNjZkM2IwNTA1M2Q5YTQ3YTkxODkxYjFjOGU5YWYi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 7, 0

GET
H2 200 m97028343059_1.jpg
static.mercdn.net/item/detail/orig/photos/ 208 KB
208 KB 505ms
501ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m97028343059_1.jpg?1675844618

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6c99396f8f0049fe473b53fee5d1f5eeaf11d0f164f5f9f736063b6972966077

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: rjzlfmMUaJY7ZyZ2U4eR5EZOm1tZFxDf
via: http/1.1 rear.sv102 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: 4VN6S1S3171S2YHZ
age: 3457
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 212966
x-amz-id-2: g+lFokoyf4XOV28TNUKXpMy4kXIvLdpTdfxaVqYrLKcnOY9GZ3YJ+AA8/Wg/0PluFtxiklkRLhs=
x-served-by: cache-tyo11928-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 08:23:39 GMT
server: nginx
x-timer: S1679047025.474730,VS0,VE317
etag: W/"EGiH8yqCU26lC1zjYyIAAAAiYWQ1MzIxYjliZDZhODM3YzA5MzkwOTA0NThjNzkxMTYi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 7, 0

GET
H2 200 m15749926999_1.jpg
static.mercdn.net/item/detail/orig/photos/ 179 KB
179 KB 1052ms
1049ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m15749926999_1.jpg?1675837644

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9673052868b456e6f6898938849b8c3dff3e93ef9bb428585f8d52ef4ced7946

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: gupvp.kSQ2Io3CTMwIZsgBgs0mNTFKJW
via: http/1.1 rear.sv128 (ATS [cMsSfW]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: BMQ0HRTSHG2FKEF7
age: 356255
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 183049
x-amz-id-2: n6D/P8U6BegZIiNfWtSLmc2IKGenkByebZeJBchZdovEIg3JfKca/gfQSFSbzFQSbBs99ffURnk=
x-served-by: cache-tyo11968-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 06:27:25 GMT
server: nginx
x-timer: S1679047025.474719,VS0,VE817
etag: W/"EHCqC94LNBd2zUDjYyIAAAAiNDQzY2JmYTkwYjQ1NGM2Y2IwNDQ3ZGZjYjU1NWYwMzgi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 14, 0

GET
H2 200 m76023295374_1.jpg
static.mercdn.net/item/detail/orig/photos/ 147 KB
147 KB 487ms
483ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m76023295374_1.jpg?1675483599

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

37bb3b9f81af14264ea1bddbc78e6a9b7c56b863cc3803df57cb6e19780e9760

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: .pwmYpz2W0kTqTk4C6K2UfNa26V2_nt5
via: http/1.1 rear.sv115 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:05 GMT
x-amz-request-id: W0RQCQXDDT8C8DXJ
age: 2105195
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 150183
x-amz-id-2: 5YyaHj7ANnaDon6k3YB1pXVQTUJwgF//t1k6JiAgrMP1nDtRSby5a3t/+2Mxv3rSfnl86UjiTaE=
x-served-by: cache-tyo11971-TYO, cache-gnv1820020-GNV
last-modified: Sat, 04 Feb 2023 04:06:40 GMT
server: nginx
x-timer: S1679047025.475246,VS0,VE241
etag: W/"ENcFnWWWj75e0NndYyIAAAAiOWNhYzliYzlhYTI5ZDMxM2MxOWVhZGI1YjQyMDYwYTci"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 38, 0

GET
H2 200 m99978250896_1.jpg
static.mercdn.net/item/detail/orig/photos/ 165 KB
166 KB 946ms
943ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m99978250896_1.jpg?1675853562

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

574a92561c6ca1cb03ec61fcf3fb6dee32cb039fe244bb651efa777be912df95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: cv7PrGDkPCq0jQYkK73sPVmP1zgWHgFx
via: http/1.1 rear.sv119 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: RZCH7RRW38DX2XWX
age: 1447591
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 169244
x-amz-id-2: djhXJJZAzaYRCJqq4IZKskG4bNieTKuIi/ztpKp2vNs4L+PKI7bAwUpqJbdnrOdmuk68ugaX9Bc=
x-served-by: cache-tyo11982-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 10:52:43 GMT
server: nginx
x-timer: S1679047025.475450,VS0,VE680
etag: W/"EKY3wSliRJlZ-37jYyIAAAAiMGJlYTc1NWYzN2VhODA3YmZiMTBmZmYyZjNlY2MyM2Ei"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 13, 0

GET
H2 200 m26063283657_1.jpg
static.mercdn.net/item/detail/orig/photos/ 84 KB
85 KB 945ms
942ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m26063283657_1.jpg?1675883449

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8b4e13ec1e853a3920c24d1bbe22545884e809d0e9cb0a8ec071db3309dcf951

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: pAFt3kbXiFW9ZQNeHpRuZ8Jia5Rc4_UO
via: http/1.1 rear.sv123 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: 8217GQG1WQ8BNC7W
age: 356252
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 86262
x-amz-id-2: eJeAJs2XbNT36dhWYAZSwfwy1tP4T+fMxwKQURZ+BRpvBB+XOV9Z7MKxN5WoLV8bmBNFnKeyGGY=
x-served-by: cache-tyo11946-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 19:10:50 GMT
server: nginx
x-timer: S1679047025.475201,VS0,VE679
etag: W/"EK2_WA3MiN9WuvPjYyIAAAAiNTc2OWIwNTE3OTcwOWJkZjBiNTVlMmFmZGNkYTcyYzIi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 7, 0

GET
H2 200 m32251864105_1.jpg
static.mercdn.net/item/detail/orig/photos/ 87 KB
88 KB 947ms
943ms Image
image/jpeg 199.232.214.131
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.mercdn.net/item/detail/orig/photos/m32251864105_1.jpg?1675882539

Requested by

Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.214.131 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6903583b5f6f8377f9b9a4c70a77264de7088a11e782c1f077063bb45fe64b4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: vOYnkzlwsGJ7bepG3bn60UMi6mdGgrDW
via: http/1.1 rear.sv116 (ATS [cHs f ]), 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Fri, 17 Mar 2023 09:57:06 GMT
x-amz-request-id: 944N7BDQT7RWSD2P
age: 829497
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 89456
x-amz-id-2: 3Wpfdx4qeMQLaFhZm3sKLvdmQ6IWHqFRQHmwqpLT+epAYJjV9pKx2meAQ1T4bOskUhhADU1nHyY=
x-served-by: cache-tyo11920-TYO, cache-gnv1820020-GNV
last-modified: Wed, 08 Feb 2023 18:55:40 GMT
server: nginx
x-timer: S1679047025.475193,VS0,VE710
etag: W/"EKqQqg0O5wBgLPDjYyIAAAAiODRiMjJjMWMxNTA3NTk3ZWE4ZjMzNGE1MjZkNDk0OGYi"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
x-cache-hits: 14, 0

GET
H3 200 review_cobnr.jpg
gfa.bothturn.top/images/ 77 KB
77 KB 428ms
420ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/review_cobnr.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8cd18144ea8da875a6eaa570e0f3ad7e280a440b76291c83cd99a1edbb61fdc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-1331f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3haXMyJKMeOF%2Fbd1ONNA%2B%2BFVzXhEx8ieEJEHEa9pINGpAAiURJL03Fw3cc6rM3%2FX1R5sYYvQSEUqEy0um9tUQDk8B%2F1MxGxY1B%2FfsLoPuL8PqKQZR0JftXdgbEDSc3pCTdLvCcKVBW1SIQba6S7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44fe6d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78623
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 foot01.jpg
gfa.bothturn.top/images/ 12 KB
12 KB 189ms
180ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/foot01.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0222a7c70f33c217e2d043e9ced924ec5f793572c2c4498a355cdfe882828bc4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-2ead"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phmJJsrlgBniwT5bIPHOwbg9rDwd65wbGbCqoNtE4EeJwwO2uwRQWapR8b%2F1yEWdodk%2B0YBrNhLxYq5pOAsih4wnVJ4JyJUSjFWchAbb1NpjO1V7W1Surg4SG4%2BPrc2szZyTukcMSXb%2B51YDfEGP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44fe9d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11949
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 foot02.jpg
gfa.bothturn.top/images/ 5 KB
5 KB 189ms
180ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/foot02.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf60d0f7717db55a5e8f008df16c770b056bed0758baf46475c66b12ae870217

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-126f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zMOZIQqgmvQhMVuq6%2B5alKB1O%2BKjdJNAwglPIDwRbOhPSp5uL0wYw36tYq%2BTTGKb8OWjh9kDaGfjInvjTxSwRMsniKNx5uFvrQHzTKB9XWQ%2FBMDy3j7hYFAMB0q7MbLUHDOdHQGzLGIIsqPzOz5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44fead50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4719
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 all_yj.png
gfa.bothturn.top/images/ 20 KB
21 KB 440ms
431ms Image
image/png 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/all_yj.png
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 323709d7cc5d328379211d091df52e375910d7c62009fff85b20e4254880d208

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-5152"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1qFT3izJQq7iYqjtftQsc6c6rq5pXSb2TSr3jrHSuvikEOy%2BM3hqDmsPZjBciC7SZ3qDzvQ0DNn98FHWYc%2BQrCpH9xOjWc3qcauT3e2DA%2Fqe1wFFfOCgNh3RdpCHwsfjPLjp%2FvgZBwNfbfgdD21"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44febd50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20818
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 foot04.jpg
gfa.bothturn.top/images/ 5 KB
5 KB 448ms
439ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/foot04.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b86743ef63c124b44380b2e4525e7d434aa1a13fd3710d51c94bf68f9e23a615

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-1292"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEz3RW8tuZJmYqHsMFWG1C2XGFA0QjcHG4uiA0SaMtMGBt5jB8g7UCqKyWCTU4gSOKZTLHyTMKqQBNIFHdvCc8Q2dRJPSQnNgW0LEr7gMva%2FHNktU9lP8e3vrG%2Bc%2F2E9kcXpaj0KhtjyMwiZ8bBt"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44fecd50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4754
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 foot05.jpg
gfa.bothturn.top/images/ 30 KB
31 KB 447ms
440ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/foot05.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6023c4421589afbefa16d06ab60fa319c0b89ab6937ae10b82ca4f2a794263

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-79ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHIt1F3cf5d0CEuRRo4MpxPdF0NaM1%2F9%2BWx0c%2FMDoWyf5IIaBxfqcbrlEjnbMbVPtObg8IHpKU5WqHsN9PxiAB7A5fFUA2DMGgjP7M8qtz9N%2F%2BEtA3z6gCOS8kIsw%2BU6fRVv8M4EKbbGWiBmefEF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44fedd50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31182
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 foot06.jpg
gfa.bothturn.top/images/ 6 KB
6 KB 454ms
448ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/foot06.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd6399fdff0ee7e7cfbfb5f86dacf54465d4d3b39a591a3a64de1b167ff8d78e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-16ae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BELTDWdEaE61pBF9TV6iRc4bPxVQ772H0DSy487ll0CVQqAYOL87KPQ2hMK6yhne0bK%2FwytVDYxcRcadXnOn1y2VqNLdfIIEHiaVWDtRoRxfh0Sl9GVB3nC2Fk18XBpDC4CmGAcUg3XH5y7KzhS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44fefd50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5806
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 foot07.jpg
gfa.bothturn.top/images/ 4 KB
4 KB 456ms
449ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/foot07.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd75ebbca3c0643bfbd0846d5f125e83927b8f824ee65ba47621464d42f82d7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-f45"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Awzacpstxw1WBAcq%2FnWtK%2FYrhnGjzexs%2Fp28C2Jjb8X5%2F7G7yb6PzVDGWjGxPZWiUjQT0jRWfQBfc1mbyID%2B0BcIbwhFVJz6z0cEDHP1%2B0tmvVh92srVtCBvRbCg4NbKDjmJtLX4KT3N2MQX%2BxCS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44ff0d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3909
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 foot09.jpg
gfa.bothturn.top/images/ 5 KB
5 KB 460ms
454ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/foot09.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a850a5dbbb1509ce232901b81f60455191c39e54d0727fd63c8db0d8a7f1bb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-12bf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKpkk7PIr473EGQ%2BlSNVTt7XWSppGeAqCdwumVfZtjTOzJrMxFJGO11%2FBZ58JpygH9txwd1Q6yH3scvZcXXqF6DXOq0nxz7DxI9hbCLVlHlst2FBm08qkSyT5n6wy4AOnp9LiMuB0fCEvACC66uB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44ff1d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4799
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 foot10.jpg
gfa.bothturn.top/images/ 6 KB
7 KB 461ms
454ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/foot10.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88205e3825370a08449e05e696dafe4585aeda93e3d59df24cf3994fa5ec9265

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-18ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyuCnOzcc%2FMIvsdG3r3RvyKS3G9mxCaCPQoNNXgNIst%2BdpOyWoFEO6MPfdpzAlHW%2ByAiTjxvBwqjUYT3NB3JPc2b0AAjdfwyFvGDkUus7Fk%2FJ6yT3VO1PMRV0uhAV%2FETw015qrEnkqDgPLKNfgcP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44ff2d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6381
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 foot08.jpg
gfa.bothturn.top/images/ 4 KB
4 KB 461ms
455ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/foot08.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 399dbb59a95caa92dd3291cded651b77d1ad8a7ab89567cec2ace2c834e7bf66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-e1d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PXCy7rYgjF0Ly5c4X4n0vU6VJJjTO%2Bz41iJNbGGmsaxKS36jxF3FPVvDvRdDlTRhlVQ4kbjN%2Fc4Y57at1qCrFYpDrKuAumRi0c0MRidIBsIMFFuUQpsrrkn%2FzjfB3ZOfQlxNHFWJlx9546Q4N2b"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44ff3d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3613
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H3 200 foot11.jpg
gfa.bothturn.top/images/ 5 KB
6 KB 485ms
479ms Image
image/jpeg 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/images/foot11.jpg
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f43dffbf6f2f08a2c75f756742b2855888a6b9210e3a7ce223d6479dc7139d3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a0-146e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2Bw2nGDNQBc%2FMr6297rewN7aP2vUpLVGE7exr4Egxup7c9FoCv339xusWwVzuRTc4i%2FFtbfLr%2BOSICCZBiFpvycvbZxiI5bNwYCYmqLMLwwh%2B1vo3yKzKrVGM3Q12RXPrwKtjd4yvEHoL%2Fi2dNvm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea44ff4d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5230
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H/1.1 200
OK 21553579.js Show response
js.users.51.la/ 5 KB
3 KB 980ms
305ms Script
application/javascript 103.143.19.103
CHINANET-HEBEI-SH...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.users.51.la/21553579.js
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 103.143.19.103 , China, ASN134760 (CHINANET-HEBEI-SHIJIAZHUANG-IDC Shijiazhuang IDC network, CHINANET Hebei province, CN),
Reverse DNS
Software: CloudWAF /
Resource Hash: bb201aa45a9ad9bc57437c6ccfc0cc1868e058c1e7ae74c26c51bc1176be52ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 09:57:06 GMT
Content-Encoding: gzip
Server: CloudWAF
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=360000
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3 200 icon_search.png
gfa.bothturn.top/style/images/ 3 KB
4 KB 285ms
280ms Image
image/png 2606:4700:3031::6815:1a21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfa.bothturn.top/style/images/icon_search.png
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/style/css/stylesheet_searchtop.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:1a21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8c1e9f1059894420036910c36e07e09671e6b12f8a5ba6cd38954f7c17c02d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/style/css/stylesheet_searchtop.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 09:57:05 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Feb 2023 06:35:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63f071a1-de0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03nyFDAoKG91PRHiKmra4EkwUb2Of07uGLcRI7DKxLr%2FVRiBQePSH9S6sozzl%2BBuXBMFxhXb%2BeTZITi1BzeDzBDuNtDKw%2FfCYMitlDLwImZEbXpVlcN4j8p4v7UmsZNPkawnIEtE8bLxjXdeuqxD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7a945ea58828d50d-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3552
expires: Sun, 16 Apr 2023 09:57:05 GMT

GET
H/1.1 200 go1
ia.51.la/ 0
73 B 4205ms
290ms Image
text/plain 183.240.166.132
CMNET-GUANGDONG-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ia.51.la/go1?id=21553579&rt=1679047026275&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E3%2580%259060%25EF%25BC%2585OFF%25E3%2580%2591%25E3%2583%2588%25E3%2583%2583%25E3%2583%2597%25E3%2582%25B9(T%25E3%2582%25B7%25E3%2583%25A3%25E3%2583%2584%252F%25E3%2582%25AB%25E3%2583%2583%25E3%2583%2588%25E3%2582%25BD%25E3%2583%25BC)%252C%25E3%2583%2588%25E3%2583%25A9%25E3%2583%25B3%25E3%2583%2597%252F&ing=1&ekc=&sid=1679047026275&tt=%25E3%2580%2590%25E3%2583%259D%25E3%2582%25B1%25E3%2583%25A2%25E3%2583%25B3%25E3%2582%25AB%25E3%2583%25BC%25E3%2583%2589%25E3%2582%25B2%25E3%2583%25BC%25E3%2583%25A0%25E3%2580%2591%25E3%2580%259060%25EF%25BC%2585OFF%25E3%2580%2591%25E6%2597%25A5%25E6%259C%25AC%25E9%2585%2592%25E5%258D%25B0%25E5%2588%25B7%25E7%2589%25A9&kw=%25E3%2583%2586%25E3%2583%258B%25E3%2582%25B9%252C%25E4%25B9%25B3%25E6%25B6%25B2%252F%25E3%2583%259F%25E3%2583%25AB%25E3%2582%25AF%252C%25E3%2582%25B9%25E3%2583%25BC%25E3%2583%2584%25E3%2582%25B8%25E3%2583%25A3%25E3%2582%25B1%25E3%2583%2583%25E3%2583%2588%252C%25E3%2582%25B3%25E3%2583%25BC%25E3%2583%2592%25E3%2583%25BC%252C%25E5%258F%25A3%25E7%25B4%2585%252C%25E6%2590%25BA%25E5%25B8%25AF%25E7%2594%25A8%25E3%2582%25B2%25E3%2583%25BC%25E3%2583%25A0%25E3%2582%25BD%25E3%2583%2595%25E3%2583%2588%252C%25E3%2583%2588%25E3%2583%25AA%25E3%2583%2597%25E3%2583%25AB%25E3%2582%25BD%25E3%2583%2595%25E3%2582%25A1%252C%25E9%2595%25B7%25E8%25B2%25A1%25E5%25B8%2583%252C&cu=https%253A%252F%252Fgfa.bothturn.top%252F&pu=
Requested by: Host: gfa.bothturn.top
URL: https://gfa.bothturn.top/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 183.240.166.132 , China, ASN56040 (CMNET-GUANGDONG-AP China Mobile communications corporation, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gfa.bothturn.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Fri, 17 Mar 2023 09:57:09 GMT
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gfa.bothturn.top/	1969-12-31 23:59:59	Name: language Value: jp
gfa.bothturn.top/	1969-12-31 23:59:59	Name: currency Value: JPY
.gfa.bothturn.top/	1969-12-31 23:59:59	Name: zenid Value: kpq9psvbs462v0q0bmcj2amab4
gfa.bothturn.top/	1969-12-31 23:59:59	Name: position Value: aW5kZXgudHBs
gfa.bothturn.top/	1969-12-31 23:59:59	Name: __tins__21553579 Value: %7B%22sid%22%3A%201679047026275%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201679048826275%7D
gfa.bothturn.top/	1969-12-31 23:59:59	Name: __51cke__ Value:
gfa.bothturn.top/	1969-12-31 23:59:59	Name: __51laig__ Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gfa.bothturn.top
ia.51.la
js.users.51.la
static.mercdn.net
103.143.19.103
183.240.166.132
199.232.214.131
2606:4700:3031::6815:1a21
0222a7c70f33c217e2d043e9ced924ec5f793572c2c4498a355cdfe882828bc4
07b5e2f88341b5d4dc3fa798eb15cdeabb3354dd8f7b76fb77dd707aedff2d57
091a52d99fba70097b2374b9bf90a33aff2942a98587adb51121bbcbca79ff69
19b52955d910067221d8c4fde6e3ae586c94de944abdd900d3a8b1fdcda8a5f0
1a850a5dbbb1509ce232901b81f60455191c39e54d0727fd63c8db0d8a7f1bb5
1de6a6462ed88a4699f9f82d367af31eb5fcb82c008e175aa8ca35358ace9739
21ad24b6976ccbcafbce65802a47aec322473d5b8623b5c9ac357271e95dbb93
24b2454e2ce6f9451af5a6a402de7fea4cb59f3b61ea519b15689a25352d18a9
263af1cfa4a354bd021fa7bab6c08be0f0615f4fb2f40ed279749b7f7b7b5367
287567b1d8f1dbd7cf320c499221aada31903861324de4f9518a678ae024d872
2a4bc12a377f4bf1df1ca6cda6d06fc5b2500c6b223d5e991ffdc49d60bdb28f
323709d7cc5d328379211d091df52e375910d7c62009fff85b20e4254880d208
35d5f96c4a62f60647b8768dc77f58c22509066451cf10ff9bd43fd4a05488cc
36b1812076056515b27ed64ea5ca5975c8b195c27840d5bbe4e8258e8b030609
37bb3b9f81af14264ea1bddbc78e6a9b7c56b863cc3803df57cb6e19780e9760
38b62ba003663311e647cc51e3883543cd9ced9935e7ef67baa4b4b297af9b6b
399dbb59a95caa92dd3291cded651b77d1ad8a7ab89567cec2ace2c834e7bf66
3ae5d8b5a2806b811378107313b19f0b05baae4b2bbe85e19e9cd223391a0fe3
44f52f0490a2984217fd7efc1f79e3ccbe149a7cb4f75aa7dfa90559ab5441a1
45e4e24b1266530521a922e6dab4a4268f2efb03f72fc421ffa1efcd3ad9fa8b
4826ad6bf158cb3f517913b384174746b25714c598f2570ee7d3362f71ba3f57
554963cc31815369c9dbe9c708baba97987acad5dc89907bf318e281fc8bcb28
574a92561c6ca1cb03ec61fcf3fb6dee32cb039fe244bb651efa777be912df95
6306dacf0aa222498d482a7fc29d55996d37300f9dcc3fa43e6e4e4d9c3b3a44
6903583b5f6f8377f9b9a4c70a77264de7088a11e782c1f077063bb45fe64b4f
69c5e13c13de390ef60a2980757f658ea2dac5f77106f5d829659cfb182a3d20
6c99396f8f0049fe473b53fee5d1f5eeaf11d0f164f5f9f736063b6972966077
6f4c3d1f404dae2eb324b3cfd1d505bba71eea5d1f9decf5afea4973fde8e49e
88205e3825370a08449e05e696dafe4585aeda93e3d59df24cf3994fa5ec9265
8b4e13ec1e853a3920c24d1bbe22545884e809d0e9cb0a8ec071db3309dcf951
8b6a22986a96d1dcd37e3cd66da50df4ea3f6326def8c3d2a25a5938c512eb37
917c1656811ae6d44ce83ceb4ae4edcbe66d8cfc856587ea165987041c3f9c58
959429f51a71cdc5322337162631987c57cb0e17b0a80b161f60362265a5a3ed
9673052868b456e6f6898938849b8c3dff3e93ef9bb428585f8d52ef4ced7946
a19b9e4cdbc74e9342fee5ff4649bc34d51e80887ffd1f1d7aac23a9e5101e44
b744c0387266c5bed81b4a5fae15e62a7f99634b48ef2a0cf7b95279fe63a845
b827f7742ac606f6b26a383654cc9235009ce0eecbe3832cfc4dff5ba7f4f6f3
b86743ef63c124b44380b2e4525e7d434aa1a13fd3710d51c94bf68f9e23a615
bb201aa45a9ad9bc57437c6ccfc0cc1868e058c1e7ae74c26c51bc1176be52ed
be003f4ac50c5a2ba96321c7f7635ae32717aa1d7571260747d9b1dd4d137625
c3a8b3452204af5c4a2df2ff9035addeee0b11d2123d92342918304ee34ea885
cb6023c4421589afbefa16d06ab60fa319c0b89ab6937ae10b82ca4f2a794263
cc59e2a53eba430ff361317907f9570828e7a1e1e9be8646271a3a077ef8aabf
cd75ebbca3c0643bfbd0846d5f125e83927b8f824ee65ba47621464d42f82d7e
cee35525f5aefeda11bd88bc1460d6f63a757d5bb137d132d23a0df18579f7c3
cf60d0f7717db55a5e8f008df16c770b056bed0758baf46475c66b12ae870217
d80257070127e87bc9ac494cc1af5c9dcfa9b47668593e9cac85b827b2673b5e
da6732e1638e17c60f5aceeb3645b104d4adfc1181f02250e55034033613c3bd
dcfce08dab8b4f58ab9cf48181593389155e043d9cf02d1f06b33220a4fdbc61
de010017d538cf3e1fee06cbc27dc53a7a70d850291e5f6fd3bd30bebc75235d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51b79e2b577b03c475b1200a726bfcaf563c9d90c79d9c07b10d7d39de4ce47
e8cd18144ea8da875a6eaa570e0f3ad7e280a440b76291c83cd99a1edbb61fdc
f2ba20d799175ae78fafa81d1c3214653ee5acde6b3e3fb41244041a8fec43f3
f43dffbf6f2f08a2c75f756742b2855888a6b9210e3a7ce223d6479dc7139d3a
fc9c3e562c05a78691e5253024ff11f63e0e02f0961f1fa7889460e291379aa1
fd6399fdff0ee7e7cfbfb5f86dacf54465d4d3b39a591a3a64de1b167ff8d78e
fd8c1e9f1059894420036910c36e07e09671e6b12f8a5ba6cd38954f7c17c02d
fe95d5999e7d17f6a9035436515eb2a9041d832cc630764aebc20151a1087528

gfa.bothturn.top Open in urlscan Pro 2606:4700:3031::6815:1a21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

4 IPs

2 Countries

3784 kBTransfer

3890 kBSize

7 Cookies

0 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gfa.bothturn.top Open in urlscan Pro
2606:4700:3031::6815:1a21 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

3784 kB
Transfer

3890 kB
Size

7
Cookies

59 HTTP transactions
0 data transactions